package io.gravitee.connector.http;

import io.gravitee.common.util.MultiValueMap;
import io.gravitee.connector.api.AbstractConnector;
import io.gravitee.connector.api.Connection;
import io.gravitee.connector.api.EndpointException;
import io.gravitee.connector.http.endpoint.HttpClientSslOptions;
import io.gravitee.connector.http.endpoint.HttpEndpoint;
import io.gravitee.connector.http.endpoint.HttpProxy;
import io.gravitee.connector.http.endpoint.ProtocolVersion;
import io.gravitee.connector.http.endpoint.jks.JKSKeyStore;
import io.gravitee.connector.http.endpoint.jks.JKSTrustStore;
import io.gravitee.connector.http.endpoint.pem.PEMKeyStore;
import io.gravitee.connector.http.endpoint.pem.PEMTrustStore;
import io.gravitee.connector.http.endpoint.pkcs12.PKCS12KeyStore;
import io.gravitee.connector.http.endpoint.pkcs12.PKCS12TrustStore;
import io.gravitee.gateway.api.ExecutionContext;
import io.gravitee.gateway.api.handler.Handler;
import io.gravitee.gateway.api.proxy.ProxyRequest;
import io.gravitee.node.api.configuration.Configuration;
import io.gravitee.node.vertx.proxy.VertxProxyOptionsUtils;
import io.vertx.core.Vertx;
import io.vertx.core.buffer.Buffer;
import io.vertx.core.http.HttpClient;
import io.vertx.core.http.HttpClientOptions;
import io.vertx.core.http.HttpVersion;
import io.vertx.core.net.JksOptions;
import io.vertx.core.net.OpenSSLEngineOptions;
import io.vertx.core.net.PemKeyCertOptions;
import io.vertx.core.net.PemTrustOptions;
import io.vertx.core.net.PfxOptions;
import io.vertx.core.net.ProxyOptions;
import io.vertx.core.net.ProxyType;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLStreamHandler;
import java.util.Base64;
import java.util.Iterator;
import java.util.Map;
import java.util.StringJoiner;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.function.Function;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/gravitee/connector/http/AbstractHttpConnector.class */
public abstract class AbstractHttpConnector<E extends HttpEndpoint> extends AbstractConnector<Connection, ProxyRequest> {
    private static final String URI_PARAM_SEPARATOR = "&";
    private static final char URI_PARAM_SEPARATOR_CHAR = '&';
    private static final char URI_PARAM_VALUE_SEPARATOR_CHAR = '=';
    private static final char URI_QUERY_DELIMITER_CHAR = '?';
    private static final CharSequence URI_QUERY_DELIMITER_CHAR_SEQUENCE = "?";
    protected static final int UNSECURE_PORT = 80;
    protected static final int SECURE_PORT = 443;
    protected final E endpoint;
    private final Configuration configuration;
    private HttpClientOptions options;
    private final Logger LOGGER = LoggerFactory.getLogger(AbstractConnector.class);
    private final URLStreamHandler URL_HANDLER = new URLStreamHandler() { // from class: io.gravitee.connector.http.AbstractHttpConnector.1
        @Override // java.net.URLStreamHandler
        protected URLConnection openConnection(URL url) {
            return null;
        }
    };
    protected final Map<Thread, HttpClient> httpClients = new ConcurrentHashMap();
    private final AtomicInteger requestTracker = new AtomicInteger(0);

    public AbstractHttpConnector(E e, Configuration configuration) {
        this.endpoint = e;
        this.configuration = configuration;
    }

    public void request(ExecutionContext executionContext, ProxyRequest proxyRequest, Handler<Connection> handler) {
        String appendQueryParameters = appendQueryParameters(proxyRequest.uri(), proxyRequest.parameters());
        proxyRequest.metrics().setEndpoint(appendQueryParameters);
        try {
            URL url = new URL((URL) null, appendQueryParameters, this.URL_HANDLER);
            int port = url.getPort() != -1 ? url.getPort() : isSecureProtocol(url.getProtocol()) ? SECURE_PORT : UNSECURE_PORT;
            proxyRequest.headers().set("Host", (port == UNSECURE_PORT || port == SECURE_PORT) ? url.getHost() : url.getHost() + ":" + port);
            if (this.endpoint.getHeaders() != null && !this.endpoint.getHeaders().isEmpty()) {
                this.endpoint.getHeaders().forEach(httpHeader -> {
                    proxyRequest.headers().set(httpHeader.getName(), httpHeader.getValue());
                });
            }
            AbstractHttpConnection<HttpEndpoint> create = create(proxyRequest);
            HttpClient computeIfAbsent = this.httpClients.computeIfAbsent(Thread.currentThread(), createHttpClient());
            this.requestTracker.incrementAndGet();
            create.connect(computeIfAbsent, port, url.getHost(), url.getQuery() == null ? url.getPath() : url.getPath() + "?" + url.getQuery(), r5 -> {
                handler.handle(create);
            }, r3 -> {
                this.requestTracker.decrementAndGet();
            });
        } catch (MalformedURLException e) {
            throw new IllegalArgumentException();
        }
    }

