package io.gravitee.gateway.http.connector;

import io.gravitee.common.component.AbstractLifecycleComponent;
import io.gravitee.common.http.HttpHeaders;
import io.gravitee.common.util.MultiValueMap;
import io.gravitee.definition.model.HttpClientSslOptions;
import io.gravitee.definition.model.HttpProxy;
import io.gravitee.definition.model.ProtocolVersion;
import io.gravitee.definition.model.endpoint.HttpEndpoint;
import io.gravitee.definition.model.ssl.KeyStoreType;
import io.gravitee.definition.model.ssl.TrustStoreType;
import io.gravitee.definition.model.ssl.jks.JKSKeyStore;
import io.gravitee.definition.model.ssl.jks.JKSTrustStore;
import io.gravitee.definition.model.ssl.pem.PEMKeyStore;
import io.gravitee.definition.model.ssl.pem.PEMTrustStore;
import io.gravitee.definition.model.ssl.pkcs12.PKCS12KeyStore;
import io.gravitee.definition.model.ssl.pkcs12.PKCS12TrustStore;
import io.gravitee.gateway.api.Connector;
import io.gravitee.gateway.api.handler.Handler;
import io.gravitee.gateway.api.proxy.ProxyConnection;
import io.gravitee.gateway.api.proxy.ProxyRequest;
import io.gravitee.gateway.core.endpoint.EndpointException;
import io.vertx.core.Vertx;
import io.vertx.core.buffer.Buffer;
import io.vertx.core.http.HttpClient;
import io.vertx.core.http.HttpClientOptions;
import io.vertx.core.http.HttpVersion;
import io.vertx.core.net.JksOptions;
import io.vertx.core.net.OpenSSLEngineOptions;
import io.vertx.core.net.PemKeyCertOptions;
import io.vertx.core.net.PemTrustOptions;
import io.vertx.core.net.PfxOptions;
import io.vertx.core.net.ProxyOptions;
import io.vertx.core.net.ProxyType;
import io.vertx.core.tracing.TracingPolicy;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLStreamHandler;
import java.util.Iterator;
import java.util.Map;
import java.util.Objects;
import java.util.StringJoiner;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.function.Function;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.env.Environment;

/* loaded from: input_file:io/gravitee/gateway/http/connector/AbstractConnector.class */
public abstract class AbstractConnector<T extends HttpEndpoint> extends AbstractLifecycleComponent<Connector> implements Connector {
    private static final String URI_PARAM_SEPARATOR = "&";
    private static final char URI_PARAM_SEPARATOR_CHAR = '&';
    private static final char URI_PARAM_VALUE_SEPARATOR_CHAR = '=';
    private static final char URI_QUERY_DELIMITER_CHAR = '?';
    private static final CharSequence URI_QUERY_DELIMITER_CHAR_SEQUENCE = "?";
    protected static final int UNSECURE_PORT = 80;
    protected static final int SECURE_PORT = 443;

    @Autowired
    private Vertx vertx;

    @Autowired
    private Environment environment;
    protected final T endpoint;
    private HttpClientOptions options;
    private final Logger LOGGER = LoggerFactory.getLogger(AbstractConnector.class);
    private final URLStreamHandler URL_HANDLER = new URLStreamHandler() { // from class: io.gravitee.gateway.http.connector.AbstractConnector.1
        @Override // java.net.URLStreamHandler
        protected URLConnection openConnection(URL url) {
            return null;
        }
    };
    private final Map<Thread, HttpClient> httpClients = new ConcurrentHashMap();
    private final AtomicInteger requestTracker = new AtomicInteger(0);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: io.gravitee.gateway.http.connector.AbstractConnector$2, reason: invalid class name */
    /* loaded from: input_file:io/gravitee/gateway/http/connector/AbstractConnector$2.class */
    public static /* synthetic */ class AnonymousClass2 {
        static final /* synthetic */ int[] $SwitchMap$io$gravitee$definition$model$ssl$TrustStoreType;
        static final /* synthetic */ int[] $SwitchMap$io$gravitee$definition$model$ssl$KeyStoreType = new int[KeyStoreType.values().length];

