package org.jboss.remoting3.remote;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.lang.reflect.Constructor;
import java.net.InetSocketAddress;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.AccessController;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivilegedExceptionAction;
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.Map;
import java.util.function.Consumer;
import org.jboss.remoting3.spi.ConnectionProviderContext;
import org.jboss.remoting3.spi.ExternalConnectionProvider;
import org.wildfly.common.Assert;
import org.wildfly.security.auth.client.AuthenticationConfiguration;
import org.wildfly.security.auth.server.SaslAuthenticationFactory;
import org.xnio.ChannelListener;
import org.xnio.ChannelListeners;
import org.xnio.FailedIoFuture;
import org.xnio.FutureResult;
import org.xnio.IoFuture;
import org.xnio.OptionMap;
import org.xnio.Options;
import org.xnio.StreamConnection;
import org.xnio.http.HandshakeChecker;
import org.xnio.http.HttpUpgrade;
import org.xnio.ssl.SslConnection;
import org.xnio.ssl.XnioSsl;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/jboss/remoting3/remote/HttpUpgradeConnectionProvider.class */
public final class HttpUpgradeConnectionProvider extends RemoteConnectionProvider {
    public static final String MAGIC_NUMBER = "CF70DEB8-70F9-4FBA-8B4F-DFC3E723B4CD";
    public static final String SEC_JBOSS_REMOTING_KEY = "Sec-JbossRemoting-Key";
    public static final String SEC_JBOSS_REMOTING_ACCEPT = "sec-jbossremoting-accept";
    public static final String UPGRADE = "Upgrade";
    private final ProviderInterface providerInterface;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/jboss/remoting3/remote/HttpUpgradeConnectionProvider$ConnectionAdaptorImpl.class */
    public final class ConnectionAdaptorImpl implements Consumer<StreamConnection> {
        private final OptionMap optionMap;
        private final SaslAuthenticationFactory saslAuthenticationFactory;

        ConnectionAdaptorImpl(OptionMap optionMap, SaslAuthenticationFactory saslAuthenticationFactory) {
            this.optionMap = optionMap;
            this.saslAuthenticationFactory = saslAuthenticationFactory;
        }

        @Override // java.util.function.Consumer
        public void accept(StreamConnection streamConnection) {
            if (streamConnection.getWorker() != HttpUpgradeConnectionProvider.this.getXnioWorker()) {
                throw RemoteLogger.log.invalidWorker();
            }
            try {
                streamConnection.setOption(Options.TCP_NODELAY, Boolean.TRUE);
            } catch (IOException e) {
            }
            RemoteConnection remoteConnection = new RemoteConnection(streamConnection, streamConnection instanceof SslConnection ? (SslConnection) streamConnection : null, this.optionMap, HttpUpgradeConnectionProvider.this);
            ServerConnectionOpenListener serverConnectionOpenListener = new ServerConnectionOpenListener(remoteConnection, HttpUpgradeConnectionProvider.this.getConnectionProviderContext(), this.saslAuthenticationFactory, this.optionMap);
            streamConnection.getSinkChannel().setWriteListener(remoteConnection.getWriteListener());
            RemoteLogger.log.tracef("Accepted connection from %s to %s", streamConnection.getPeerAddress(), streamConnection.getLocalAddress());
            serverConnectionOpenListener.handleEvent(streamConnection.getSourceChannel());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/jboss/remoting3/remote/HttpUpgradeConnectionProvider$FlexBase64.class */
    public static class FlexBase64 {
        private static final byte[] ENCODING_TABLE;
        private static final byte[] DECODING_TABLE = new byte[80];
        private static final Constructor<String> STRING_CONSTRUCTOR;

        private FlexBase64() {
        }

        public static String encodeString(byte[] bArr, boolean z) {
            return encodeString(bArr, 0, bArr.length, z);
        }