    protected abstract AbstractHttpConnection<HttpEndpoint> create(ProxyRequest proxyRequest);

    protected void doStart() throws Exception {
        this.options = createHttpClientOptions();
        printHttpClientConfiguration();
    }

    private String appendQueryParameters(String str, MultiValueMap<String, String> multiValueMap) {
        if (multiValueMap == null || multiValueMap.isEmpty()) {
            return str;
        }
        StringJoiner stringJoiner = new StringJoiner(URI_PARAM_SEPARATOR);
        multiValueMap.forEach((str2, list) -> {
            if (list != null) {
                Iterator it = list.iterator();
                while (it.hasNext()) {
                    String str2 = (String) it.next();
                    if (str2 == null) {
                        stringJoiner.add(str2);
                    } else {
                        stringJoiner.add(str2 + "=" + str2);
                    }
                }
            }
        });
        return str.contains(URI_QUERY_DELIMITER_CHAR_SEQUENCE) ? str + "&" + stringJoiner.toString() : str + "?" + stringJoiner.toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Failed to find 'out' block for switch in B:26:0x01ff. Please report as an issue. */
    public HttpClientOptions createHttpClientOptions() throws EndpointException {
        HttpClientOptions httpClientOptions = new HttpClientOptions();
        httpClientOptions.setPipelining(this.endpoint.getHttpClientOptions().isPipelining());
        httpClientOptions.setKeepAlive(this.endpoint.getHttpClientOptions().isKeepAlive());
        httpClientOptions.setIdleTimeout((int) (this.endpoint.getHttpClientOptions().getIdleTimeout() / 1000));
        httpClientOptions.setKeepAliveTimeout((int) (this.endpoint.getHttpClientOptions().getKeepAliveTimeout() / 1000));
        httpClientOptions.setConnectTimeout((int) this.endpoint.getHttpClientOptions().getConnectTimeout());
        httpClientOptions.setMaxPoolSize(this.endpoint.getHttpClientOptions().getMaxConcurrentConnections());
        httpClientOptions.setTryUseCompression(this.endpoint.getHttpClientOptions().isUseCompression());
        httpClientOptions.setTryUsePerFrameWebSocketCompression(this.endpoint.getHttpClientOptions().isUseCompression());
        httpClientOptions.setTryUsePerMessageWebSocketCompression(this.endpoint.getHttpClientOptions().isUseCompression());
        httpClientOptions.setWebSocketCompressionAllowClientNoContext(this.endpoint.getHttpClientOptions().isUseCompression());
        httpClientOptions.setWebSocketCompressionRequestServerNoContext(this.endpoint.getHttpClientOptions().isUseCompression());
        if (this.endpoint.getHttpClientOptions().getVersion() == ProtocolVersion.HTTP_2) {
            httpClientOptions.setProtocolVersion(HttpVersion.HTTP_2);
            httpClientOptions.setHttp2ClearTextUpgrade(this.endpoint.getHttpClientOptions().isClearTextUpgrade());
            httpClientOptions.setHttp2MaxPoolSize(this.endpoint.getHttpClientOptions().getMaxConcurrentConnections());
        }
        try {
            URL url = new URL((URL) null, this.endpoint.target(), this.URL_HANDLER);
            HttpProxy httpProxy = this.endpoint.getHttpProxy();
            if (httpProxy != null && httpProxy.isEnabled()) {
                if (httpProxy.isUseSystemProxy()) {
                    setSystemProxy(httpClientOptions);
                } else {
                    ProxyOptions proxyOptions = new ProxyOptions();
                    proxyOptions.setHost(httpProxy.getHost());
                    proxyOptions.setPort(httpProxy.getPort());
                    proxyOptions.setUsername(httpProxy.getUsername());
                    proxyOptions.setPassword(httpProxy.getPassword());
                    proxyOptions.setType(ProxyType.valueOf(httpProxy.getType().name()));
                    httpClientOptions.setProxyOptions(proxyOptions);
                }
            }
            HttpClientSslOptions httpClientSslOptions = this.endpoint.getHttpClientSslOptions();
            if (isSecureProtocol(url.getProtocol())) {
                httpClientOptions.setSsl(true).setUseAlpn(true);
                if (((Boolean) this.configuration.getProperty("http.ssl.openssl", Boolean.class, false)).booleanValue()) {
                    httpClientOptions.setSslEngineOptions(new OpenSSLEngineOptions());
                }
                if (httpClientSslOptions != null) {
                    httpClientOptions.setVerifyHost(httpClientSslOptions.isHostnameVerifier()).setTrustAll(httpClientSslOptions.isTrustAll());
                    if (!httpClientSslOptions.isTrustAll() && httpClientSslOptions.getTrustStore() != null) {
                        switch (httpClientSslOptions.getTrustStore().getType()) {
                            case PEM:
                                PEMTrustStore pEMTrustStore = (PEMTrustStore) httpClientSslOptions.getTrustStore();
                                PemTrustOptions pemTrustOptions = new PemTrustOptions();
                                if (pEMTrustStore.getPath() != null && !pEMTrustStore.getPath().isEmpty()) {
                                    pemTrustOptions.addCertPath(pEMTrustStore.getPath());
                                } else {
                                    if (pEMTrustStore.getContent() == null || pEMTrustStore.getContent().isEmpty()) {
                                        throw new EndpointException("Missing PEM certificate value for endpoint " + this.endpoint.name());
                                    }
                                    pemTrustOptions.addCertValue(Buffer.buffer(pEMTrustStore.getContent()));
                                }
                                httpClientOptions.setPemTrustOptions(pemTrustOptions);
                                break;
                            case PKCS12:
