package org.apache.camel.component.milo.server;

import java.io.Closeable;
import java.io.File;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.security.KeyPair;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.EnumSet;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.function.Supplier;
import org.apache.camel.Endpoint;
import org.apache.camel.component.milo.KeyStoreLoader;
import org.apache.camel.component.milo.client.MiloClientConsumer;
import org.apache.camel.component.milo.server.internal.CamelNamespace;
import org.apache.camel.impl.DefaultComponent;
import org.eclipse.milo.opcua.sdk.server.OpcUaServer;
import org.eclipse.milo.opcua.sdk.server.api.config.OpcUaServerConfig;
import org.eclipse.milo.opcua.sdk.server.api.config.OpcUaServerConfigBuilder;
import org.eclipse.milo.opcua.sdk.server.identity.AnonymousIdentityValidator;
import org.eclipse.milo.opcua.sdk.server.identity.UsernameIdentityValidator;
import org.eclipse.milo.opcua.stack.core.UaException;
import org.eclipse.milo.opcua.stack.core.application.CertificateManager;
import org.eclipse.milo.opcua.stack.core.application.CertificateValidator;
import org.eclipse.milo.opcua.stack.core.application.DefaultCertificateManager;
import org.eclipse.milo.opcua.stack.core.application.DefaultCertificateValidator;
import org.eclipse.milo.opcua.stack.core.security.SecurityPolicy;
import org.eclipse.milo.opcua.stack.core.types.builtin.LocalizedText;
import org.eclipse.milo.opcua.stack.core.types.structured.BuildInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/camel/component/milo/server/MiloServerComponent.class */
public class MiloServerComponent extends DefaultComponent {
    public static final String DEFAULT_NAMESPACE_URI = "urn:org:apache:camel";
    private static final Logger LOG = LoggerFactory.getLogger(MiloClientConsumer.class);
    private static final String URL_CHARSET = "UTF-8";
    private static final OpcUaServerConfig DEFAULT_SERVER_CONFIG;
    private String namespaceUri;
    private final OpcUaServerConfigBuilder serverConfig;
    private OpcUaServer server;
    private CamelNamespace namespace;
    private final Map<String, MiloServerEndpoint> endpoints;
    private Boolean enableAnonymousAuthentication;
    private Map<String, String> userMap;
    private List<String> bindAddresses;
    private Supplier<CertificateValidator> certificateValidator;
    private final List<Runnable> runOnStop;

    /* loaded from: input_file:org/apache/camel/component/milo/server/MiloServerComponent$DenyAllCertificateValidator.class */
    private static final class DenyAllCertificateValidator implements CertificateValidator {
        public static final CertificateValidator INSTANCE = new DenyAllCertificateValidator();

        private DenyAllCertificateValidator() {
        }

        public void validate(X509Certificate x509Certificate) throws UaException {
            throw new UaException(2149056512L);
        }

        public void verifyTrustChain(X509Certificate x509Certificate, List<X509Certificate> list) throws UaException {
            throw new UaException(2149056512L);
        }
    }

    public MiloServerComponent() {
        this(DEFAULT_SERVER_CONFIG);
    }

    public MiloServerComponent(OpcUaServerConfig opcUaServerConfig) {
        this.namespaceUri = DEFAULT_NAMESPACE_URI;
        this.endpoints = new HashMap();
        this.runOnStop = new LinkedList();
        this.serverConfig = OpcUaServerConfig.copy(opcUaServerConfig != null ? opcUaServerConfig : DEFAULT_SERVER_CONFIG);
    }

    protected void doStart() throws Exception {
        this.server = new OpcUaServer(buildServerConfig());
        this.namespace = (CamelNamespace) this.server.getNamespaceManager().registerAndAdd(this.namespaceUri, uShort -> {
            return new CamelNamespace(uShort, this.namespaceUri, this.server);
        });
        super.doStart();
        this.server.startup();
    }

    private OpcUaServerConfig buildServerConfig() {
        if (this.userMap != null || this.enableAnonymousAuthentication != null) {
            Map hashMap = this.userMap != null ? new HashMap(this.userMap) : Collections.emptyMap();
            this.serverConfig.setIdentityValidator(new UsernameIdentityValidator(this.enableAnonymousAuthentication != null ? this.enableAnonymousAuthentication.booleanValue() : false, authenticationChallenge -> {
                String str = (String) hashMap.get(authenticationChallenge.getUsername());
                if (str == null) {
                    return false;
                }
                return str.equals(authenticationChallenge.getPassword());
            }));
            LinkedList linkedList = new LinkedList();
            if (Boolean.TRUE.equals(this.enableAnonymousAuthentication)) {
                linkedList.add(OpcUaServerConfig.USER_TOKEN_POLICY_ANONYMOUS);
            }
            if (hashMap != null) {
                linkedList.add(OpcUaServerConfig.USER_TOKEN_POLICY_USERNAME);
            }
            this.serverConfig.setUserTokenPolicies(linkedList);
        }
        if (this.bindAddresses != null) {
            this.serverConfig.setBindAddresses(new ArrayList(this.bindAddresses));
        }
        if (this.certificateValidator != null) {
            CertificateValidator certificateValidator = this.certificateValidator.get();
            LOG.debug("Using validator: {}", certificateValidator);
            if (certificateValidator instanceof Closeable) {
                runOnStop(() -> {
                    try {
                        LOG.debug("Closing: {}", certificateValidator);
                        ((Closeable) certificateValidator).close();
                    } catch (IOException e) {
                        LOG.warn("Failed to close", e);
                    }
                });
            }
            this.serverConfig.setCertificateValidator(certificateValidator);
        }
        return this.serverConfig.build();
    }

    private void runOnStop(Runnable runnable) {
        this.runOnStop.add(runnable);
    }

