package com.paremus.dosgi.net.client;

import com.paremus.dosgi.net.config.Config;
import com.paremus.dosgi.net.config.ProtocolScheme;
import com.paremus.dosgi.net.proxy.MethodCallHandlerFactory;
import com.paremus.dosgi.net.serialize.SerializerFactory;
import com.paremus.dosgi.net.tcp.LengthFieldPopulator;
import com.paremus.dosgi.net.tcp.VersionCheckingLengthFieldBasedFrameDecoder;
import com.paremus.net.encode.EncodingSchemeFactory;
import io.netty.bootstrap.Bootstrap;
import io.netty.buffer.ByteBuf;
import io.netty.buffer.ByteBufAllocator;
import io.netty.channel.Channel;
import io.netty.channel.ChannelFuture;
import io.netty.channel.ChannelHandler;
import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.ChannelInboundHandlerAdapter;
import io.netty.channel.ChannelInitializer;
import io.netty.channel.ChannelOption;
import io.netty.channel.EventLoopGroup;
import io.netty.channel.nio.NioEventLoopGroup;
import io.netty.channel.socket.nio.NioSocketChannel;
import io.netty.handler.ssl.Ciphers;
import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.SslHandler;
import io.netty.handler.ssl.SslProtocols;
import io.netty.util.HashedWheelTimer;
import io.netty.util.Timer;
import io.netty.util.concurrent.DefaultEventExecutorGroup;
import io.netty.util.concurrent.EventExecutorGroup;
import io.netty.util.concurrent.FastThreadLocalThread;
import io.netty.util.concurrent.Future;
import java.net.InetSocketAddress;
import java.net.URI;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import java.util.UUID;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.function.Consumer;
import java.util.function.Function;
import java.util.stream.Collectors;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManagerFactory;
import org.osgi.framework.ServiceException;
import org.osgi.service.remoteserviceadmin.EndpointDescription;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/paremus/dosgi/net/client/ClientConnectionManager.class */
public class ClientConnectionManager {
    private static final Logger LOG = LoggerFactory.getLogger(ClientConnectionManager.class);
    private final EventLoopGroup clientIo;
    private final EventExecutorGroup clientWorkers;
    private final ByteBufAllocator allocator;
    private final EncodingSchemeFactory esf;
    private final Map<String, Function<Consumer<Channel>, Bootstrap>> configuredTransports;
    private final AtomicInteger ioThreadId = new AtomicInteger(1);
    private final AtomicInteger workerThreadId = new AtomicInteger(1);
    final ConcurrentMap<InetSocketAddress, Channel> activeChannels = new ConcurrentHashMap();
    final ConcurrentMap<UUID, MethodCallHandlerFactoryImpl> activeHandlers = new ConcurrentHashMap();
    private final ConcurrentMap<Channel, Set<MethodCallHandlerFactoryImpl>> channelsToHandlers = new ConcurrentHashMap();
    private final Timer timer = new HashedWheelTimer(runnable -> {
        FastThreadLocalThread fastThreadLocalThread = new FastThreadLocalThread(runnable, "Paremus RSA distribution client timeout worker");
        fastThreadLocalThread.setDaemon(true);
        return fastThreadLocalThread;
    }, 100, TimeUnit.MILLISECONDS, 16384);

    @ChannelHandler.Sharable
    /* loaded from: input_file:com/paremus/dosgi/net/client/ClientConnectionManager$ClientResponseHandler.class */
    private class ClientResponseHandler extends ChannelInboundHandlerAdapter {
        private ClientResponseHandler() {
        }

        @Override // io.netty.channel.ChannelInboundHandlerAdapter, io.netty.channel.ChannelInboundHandler
        public void channelRead(ChannelHandlerContext channelHandlerContext, Object obj) throws Exception {
            ByteBuf byteBuf = (ByteBuf) obj;
            try {
                byte readByte = byteBuf.readByte();
                MethodCallHandlerFactoryImpl methodCallHandlerFactoryImpl = ClientConnectionManager.this.activeHandlers.get(new UUID(byteBuf.readLong(), byteBuf.readLong()));
                if (methodCallHandlerFactoryImpl != null) {
                    methodCallHandlerFactoryImpl.response(byteBuf.readInt(), readByte, byteBuf);
                }
            } finally {
                byteBuf.release();
            }
        }
    }

