package org.mule.service.http.netty.impl.server;

import io.netty.handler.ssl.ApplicationProtocolConfig;
import io.netty.handler.ssl.ApplicationProtocolNames;
import io.netty.handler.ssl.CipherSuiteFilter;
import io.netty.handler.ssl.ClientAuth;
import io.netty.handler.ssl.IdentityCipherSuiteFilter;
import io.netty.handler.ssl.JdkSslContext;
import io.netty.handler.ssl.SslContext;
import java.net.InetSocketAddress;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.util.Arrays;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.function.Supplier;
import javax.net.ssl.SSLException;
import org.mule.runtime.api.exception.MuleRuntimeException;
import org.mule.runtime.api.tls.TlsContextFactory;
import org.mule.runtime.api.util.Preconditions;
import org.mule.runtime.http.api.server.HttpServer;
import org.mule.runtime.http.api.server.HttpServerConfiguration;
import org.mule.runtime.http.api.server.HttpServerFactory;
import org.mule.runtime.http.api.server.ServerAlreadyExistsException;
import org.mule.runtime.http.api.server.ServerCreationException;
import org.mule.runtime.http.api.server.ServerNotFoundException;
import org.mule.service.http.netty.impl.server.NettyHttpServer;
import org.mule.service.http.netty.impl.server.util.HttpListenerRegistry;
import org.mule.service.http.netty.impl.server.util.HttpServerAdapter;

/* loaded from: input_file:lib/mule-netty-http-service-0.1.0-rc1.jar:org/mule/service/http/netty/impl/server/HttpServerConnectionManager.class */
public class HttpServerConnectionManager implements HttpServerFactory {
    private final Map<String, HttpServer> servers = new ConcurrentHashMap();

    /* loaded from: input_file:lib/mule-netty-http-service-0.1.0-rc1.jar:org/mule/service/http/netty/impl/server/HttpServerConnectionManager$NoLifecycleHttpServer.class */
    private static class NoLifecycleHttpServer extends HttpServerAdapter {
        public NoLifecycleHttpServer(HttpServer httpServer) {
            super(httpServer);
        }

        @Override // org.mule.service.http.netty.impl.server.util.HttpServerAdapter
        public HttpServer start() {
            return this;
        }

        @Override // org.mule.service.http.netty.impl.server.util.HttpServerAdapter
        public HttpServer stop() {
            return this;
        }

        @Override // org.mule.service.http.netty.impl.server.util.HttpServerAdapter
        public void dispose() {
        }
    }

    public HttpServer create(HttpServerConfiguration httpServerConfiguration) throws ServerCreationException {
        String name = httpServerConfiguration.getName();
        HttpServer httpServer = this.servers.get(name);
        if (httpServer != null) {
            throw new ServerAlreadyExistsException(httpServer.getServerAddress());
        }
        HttpServer createServer = createServer(name, httpServerConfiguration);
        this.servers.putIfAbsent(name, createServer);
        return createServer;
    }

    public HttpServer lookup(String str) throws ServerNotFoundException {
        HttpServer httpServer = this.servers.get(str);
        if (httpServer == null) {
            throw new ServerNotFoundException(str);
        }
        return new NoLifecycleHttpServer(httpServer);
    }

    public HttpServer getOrCreateServer(String str, Supplier<? extends HttpServerConfiguration> supplier) throws ServerCreationException {
        Preconditions.checkArgument(str != null, "Server name can't be null");
        try {
            return this.servers.computeIfAbsent(str, str2 -> {
                return createServer(str, (HttpServerConfiguration) supplier.get());
            });
        } catch (MuleRuntimeException e) {
            throw new ServerCreationException(e.getMessage(), e);
        }
    }

    protected HttpServer createServer(String str, HttpServerConfiguration httpServerConfiguration) throws MuleRuntimeException {
        try {
            Preconditions.checkArgument(str != null, "Server name can't be null");
            Preconditions.checkArgument(httpServerConfiguration != null, "Server configuration can't be null");
            HttpListenerRegistry httpListenerRegistry = new HttpListenerRegistry();
            SslContext createSslContext = createSslContext(httpServerConfiguration);
            return enrichServerBuilder(NettyHttpServer.builder().withServerAddress(new InetSocketAddress(httpServerConfiguration.getHost(), httpServerConfiguration.getPort())).withHttpListenerRegistry(httpListenerRegistry).withSslContext(createSslContext).doOnDispose(() -> {
                this.servers.remove(str);
            }), httpListenerRegistry, httpServerConfiguration, createSslContext).build();
        } catch (IllegalArgumentException | KeyManagementException | NoSuchAlgorithmException | CertificateException | SSLException e) {
            throw new MuleRuntimeException(e);
        }
    }

    protected NettyHttpServer.Builder enrichServerBuilder(NettyHttpServer.Builder builder, HttpListenerRegistry httpListenerRegistry, HttpServerConfiguration httpServerConfiguration, SslContext sslContext) {
        return builder.withClientChannelHandler(new AcceptedConnectionChannelInitializer(httpListenerRegistry, httpServerConfiguration, sslContext));
    }

    private SslContext createSslContext(HttpServerConfiguration httpServerConfiguration) throws SSLException, CertificateException, NoSuchAlgorithmException, KeyManagementException {
        TlsContextFactory tlsContextFactory = httpServerConfiguration.getTlsContextFactory();
        if (tlsContextFactory == null) {
            return null;
        }
        return new JdkSslContext(tlsContextFactory.createSslContext(), false, getCiphers(tlsContextFactory), (CipherSuiteFilter) IdentityCipherSuiteFilter.INSTANCE_DEFAULTING_TO_SUPPORTED_CIPHERS, new ApplicationProtocolConfig(ApplicationProtocolConfig.Protocol.ALPN, ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE, ApplicationProtocolConfig.SelectedListenerFailureBehavior.FATAL_ALERT, ApplicationProtocolNames.HTTP_1_1), tlsContextFactory.isTrustStoreConfigured() ? ClientAuth.REQUIRE : ClientAuth.OPTIONAL, tlsContextFactory.getEnabledProtocols(), false);
    }

    private Iterable<String> getCiphers(TlsContextFactory tlsContextFactory) {
        String[] enabledCipherSuites;
        if (tlsContextFactory == null || (enabledCipherSuites = tlsContextFactory.getEnabledCipherSuites()) == null) {
            return null;
        }
        return Arrays.asList(enabledCipherSuites);
    }
}
