package org.xbib.net.http.server.netty.secure;

import io.netty.handler.ssl.SslContext;
import io.netty.util.AttributeKey;
import io.netty.util.DomainWildcardMappingBuilder;
import io.netty.util.Mapping;
import java.security.AlgorithmConstraints;
import java.util.Collection;
import java.util.Iterator;
import java.util.ServiceLoader;
import org.xbib.net.http.HttpAddress;
import org.xbib.net.http.server.HttpDomain;
import org.xbib.net.http.server.netty.NettyHttpServerConfig;

/* loaded from: input_file:org/xbib/net/http/server/netty/secure/NettyHttpsServerConfig.class */
public class NettyHttpsServerConfig extends NettyHttpServerConfig {
    public static final AttributeKey<ServerNameIndicationHandler> ATTRIBUTE_KEY_SNI_HANDLER = AttributeKey.valueOf("_sni_handler");
    private static final String[] DEFAULT_PROTOCOLS = {"TLSv1.2", "TLSv1.3"};
    private static ServerSecureSocketProvider serverSecureSocketProvider = (ServerSecureSocketProvider) ServiceLoader.load(ServerSecureSocketProvider.class).findFirst().orElse(new JdkServerSecureSocketProvider());
    private Mapping<String, SslContext> domainNameMapping;
    private String[] protocols;
    private String[] cipherSuites;
    private boolean isRetransmissionEnabled = true;
    private int maximumPacketSize = 0;
    private boolean isUseCipherSuiteOrdered = true;
    private AlgorithmConstraints algorithmConstraints = null;
    private boolean needsClientAuth = false;
    private boolean wantsClientAuth = false;

    public static void setServerSecureSocketProvider(ServerSecureSocketProvider serverSecureSocketProvider2) {
        serverSecureSocketProvider = serverSecureSocketProvider2;
    }

    public ServerSecureSocketProvider getServerSecureSocketProvider() {
        return serverSecureSocketProvider;
    }

    public Mapping<String, SslContext> getDomainNameMapping(Collection<HttpDomain> collection) {
        if (this.domainNameMapping == null) {
            buildMapping(collection);
        }
        return this.domainNameMapping;
    }

    public void setProtocols(String[] strArr) {
        this.protocols = strArr;
    }

    public String[] getProtocols(HttpAddress httpAddress) {
        if (this.protocols == null) {
            this.protocols = serverSecureSocketProvider.protocols(httpAddress);
        }
        if (this.protocols == null) {
            this.protocols = DEFAULT_PROTOCOLS;
        }
        return this.protocols;
    }

    public void setCipherSuites(String[] strArr) {
        this.cipherSuites = strArr;
    }

    public String[] getCipherSuites(HttpAddress httpAddress) {
        return this.cipherSuites;
    }

    public void setUseCipherSuiteOrdered(boolean z) {
        this.isUseCipherSuiteOrdered = z;
    }

    public boolean isUseCipherSuiteOrdered() {
        return this.isUseCipherSuiteOrdered;
    }

    public void setMaximumPacketSize(int i) {
        this.maximumPacketSize = i;
    }

    public int getMaximumPacketSize() {
        return this.maximumPacketSize;
    }

    public void setRetransmissionEnabled(boolean z) {
        this.isRetransmissionEnabled = z;
    }

    public boolean isRetransmissionEnabled() {
        return this.isRetransmissionEnabled;
    }

    public void setAlgorithmConstraints(AlgorithmConstraints algorithmConstraints) {
        this.algorithmConstraints = algorithmConstraints;
    }

    public AlgorithmConstraints getAlgorithmConstraints() {
        return this.algorithmConstraints;
    }

    public void setNeedsClientAuth(boolean z) {
        this.needsClientAuth = z;
    }

    public boolean isNeedsClientAuth() {
        return this.needsClientAuth;
    }

    public void setWantsClientAuth(boolean z) {
        this.wantsClientAuth = z;
    }

    public boolean isWantsClientAuth() {
        return this.wantsClientAuth;
    }

    private void buildMapping(Collection<HttpDomain> collection) {
        if (collection.isEmpty()) {
            throw new IllegalStateException("no domains found for domain name mapping");
        }
        DomainWildcardMappingBuilder domainWildcardMappingBuilder = new DomainWildcardMappingBuilder(getSslContextFrom(collection.iterator().next()));
        for (HttpDomain httpDomain : collection) {
            SslContext sslContextFrom = getSslContextFrom(httpDomain);
            HttpAddress address = httpDomain.getAddress();
            if (address.getHostNames() != null) {
                Iterator it = address.getHostNames().iterator();
                while (it.hasNext()) {
                    domainWildcardMappingBuilder.add(((String) it.next()) + ":" + address.getPort(), sslContextFrom);
                }
            }
            Iterator it2 = httpDomain.getNames().iterator();
            while (it2.hasNext()) {
                domainWildcardMappingBuilder.add((String) it2.next(), sslContextFrom);
            }
        }
        this.domainNameMapping = domainWildcardMappingBuilder.build();
    }

    public SslContext getSslContextFrom(HttpDomain httpDomain) {
        HttpAddress address = httpDomain.getAddress();
        if (address instanceof HttpsAddress) {
            return ((HttpsAddress) address).getSslContext();
        }
        throw new IllegalStateException("no secure http, no SslContext configured for domain " + httpDomain);
    }
}
