package org.jboss.as.remoting;

import io.undertow.server.ListenerRegistry;
import io.undertow.server.handlers.ChannelUpgradeHandler;
import java.io.IOException;
import java.util.function.Consumer;
import javax.security.sasl.SaslServerFactory;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.domain.management.SecurityRealm;
import org.jboss.as.domain.management.security.SecurityRealmService;
import org.jboss.as.network.SocketBinding;
import org.jboss.as.remoting.logging.RemotingLogger;
import org.jboss.msc.service.Service;
import org.jboss.msc.service.ServiceBuilder;
import org.jboss.msc.service.ServiceController;
import org.jboss.msc.service.ServiceName;
import org.jboss.msc.service.ServiceTarget;
import org.jboss.msc.service.StartContext;
import org.jboss.msc.service.StartException;
import org.jboss.msc.service.StopContext;
import org.jboss.msc.value.InjectedValue;
import org.jboss.remoting3.Endpoint;
import org.jboss.remoting3.UnknownURISchemeException;
import org.jboss.remoting3.spi.ExternalConnectionProvider;
import org.wildfly.security.auth.server.MechanismConfiguration;
import org.wildfly.security.auth.server.SaslAuthenticationFactory;
import org.wildfly.security.auth.server.SecurityDomain;
import org.wildfly.security.manager.WildFlySecurityManager;
import org.wildfly.security.sasl.anonymous.AnonymousServerFactory;
import org.xnio.ChannelListener;
import org.xnio.Option;
import org.xnio.OptionMap;
import org.xnio.Options;
import org.xnio.Sequence;
import org.xnio.StreamConnection;

/* loaded from: input_file:org/jboss/as/remoting/RemotingHttpUpgradeService.class */
public class RemotingHttpUpgradeService implements Service<RemotingHttpUpgradeService> {
    public static final String JBOSS_REMOTING = "jboss-remoting";
    public static final String MAGIC_NUMBER = "CF70DEB8-70F9-4FBA-8B4F-DFC3E723B4CD";
    public static final String SEC_JBOSS_REMOTING_KEY = "Sec-JbossRemoting-Key";
    public static final String SEC_JBOSS_REMOTING_ACCEPT = "Sec-JbossRemoting-Accept";
    public static final ServiceName HTTP_UPGRADE_REGISTRY;
    public static final ServiceName UPGRADE_SERVICE_NAME;
    private final String httpConnectorName;
    private final String endpointName;
    private final InjectedValue<ChannelUpgradeHandler> injectedRegistry = new InjectedValue<>();
    private final InjectedValue<ListenerRegistry> listenerRegistry = new InjectedValue<>();
    private final InjectedValue<Endpoint> injectedEndpoint = new InjectedValue<>();
    private final InjectedValue<SecurityRealm> injectedSecurityRealm = new InjectedValue<>();
    private final InjectedValue<SaslAuthenticationFactory> injectedSaslAuthenticationFactory = new InjectedValue<>();
    private final OptionMap connectorPropertiesOptionMap;
    private ListenerRegistry.HttpUpgradeMetadata httpUpgradeMetadata;
    static final /* synthetic */ boolean $assertionsDisabled;

    public RemotingHttpUpgradeService(String str, String str2, OptionMap optionMap) {
        this.httpConnectorName = str;
        this.endpointName = str2;
        this.connectorPropertiesOptionMap = optionMap;
    }

    public static void installServices(OperationContext operationContext, String str, String str2, ServiceName serviceName, OptionMap optionMap, String str3, String str4) {
        ServiceTarget serviceTarget = operationContext.getServiceTarget();
        RemotingHttpUpgradeService remotingHttpUpgradeService = new RemotingHttpUpgradeService(str2, serviceName.getSimpleName(), optionMap);
        ServiceBuilder addDependency = serviceTarget.addService(UPGRADE_SERVICE_NAME.append(str), remotingHttpUpgradeService).setInitialMode(ServiceController.Mode.PASSIVE).addDependency(HTTP_UPGRADE_REGISTRY.append(str2), ChannelUpgradeHandler.class, remotingHttpUpgradeService.injectedRegistry).addDependency(RemotingServices.HTTP_LISTENER_REGISTRY, ListenerRegistry.class, remotingHttpUpgradeService.listenerRegistry).addDependency(serviceName, Endpoint.class, remotingHttpUpgradeService.injectedEndpoint);
        if (str3 != null) {
            addDependency.addDependency(SecurityRealm.ServiceUtil.createServiceName(str3), SecurityRealm.class, remotingHttpUpgradeService.injectedSecurityRealm);
        }
        if (str4 != null) {
            addDependency.addDependency(operationContext.getCapabilityServiceName(org.jboss.as.controller.management.Capabilities.SASL_AUTHENTICATION_FACTORY_CAPABILITY, str4, SaslAuthenticationFactory.class), SaslAuthenticationFactory.class, remotingHttpUpgradeService.injectedSaslAuthenticationFactory);
        }
        addDependency.install();
    }

