package org.wildfly.extension.undertow.handlers;

import io.undertow.UndertowOptions;
import io.undertow.protocols.ssl.UndertowXnioSsl;
import io.undertow.server.HttpHandler;
import io.undertow.server.handlers.proxy.LoadBalancingProxyClient;
import io.undertow.server.handlers.proxy.ProxyHandler;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Arrays;
import java.util.Collection;
import javax.net.ssl.SSLContext;
import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.CapabilityServiceBuilder;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.PathElement;
import org.jboss.as.controller.PersistentResourceDefinition;
import org.jboss.as.controller.ServiceRemoveStepHandler;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.access.management.AccessConstraintDefinition;
import org.jboss.as.controller.access.management.SensitiveTargetAccessConstraintDefinition;
import org.jboss.as.controller.capability.DynamicNameMappers;
import org.jboss.as.controller.capability.RuntimeCapability;
import org.jboss.as.controller.operations.validation.StringLengthValidator;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.as.controller.registry.OperationEntry;
import org.jboss.as.domain.management.SecurityRealm;
import org.jboss.as.network.OutboundSocketBinding;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import org.jboss.msc.service.Service;
import org.jboss.msc.service.ServiceName;
import org.jboss.msc.service.StartContext;
import org.jboss.msc.service.StartException;
import org.jboss.msc.service.StopContext;
import org.jboss.msc.value.InjectedValue;
import org.wildfly.extension.undertow.Capabilities;
import org.wildfly.extension.undertow.Constants;
import org.wildfly.extension.undertow.UndertowExtension;
import org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler;
import org.xnio.OptionMap;
import org.xnio.Options;
import org.xnio.Xnio;
import org.xnio.ssl.XnioSsl;

/* loaded from: input_file:org/wildfly/extension/undertow/handlers/ReverseProxyHandlerHost.class */
public class ReverseProxyHandlerHost extends PersistentResourceDefinition {
    private static final RuntimeCapability<Void> REVERSE_PROXY_HOST_RUNTIME_CAPABILITY = RuntimeCapability.Builder.of(Capabilities.CAPABILITY_REVERSE_PROXY_HANDLER_HOST, true, ReverseProxyHostService.class).setDynamicNameMapper(DynamicNameMappers.PARENT).build();
    public static final SimpleAttributeDefinition OUTBOUND_SOCKET_BINDING = new SimpleAttributeDefinitionBuilder("outbound-socket-binding", ModelType.STRING).setRequired(true).setValidator(new StringLengthValidator(1, false)).setAllowExpression(true).setRestartAllServices().addAccessConstraint(SensitiveTargetAccessConstraintDefinition.SOCKET_BINDING_REF).setCapabilityReference(Capabilities.REF_OUTBOUND_SOCKET).build();
    public static final AttributeDefinition SCHEME = new SimpleAttributeDefinitionBuilder(Constants.SCHEME, ModelType.STRING).setRequired(false).setAllowExpression(true).setDefaultValue(new ModelNode("http")).setRestartAllServices().build();
    public static final AttributeDefinition PATH = new SimpleAttributeDefinitionBuilder(Constants.PATH, ModelType.STRING).setRequired(false).setAllowExpression(true).setDefaultValue(new ModelNode("/")).setRestartAllServices().build();
    public static final AttributeDefinition INSTANCE_ID = new SimpleAttributeDefinitionBuilder(Constants.INSTANCE_ID, ModelType.STRING).setRequired(false).setAllowExpression(true).setRestartAllServices().build();
    public static final SimpleAttributeDefinition SSL_CONTEXT = new SimpleAttributeDefinitionBuilder(Constants.SSL_CONTEXT, ModelType.STRING, true).setAlternatives(new String[]{Constants.SECURITY_REALM}).setCapabilityReference(Capabilities.REF_SSL_CONTEXT).setRestartAllServices().setValidator(new StringLengthValidator(1)).setAccessConstraints(new AccessConstraintDefinition[]{SensitiveTargetAccessConstraintDefinition.SSL_REF}).build();
    public static final SimpleAttributeDefinition SECURITY_REALM = new SimpleAttributeDefinitionBuilder(Constants.SECURITY_REALM, ModelType.STRING).setAlternatives(new String[]{Constants.SSL_CONTEXT}).setRequired(false).setRestartAllServices().setValidator(new StringLengthValidator(1)).setAccessConstraints(new AccessConstraintDefinition[]{SensitiveTargetAccessConstraintDefinition.SECURITY_REALM_REF}).build();
    public static final SimpleAttributeDefinition ENABLE_HTTP2 = new SimpleAttributeDefinitionBuilder(Constants.ENABLE_HTTP2, ModelType.BOOLEAN).setRequired(false).setDefaultValue(ModelNode.FALSE).setRestartAllServices().build();
    public static final ReverseProxyHandlerHost INSTANCE = new ReverseProxyHandlerHost();

