package org.wso2.choreo.connect.mockbackend.http2;

import io.netty.bootstrap.ServerBootstrap;
import io.netty.channel.ChannelOption;
import io.netty.channel.nio.NioEventLoopGroup;
import io.netty.channel.socket.nio.NioServerSocketChannel;
import io.netty.handler.codec.http2.Http2SecurityUtil;
import io.netty.handler.ssl.ApplicationProtocolConfig;
import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.SslProvider;
import io.netty.handler.ssl.SupportedCipherSuiteFilter;
import io.netty.handler.ssl.util.SelfSignedCertificate;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/wso2/choreo/connect/mockbackend/http2/Http2MockBackend.class */
public class Http2MockBackend {
    private static final Logger logger = LoggerFactory.getLogger(Http2MockBackend.class);
    private final int backendServerPort;
    private boolean secured;
    private boolean mtlsEnabled;
    private int sleepTime;
    private boolean h2ContentAggregate;
    private String keyStoreName;
    private String keyStorePassword;

    public Http2MockBackend(int i) {
        this.secured = false;
        this.mtlsEnabled = false;
        this.sleepTime = 5000;
        this.h2ContentAggregate = true;
        this.keyStoreName = "backendKeystore.pkcs12";
        this.keyStorePassword = "backend";
        this.backendServerPort = i;
    }

    public Http2MockBackend(int i, boolean z, boolean z2) {
        this.secured = false;
        this.mtlsEnabled = false;
        this.sleepTime = 5000;
        this.h2ContentAggregate = true;
        this.keyStoreName = "backendKeystore.pkcs12";
        this.keyStorePassword = "backend";
        this.secured = z;
        this.backendServerPort = i;
        this.mtlsEnabled = z2;
    }

    public void startServer() {
        NioEventLoopGroup nioEventLoopGroup = new NioEventLoopGroup();
        try {
            try {
                ServerBootstrap serverBootstrap = new ServerBootstrap();
                serverBootstrap.option(ChannelOption.SO_BACKLOG, 1024);
                serverBootstrap.group(nioEventLoopGroup).channel(NioServerSocketChannel.class).option(ChannelOption.SO_BACKLOG, 1024);
                configureHttp2(serverBootstrap).bind(this.backendServerPort).sync().channel().closeFuture().sync();
                nioEventLoopGroup.shutdownGracefully();
            } catch (InterruptedException | CertificateException | SSLException e) {
                logger.error("Failed to start the HTTP2 server", e);
                nioEventLoopGroup.shutdownGracefully();
            }
        } catch (Throwable th) {
            nioEventLoopGroup.shutdownGracefully();
            throw th;
        }
    }

    private ServerBootstrap configureHttp2(ServerBootstrap serverBootstrap) throws SSLException, CertificateException {
        return serverBootstrap.childHandler(new Http2ServerInitializer(this.secured ? createSslContextBuilder().applicationProtocolConfig(new ApplicationProtocolConfig(ApplicationProtocolConfig.Protocol.ALPN, ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE, ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT, new String[]{"h2", "http/1.1"})).ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE).build() : null, this.sleepTime, this.h2ContentAggregate));
    }

    private SslContextBuilder createSslContextBuilder() throws CertificateException {
        SslContextBuilder forServer;
        if (this.keyStoreName != null) {
            forServer = SslContextBuilder.forServer(getKeyManagerFactory(this.keyStoreName));
        } else {
            logger.info("Creating SSL context using self signed certificate");
            SelfSignedCertificate selfSignedCertificate = new SelfSignedCertificate();
            forServer = SslContextBuilder.forServer(selfSignedCertificate.certificate(), selfSignedCertificate.privateKey());
        }
        return forServer.sslProvider(SslProvider.JDK);
    }

    private KeyManagerFactory getKeyManagerFactory(String str) {
        try {
            KeyStore keyStore = getKeyStore(str, this.keyStorePassword);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            if (keyStore != null) {
                keyManagerFactory.init(keyStore, this.keyStorePassword.toCharArray());
            }
            return keyManagerFactory;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            throw new IllegalArgumentException("Failed to initialize the Key Manager factory", e);
        }
    }

    private KeyStore getKeyStore(String str, String str2) throws IOException {
        KeyStore keyStore = null;
        if (str != null && str2 != null) {
            try {
                InputStream resourceAsStream = Thread.currentThread().getContextClassLoader().getResourceAsStream(str);
                try {
                    keyStore = KeyStore.getInstance("PKCS12");
                    keyStore.load(resourceAsStream, str2.toCharArray());
                    if (resourceAsStream != null) {
                        resourceAsStream.close();
                    }
                } finally {
                }
            } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
                throw new IOException(e);
            }
        }
        return keyStore;
    }
}
