package org.apache.qpid.server.transport.websocket;

import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.security.Principal;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.Set;
import java.util.concurrent.ConcurrentLinkedQueue;
import java.util.concurrent.atomic.AtomicLong;
import javax.net.ssl.SSLContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.qpid.bytebuffer.QpidByteBuffer;
import org.apache.qpid.server.model.Broker;
import org.apache.qpid.server.model.Protocol;
import org.apache.qpid.server.model.Transport;
import org.apache.qpid.server.model.port.AmqpPort;
import org.apache.qpid.server.transport.AcceptingTransport;
import org.apache.qpid.server.transport.MultiVersionProtocolEngine;
import org.apache.qpid.server.transport.MultiVersionProtocolEngineFactory;
import org.apache.qpid.server.transport.ProtocolEngine;
import org.apache.qpid.server.transport.ServerNetworkConnection;
import org.apache.qpid.server.util.Action;
import org.apache.qpid.server.util.ServerScopedRuntimeException;
import org.apache.qpid.transport.ByteBufferSender;
import org.apache.qpid.transport.network.security.ssl.SSLUtil;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.handler.AbstractHandler;
import org.eclipse.jetty.server.nio.SelectChannelConnector;
import org.eclipse.jetty.server.ssl.SslSelectChannelConnector;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.util.thread.ThreadPool;
import org.eclipse.jetty.websocket.WebSocket;
import org.eclipse.jetty.websocket.WebSocketHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/apache/qpid/server/transport/websocket/WebSocketProvider.class */
public class WebSocketProvider implements AcceptingTransport {
    private static final Logger LOGGER = LoggerFactory.getLogger(WebSocketProvider.class);
    public static final String AMQP_WEBSOCKET_SUBPROTOCOL = "AMQPWSB10";
    public static final String X509_CERTIFICATES = "javax.servlet.request.X509Certificate";
    private final Transport _transport;
    private final SSLContext _sslContext;
    private final AmqpPort<?> _port;
    private final Set<Protocol> _supported;
    private final Protocol _defaultSupportedProtocolReply;
    private final MultiVersionProtocolEngineFactory _factory;
    private Server _server;
    private final long _outboundMessageBufferLimit;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apache/qpid/server/transport/websocket/WebSocketProvider$AmqpWebSocket.class */
    public class AmqpWebSocket implements WebSocket, WebSocket.OnBinaryMessage {
        private final SocketAddress _localAddress;
        private final SocketAddress _remoteAddress;
        private final Certificate _userCertificate;
        private final ThreadPool _threadPool;
        private volatile MultiVersionProtocolEngine _protocolEngine;
        private volatile ConnectionWrapper _connectionWrapper;

        private AmqpWebSocket(Transport transport, SocketAddress socketAddress, SocketAddress socketAddress2, Certificate certificate, ThreadPool threadPool) {
            this._localAddress = socketAddress;
            this._remoteAddress = socketAddress2;
            this._userCertificate = certificate;
            this._threadPool = threadPool;
        }

        public void onMessage(byte[] bArr, int i, int i2) {
            synchronized (this._connectionWrapper) {
                this._protocolEngine.clearWork();
                try {
                    this._protocolEngine.setIOThread(Thread.currentThread());
                    this._protocolEngine.setMessageAssignmentSuspended(true, true);
                    Iterator processPendingIterator = this._protocolEngine.processPendingIterator();
                    while (processPendingIterator.hasNext()) {
                        ((Runnable) processPendingIterator.next()).run();
                    }
                    QpidByteBuffer allocateDirect = QpidByteBuffer.allocateDirect(i2);
                    allocateDirect.put(bArr, i, i2);
                    allocateDirect.flip();
                    this._protocolEngine.received(allocateDirect);
                    allocateDirect.dispose();
                    this._connectionWrapper.doWrite();
                    this._protocolEngine.setMessageAssignmentSuspended(false, true);
                    this._protocolEngine.setIOThread((Thread) null);
                } catch (Throwable th) {
                    this._protocolEngine.setIOThread((Thread) null);
                    throw th;
                }
            }
        }

        public void onOpen(WebSocket.Connection connection) {
            this._protocolEngine = WebSocketProvider.this._factory.newProtocolEngine(this._remoteAddress);
            connection.setMaxBinaryMessageSize(0);
            this._connectionWrapper = new ConnectionWrapper(connection, this._localAddress, this._remoteAddress, this._protocolEngine);
            this._connectionWrapper.setPeerCertificate(this._userCertificate);
            this._protocolEngine.setNetworkConnection(this._connectionWrapper);
            this._protocolEngine.setWorkListener(new Action<ProtocolEngine>() { // from class: org.apache.qpid.server.transport.websocket.WebSocketProvider.AmqpWebSocket.1
                public void performAction(ProtocolEngine protocolEngine) {
                    AmqpWebSocket.this._threadPool.dispatch(new Runnable() { // from class: org.apache.qpid.server.transport.websocket.WebSocketProvider.AmqpWebSocket.1.1
                        @Override // java.lang.Runnable
                        public void run() {
                            AmqpWebSocket.this._connectionWrapper.doWork();
                        }
                    });
                }
            });
        }

        public void onClose(int i, String str) {
            this._protocolEngine.closed();
        }
    }