                                PKCS12TrustStore pKCS12TrustStore = (PKCS12TrustStore) httpClientSslOptions.getTrustStore();
                                PfxOptions pfxOptions = new PfxOptions();
                                pfxOptions.setPassword(pKCS12TrustStore.getPassword());
                                if (pKCS12TrustStore.getPath() != null && !pKCS12TrustStore.getPath().isEmpty()) {
                                    pfxOptions.setPath(pKCS12TrustStore.getPath());
                                } else {
                                    if (pKCS12TrustStore.getContent() == null || pKCS12TrustStore.getContent().isEmpty()) {
                                        throw new EndpointException("Missing PKCS12 value for endpoint " + this.endpoint.name());
                                    }
                                    pfxOptions.setValue(Buffer.buffer(Base64.getDecoder().decode(pKCS12TrustStore.getContent())));
                                }
                                httpClientOptions.setPfxTrustOptions(pfxOptions);
                                break;
                            case JKS:
                                JKSTrustStore jKSTrustStore = (JKSTrustStore) httpClientSslOptions.getTrustStore();
                                JksOptions jksOptions = new JksOptions();
                                jksOptions.setPassword(jKSTrustStore.getPassword());
                                if (jKSTrustStore.getPath() != null && !jKSTrustStore.getPath().isEmpty()) {
                                    jksOptions.setPath(jKSTrustStore.getPath());
                                } else {
                                    if (jKSTrustStore.getContent() == null || jKSTrustStore.getContent().isEmpty()) {
                                        throw new EndpointException("Missing JKS value for endpoint " + this.endpoint.name());
                                    }
                                    jksOptions.setValue(Buffer.buffer(Base64.getDecoder().decode(jKSTrustStore.getContent())));
                                }
                                httpClientOptions.setTrustStoreOptions(jksOptions);
                                break;
                        }
                    }
                    if (httpClientSslOptions.getKeyStore() != null) {
                        switch (httpClientSslOptions.getKeyStore().getType()) {
                            case PEM:
                                PEMKeyStore pEMKeyStore = (PEMKeyStore) httpClientSslOptions.getKeyStore();
                                PemKeyCertOptions pemKeyCertOptions = new PemKeyCertOptions();
                                if (pEMKeyStore.getCertPath() != null && !pEMKeyStore.getCertPath().isEmpty()) {
                                    pemKeyCertOptions.setCertPath(pEMKeyStore.getCertPath());
                                } else if (pEMKeyStore.getCertContent() != null && !pEMKeyStore.getCertContent().isEmpty()) {
                                    pemKeyCertOptions.setCertValue(Buffer.buffer(pEMKeyStore.getCertContent()));
                                }
                                if (pEMKeyStore.getKeyPath() != null && !pEMKeyStore.getKeyPath().isEmpty()) {
                                    pemKeyCertOptions.setKeyPath(pEMKeyStore.getKeyPath());
                                } else if (pEMKeyStore.getKeyContent() != null && !pEMKeyStore.getKeyContent().isEmpty()) {
                                    pemKeyCertOptions.setKeyValue(Buffer.buffer(pEMKeyStore.getKeyContent()));
                                }
                                httpClientOptions.setPemKeyCertOptions(pemKeyCertOptions);
                                break;
                            case PKCS12:
                                PKCS12KeyStore pKCS12KeyStore = (PKCS12KeyStore) httpClientSslOptions.getKeyStore();
                                PfxOptions pfxOptions2 = new PfxOptions();
                                pfxOptions2.setPassword(pKCS12KeyStore.getPassword());
                                if (pKCS12KeyStore.getPath() != null && !pKCS12KeyStore.getPath().isEmpty()) {
                                    pfxOptions2.setPath(pKCS12KeyStore.getPath());
                                } else if (pKCS12KeyStore.getContent() != null && !pKCS12KeyStore.getContent().isEmpty()) {
                                    pfxOptions2.setValue(Buffer.buffer(Base64.getDecoder().decode(pKCS12KeyStore.getContent())));
                                }
                                httpClientOptions.setPfxKeyCertOptions(pfxOptions2);
                                break;
                            case JKS:
                                JKSKeyStore jKSKeyStore = (JKSKeyStore) httpClientSslOptions.getKeyStore();
                                JksOptions jksOptions2 = new JksOptions();
                                jksOptions2.setPassword(jKSKeyStore.getPassword());
                                if (jKSKeyStore.getPath() != null && !jKSKeyStore.getPath().isEmpty()) {
                                    jksOptions2.setPath(jKSKeyStore.getPath());
                                } else if (jKSKeyStore.getContent() != null && !jKSKeyStore.getContent().isEmpty()) {
                                    jksOptions2.setValue(Buffer.buffer(Base64.getDecoder().decode(jKSKeyStore.getContent())));
                                }
                                httpClientOptions.setKeyStoreOptions(jksOptions2);
                                break;
                        }
                    }
                }
            }
            return httpClientOptions;
        } catch (MalformedURLException e) {
            throw new EndpointException("Endpoint target is not valid " + this.endpoint.target());
        }
    }