        static {
            try {
                $SwitchMap$io$gravitee$definition$model$ssl$KeyStoreType[KeyStoreType.PEM.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$io$gravitee$definition$model$ssl$KeyStoreType[KeyStoreType.PKCS12.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$io$gravitee$definition$model$ssl$KeyStoreType[KeyStoreType.JKS.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            $SwitchMap$io$gravitee$definition$model$ssl$TrustStoreType = new int[TrustStoreType.values().length];
            try {
                $SwitchMap$io$gravitee$definition$model$ssl$TrustStoreType[TrustStoreType.PEM.ordinal()] = 1;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$io$gravitee$definition$model$ssl$TrustStoreType[TrustStoreType.PKCS12.ordinal()] = 2;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$io$gravitee$definition$model$ssl$TrustStoreType[TrustStoreType.JKS.ordinal()] = 3;
            } catch (NoSuchFieldError e6) {
            }
        }
    }

    @Autowired
    public AbstractConnector(T t) {
        this.endpoint = t;
    }

    public void request(ProxyRequest proxyRequest, Handler<ProxyConnection> handler) {
        String appendQueryParameters = appendQueryParameters(proxyRequest.uri(), proxyRequest.parameters());
        proxyRequest.metrics().setEndpoint(appendQueryParameters);
        try {
            URL url = new URL((URL) null, appendQueryParameters, this.URL_HANDLER);
            String protocol = url.getProtocol();
            int port = url.getPort() != -1 ? url.getPort() : protocol.charAt(protocol.length() - 1) == 's' ? SECURE_PORT : UNSECURE_PORT;
            proxyRequest.headers().set("Host", (port == UNSECURE_PORT || port == SECURE_PORT) ? url.getHost() : url.getHost() + ":" + port);
            if (this.endpoint.getHeaders() != null && !this.endpoint.getHeaders().isEmpty()) {
                Map headers = this.endpoint.getHeaders();
                HttpHeaders headers2 = proxyRequest.headers();
                Objects.requireNonNull(headers2);
                headers.forEach(headers2::set);
            }
            AbstractHttpProxyConnection create = create(proxyRequest);
            HttpClient computeIfAbsent = this.httpClients.computeIfAbsent(Thread.currentThread(), createHttpClient());
            this.requestTracker.incrementAndGet();
            create.connect(computeIfAbsent, port, url.getHost(), url.getQuery() == null ? url.getPath() : url.getPath() + "?" + url.getQuery(), r5 -> {
                handler.handle(create);
            }, r3 -> {
                this.requestTracker.decrementAndGet();
            });
        } catch (MalformedURLException e) {
            throw new IllegalArgumentException();
        }
    }

    protected abstract AbstractHttpProxyConnection create(ProxyRequest proxyRequest);

    protected void doStart() throws Exception {
        this.options = getOptions();
        printHttpClientConfiguration();
    }

