package org.eclipse.smarthome.io.net.http.internal;

import java.security.AccessController;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Map;
import java.util.Objects;
import java.util.regex.Pattern;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import org.eclipse.jdt.annotation.NonNullByDefault;
import org.eclipse.jetty.client.HttpClient;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.util.thread.QueuedThreadPool;
import org.eclipse.jetty.websocket.client.WebSocketClient;
import org.eclipse.smarthome.io.net.http.HttpClientFactory;
import org.eclipse.smarthome.io.net.http.HttpClientInitializationException;
import org.eclipse.smarthome.io.net.http.TrustManagerProvider;
import org.eclipse.smarthome.io.net.http.WebSocketFactory;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Modified;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferenceCardinality;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Component(immediate = true, configurationPid = "org.eclipse.smarthome.webclient")
@NonNullByDefault
/* loaded from: input_file:org/eclipse/smarthome/io/net/http/internal/WebClientFactoryImpl.class */
public class WebClientFactoryImpl implements HttpClientFactory, WebSocketFactory {
    private final Logger logger = LoggerFactory.getLogger(WebClientFactoryImpl.class);
    private static final String CONFIG_MIN_THREADS_SHARED = "minThreadsShared";
    private static final String CONFIG_MAX_THREADS_SHARED = "maxThreadsShared";
    private static final String CONFIG_KEEP_ALIVE_SHARED = "keepAliveTimeoutShared";
    private static final String CONFIG_MIN_THREADS_CUSTOM = "minThreadsCustom";
    private static final String CONFIG_MAX_THREADS_CUSTOM = "maxThreadsCustom";
    private static final String CONFIG_KEEP_ALIVE_CUSTOM = "keepAliveTimeoutCustom";
    private static final int MIN_CONSUMER_NAME_LENGTH = 4;
    private static final int MAX_CONSUMER_NAME_LENGTH = 20;
    private static final Pattern CONSUMER_NAME_PATTERN = Pattern.compile("[a-zA-Z0-9_\\-]*");
    private volatile TrustManagerProvider trustmanagerProvider;

    @NonNullByDefault({})
    private ExtensibleTrustManager extensibleTrustManager;

    @NonNullByDefault({})
    private QueuedThreadPool threadPool;

    @NonNullByDefault({})
    private HttpClient commonHttpClient;

    @NonNullByDefault({})
    private WebSocketClient commonWebSocketClient;
    private int minThreadsShared;
    private int maxThreadsShared;
    private int keepAliveTimeoutShared;
    private int minThreadsCustom;
    private int maxThreadsCustom;
    private int keepAliveTimeoutCustom;

    @Activate
    protected void activate(Map<String, Object> map) {
        getConfigParameters(map);
    }

    @Modified
    protected void modified(Map<String, Object> map) {
        getConfigParameters(map);
        if (this.threadPool != null) {
            this.threadPool.setMinThreads(this.minThreadsShared);
            this.threadPool.setMaxThreads(this.maxThreadsShared);
            this.threadPool.setIdleTimeout(this.keepAliveTimeoutShared * 1000);
        }
    }

    @Deactivate
    protected void deactivate() {
        if (this.commonHttpClient != null) {
            try {
                this.commonHttpClient.stop();
            } catch (Exception e) {
                this.logger.error("error while stopping shared Jetty http client", e);
            }
            this.commonHttpClient = null;
            this.logger.debug("Jetty shared http client stopped");
        }
        if (this.commonWebSocketClient != null) {
            try {
                this.commonWebSocketClient.stop();
            } catch (Exception e2) {
                this.logger.error("error while stopping shared Jetty web socket client", e2);
            }
            this.commonWebSocketClient = null;
            this.logger.debug("Jetty shared web socket client stopped");
        }
        this.threadPool = null;
    }

    @Override // org.eclipse.smarthome.io.net.http.HttpClientFactory
    @Deprecated
    public HttpClient createHttpClient(String str, String str2) {
        Objects.requireNonNull(str2, "endpoint must not be null");
        this.logger.debug("http client for endpoint {} requested", str2);
        checkConsumerName(str);
        return createHttpClientInternal(str, str2, false, null);
    }