    public ClientConnectionManager(Config config, EncodingSchemeFactory encodingSchemeFactory, ByteBufAllocator byteBufAllocator) {
        this.esf = encodingSchemeFactory;
        this.allocator = byteBufAllocator;
        this.clientIo = new NioEventLoopGroup(config.client_io_threads(), runnable -> {
            FastThreadLocalThread fastThreadLocalThread = new FastThreadLocalThread(runnable, "Paremus RSA distribution client IO: " + this.ioThreadId.getAndIncrement());
            fastThreadLocalThread.setDaemon(true);
            return fastThreadLocalThread;
        });
        this.clientWorkers = new DefaultEventExecutorGroup(config.client_worker_threads(), runnable2 -> {
            FastThreadLocalThread fastThreadLocalThread = new FastThreadLocalThread(runnable2, "Paremus RSA distribution client Worker: " + this.workerThreadId.getAndIncrement());
            fastThreadLocalThread.setDaemon(true);
            return fastThreadLocalThread;
        });
        this.configuredTransports = (Map) config.client_protocols().stream().filter(protocolScheme -> {
            if (config.allow_insecure_transports() || protocolScheme.getProtocol().isSecure()) {
                return true;
            }
            LOG.warn("The client transport {} is not permitted because it is insecure and insecure transports are not enabled.", protocolScheme.getProtocol());
            return false;
        }).collect(Collectors.toMap(protocolScheme2 -> {
            return protocolScheme2.getProtocol().getUriScheme();
        }, protocolScheme3 -> {
            return createBootstrapConfigFor(protocolScheme3);
        }));
    }

    private Function<Consumer<Channel>, Bootstrap> createBootstrapConfigFor(ProtocolScheme protocolScheme) {
        if (protocolScheme.getPort() != 0) {
            LOG.warn("The client protocol configuration {} for transport {} contains a port assignment. Clients do not listen for connections and so this property will be ignored", protocolScheme.getConfigurationString(), protocolScheme.getProtocol());
        }
        return consumer -> {
            Bootstrap bootstrap = new Bootstrap();
            bootstrap.group(this.clientIo).option(ChannelOption.ALLOCATOR, this.allocator).option(ChannelOption.SO_SNDBUF, Integer.valueOf(protocolScheme.getSendBufferSize())).option(ChannelOption.SO_RCVBUF, Integer.valueOf(protocolScheme.getReceiveBufferSize()));
            Consumer consumer = channel -> {
            };
            boolean z = false;
            switch (protocolScheme.getProtocol()) {
                case TCP_CLIENT_AUTH:
                    z = true;
                case TCP_TLS:
                    boolean z2 = z;
                    KeyManagerFactory sSLKeyManagerFactory = this.esf.getSSLKeyManagerFactory();
                    TrustManagerFactory sSLTrustManagerFactory = this.esf.getSSLTrustManagerFactory();
                    if (sSLTrustManagerFactory == null || (z2 && sSLKeyManagerFactory == null)) {
                        LOG.error("The secure transport {} cannot be configured as the necessary certificate configuration is unavailable. Please check the configuration of the com.paremus.net.encode provider.", protocolScheme.getProtocol());
                        return null;
                    }
                    consumer = consumer.andThen(channel2 -> {
                        String str = (String) protocolScheme.getOption("ciphers", String.class);
                        String str2 = str == null ? Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 : str;
                        String str3 = ((String) protocolScheme.getOption("protocols", String.class)) == null ? SslProtocols.TLS_v1_2 : str2;
                        try {
                            SslContextBuilder forClient = SslContextBuilder.forClient();
                            if (z2) {
                                forClient.keyManager(sSLKeyManagerFactory);
                            }
                            SSLEngine newEngine = forClient.trustManager(sSLTrustManagerFactory).ciphers(Arrays.asList(str2.split(","))).build().newEngine(this.allocator);
                            newEngine.setWantClientAuth(z2);
                            newEngine.setNeedClientAuth(z2);
                            newEngine.setEnabledProtocols(str3.split(","));
                            SslHandler sslHandler = new SslHandler(newEngine);
                            Integer num = (Integer) protocolScheme.getOption("handshake.timeout", Integer.class);
                            if (num != null) {
                                if (num.intValue() < 1 || num.intValue() > 10000) {
                                    LOG.warn("The connection timeout {} for {} is not supported. The value must be greater than 0 and less than 10000 It will be set to 3000");
                                    num = 8000;
                                }
                                sslHandler.setHandshakeTimeoutMillis(num.intValue());
                            }
                            Integer num2 = (Integer) protocolScheme.getOption("close.notify.timeout", Integer.class);
                            if (num2 != null) {
                                if (num2.intValue() < 1 || num2.intValue() > 10000) {
                                    LOG.warn("The connection timeout {} for {} is not supported. The value must be greater than 0 and less than 10000 It will be set to 3000");
                                    num2 = 3000;
                                }
                                sslHandler.setCloseNotifyTimeoutMillis(num2.intValue());
                            }
                            channel2.pipeline().addLast(sslHandler);
                        } catch (Exception e) {
                            LOG.error("There was an error creating a secure transport.", e);
                            throw new RuntimeException("Unable to create the SSL Engine", e);
                        }
                    });
                    break;
                case TCP:
                    Integer num = (Integer) protocolScheme.getOption("connect.timeout", Integer.class);
                    if (num == null) {
                        num = 3000;
                    } else if (num.intValue() < 1 || num.intValue() > 10000) {
                        LOG.warn("The connection timeout {} for {} is not supported. The value must be greater than 0 and less than 10000 It will be set to 3000");
                        num = 3000;
                    }
                    bootstrap.channel(NioSocketChannel.class).option(ChannelOption.SO_KEEPALIVE, true).option(ChannelOption.TCP_NODELAY, (Boolean) protocolScheme.getOption("nodelay", Boolean.class)).option(ChannelOption.CONNECT_TIMEOUT_MILLIS, num);
                    final Consumer andThen = consumer.andThen(channel3 -> {
                        channel3.pipeline().addLast(new LengthFieldPopulator());
                        channel3.pipeline().addLast(new VersionCheckingLengthFieldBasedFrameDecoder(16777216, 1, 3));
                    }).andThen(consumer);
                    bootstrap.handler(new ChannelInitializer<Channel>() { // from class: com.paremus.dosgi.net.client.ClientConnectionManager.1
                        @Override // io.netty.channel.ChannelInitializer
                        protected void initChannel(Channel channel4) throws Exception {
                            andThen.accept(channel4);
                        }
                    });
                    return bootstrap;
                default:
                    throw new IllegalArgumentException("No support for protocol " + protocolScheme.getProtocol());
            }
        };
    }