    private String appendQueryParameters(String str, MultiValueMap<String, String> multiValueMap) {
        if (multiValueMap == null || multiValueMap.isEmpty()) {
            return str;
        }
        StringJoiner stringJoiner = new StringJoiner(URI_PARAM_SEPARATOR);
        multiValueMap.forEach((str2, list) -> {
            if (list != null) {
                Iterator it = list.iterator();
                while (it.hasNext()) {
                    String str2 = (String) it.next();
                    if (str2 == null) {
                        stringJoiner.add(str2);
                    } else {
                        stringJoiner.add(str2 + "=" + str2);
                    }
                }
            }
        });
        return str.contains(URI_QUERY_DELIMITER_CHAR_SEQUENCE) ? str + "&" + stringJoiner : str + "?" + stringJoiner;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Failed to find 'out' block for switch in B:27:0x01c3. Please report as an issue. */
    public HttpClientOptions getOptions() throws EndpointException {
        ProxyOptions proxyOptions;
        HttpClientOptions httpClientOptions = new HttpClientOptions();
        httpClientOptions.setTracingPolicy(TracingPolicy.ALWAYS);
        httpClientOptions.setPipelining(this.endpoint.getHttpClientOptions().isPipelining());
        httpClientOptions.setKeepAlive(this.endpoint.getHttpClientOptions().isKeepAlive());
        httpClientOptions.setIdleTimeout((int) (this.endpoint.getHttpClientOptions().getIdleTimeout() / 1000));
        httpClientOptions.setConnectTimeout((int) this.endpoint.getHttpClientOptions().getConnectTimeout());
        httpClientOptions.setMaxPoolSize(this.endpoint.getHttpClientOptions().getMaxConcurrentConnections());
        httpClientOptions.setTryUseCompression(this.endpoint.getHttpClientOptions().isUseCompression());
        if (this.endpoint.getHttpClientOptions().getVersion() == ProtocolVersion.HTTP_2) {
            httpClientOptions.setProtocolVersion(HttpVersion.HTTP_2);
            httpClientOptions.setHttp2ClearTextUpgrade(this.endpoint.getHttpClientOptions().isClearTextUpgrade());
            httpClientOptions.setHttp2MaxPoolSize(this.endpoint.getHttpClientOptions().getMaxConcurrentConnections());
        }
        try {
            URL url = new URL((URL) null, this.endpoint.getTarget(), this.URL_HANDLER);
            HttpProxy httpProxy = this.endpoint.getHttpProxy();
            if (httpProxy != null && httpProxy.isEnabled()) {
                if (httpProxy.isUseSystemProxy()) {
                    proxyOptions = getSystemProxyOptions();
                } else {
                    proxyOptions = new ProxyOptions();
                    proxyOptions.setHost(httpProxy.getHost());
                    proxyOptions.setPort(httpProxy.getPort());
                    proxyOptions.setUsername(httpProxy.getUsername());
                    proxyOptions.setPassword(httpProxy.getPassword());
                    proxyOptions.setType(ProxyType.valueOf(httpProxy.getType().name()));
                }
                httpClientOptions.setProxyOptions(proxyOptions);
            }
            HttpClientSslOptions httpClientSslOptions = this.endpoint.getHttpClientSslOptions();
            String protocol = url.getProtocol();
            if (protocol.charAt(protocol.length() - 1) == 's') {
                httpClientOptions.setSsl(true).setUseAlpn(true);
                if (((Boolean) this.environment.getProperty("http.ssl.openssl", Boolean.class, false)).booleanValue()) {
                    httpClientOptions.setSslEngineOptions(new OpenSSLEngineOptions());
                }
                if (httpClientSslOptions != null) {
                    httpClientOptions.setVerifyHost(httpClientSslOptions.isHostnameVerifier()).setTrustAll(httpClientSslOptions.isTrustAll());
                    if (!httpClientSslOptions.isTrustAll() && httpClientSslOptions.getTrustStore() != null) {
                        switch (AnonymousClass2.$SwitchMap$io$gravitee$definition$model$ssl$TrustStoreType[httpClientSslOptions.getTrustStore().getType().ordinal()]) {
                            case 1:
                                PEMTrustStore trustStore = httpClientSslOptions.getTrustStore();
                                PemTrustOptions pemTrustOptions = new PemTrustOptions();
                                if (trustStore.getPath() != null && !trustStore.getPath().isEmpty()) {
                                    pemTrustOptions.addCertPath(trustStore.getPath());
                                } else {
                                    if (trustStore.getContent() == null || trustStore.getContent().isEmpty()) {
                                        throw new EndpointException("Missing PEM certificate value for endpoint " + this.endpoint.getName());
                                    }
                                    pemTrustOptions.addCertValue(Buffer.buffer(trustStore.getContent()));
                                }
                                httpClientOptions.setPemTrustOptions(pemTrustOptions);
                                break;
                            case 2:
                                PKCS12TrustStore trustStore2 = httpClientSslOptions.getTrustStore();
                                PfxOptions pfxOptions = new PfxOptions();