    @Override // org.eclipse.smarthome.io.net.http.HttpClientFactory
    public HttpClient createHttpClient(String str) {
        this.logger.debug("http client for consumer {} requested", str);
        checkConsumerName(str);
        return createHttpClientInternal(str, null, false, null);
    }

    @Override // org.eclipse.smarthome.io.net.http.WebSocketFactory
    @Deprecated
    public WebSocketClient createWebSocketClient(String str, String str2) {
        Objects.requireNonNull(str2, "endpoint must not be null");
        this.logger.debug("web socket client for endpoint {} requested", str2);
        checkConsumerName(str);
        return createWebSocketClientInternal(str, str2, false, null);
    }

    @Override // org.eclipse.smarthome.io.net.http.WebSocketFactory
    public WebSocketClient createWebSocketClient(String str) {
        this.logger.debug("web socket client for consumer {} requested", str);
        checkConsumerName(str);
        return createWebSocketClientInternal(str, null, false, null);
    }

    @Override // org.eclipse.smarthome.io.net.http.HttpClientFactory
    public HttpClient getCommonHttpClient() {
        initialize();
        this.logger.debug("shared http client requested");
        return this.commonHttpClient;
    }

    @Override // org.eclipse.smarthome.io.net.http.WebSocketFactory
    public WebSocketClient getCommonWebSocketClient() {
        initialize();
        this.logger.debug("shared web socket client requested");
        return this.commonWebSocketClient;
    }

    private void getConfigParameters(Map<String, Object> map) {
        this.minThreadsShared = getConfigParameter(map, CONFIG_MIN_THREADS_SHARED, 10);
        this.maxThreadsShared = getConfigParameter(map, CONFIG_MAX_THREADS_SHARED, 40);
        this.keepAliveTimeoutShared = getConfigParameter(map, CONFIG_KEEP_ALIVE_SHARED, 10);
        this.minThreadsCustom = getConfigParameter(map, CONFIG_MIN_THREADS_CUSTOM, 5);
        this.maxThreadsCustom = getConfigParameter(map, CONFIG_MAX_THREADS_CUSTOM, 10);
        this.keepAliveTimeoutCustom = getConfigParameter(map, CONFIG_KEEP_ALIVE_CUSTOM, 10);
    }

    private int getConfigParameter(Map<String, Object> map, String str, int i) {
        Object obj;
        if (map != null && (obj = map.get(str)) != null) {
            if (obj instanceof Integer) {
                return ((Integer) obj).intValue();
            }
            if (!(obj instanceof String)) {
                this.logger.warn("ignoring invalid type {} for parameter {}", obj.getClass().getName(), str);
                return i;
            }
            try {
                return Integer.parseInt((String) obj);
            } catch (NumberFormatException unused) {
                this.logger.warn("ignoring invalid value {} for parameter {}", obj, str);
                return i;
            }
        }
        return i;
    }