    protected void doStop() throws Exception {
        this.LOGGER.debug("Graceful shutdown of HTTP Client for endpoint[{}] target[{}] requests[{}]", new Object[]{this.endpoint.name(), this.endpoint.target(), Integer.valueOf(this.requestTracker.get())});
        long currentTimeMillis = System.currentTimeMillis() + this.endpoint.getHttpClientOptions().getReadTimeout();
        while (this.requestTracker.get() > 0 && System.currentTimeMillis() <= currentTimeMillis) {
            TimeUnit.MILLISECONDS.sleep(100L);
        }
        if (this.requestTracker.get() > 0) {
            this.LOGGER.warn("Cancel requests[{}] for endpoint[{}] target[{}]", new Object[]{Integer.valueOf(this.requestTracker.get()), this.endpoint.name(), this.endpoint.target()});
        }
        this.httpClients.values().forEach(httpClient -> {
            try {
                httpClient.close();
            } catch (IllegalStateException e) {
                this.LOGGER.warn(e.getMessage());
            }
        });
    }

    private Function<Thread, HttpClient> createHttpClient() {
        return thread -> {
            return Vertx.currentContext().owner().createHttpClient(this.options);
        };
    }

    protected static boolean isSecureProtocol(String str) {
        return str.charAt(str.length() - 1) == 's' && str.length() > 2;
    }

    private void printHttpClientConfiguration() {
        this.LOGGER.debug("Create HTTP connector with configuration: ");
        this.LOGGER.debug("\t" + this.options.getProtocolVersion() + " {ConnectTimeout='" + this.options.getConnectTimeout() + "', KeepAlive='" + this.options.isKeepAlive() + "', KeepAliveTimeout='" + this.options.getKeepAliveTimeout() + "', IdleTimeout='" + this.options.getIdleTimeout() + "', MaxChunkSize='" + this.options.getMaxChunkSize() + "', MaxPoolSize='" + this.options.getMaxPoolSize() + "', MaxWaitQueueSize='" + this.options.getMaxWaitQueueSize() + "', Pipelining='" + this.options.isPipelining() + "', PipeliningLimit='" + this.options.getPipeliningLimit() + "', TryUseCompression='" + this.options.isTryUseCompression() + "'}");
        if (this.options.isSsl()) {
            this.LOGGER.debug("\tSSL {TrustAll='" + this.options.isTrustAll() + "', VerifyHost='" + this.options.isVerifyHost() + "'}");
        }
        if (this.options.getProxyOptions() != null) {
            this.LOGGER.debug("\tProxy {Type='" + this.options.getProxyOptions().getType() + ", Host='" + this.options.getProxyOptions().getHost() + "', Port='" + this.options.getProxyOptions().getPort() + "'}");
        }
    }

    private void setSystemProxy(HttpClientOptions httpClientOptions) {
        try {
            httpClientOptions.setProxyOptions(VertxProxyOptionsUtils.buildProxyOptions(this.configuration));
        } catch (Exception e) {
            this.LOGGER.warn("A service endpoint (name[{}] type[{}] target[{}]) requires a system proxy to be defined but some configurations are missing or not well defined: {}", new Object[]{this.endpoint.name(), this.endpoint.type(), this.endpoint.target(), e.getMessage()});
            this.LOGGER.warn("Ignoring system proxy");
        }
    }
}