                                pfxOptions.setPassword(trustStore2.getPassword());
                                if (trustStore2.getPath() != null && !trustStore2.getPath().isEmpty()) {
                                    pfxOptions.setPath(trustStore2.getPath());
                                } else {
                                    if (trustStore2.getContent() == null || trustStore2.getContent().isEmpty()) {
                                        throw new EndpointException("Missing PKCS12 value for endpoint " + this.endpoint.getName());
                                    }
                                    pfxOptions.setValue(Buffer.buffer(trustStore2.getContent()));
                                }
                                httpClientOptions.setPfxTrustOptions(pfxOptions);
                                break;
                            case 3:
                                JKSTrustStore trustStore3 = httpClientSslOptions.getTrustStore();
                                JksOptions jksOptions = new JksOptions();
                                jksOptions.setPassword(trustStore3.getPassword());
                                if (trustStore3.getPath() != null && !trustStore3.getPath().isEmpty()) {
                                    jksOptions.setPath(trustStore3.getPath());
                                } else {
                                    if (trustStore3.getContent() == null || trustStore3.getContent().isEmpty()) {
                                        throw new EndpointException("Missing JKS value for endpoint " + this.endpoint.getName());
                                    }
                                    jksOptions.setValue(Buffer.buffer(trustStore3.getContent()));
                                }
                                httpClientOptions.setTrustStoreOptions(jksOptions);
                                break;
                        }
                    }
                    if (httpClientSslOptions.getKeyStore() != null) {
                        switch (AnonymousClass2.$SwitchMap$io$gravitee$definition$model$ssl$KeyStoreType[httpClientSslOptions.getKeyStore().getType().ordinal()]) {
                            case 1:
                                PEMKeyStore keyStore = httpClientSslOptions.getKeyStore();
                                PemKeyCertOptions pemKeyCertOptions = new PemKeyCertOptions();
                                if (keyStore.getCertPath() != null && !keyStore.getCertPath().isEmpty()) {
                                    pemKeyCertOptions.setCertPath(keyStore.getCertPath());
                                } else if (keyStore.getCertContent() != null && !keyStore.getCertContent().isEmpty()) {
                                    pemKeyCertOptions.setCertValue(Buffer.buffer(keyStore.getCertContent()));
                                }
                                if (keyStore.getKeyPath() != null && !keyStore.getKeyPath().isEmpty()) {
                                    pemKeyCertOptions.setKeyPath(keyStore.getKeyPath());
                                } else if (keyStore.getKeyContent() != null && !keyStore.getKeyContent().isEmpty()) {
                                    pemKeyCertOptions.setKeyValue(Buffer.buffer(keyStore.getKeyContent()));
                                }
                                httpClientOptions.setPemKeyCertOptions(pemKeyCertOptions);
                                break;
                            case 2:
                                PKCS12KeyStore keyStore2 = httpClientSslOptions.getKeyStore();
                                PfxOptions pfxOptions2 = new PfxOptions();
                                pfxOptions2.setPassword(keyStore2.getPassword());
                                if (keyStore2.getPath() != null && !keyStore2.getPath().isEmpty()) {
                                    pfxOptions2.setPath(keyStore2.getPath());
                                } else if (keyStore2.getContent() != null && !keyStore2.getContent().isEmpty()) {
                                    pfxOptions2.setValue(Buffer.buffer(keyStore2.getContent()));
                                }
                                httpClientOptions.setPfxKeyCertOptions(pfxOptions2);
                                break;
                            case 3:
                                JKSKeyStore keyStore3 = httpClientSslOptions.getKeyStore();
                                JksOptions jksOptions2 = new JksOptions();
                                jksOptions2.setPassword(keyStore3.getPassword());
                                if (keyStore3.getPath() != null && !keyStore3.getPath().isEmpty()) {
                                    jksOptions2.setPath(keyStore3.getPath());
                                } else if (keyStore3.getContent() != null && !keyStore3.getContent().isEmpty()) {
                                    jksOptions2.setValue(Buffer.buffer(keyStore3.getContent()));
                                }
                                httpClientOptions.setKeyStoreOptions(jksOptions2);
                                break;
                        }
                    }
                }
            }
            return httpClientOptions;
        } catch (MalformedURLException e) {
            throw new EndpointException("Endpoint target is not valid " + this.endpoint.getTarget());
        }
    }