    private synchronized void initialize() {
        if (this.threadPool == null || this.commonHttpClient == null || this.commonWebSocketClient == null) {
            try {
                AccessController.doPrivileged(new PrivilegedExceptionAction<Void>() { // from class: org.eclipse.smarthome.io.net.http.internal.WebClientFactoryImpl.1
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedExceptionAction
                    public Void run() {
                        if (WebClientFactoryImpl.this.threadPool == null) {
                            WebClientFactoryImpl.this.threadPool = WebClientFactoryImpl.this.createThreadPool("common", WebClientFactoryImpl.this.minThreadsShared, WebClientFactoryImpl.this.maxThreadsShared, WebClientFactoryImpl.this.keepAliveTimeoutShared);
                        }
                        if (WebClientFactoryImpl.this.commonHttpClient == null) {
                            WebClientFactoryImpl.this.commonHttpClient = WebClientFactoryImpl.this.createHttpClientInternal("common", null, true, WebClientFactoryImpl.this.threadPool);
                            WebClientFactoryImpl.this.threadPool.setStopTimeout(0L);
                            WebClientFactoryImpl.this.logger.debug("Jetty shared http client created");
                        }
                        if (WebClientFactoryImpl.this.commonWebSocketClient != null) {
                            return null;
                        }
                        WebClientFactoryImpl.this.commonWebSocketClient = WebClientFactoryImpl.this.createWebSocketClientInternal("common", null, true, WebClientFactoryImpl.this.threadPool);
                        WebClientFactoryImpl.this.logger.debug("Jetty shared web socket client created");
                        return null;
                    }
                });
            } catch (PrivilegedActionException e) {
                Throwable cause = e.getCause();
                if (!(cause instanceof RuntimeException)) {
                    throw new HttpClientInitializationException("unexpected checked exception during initialization of the jetty client", cause);
                }
                throw ((RuntimeException) cause);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public HttpClient createHttpClientInternal(final String str, final String str2, final boolean z, final QueuedThreadPool queuedThreadPool) {
        try {
            return (HttpClient) AccessController.doPrivileged(new PrivilegedExceptionAction<HttpClient>() { // from class: org.eclipse.smarthome.io.net.http.internal.WebClientFactoryImpl.2
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public HttpClient run() {
                    if (WebClientFactoryImpl.this.logger.isDebugEnabled()) {
                        if (str2 == null) {
                            WebClientFactoryImpl.this.logger.debug("creating http client for consumer {}", str);
                        } else {
                            WebClientFactoryImpl.this.logger.debug("creating http client for consumer {}, endpoint {}", str, str2);
                        }
                    }
                    HttpClient httpClient = new HttpClient(WebClientFactoryImpl.this.createSslContextFactory(str2));
                    httpClient.setMaxConnectionsPerDestination(2);
                    if (queuedThreadPool != null) {
                        httpClient.setExecutor(queuedThreadPool);
                    } else {
                        httpClient.setExecutor(WebClientFactoryImpl.this.createThreadPool(str, WebClientFactoryImpl.this.minThreadsCustom, WebClientFactoryImpl.this.maxThreadsCustom, WebClientFactoryImpl.this.keepAliveTimeoutCustom));
                    }
                    if (z) {
                        try {
                            httpClient.start();
                        } catch (Exception e) {
                            WebClientFactoryImpl.this.logger.error("Could not start Jetty http client", e);
                            throw new HttpClientInitializationException("Could not start Jetty http client", e);
                        }
                    }
                    return httpClient;
                }
            });
        } catch (PrivilegedActionException e) {
            Throwable cause = e.getCause();
            if (cause instanceof RuntimeException) {
                throw ((RuntimeException) cause);
            }
            throw new HttpClientInitializationException("unexpected checked exception during initialization of the Jetty http client", cause);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public WebSocketClient createWebSocketClientInternal(final String str, final String str2, final boolean z, final QueuedThreadPool queuedThreadPool) {
        try {
            return (WebSocketClient) AccessController.doPrivileged(new PrivilegedExceptionAction<WebSocketClient>() { // from class: org.eclipse.smarthome.io.net.http.internal.WebClientFactoryImpl.3
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public WebSocketClient run() {
                    if (WebClientFactoryImpl.this.logger.isDebugEnabled()) {
                        if (str2 == null) {
                            WebClientFactoryImpl.this.logger.debug("creating web socket client for consumer {}", str);
                        } else {
                            WebClientFactoryImpl.this.logger.debug("creating web socket client for consumer {}, endpoint {}", str, str2);
                        }
                    }
                    WebSocketClient webSocketClient = new WebSocketClient(WebClientFactoryImpl.this.createSslContextFactory(str2));
                    if (queuedThreadPool != null) {
                        webSocketClient.setExecutor(queuedThreadPool);
                    } else {
                        webSocketClient.setExecutor(WebClientFactoryImpl.this.createThreadPool(str, WebClientFactoryImpl.this.minThreadsCustom, WebClientFactoryImpl.this.maxThreadsCustom, WebClientFactoryImpl.this.keepAliveTimeoutCustom));
                    }
                    if (z) {
                        try {
                            webSocketClient.start();
                        } catch (Exception e) {
                            WebClientFactoryImpl.this.logger.error("Could not start Jetty web socket client", e);
                            throw new HttpClientInitializationException("Could not start Jetty web socket client", e);
                        }
                    }
                    return webSocketClient;
                }
            });
        } catch (PrivilegedActionException e) {
            Throwable cause = e.getCause();
            if (cause instanceof RuntimeException) {
                throw ((RuntimeException) cause);
            }
            throw new HttpClientInitializationException("unexpected checked exception during initialization of the Jetty web socket client", cause);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public QueuedThreadPool createThreadPool(String str, int i, int i2, int i3) {
        QueuedThreadPool queuedThreadPool = new QueuedThreadPool(i2, i, i3 * 1000);
        queuedThreadPool.setName("ESH-httpClient-" + str);
        queuedThreadPool.setDaemon(true);
        return queuedThreadPool;
    }