    /* loaded from: input_file:org/apache/qpid/server/transport/websocket/WebSocketProvider$ConnectionWrapper.class */
    private class ConnectionWrapper implements ServerNetworkConnection, ByteBufferSender {
        private final WebSocket.Connection _connection;
        private final SocketAddress _localAddress;
        private final SocketAddress _remoteAddress;
        private final MultiVersionProtocolEngine _protocolEngine;
        private Certificate _certificate;
        private long _maxWriteIdleMillis;
        private long _maxReadIdleMillis;
        private final ConcurrentLinkedQueue<QpidByteBuffer> _buffers = new ConcurrentLinkedQueue<>();
        private final AtomicLong _usedOutboundMessageSpace = new AtomicLong();

        public ConnectionWrapper(WebSocket.Connection connection, SocketAddress socketAddress, SocketAddress socketAddress2, MultiVersionProtocolEngine multiVersionProtocolEngine) {
            this._connection = connection;
            this._localAddress = socketAddress;
            this._remoteAddress = socketAddress2;
            this._protocolEngine = multiVersionProtocolEngine;
        }

        public ByteBufferSender getSender() {
            return this;
        }

        public void start() {
        }

        public void send(QpidByteBuffer qpidByteBuffer) {
            if (qpidByteBuffer.remaining() > 0) {
                this._buffers.add(qpidByteBuffer.duplicate());
            }
            qpidByteBuffer.position(qpidByteBuffer.limit());
        }

        public void flush() {
        }

        public void close() {
            this._connection.close();
        }

        public SocketAddress getRemoteAddress() {
            return this._remoteAddress;
        }

        public SocketAddress getLocalAddress() {
            return this._localAddress;
        }

        public void setMaxWriteIdleMillis(long j) {
            this._maxWriteIdleMillis = j;
        }

        public void setMaxReadIdleMillis(long j) {
            this._maxReadIdleMillis = j;
        }

        public Principal getPeerPrincipal() {
            if (this._certificate instanceof X509Certificate) {
                return ((X509Certificate) this._certificate).getSubjectDN();
            }
            return null;
        }

        public Certificate getPeerCertificate() {
            return this._certificate;
        }

        public long getMaxReadIdleMillis() {
            return this._maxReadIdleMillis;
        }

        public long getMaxWriteIdleMillis() {
            return this._maxWriteIdleMillis;
        }

        public void reserveOutboundMessageSpace(long j) {
            if (this._usedOutboundMessageSpace.addAndGet(j) > WebSocketProvider.this._outboundMessageBufferLimit) {
                this._protocolEngine.setMessageAssignmentSuspended(true, false);
            }
        }

        public String getTransportInfo() {
            return this._connection.getProtocol();
        }

        void setPeerCertificate(Certificate certificate) {
            this._certificate = certificate;
        }

        public synchronized void doWrite() {
            int i = 0;
            ArrayList<QpidByteBuffer> arrayList = new ArrayList(this._buffers.size());
            while (true) {
                QpidByteBuffer poll = this._buffers.poll();
                if (poll == null) {
                    break;
                }
                i += poll.remaining();
                arrayList.add(poll);
            }
            byte[] bArr = new byte[i];
            int i2 = 0;
            for (QpidByteBuffer qpidByteBuffer : arrayList) {
                int remaining = qpidByteBuffer.remaining();
                qpidByteBuffer.get(bArr, i2, remaining);
                qpidByteBuffer.dispose();
                i2 += remaining;
            }
            if (i > 0) {
                try {
                    this._connection.sendMessage(bArr, 0, i);
                    this._usedOutboundMessageSpace.set(0L);
                } catch (IOException e) {
                    WebSocketProvider.LOGGER.info("Exception on write: {}", e.getMessage());
                    close();
                }
            }
        }