        private static String encodeString(byte[] bArr, int i, int i2, boolean z) {
            int i3 = i2 - i;
            int i4 = i3 % 3;
            int i5 = ((i3 + (i4 == 0 ? 0 : 3 - i4)) / 3) * 4;
            char[] cArr = new char[i5 + (z ? ((i5 / 76) * 2) + 2 : 0)];
            int i6 = 0;
            int i7 = 0;
            int i8 = 0;
            int i9 = 0;
            byte[] bArr2 = ENCODING_TABLE;
            while (true) {
                if (i2 <= i) {
                    break;
                }
                int i10 = i;
                int i11 = i + 1;
                int i12 = bArr[i10] & 255;
                int i13 = i6;
                i6++;
                cArr[i13] = (char) bArr2[i12 >>> 2];
                i7 = (i12 & 3) << 4;
                if (i11 >= i2) {
                    i9 = 1;
                    break;
                }
                int i14 = i11 + 1;
                int i15 = bArr[i11] & 255;
                i6++;
                cArr[i6] = (char) bArr2[i7 | (i15 >>> 4)];
                i7 = (i15 & 15) << 2;
                if (i14 >= i2) {
                    i9 = 2;
                    break;
                }
                i = i14 + 1;
                int i16 = bArr[i14] & 255;
                int i17 = i6 + 1;
                cArr[i6] = (char) bArr2[i7 | (i16 >>> 6)];
                i6 = i17 + 1;
                cArr[i17] = (char) bArr2[i16 & 63];
                if (z) {
                    i8 += 4;
                    if (i8 >= 76) {
                        i8 = 0;
                        int i18 = i6 + 1;
                        cArr[i6] = '\r';
                        i6 = i18 + 1;
                        cArr[i18] = '\n';
                    }
                }
            }
            complete(cArr, i6, i9, i7, z);
            try {
                if (STRING_CONSTRUCTOR != null) {
                    return STRING_CONSTRUCTOR.newInstance(cArr, Boolean.TRUE);
                }
            } catch (Exception e) {
            }
            return new String(cArr);
        }

        private static int complete(char[] cArr, int i, int i2, int i3, boolean z) {
            if (i2 > 0) {
                i++;
                cArr[i] = (char) ENCODING_TABLE[i3];
                for (int i4 = i2; i4 < 3; i4++) {
                    int i5 = i;
                    i++;
                    cArr[i5] = '=';
                }
            }
            if (z) {
                int i6 = i;
                int i7 = i + 1;
                cArr[i6] = '\r';
                i = i7 + 1;
                cArr[i7] = '\n';
            }
            return i;
        }

        static {
            try {
                ENCODING_TABLE = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/".getBytes("ASCII");
                for (int i = 0; i < ENCODING_TABLE.length; i++) {
                    DECODING_TABLE[(ENCODING_TABLE[i] & 255) - 43] = (byte) (i + 1);
                }
                Constructor<String> constructor = null;
                try {
                    PrivilegedExceptionAction privilegedExceptionAction = () -> {
                        Constructor declaredConstructor = String.class.getDeclaredConstructor(char[].class, Boolean.TYPE);
                        declaredConstructor.setAccessible(true);
                        return declaredConstructor;
                    };
                    constructor = System.getSecurityManager() != null ? (Constructor) AccessController.doPrivileged(privilegedExceptionAction) : (Constructor) privilegedExceptionAction.run();
                } catch (Throwable th) {
                }
                STRING_CONSTRUCTOR = constructor;
            } catch (UnsupportedEncodingException e) {
                throw new IllegalStateException();
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/jboss/remoting3/remote/HttpUpgradeConnectionProvider$ProviderInterface.class */
    public final class ProviderInterface implements ExternalConnectionProvider {
        ProviderInterface() {
        }

        @Override // org.jboss.remoting3.spi.ExternalConnectionProvider
        public ConnectionAdaptorImpl createConnectionAdaptor(OptionMap optionMap, SaslAuthenticationFactory saslAuthenticationFactory) throws IOException {
            Assert.checkNotNullParam("optionMap", optionMap);
            Assert.checkNotNullParam("saslAuthenticationFactory", saslAuthenticationFactory);
            return new ConnectionAdaptorImpl(optionMap, saslAuthenticationFactory);
        }
    }

    /* loaded from: input_file:org/jboss/remoting3/remote/HttpUpgradeConnectionProvider$RemotingHandshakeChecker.class */
    private class RemotingHandshakeChecker implements HandshakeChecker {
        private final String key;

        private RemotingHandshakeChecker(String str) {
            this.key = str;
        }

        public void checkHandshake(Map<String, String> map) throws IOException {
            if (!map.containsKey(HttpUpgradeConnectionProvider.SEC_JBOSS_REMOTING_ACCEPT)) {
                throw new IOException("No sec-jbossremoting-accept header in response");
            }
            String createExpectedResponse = HttpUpgradeConnectionProvider.this.createExpectedResponse(this.key);
            String str = map.get(HttpUpgradeConnectionProvider.SEC_JBOSS_REMOTING_ACCEPT);
            if (!str.equals(createExpectedResponse)) {
                throw new IOException("sec-jbossremoting-accept value of " + str + " did not match expected " + createExpectedResponse);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public HttpUpgradeConnectionProvider(OptionMap optionMap, ConnectionProviderContext connectionProviderContext) throws IOException {
        super(optionMap, connectionProviderContext);
        this.providerInterface = new ProviderInterface();
    }

