package org.infinispan.server.endpoint.subsystem;

import java.net.InetSocketAddress;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import org.infinispan.manager.EmbeddedCacheManager;
import org.infinispan.rest.configuration.ExtendedHeaders;
import org.infinispan.rest.configuration.RestServerConfigurationBuilder;
import org.infinispan.rest.embedded.netty4.NettyRestServer;
import org.infinispan.rest.embedded.netty4.security.BasicAuthenticator;
import org.infinispan.rest.embedded.netty4.security.ClientCertAuthenticator;
import org.infinispan.server.endpoint.EndpointLogger;
import org.infinispan.server.endpoint.subsystem.security.BasicRestSecurityDomain;
import org.infinispan.server.endpoint.subsystem.security.ClientCertRestSecurityDomain;
import org.jboss.as.controller.services.path.PathManager;
import org.jboss.as.domain.management.SecurityRealm;
import org.jboss.as.network.SocketBinding;
import org.jboss.msc.service.Service;
import org.jboss.msc.service.StartContext;
import org.jboss.msc.service.StartException;
import org.jboss.msc.service.StopContext;
import org.jboss.msc.value.InjectedValue;

/* loaded from: input_file:org/infinispan/server/endpoint/subsystem/RestService.class */
public class RestService implements Service<NettyRestServer>, EncryptableService {
    private final InjectedValue<PathManager> pathManagerInjector = new InjectedValue<>();
    private final InjectedValue<EmbeddedCacheManager> cacheManagerInjector = new InjectedValue<>();
    private final InjectedValue<SocketBinding> socketBinding = new InjectedValue<>();
    private final InjectedValue<SecurityRealm> encryptionSecurityRealm = new InjectedValue<>();
    private final InjectedValue<SecurityRealm> authenticationSecurityRealm = new InjectedValue<>();
    private final Map<String, InjectedValue<SecurityRealm>> sniDomains = new HashMap();
    private final RestAuthMethod authMethod;
    private final String serverName;
    private final String contextPath;
    private final ExtendedHeaders extendedHeaders;
    private final Set<String> ignoredCaches;
    private NettyRestServer restServer;
    private boolean clientAuth;

    public RestService(String str, RestAuthMethod restAuthMethod, String str2, ExtendedHeaders extendedHeaders, Set<String> set) {
        this.serverName = str;
        this.authMethod = restAuthMethod;
        this.contextPath = str2;
        this.extendedHeaders = extendedHeaders;
        this.ignoredCaches = set;
    }

    public synchronized void start(StartContext startContext) throws StartException {
        BasicAuthenticator basicAuthenticator;
        RestServerConfigurationBuilder restServerConfigurationBuilder = new RestServerConfigurationBuilder();
        restServerConfigurationBuilder.name(this.serverName).extendedHeaders(this.extendedHeaders).ignoredCaches(this.ignoredCaches).contextPath(this.contextPath);
        EncryptableServiceHelper.fillSecurityConfiguration(this, restServerConfigurationBuilder.ssl());
        String protocolName = getProtocolName();
        EndpointLogger.ROOT_LOGGER.endpointStarting(protocolName);
        try {
            SocketBinding socketBinding = (SocketBinding) getSocketBinding().getOptionalValue();
            if (socketBinding == null) {
                restServerConfigurationBuilder.startTransport(false);
                EndpointLogger.ROOT_LOGGER.startingServerWithoutTransport("REST");
            } else {
                InetSocketAddress socketAddress = socketBinding.getSocketAddress();
                restServerConfigurationBuilder.host(socketAddress.getAddress().getHostAddress());
                restServerConfigurationBuilder.port(socketAddress.getPort());
            }
            switch (this.authMethod) {
                case BASIC:
                    SecurityRealm securityRealm = (SecurityRealm) this.authenticationSecurityRealm.getOptionalValue();
                    basicAuthenticator = new BasicAuthenticator(new BasicRestSecurityDomain(securityRealm), EncryptableServiceHelper.isSecurityEnabled(this), securityRealm.getName());
                    break;
                case CLIENT_CERT:
                    if (!EncryptableServiceHelper.isSecurityEnabled(this)) {
                        throw EndpointLogger.ROOT_LOGGER.cannotUseCertificateAuthenticationWithoutEncryption();
                    }
                    basicAuthenticator = new ClientCertAuthenticator(new ClientCertRestSecurityDomain((SecurityRealm) this.authenticationSecurityRealm.getOptionalValue()));
                    break;
                case NONE:
                    basicAuthenticator = null;
                    break;
                default:
                    throw EndpointLogger.ROOT_LOGGER.restAuthMethodUnsupported(this.authMethod.toString());
            }
            this.restServer = NettyRestServer.createServer(restServerConfigurationBuilder.build(), (EmbeddedCacheManager) this.cacheManagerInjector.getValue(), basicAuthenticator);
            try {
                this.restServer.start();
                EndpointLogger.ROOT_LOGGER.httpEndpointStarted(protocolName, this.contextPath, ModelKeys.REST);
            } catch (Exception e) {
                throw EndpointLogger.ROOT_LOGGER.restContextStartFailed(e);
            }
        } catch (Exception e2) {
            throw EndpointLogger.ROOT_LOGGER.restContextCreationFailed(e2);
        }
    }

    private String getProtocolName() {
        return EncryptableServiceHelper.isSecurityEnabled(this) ? EncryptableServiceHelper.isSniEnabled(this) ? this.serverName + "+SNI" : this.serverName + "+SSL" : this.serverName;
    }

    public synchronized void stop(StopContext stopContext) {
        this.restServer.stop();
    }

    /* renamed from: getValue, reason: merged with bridge method [inline-methods] */
    public synchronized NettyRestServer m45getValue() throws IllegalStateException {
        if (this.restServer == null) {
            throw new IllegalStateException();
        }
        return this.restServer;
    }

    public InjectedValue<PathManager> getPathManagerInjector() {
        return this.pathManagerInjector;
    }

    public InjectedValue<EmbeddedCacheManager> getCacheManager() {
        return this.cacheManagerInjector;
    }

    public InjectedValue<SecurityRealm> getAuthenticationSecurityRealm() {
        return this.authenticationSecurityRealm;
    }

    public InjectedValue<SocketBinding> getSocketBinding() {
        return this.socketBinding;
    }

    @Override // org.infinispan.server.endpoint.subsystem.EncryptableService
    public InjectedValue<SecurityRealm> getEncryptionSecurityRealm() {
        return this.encryptionSecurityRealm;
    }

    @Override // org.infinispan.server.endpoint.subsystem.EncryptableService
    public InjectedValue<SecurityRealm> getSniSecurityRealm(String str) {
        return this.sniDomains.computeIfAbsent(str, str2 -> {
            return new InjectedValue();
        });
    }

    @Override // org.infinispan.server.endpoint.subsystem.EncryptableService
    public Map<String, InjectedValue<SecurityRealm>> getSniConfiguration() {
        return this.sniDomains;
    }

    @Override // org.infinispan.server.endpoint.subsystem.EncryptableService
    public String getServerName() {
        return this.serverName;
    }

    @Override // org.infinispan.server.endpoint.subsystem.EncryptableService
    public void setClientAuth(boolean z) {
        this.clientAuth = z;
    }

    @Override // org.infinispan.server.endpoint.subsystem.EncryptableService
    public boolean getClientAuth() {
        return this.clientAuth;
    }
}
