package org.jboss.as.domain.http.server;

import java.io.IOException;
import java.net.InetSocketAddress;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.Executor;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLParameters;
import org.jboss.as.controller.ControlledProcessStateService;
import org.jboss.as.controller.client.ModelControllerClient;
import org.jboss.as.domain.http.server.security.AnonymousAuthenticator;
import org.jboss.as.domain.http.server.security.ClientCertAuthenticator;
import org.jboss.as.domain.http.server.security.DigestAuthenticator;
import org.jboss.as.domain.management.AuthenticationMechanism;
import org.jboss.as.domain.management.SecurityRealm;
import org.jboss.com.sun.net.httpserver.BasicAuthenticator;
import org.jboss.com.sun.net.httpserver.HttpServer;
import org.jboss.com.sun.net.httpserver.HttpsConfigurator;
import org.jboss.com.sun.net.httpserver.HttpsParameters;
import org.jboss.com.sun.net.httpserver.HttpsServer;
import org.jboss.modules.ModuleLoadException;

/* loaded from: input_file:org/jboss/as/domain/http/server/ManagementHttpServer.class */
public class ManagementHttpServer {
    private final HttpServer httpServer;
    private final HttpServer secureHttpServer;
    private SecurityRealm securityRealm;
    private List<ManagementHttpHandler> handlers = new LinkedList();

    /* renamed from: org.jboss.as.domain.http.server.ManagementHttpServer$2, reason: invalid class name */
    /* loaded from: input_file:org/jboss/as/domain/http/server/ManagementHttpServer$2.class */
    static /* synthetic */ class AnonymousClass2 {
        static final /* synthetic */ int[] $SwitchMap$org$jboss$as$domain$http$server$ManagementHttpServer$CertAuth = new int[CertAuth.values().length];

        static {
            try {
                $SwitchMap$org$jboss$as$domain$http$server$ManagementHttpServer$CertAuth[CertAuth.NEED.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$jboss$as$domain$http$server$ManagementHttpServer$CertAuth[CertAuth.WANT.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    /* loaded from: input_file:org/jboss/as/domain/http/server/ManagementHttpServer$CertAuth.class */
    private enum CertAuth {
        NONE,
        WANT,
        NEED
    }

    private ManagementHttpServer(HttpServer httpServer, HttpServer httpServer2, SecurityRealm securityRealm) {
        this.httpServer = httpServer;
        this.secureHttpServer = httpServer2;
        this.securityRealm = securityRealm;
    }

    void addHandler(ManagementHttpHandler managementHttpHandler) {
        this.handlers.add(managementHttpHandler);
    }

    public void start() {
        start(this.httpServer);
        start(this.secureHttpServer);
    }

    private void start(HttpServer httpServer) {
        if (httpServer == null) {
            return;
        }
        Iterator<ManagementHttpHandler> it = this.handlers.iterator();
        while (it.hasNext()) {
            it.next().start(httpServer, this.securityRealm);
        }
        httpServer.start();
    }

    public void stop() {
        stop(this.httpServer);
        stop(this.secureHttpServer);
    }

    private void stop(HttpServer httpServer) {
        if (httpServer == null) {
            return;
        }
        httpServer.stop(0);
        Iterator<ManagementHttpHandler> it = this.handlers.iterator();
        while (it.hasNext()) {
            it.next().stop(httpServer);
        }
    }

    public static ManagementHttpServer create(InetSocketAddress inetSocketAddress, InetSocketAddress inetSocketAddress2, int i, ModelControllerClient modelControllerClient, Executor executor, SecurityRealm securityRealm, ControlledProcessStateService controlledProcessStateService, ConsoleMode consoleMode, String str) throws IOException {
        CertAuth certAuth;
        Map emptyMap = Collections.emptyMap();
        BasicAuthenticator basicAuthenticator = null;
        if (securityRealm != null) {
            Set supportedAuthenticationMechanisms = securityRealm.getSupportedAuthenticationMechanisms();
            if (supportedAuthenticationMechanisms.contains(AuthenticationMechanism.DIGEST)) {
                Map mechanismConfig = securityRealm.getMechanismConfig(AuthenticationMechanism.DIGEST);
                boolean z = true;
                if (mechanismConfig.containsKey("org.jboss.as.domain.management.digest.plain_text")) {
                    z = Boolean.parseBoolean((String) mechanismConfig.get("org.jboss.as.domain.management.digest.plain_text"));
                }
                basicAuthenticator = new DigestAuthenticator(securityRealm, !z);
            } else if (supportedAuthenticationMechanisms.contains(AuthenticationMechanism.PLAIN)) {
                basicAuthenticator = new org.jboss.as.domain.http.server.security.BasicAuthenticator(securityRealm);
            }
            if (!supportedAuthenticationMechanisms.contains(AuthenticationMechanism.CLIENT_CERT)) {
                certAuth = CertAuth.NONE;
            } else if (basicAuthenticator == null) {
                certAuth = CertAuth.NEED;
                basicAuthenticator = new ClientCertAuthenticator(securityRealm);
            } else {
                certAuth = CertAuth.WANT;
            }
        } else {
            basicAuthenticator = new AnonymousAuthenticator();
            certAuth = CertAuth.NONE;
        }
        HttpServer httpServer = null;
        if (inetSocketAddress != null) {
            httpServer = HttpServer.create(inetSocketAddress, i, emptyMap);
            httpServer.setExecutor(executor);
        }
        HttpsServer httpsServer = null;
        if (inetSocketAddress2 != null) {
            httpsServer = HttpsServer.create(inetSocketAddress2, i, emptyMap);
            final SSLContext sSLContext = securityRealm.getSSLContext();
            if (sSLContext != null) {
                final CertAuth certAuth2 = certAuth;
                httpsServer.setHttpsConfigurator(new HttpsConfigurator(sSLContext) { // from class: org.jboss.as.domain.http.server.ManagementHttpServer.1
                    public void configure(HttpsParameters httpsParameters) {
                        SSLParameters defaultSSLParameters = sSLContext.getDefaultSSLParameters();
                        switch (AnonymousClass2.$SwitchMap$org$jboss$as$domain$http$server$ManagementHttpServer$CertAuth[certAuth2.ordinal()]) {
                            case 1:
                                defaultSSLParameters.setNeedClientAuth(true);
                                break;
                            case 2:
                                defaultSSLParameters.setWantClientAuth(true);
                                break;
                        }
                        httpsParameters.setSSLParameters(defaultSSLParameters);
                    }
                });
                httpsServer.setExecutor(executor);
            } else {
                HttpServerLogger.ROOT_LOGGER.sslConfigurationNotFound();
            }
        }
        ManagementHttpServer managementHttpServer = new ManagementHttpServer(httpServer, httpsServer, securityRealm);
        ResourceHandler resourceHandler = null;
        try {
            resourceHandler = consoleMode.createConsoleHandler(str);
        } catch (ModuleLoadException e) {
            HttpServerLogger.ROOT_LOGGER.consoleModuleNotFound(str == null ? "main" : str);
        }
        managementHttpServer.addHandler(new RootHandler(resourceHandler));
        managementHttpServer.addHandler(new DomainApiHandler(modelControllerClient, basicAuthenticator, controlledProcessStateService));
        if (resourceHandler != null) {
            managementHttpServer.addHandler(resourceHandler);
        }
        try {
            managementHttpServer.addHandler(new ErrorHandler(str));
            managementHttpServer.addHandler(new LogoutHandler());
            return managementHttpServer;
        } catch (ModuleLoadException e2) {
            throw new IOException("Unable to load resource handler", e2);
        }
    }
}