    protected void doStop() throws Exception {
        this.LOGGER.debug("Graceful shutdown of HTTP Client for endpoint[{}] target[{}] requests[{}]", new Object[]{this.endpoint.getName(), this.endpoint.getTarget(), Integer.valueOf(this.requestTracker.get())});
        long currentTimeMillis = System.currentTimeMillis() + this.endpoint.getHttpClientOptions().getReadTimeout();
        while (this.requestTracker.get() > 0 && System.currentTimeMillis() <= currentTimeMillis) {
            TimeUnit.MILLISECONDS.sleep(100L);
        }
        if (this.requestTracker.get() > 0) {
            this.LOGGER.warn("Cancel requests[{}] for endpoint[{}] target[{}]", new Object[]{Integer.valueOf(this.requestTracker.get()), this.endpoint.getName(), this.endpoint.getTarget()});
        }
        this.httpClients.values().forEach(httpClient -> {
            try {
                httpClient.close();
            } catch (IllegalStateException e) {
                this.LOGGER.warn(e.getMessage());
            }
        });
    }

    private Function<Thread, HttpClient> createHttpClient() {
        return thread -> {
            return this.vertx.createHttpClient(this.options);
        };
    }

    private void printHttpClientConfiguration() {
        this.LOGGER.debug("Create HTTP connector with configuration: ");
        this.LOGGER.debug("\t" + this.options.getProtocolVersion() + " {ConnectTimeout='" + this.options.getConnectTimeout() + "', KeepAlive='" + this.options.isKeepAlive() + "', IdleTimeout='" + this.options.getIdleTimeout() + "', MaxChunkSize='" + this.options.getMaxChunkSize() + "', MaxPoolSize='" + this.options.getMaxPoolSize() + "', MaxWaitQueueSize='" + this.options.getMaxWaitQueueSize() + "', Pipelining='" + this.options.isPipelining() + "', PipeliningLimit='" + this.options.getPipeliningLimit() + "', TryUseCompression='" + this.options.isTryUseCompression() + "'}");
        if (this.options.isSsl()) {
            this.LOGGER.debug("\tSSL {TrustAll='" + this.options.isTrustAll() + "', VerifyHost='" + this.options.isVerifyHost() + "'}");
        }
        if (this.options.getProxyOptions() != null) {
            this.LOGGER.debug("\tProxy {Type='" + this.options.getProxyOptions().getType() + ", Host='" + this.options.getProxyOptions().getHost() + "', Port='" + this.options.getProxyOptions().getPort() + "'}");
        }
    }

    private ProxyOptions getSystemProxyOptions() {
        StringBuilder sb = new StringBuilder();
        ProxyOptions proxyOptions = new ProxyOptions();
        if (this.environment.containsProperty("system.proxy.host")) {
            proxyOptions.setHost(this.environment.getProperty("system.proxy.host"));
        } else {
            sb.append("'system.proxy.host' ");
        }
        try {
            proxyOptions.setPort(Integer.parseInt((String) Objects.requireNonNull(this.environment.getProperty("system.proxy.port"))));
        } catch (Exception e) {
            sb.append("'system.proxy.port' [").append(this.environment.getProperty("system.proxy.port")).append("] ");
        }
        try {
            proxyOptions.setType(ProxyType.valueOf(this.environment.getProperty("system.proxy.type")));
        } catch (Exception e2) {
            sb.append("'system.proxy.type' [").append(this.environment.getProperty("system.proxy.type")).append("] ");
        }
        proxyOptions.setUsername(this.environment.getProperty("system.proxy.username"));
        proxyOptions.setPassword(this.environment.getProperty("system.proxy.password"));
        if (sb.length() == 0) {
            return proxyOptions;
        }
        this.LOGGER.warn("An api endpoint (name[{}] type[{}] target[{}]) requires a system proxy to be defined but some configurations are missing or not well defined: {}", new Object[]{this.endpoint.getName(), this.endpoint.getType(), this.endpoint.getTarget(), sb});
        this.LOGGER.warn("Ignoring system proxy");
        return null;
    }
}
