package org.wildfly.swarm.undertow.runtime;

import java.lang.reflect.InvocationTargetException;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.inject.Any;
import javax.enterprise.inject.Instance;
import javax.inject.Inject;
import org.wildfly.swarm.config.ManagementCoreService;
import org.wildfly.swarm.config.management.security_realm.SslServerIdentity;
import org.wildfly.swarm.config.undertow.Server;
import org.wildfly.swarm.internal.SwarmMessages;
import org.wildfly.swarm.spi.api.Customizer;
import org.wildfly.swarm.spi.runtime.annotations.Pre;
import org.wildfly.swarm.undertow.UndertowFraction;
import org.wildfly.swarm.undertow.UndertowProperties;
import org.wildfly.swarm.undertow.descriptors.CertInfo;

@ApplicationScoped
@Pre
/* loaded from: input_file:m2repo/org/wildfly/swarm/undertow/2017.7.0/undertow-2017.7.0.jar:org/wildfly/swarm/undertow/runtime/HTTPSCustomizer.class */
public class HTTPSCustomizer implements Customizer {

    @Inject
    UndertowFraction undertow;

    @Inject
    @Any
    Instance<ManagementCoreService> managementCoreService;

    @Inject
    CertInfo certInfo;

    @Override // org.wildfly.swarm.spi.api.Customizer
    public void customize() {
        if (this.managementCoreService.isUnsatisfied() || !this.certInfo.isValid()) {
            return;
        }
        ManagementCoreService managementCoreService = this.managementCoreService.get();
        if (managementCoreService == null) {
            throw SwarmMessages.MESSAGES.httpsRequiresManagementFraction();
        }
        if (this.undertow.isOnlyHTTPS()) {
            this.undertow.removeHttpListenersFromDefaultServer();
        }
        for (Server server : this.undertow.subresources().servers()) {
            if (server.subresources().httpsListeners().isEmpty()) {
                server.httpsListener(UndertowProperties.DEFAULT_HTTPS_LISTENER, httpsListener -> {
                    httpsListener.securityRealm("SSLRealm").socketBinding("https");
                });
            }
        }
        managementCoreService.securityRealm("SSLRealm", securityRealm -> {
            securityRealm.sslServerIdentity(sslServerIdentity -> {
                sslServerIdentity.keystorePath(this.certInfo.keystorePath()).keystoreRelativeTo(this.certInfo.keystoreRelativeTo()).keystorePassword(this.certInfo.keystorePassword()).keyPassword(this.certInfo.keyPassword()).alias(this.certInfo.keystoreAlias()).alias(this.certInfo.keystoreAlias());
                handleSelfSignedCertificateHost(sslServerIdentity);
            });
        });
    }

    private void handleSelfSignedCertificateHost(SslServerIdentity sslServerIdentity) {
        try {
            sslServerIdentity.getClass().getMethod("generateSelfSignedCertificateHost", String.class).invoke(sslServerIdentity, this.certInfo.generateSelfSignedCertificateHost());
        } catch (IllegalAccessException | InvocationTargetException e) {
            SwarmMessages.MESSAGES.failToInvokeGenerateSelfSignedCertificateHost(e);
        } catch (NoSuchMethodException e2) {
        }
    }
}