    /* loaded from: input_file:org/wildfly/extension/undertow/handlers/ReverseProxyHandlerHost$ReverseProxyHostAdd.class */
    private static class ReverseProxyHostAdd extends AbstractAddStepHandler {
        public ReverseProxyHostAdd(Collection<AttributeDefinition> collection) {
            super(collection);
        }

        protected void performRuntime(OperationContext operationContext, ModelNode modelNode, ModelNode modelNode2) throws OperationFailedException {
            PathAddress currentAddress = operationContext.getCurrentAddress();
            String value = currentAddress.getElement(currentAddress.size() - 2).getValue();
            String asString = ReverseProxyHandlerHost.OUTBOUND_SOCKET_BINDING.resolveModelAttribute(operationContext, modelNode2).asString();
            String asString2 = ReverseProxyHandlerHost.SCHEME.resolveModelAttribute(operationContext, modelNode2).asString();
            String asString3 = ReverseProxyHandlerHost.PATH.resolveModelAttribute(operationContext, modelNode2).asString();
            boolean asBoolean = ReverseProxyHandlerHost.ENABLE_HTTP2.resolveModelAttribute(operationContext, modelNode2).asBoolean();
            ModelNode resolveModelAttribute = ReverseProxyHandlerHost.SECURITY_REALM.resolveModelAttribute(operationContext, modelNode2);
            ModelNode resolveModelAttribute2 = ReverseProxyHandlerHost.SSL_CONTEXT.resolveModelAttribute(operationContext, modelNode2);
            ReverseProxyHostService reverseProxyHostService = new ReverseProxyHostService(asString2, modelNode2.hasDefined(Constants.INSTANCE_ID) ? ReverseProxyHandlerHost.INSTANCE_ID.resolveModelAttribute(operationContext, modelNode2).asString() : null, asString3, asBoolean);
            CapabilityServiceBuilder addCapabilityRequirement = operationContext.getCapabilityServiceTarget().addCapability(ReverseProxyHandlerHost.REVERSE_PROXY_HOST_RUNTIME_CAPABILITY).setInstance(reverseProxyHostService).addCapabilityRequirement(Capabilities.CAPABILITY_HANDLER, HttpHandler.class, reverseProxyHostService.proxyHandler, new String[]{value}).addCapabilityRequirement(Capabilities.REF_OUTBOUND_SOCKET, OutboundSocketBinding.class, reverseProxyHostService.socketBinding, new String[]{asString});
            if (resolveModelAttribute2.isDefined()) {
                addCapabilityRequirement.addCapabilityRequirement(Capabilities.REF_SSL_CONTEXT, SSLContext.class, reverseProxyHostService.sslContext, new String[]{resolveModelAttribute2.asString()});
            }
            if (resolveModelAttribute.isDefined()) {
                SecurityRealm.ServiceUtil.addDependency(addCapabilityRequirement, reverseProxyHostService.securityRealm, resolveModelAttribute.asString());
            }
            addCapabilityRequirement.install();
        }
    }

    /* loaded from: input_file:org/wildfly/extension/undertow/handlers/ReverseProxyHandlerHost$ReverseProxyHostService.class */
    private static final class ReverseProxyHostService implements Service<ReverseProxyHostService> {
        private final InjectedValue<HttpHandler> proxyHandler;
        private final InjectedValue<OutboundSocketBinding> socketBinding;
        private final InjectedValue<SecurityRealm> securityRealm;
        private final InjectedValue<SSLContext> sslContext;
        private final String instanceId;
        private final String scheme;
        private final String path;
        private final boolean enableHttp2;