    protected void doStop() throws Exception {
        this.server.shutdown();
        super.doStop();
        this.runOnStop.forEach(runnable -> {
            try {
                runnable.run();
            } catch (Exception e) {
                LOG.warn("Failed to run on stop", e);
            }
        });
        this.runOnStop.clear();
    }

    protected Endpoint createEndpoint(String str, String str2, Map<String, Object> map) throws Exception {
        synchronized (this) {
            if (str2 != null) {
                if (!str2.isEmpty()) {
                    MiloServerEndpoint miloServerEndpoint = this.endpoints.get(str2);
                    if (miloServerEndpoint == null) {
                        miloServerEndpoint = new MiloServerEndpoint(str, str2, this.namespace, this);
                        setProperties(miloServerEndpoint, map);
                        this.endpoints.put(str2, miloServerEndpoint);
                    }
                    return miloServerEndpoint;
                }
            }
            return null;
        }
    }

    public void setNamespaceUri(String str) {
        this.namespaceUri = str;
    }

    public void setApplicationName(String str) {
        Objects.requireNonNull(str);
        this.serverConfig.setApplicationName(LocalizedText.english(str));
    }

    public void setApplicationUri(String str) {
        Objects.requireNonNull(str);
        this.serverConfig.setApplicationUri(str);
    }

    public void setProductUri(String str) {
        Objects.requireNonNull(str);
        this.serverConfig.setProductUri(str);
    }

    public void setBindPort(int i) {
        this.serverConfig.setBindPort(i);
    }

    public void setStrictEndpointUrlsEnabled(boolean z) {
        this.serverConfig.setStrictEndpointUrlsEnabled(z);
    }

    public void setServerName(String str) {
        this.serverConfig.setServerName(str);
    }

    public void setHostname(String str) {
        this.serverConfig.setHostname(str);
    }

    public void setSecurityPolicies(Set<SecurityPolicy> set) {
        if (set == null || set.isEmpty()) {
            this.serverConfig.setSecurityPolicies(EnumSet.noneOf(SecurityPolicy.class));
        } else {
            this.serverConfig.setSecurityPolicies(EnumSet.copyOf((Collection) set));
        }
    }

    public void setSecurityPoliciesById(Collection<String> collection) {
        EnumSet noneOf = EnumSet.noneOf(SecurityPolicy.class);
        if (collection != null) {
            for (String str : collection) {
                noneOf.add((SecurityPolicy) SecurityPolicy.fromUriSafe(str).orElseGet(() -> {
                    return SecurityPolicy.valueOf(str);
                }));
            }
        }
        this.serverConfig.setSecurityPolicies(noneOf);
    }

    public void setSecurityPoliciesById(String... strArr) {
        if (strArr != null) {
            setSecurityPoliciesById(Arrays.asList(strArr));
        } else {
            setSecurityPoliciesById((Collection<String>) null);
        }
    }

    public void setUserAuthenticationCredentials(String str) {
        if (str == null) {
            this.userMap = null;
            return;
        }
        this.userMap = new HashMap();
        for (String str2 : str.split(",")) {
            String[] split = str2.split(":", 2);
            if (split.length == 2) {
                try {
                    this.userMap.put(URLDecoder.decode(split[0], URL_CHARSET), URLDecoder.decode(split[1], URL_CHARSET));
                } catch (UnsupportedEncodingException e) {
                }
            }
        }
    }

    public void setEnableAnonymousAuthentication(boolean z) {
        this.enableAnonymousAuthentication = Boolean.valueOf(z);
    }

    public void setBindAddresses(String str) {
        if (str != null) {
            this.bindAddresses = Arrays.asList(str.split(","));
        } else {
            this.bindAddresses = null;
        }
    }

    public void setBuildInfo(BuildInfo buildInfo) {
        this.serverConfig.setBuildInfo(buildInfo);
    }

    public void setServerCertificate(KeyStoreLoader.Result result) {
        Objects.requireNonNull(result, "Setting a null is not supported. call setCertificateManager(null) instead.)");
        setServerCertificate(result.getKeyPair(), result.getCertificate());
    }

    public void setServerCertificate(KeyPair keyPair, X509Certificate x509Certificate) {
        setCertificateManager(new DefaultCertificateManager(keyPair, x509Certificate));
    }

    public void setCertificateManager(CertificateManager certificateManager) {
        if (certificateManager != null) {
            this.serverConfig.setCertificateManager(certificateManager);
        } else {
            this.serverConfig.setCertificateManager(new DefaultCertificateManager());
        }
    }

    public void setCertificateValidator(Supplier<CertificateValidator> supplier) {
        this.certificateValidator = supplier;
    }

    public void setDefaultCertificateValidator(File file) {
        this.certificateValidator = () -> {
            return new DefaultCertificateValidator(file);
        };
    }

    static {
        OpcUaServerConfigBuilder builder = OpcUaServerConfig.builder();
        builder.setCertificateManager(new DefaultCertificateManager());
        builder.setCertificateValidator(DenyAllCertificateValidator.INSTANCE);
        builder.setSecurityPolicies(EnumSet.allOf(SecurityPolicy.class));
        builder.setApplicationName(LocalizedText.english("Apache Camel Milo Server"));
        builder.setApplicationUri("urn:org:apache:camel:milo:server");
        builder.setProductUri("urn:org:apache:camel:milo");
        if (Boolean.getBoolean("org.apache.camel.milo.server.default.enableAnonymous")) {
            builder.setUserTokenPolicies(Collections.singletonList(OpcUaServerConfig.USER_TOKEN_POLICY_ANONYMOUS));
            builder.setIdentityValidator(AnonymousIdentityValidator.INSTANCE);
        }
        DEFAULT_SERVER_CONFIG = builder.build();
    }
}