    @Override // org.jboss.msc.service.Service, org.jboss.msc.Service
    public synchronized void start(StartContext startContext) throws StartException {
        SecurityRealm optionalValue;
        Endpoint value = this.injectedEndpoint.getValue();
        OptionMap.Builder builder = OptionMap.builder();
        ListenerRegistry.Listener listener = this.listenerRegistry.getValue().getListener(this.httpConnectorName);
        if (!$assertionsDisabled && listener == null) {
            throw new AssertionError();
        }
        ListenerRegistry.HttpUpgradeMetadata httpUpgradeMetadata = new ListenerRegistry.HttpUpgradeMetadata("jboss-remoting", this.endpointName);
        this.httpUpgradeMetadata = httpUpgradeMetadata;
        listener.addHttpUpgradeMetadata(httpUpgradeMetadata);
        RemotingConnectorBindingInfoService.install(startContext.getChildTarget(), startContext.getController().getName().getSimpleName(), (SocketBinding) listener.getContextInformation("socket-binding"), listener.getProtocol().equals("https") ? Protocol.REMOTE_HTTPS : Protocol.REMOTE_HTTP);
        if (this.connectorPropertiesOptionMap != null) {
            builder.addAll(this.connectorPropertiesOptionMap);
        }
        OptionMap map = builder.getMap();
        try {
            ExternalConnectionProvider externalConnectionProvider = (ExternalConnectionProvider) value.getConnectionProviderInterface(Protocol.HTTP_REMOTING.toString(), ExternalConnectionProvider.class);
            SaslAuthenticationFactory optionalValue2 = this.injectedSaslAuthenticationFactory.getOptionalValue();
            if (optionalValue2 == null && (optionalValue = this.injectedSecurityRealm.getOptionalValue()) != null) {
                ClassLoader classLoaderPrivileged = WildFlySecurityManager.getClassLoaderPrivileged(ConnectorUtils.class);
                Option<?> fromString = Option.fromString("org.xnio.Options." + Options.SASL_MECHANISMS.getName(), classLoaderPrivileged);
                String[] strArr = null;
                if (this.connectorPropertiesOptionMap.contains(fromString) && (this.connectorPropertiesOptionMap.get(fromString) instanceof Sequence)) {
                    Sequence sequence = (Sequence) this.connectorPropertiesOptionMap.get(fromString);
                    strArr = (String[]) sequence.toArray(new String[sequence.size()]);
                }
                Option<?> fromString2 = Option.fromString("org.xnio.Options." + Options.SASL_POLICY_NOANONYMOUS.getName(), classLoaderPrivileged);
                Boolean bool = strArr == null ? null : true;
                if (this.connectorPropertiesOptionMap.contains(fromString2)) {
                    Object obj = this.connectorPropertiesOptionMap.get(fromString2);
                    if (obj instanceof Boolean) {
                        bool = (Boolean) obj;
                    }
                }
                optionalValue2 = (strArr == null && bool == null) ? optionalValue.getSaslAuthenticationFactory() : optionalValue.getSaslAuthenticationFactory(strArr, bool);
            }
            if (optionalValue2 == null) {
                RemotingLogger.ROOT_LOGGER.warn("****** All authentication is ANONYMOUS for " + getClass().getName());
                SecurityDomain.Builder builder2 = SecurityDomain.builder();
                builder2.addRealm("default", org.wildfly.security.auth.server.SecurityRealm.EMPTY_REALM).build();
                builder2.setDefaultRealmName("default");
                builder2.setPermissionMapper((permissionMappable, roles) -> {
                    return SecurityRealmService.createPermissionVerifier();
                });
                SaslAuthenticationFactory.Builder builder3 = SaslAuthenticationFactory.builder();
                builder3.setSecurityDomain(builder2.build());
                builder3.setFactory((SaslServerFactory) new AnonymousServerFactory());
                builder3.setMechanismConfigurationSelector(mechanismInformation -> {
                    return MechanismConfiguration.EMPTY;
                });
                optionalValue2 = builder3.build();
            }
            final Consumer<StreamConnection> createConnectionAdaptor = externalConnectionProvider.createConnectionAdaptor(map, optionalValue2);
            this.injectedRegistry.getValue().addProtocol("jboss-remoting", new ChannelListener<StreamConnection>() { // from class: org.jboss.as.remoting.RemotingHttpUpgradeService.1
                @Override // org.xnio.ChannelListener
                public void handleEvent(StreamConnection streamConnection) {
                    createConnectionAdaptor.accept(streamConnection);
                }
            }, new SimpleHttpUpgradeHandshake("CF70DEB8-70F9-4FBA-8B4F-DFC3E723B4CD", "Sec-JbossRemoting-Key", SEC_JBOSS_REMOTING_ACCEPT));
        } catch (UnknownURISchemeException e) {
            throw new StartException(e);
        } catch (IOException e2) {
            throw new StartException(e2);
        }
    }

    @Override // org.jboss.msc.service.Service, org.jboss.msc.Service
    public synchronized void stop(StopContext stopContext) {
        this.listenerRegistry.getValue().getListener(this.httpConnectorName).removeHttpUpgradeMetadata(this.httpUpgradeMetadata);
        this.httpUpgradeMetadata = null;
        this.injectedRegistry.getValue().removeProtocol("jboss-remoting");
    }

    @Override // org.jboss.msc.value.Value
    public synchronized RemotingHttpUpgradeService getValue() throws IllegalStateException, IllegalArgumentException {
        return this;
    }

    static {
        $assertionsDisabled = !RemotingHttpUpgradeService.class.desiredAssertionStatus();
        HTTP_UPGRADE_REGISTRY = ServiceName.JBOSS.append("http-upgrade-registry");
        UPGRADE_SERVICE_NAME = ServiceName.JBOSS.append(RemotingExtension.SUBSYSTEM_NAME, "remoting-http-upgrade-service");
    }
}