    private void checkConsumerName(String str) {
        Objects.requireNonNull(str, "consumerName must not be null");
        if (str.length() < MIN_CONSUMER_NAME_LENGTH) {
            throw new IllegalArgumentException("consumerName " + str + " too short, minimum " + MIN_CONSUMER_NAME_LENGTH);
        }
        if (str.length() > MAX_CONSUMER_NAME_LENGTH) {
            throw new IllegalArgumentException("consumerName " + str + " too long, maximum " + MAX_CONSUMER_NAME_LENGTH);
        }
        if (!CONSUMER_NAME_PATTERN.matcher(str).matches()) {
            throw new IllegalArgumentException("consumerName " + str + " contains illegal character, allowed only [a-zA-Z0-9_-]");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public SslContextFactory createSslContextFactory(String str) {
        return str == null ? createSslContextFactoryFromExtensibleTrustManager() : createSslContextFactoryFromTrustManagerProvider(str);
    }

    private SslContextFactory createSslContextFactoryFromExtensibleTrustManager() {
        SslContextFactory sslContextFactory = new SslContextFactory();
        sslContextFactory.setEndpointIdentificationAlgorithm("HTTPS");
        if (this.extensibleTrustManager != null) {
            try {
                this.logger.debug("Setting up SSLContext for {}", this.extensibleTrustManager);
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(null, new TrustManager[]{this.extensibleTrustManager}, null);
                sslContextFactory.setSslContext(sSLContext);
            } catch (KeyManagementException | NoSuchAlgorithmException e) {
                throw new HttpClientInitializationException("Cannot create an TLS context!", e);
            }
        }
        sslContextFactory.setExcludeCipherSuites(new String[]{"^.*_(MD5)$"});
        return sslContextFactory;
    }

    @Deprecated
    private SslContextFactory createSslContextFactoryFromTrustManagerProvider(String str) {
        SslContextFactory sslContextFactory = new SslContextFactory();
        sslContextFactory.setEndpointIdentificationAlgorithm("HTTPS");
        if (str != null && this.trustmanagerProvider != null) {
            TrustManager[] trustManagerArr = (TrustManager[]) this.trustmanagerProvider.getTrustManagers(str).toArray(i -> {
                return new TrustManager[i];
            });
            if (trustManagerArr.length > 0) {
                this.logger.debug("using custom trustmanagers (certificate pinning) for httpClient for endpoint {}", str);
                try {
                    SSLContext sSLContext = SSLContext.getInstance("TLS");
                    sSLContext.init(null, trustManagerArr, null);
                    sslContextFactory.setSslContext(sSLContext);
                } catch (KeyManagementException | NoSuchAlgorithmException e) {
                    throw new HttpClientInitializationException("Cannot create an TLS context for the endpoint '" + str + "'!", e);
                }
            }
        }
        sslContextFactory.setExcludeCipherSuites(new String[]{"^.*_(MD5)$"});
        return sslContextFactory;
    }

    @Reference
    protected void setExtensibleTrustManager(ExtensibleTrustManager extensibleTrustManager) {
        this.extensibleTrustManager = extensibleTrustManager;
    }

    protected void unsetExtensibleTrustManager(ExtensibleTrustManager extensibleTrustManager) {
        if (this.extensibleTrustManager == extensibleTrustManager) {
            this.extensibleTrustManager = null;
        }
    }

    @Reference(service = TrustManagerProvider.class, cardinality = ReferenceCardinality.OPTIONAL, policy = ReferencePolicy.DYNAMIC)
    @Deprecated
    protected void setTrustmanagerProvider(TrustManagerProvider trustManagerProvider) {
        this.trustmanagerProvider = trustManagerProvider;
    }

    @Deprecated
    protected void unsetTrustmanagerProvider(TrustManagerProvider trustManagerProvider) {
        if (this.trustmanagerProvider == trustManagerProvider) {
            this.trustmanagerProvider = null;
        }
    }
}
