package io.micronaut.http.server.netty.ssl;

import io.micronaut.context.annotation.Requirements;
import io.micronaut.context.annotation.Requires;
import io.micronaut.context.condition.ConditionContext;
import io.micronaut.core.annotation.Internal;
import io.micronaut.core.io.ResourceResolver;
import io.micronaut.core.order.Ordered;
import io.micronaut.core.util.CollectionUtils;
import io.micronaut.http.server.HttpServerConfiguration;
import io.micronaut.http.ssl.ServerSslConfiguration;
import io.micronaut.http.ssl.SslConfiguration;
import io.micronaut.runtime.context.scope.refresh.RefreshEvent;
import io.micronaut.runtime.context.scope.refresh.RefreshEventListener;
import jakarta.inject.Singleton;
import java.security.KeyStore;
import java.util.Optional;
import java.util.Set;

@Requirements({@Requires(condition = SslEnabledCondition.class), @Requires(condition = SelfSignedNotConfigured.class)})
@Singleton
@Internal
/* loaded from: input_file:io/micronaut/http/server/netty/ssl/CertificateProvidedSslBuilder.class */
public class CertificateProvidedSslBuilder extends AbstractServerSslBuilder implements ServerSslBuilder, RefreshEventListener, Ordered {
    private final ServerSslConfiguration ssl;
    private KeyStore keyStoreCache;
    private KeyStore trustStoreCache;

    /* loaded from: input_file:io/micronaut/http/server/netty/ssl/CertificateProvidedSslBuilder$SelfSignedNotConfigured.class */
    static class SelfSignedNotConfigured extends BuildSelfSignedCondition {
        @Override // io.micronaut.http.server.netty.ssl.BuildSelfSignedCondition
        protected boolean validate(ConditionContext conditionContext, boolean z, boolean z2) {
            if (z) {
                conditionContext.fail("Deprecated  micronaut.ssl.build-self-signed config detected, disabling provided certificate.");
                return false;
            }
            if (!z2) {
                return true;
            }
            conditionContext.fail("micronaut.server.ssl.build-self-signed config detected, disabling provided certificate.");
            return false;
        }
    }

    public CertificateProvidedSslBuilder(HttpServerConfiguration httpServerConfiguration, ServerSslConfiguration serverSslConfiguration, ResourceResolver resourceResolver) {
        super(resourceResolver, httpServerConfiguration);
        this.keyStoreCache = null;
        this.trustStoreCache = null;
        this.ssl = serverSslConfiguration;
    }

    @Override // io.micronaut.http.server.netty.ssl.ServerSslBuilder
    public ServerSslConfiguration getSslConfiguration() {
        return this.ssl;
    }

    protected Optional<KeyStore> getTrustStore(SslConfiguration sslConfiguration) throws Exception {
        if (this.trustStoreCache == null) {
            super.getTrustStore(sslConfiguration).ifPresent(keyStore -> {
                this.trustStoreCache = keyStore;
            });
        }
        return Optional.ofNullable(this.trustStoreCache);
    }

    protected Optional<KeyStore> getKeyStore(SslConfiguration sslConfiguration) throws Exception {
        if (this.keyStoreCache == null) {
            super.getKeyStore(sslConfiguration).ifPresent(keyStore -> {
                this.keyStoreCache = keyStore;
            });
        }
        return Optional.ofNullable(this.keyStoreCache);
    }

    public Set<String> getObservedConfigurationPrefixes() {
        return CollectionUtils.setOf(new String[]{"micronaut.ssl", "micronaut.server.ssl"});
    }

    public void onApplicationEvent(RefreshEvent refreshEvent) {
        this.keyStoreCache = null;
        this.trustStoreCache = null;
    }

    public int getOrder() {
        return -2147483458;
    }
}