        public synchronized void doWork() {
            this._protocolEngine.clearWork();
            try {
                this._protocolEngine.setIOThread(Thread.currentThread());
                this._protocolEngine.setMessageAssignmentSuspended(true, true);
                Iterator processPendingIterator = this._protocolEngine.processPendingIterator();
                while (processPendingIterator.hasNext()) {
                    ((Runnable) processPendingIterator.next()).run();
                }
                doWrite();
                this._protocolEngine.setMessageAssignmentSuspended(false, true);
                this._protocolEngine.setIOThread((Thread) null);
            } catch (Throwable th) {
                this._protocolEngine.setIOThread((Thread) null);
                throw th;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public WebSocketProvider(Transport transport, SSLContext sSLContext, AmqpPort<?> amqpPort, Set<Protocol> set, Protocol protocol) {
        this._transport = transport;
        this._sslContext = sSLContext;
        this._port = amqpPort;
        this._supported = set;
        this._defaultSupportedProtocolReply = protocol;
        this._outboundMessageBufferLimit = ((Long) this._port.getContextValue(Long.class, "qpid.port.amqp.outboundMessageBufferSize")).longValue();
        this._factory = new MultiVersionProtocolEngineFactory(this._port.getParent(Broker.class), this._supported, this._defaultSupportedProtocolReply, this._port, this._transport);
    }

    public void start() {
        SelectChannelConnector sslSelectChannelConnector;
        this._server = new Server();
        if (this._transport == Transport.WS) {
            sslSelectChannelConnector = new SelectChannelConnector();
        } else {
            if (this._transport != Transport.WSS) {
                throw new IllegalArgumentException("Unexpected transport on port " + this._port.getName() + ":" + this._transport);
            }
            SslContextFactory sslContextFactory = new SslContextFactory() { // from class: org.apache.qpid.server.transport.websocket.WebSocketProvider.1
                public String[] selectProtocols(String[] strArr, String[] strArr2) {
                    return SSLUtil.filterEnabledProtocols(strArr, strArr2, WebSocketProvider.this._port.getTlsProtocolWhiteList(), WebSocketProvider.this._port.getTlsProtocolBlackList());
                }

                public String[] selectCipherSuites(String[] strArr, String[] strArr2) {
                    return SSLUtil.filterEnabledCipherSuites(strArr, strArr2, WebSocketProvider.this._port.getTlsCipherSuiteWhiteList(), WebSocketProvider.this._port.getTlsCipherSuiteBlackList());
                }
            };
            sslContextFactory.setSslContext(this._sslContext);
            sslContextFactory.setNeedClientAuth(this._port.getNeedClientAuth());
            sslContextFactory.setWantClientAuth(this._port.getWantClientAuth());
            sslSelectChannelConnector = new SslSelectChannelConnector(sslContextFactory);
        }
        String bindingAddress = this._port.getBindingAddress();
        if (bindingAddress != null && !bindingAddress.trim().equals("") && !bindingAddress.trim().equals("*")) {
            sslSelectChannelConnector.setHost(bindingAddress.trim());
        }
        sslSelectChannelConnector.setPort(this._port.getPort());
        this._server.addConnector(sslSelectChannelConnector);
        final SelectChannelConnector selectChannelConnector = sslSelectChannelConnector;
        WebSocketHandler webSocketHandler = new WebSocketHandler() { // from class: org.apache.qpid.server.transport.websocket.WebSocketProvider.2
            public WebSocket doWebSocketConnect(HttpServletRequest httpServletRequest, String str) {
                X509Certificate[] x509CertificateArr;
                X509Certificate x509Certificate = null;
                if (Collections.list(httpServletRequest.getAttributeNames()).contains(WebSocketProvider.X509_CERTIFICATES) && (x509CertificateArr = (X509Certificate[]) httpServletRequest.getAttribute(WebSocketProvider.X509_CERTIFICATES)) != null && x509CertificateArr.length != 0) {
                    x509Certificate = x509CertificateArr[0];
                }
                return new AmqpWebSocket(WebSocketProvider.this._transport, new InetSocketAddress(httpServletRequest.getLocalName(), httpServletRequest.getLocalPort()), new InetSocketAddress(httpServletRequest.getRemoteHost(), httpServletRequest.getRemotePort()), x509Certificate, selectChannelConnector.getThreadPool());
            }
        };
        this._server.setHandler(webSocketHandler);
        this._server.setSendServerVersion(false);
        webSocketHandler.setHandler(new AbstractHandler() { // from class: org.apache.qpid.server.transport.websocket.WebSocketProvider.3
            public void handle(String str, Request request, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
                if (httpServletResponse.isCommitted() || request.isHandled()) {
                    return;
                }
                request.setHandled(true);
                httpServletResponse.setStatus(403);
            }
        });
        try {
            this._server.start();
        } catch (RuntimeException e) {
            throw e;
        } catch (Exception e2) {
            throw new ServerScopedRuntimeException(e2);
        }
    }

    public void close() {
    }

    public int getAcceptingPort() {
        return (this._server == null || this._server.getConnectors() == null || this._server.getConnectors().length == 0) ? this._port.getPort() : this._server.getConnectors()[0].getLocalPort();
    }
}