        private ReverseProxyHostService(String str, String str2, String str3, boolean z) {
            this.proxyHandler = new InjectedValue<>();
            this.socketBinding = new InjectedValue<>();
            this.securityRealm = new InjectedValue<>();
            this.sslContext = new InjectedValue<>();
            this.instanceId = str2;
            this.scheme = str;
            this.path = str3;
            this.enableHttp2 = z;
        }

        private URI getUri() throws URISyntaxException {
            OutboundSocketBinding outboundSocketBinding = (OutboundSocketBinding) this.socketBinding.getValue();
            return new URI(this.scheme, null, outboundSocketBinding.getUnresolvedDestinationAddress(), outboundSocketBinding.getDestinationPort(), this.path, null, null);
        }

        public void start(StartContext startContext) throws StartException {
            SecurityRealm securityRealm;
            LoadBalancingProxyClient proxyClient = ((ProxyHandler) (this.proxyHandler.getValue() instanceof GlobalRequestControllerHandler ? ((GlobalRequestControllerHandler) this.proxyHandler.getValue()).getNext() : (HttpHandler) this.proxyHandler.getValue())).getProxyClient();
            try {
                SSLContext sSLContext = (SSLContext) this.sslContext.getOptionalValue();
                if (sSLContext == null && (securityRealm = (SecurityRealm) this.securityRealm.getOptionalValue()) != null) {
                    sSLContext = securityRealm.getSSLContext();
                }
                if (sSLContext == null) {
                    proxyClient.addHost(getUri(), this.instanceId, (XnioSsl) null, OptionMap.create(UndertowOptions.ENABLE_HTTP2, Boolean.valueOf(this.enableHttp2)));
                } else {
                    OptionMap.Builder builder = OptionMap.builder();
                    builder.set(Options.USE_DIRECT_BUFFERS, true);
                    proxyClient.addHost(getUri(), this.instanceId, new UndertowXnioSsl(Xnio.getInstance(), builder.getMap(), sSLContext), OptionMap.create(UndertowOptions.ENABLE_HTTP2, Boolean.valueOf(this.enableHttp2)));
                }
            } catch (URISyntaxException e) {
                throw new StartException(e);
            }
        }

        public void stop(StopContext stopContext) {
            try {
                ((ProxyHandler) (this.proxyHandler.getValue() instanceof GlobalRequestControllerHandler ? ((GlobalRequestControllerHandler) this.proxyHandler.getValue()).getNext() : (HttpHandler) this.proxyHandler.getValue())).getProxyClient().removeHost(getUri());
            } catch (URISyntaxException e) {
                throw new RuntimeException(e);
            }
        }

        /* renamed from: getValue, reason: merged with bridge method [inline-methods] */
        public ReverseProxyHostService m135getValue() throws IllegalStateException, IllegalArgumentException {
            return this;
        }
    }

    private ReverseProxyHandlerHost() {
        super(new PersistentResourceDefinition.Parameters(PathElement.pathElement(Constants.HOST), UndertowExtension.getResolver(Constants.HANDLER, Constants.REVERSE_PROXY, Constants.HOST)).setCapabilities(new RuntimeCapability[]{REVERSE_PROXY_HOST_RUNTIME_CAPABILITY}));
    }

    public Collection<AttributeDefinition> getAttributes() {
        return Arrays.asList(OUTBOUND_SOCKET_BINDING, SCHEME, INSTANCE_ID, PATH, SSL_CONTEXT, SECURITY_REALM, ENABLE_HTTP2);
    }

    public void registerOperations(ManagementResourceRegistration managementResourceRegistration) {
        super.registerOperations(managementResourceRegistration);
        ReverseProxyHostAdd reverseProxyHostAdd = new ReverseProxyHostAdd(getAttributes());
        registerAddOperation(managementResourceRegistration, reverseProxyHostAdd, new OperationEntry.Flag[]{OperationEntry.Flag.RESTART_RESOURCE_SERVICES});
        registerRemoveOperation(managementResourceRegistration, new ServiceRemoveStepHandler(reverseProxyHostAdd) { // from class: org.wildfly.extension.undertow.handlers.ReverseProxyHandlerHost.1
            protected ServiceName serviceName(String str, PathAddress pathAddress) {
                return ReverseProxyHandlerHost.REVERSE_PROXY_HOST_RUNTIME_CAPABILITY.getCapabilityServiceName(pathAddress);
            }
        }, new OperationEntry.Flag[]{OperationEntry.Flag.RESTART_RESOURCE_SERVICES});
    }
}