    @Override // org.jboss.remoting3.remote.RemoteConnectionProvider
    protected IoFuture<StreamConnection> createConnection(URI uri, InetSocketAddress inetSocketAddress, InetSocketAddress inetSocketAddress2, OptionMap optionMap, ChannelListener<StreamConnection> channelListener) {
        try {
            URI uri2 = new URI("http", "", uri.getHost(), uri.getPort(), "/", "", "");
            HashMap hashMap = new HashMap();
            hashMap.put(UPGRADE, "jboss-remoting");
            String createSecKey = createSecKey();
            hashMap.put(SEC_JBOSS_REMOTING_KEY, createSecKey);
            FutureResult futureResult = new FutureResult(getExecutor());
            HttpUpgrade.performUpgrade(getXnioWorker(), (InetSocketAddress) null, uri2, hashMap, streamConnection -> {
                ChannelListeners.invokeChannelListener(streamConnection, channelListener);
            }, (ChannelListener) null, optionMap, new RemotingHandshakeChecker(createSecKey)).addNotifier((ioFuture, obj) -> {
                if (ioFuture.getStatus() == IoFuture.Status.FAILED) {
                    futureResult.setException(ioFuture.getException());
                }
            }, (Object) null);
            return futureResult.getIoFuture();
        } catch (URISyntaxException e) {
            return new FailedIoFuture(new IOException(e));
        }
    }

    @Override // org.jboss.remoting3.remote.RemoteConnectionProvider
    protected IoFuture<SslConnection> createSslConnection(URI uri, InetSocketAddress inetSocketAddress, InetSocketAddress inetSocketAddress2, OptionMap optionMap, AuthenticationConfiguration authenticationConfiguration, ChannelListener<StreamConnection> channelListener) {
        try {
            URI uri2 = new URI("https", "", uri.getHost(), uri.getPort(), "/", "", "");
            OptionMap map = OptionMap.builder().addAll(optionMap).set(Options.SSL_STARTTLS, false).getMap();
            HashMap hashMap = new HashMap();
            hashMap.put(UPGRADE, "jboss-remoting");
            String createSecKey = createSecKey();
            hashMap.put(SEC_JBOSS_REMOTING_KEY, createSecKey);
            FutureResult futureResult = new FutureResult(getExecutor());
            HttpUpgrade.performUpgrade(getXnioWorker(), (XnioSsl) null, (InetSocketAddress) null, uri2, hashMap, sslConnection -> {
                ChannelListeners.invokeChannelListener(sslConnection, channelListener);
            }, (ChannelListener) null, map, new RemotingHandshakeChecker(createSecKey)).addNotifier((ioFuture, obj) -> {
                if (ioFuture.getStatus() == IoFuture.Status.FAILED) {
                    futureResult.setException(ioFuture.getException());
                }
            }, (Object) null);
            return futureResult.getIoFuture();
        } catch (URISyntaxException e) {
            return new FailedIoFuture(new IOException(e));
        }
    }

    @Override // org.jboss.remoting3.remote.RemoteConnectionProvider, org.jboss.remoting3.spi.ConnectionProvider
    public ProviderInterface getProviderInterface() {
        return this.providerInterface;
    }

    protected String createSecKey() {
        SecureRandom secureRandom = new SecureRandom();
        byte[] bArr = new byte[16];
        for (int i = 0; i < 4; i++) {
            int nextInt = secureRandom.nextInt();
            bArr[i * 4] = (byte) nextInt;
            bArr[(i * 4) + 1] = (byte) ((nextInt >> 8) & 255);
            bArr[(i * 4) + 2] = (byte) ((nextInt >> 16) & 255);
            bArr[(i * 4) + 3] = (byte) ((nextInt >> 24) & 255);
        }
        return FlexBase64.encodeString(bArr, false);
    }

    protected String createExpectedResponse(String str) throws IOException {
        try {
            String str2 = str + MAGIC_NUMBER;
            MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
            messageDigest.update(str2.getBytes("UTF-8"));
            return FlexBase64.encodeString(messageDigest.digest(), false);
        } catch (NoSuchAlgorithmException e) {
            throw new IOException(e);
        }
    }
}