    public MethodCallHandlerFactory getFactoryFor(URI uri, EndpointDescription endpointDescription, SerializerFactory serializerFactory, Map<Integer, String> map) {
        Channel channel;
        UUID fromString = UUID.fromString(endpointDescription.getId());
        InetSocketAddress inetSocketAddress = new InetSocketAddress(uri.getHost(), uri.getPort());
        Channel channel2 = this.activeChannels.get(inetSocketAddress);
        if (channel2 == null && (channel = (Channel) Optional.ofNullable(this.configuredTransports.get(uri.getScheme())).map(function -> {
            return getChannelFor(function, inetSocketAddress);
        }).orElse(null)) != null) {
            channel2 = this.activeChannels.putIfAbsent(inetSocketAddress, channel);
            if (channel2 == null) {
                channel2 = channel;
            } else {
                channel.close();
            }
        }
        if (channel2 == null) {
            LOG.warn("Unable to create a client connection for the service {} with endpoint {}", fromString, endpointDescription);
            return null;
        }
        Channel channel3 = channel2;
        MethodCallHandlerFactoryImpl computeIfAbsent = this.activeHandlers.computeIfAbsent(fromString, uuid -> {
            return new MethodCallHandlerFactoryImpl(channel3, this.allocator, uuid, serializerFactory, map, this, this.timer);
        });
        this.channelsToHandlers.merge(channel2, Collections.singleton(computeIfAbsent), (set, set2) -> {
            HashSet hashSet = new HashSet(set2);
            hashSet.add(computeIfAbsent);
            return hashSet;
        });
        channel2.closeFuture().addListener2(future -> {
            Throwable cause = future.cause();
            this.clientWorkers.execute(() -> {
                String str = "The connection to the remote node " + channel3.remoteAddress() + " was lost";
                computeIfAbsent.failAll(cause == null ? new ServiceException(str, 5) : new ServiceException(str, 5, cause));
            });
        });
        return computeIfAbsent;
    }

    private Channel getChannelFor(Function<Consumer<Channel>, Bootstrap> function, InetSocketAddress inetSocketAddress) {
        ChannelFuture channelFuture = null;
        try {
            ChannelFuture connect = function.apply(channel -> {
                channel.pipeline().addLast(this.clientWorkers, new ClientResponseHandler());
            }).connect(inetSocketAddress);
            connect.await2();
            if (!connect.isSuccess()) {
                LOG.error("Unable to connect to the remote address " + inetSocketAddress, connect.cause());
                return null;
            }
            Channel channel2 = connect.channel();
            channel2.closeFuture().addListener2(future -> {
                this.activeChannels.remove(channel2.remoteAddress(), channel2);
                this.channelsToHandlers.remove(channel2);
            });
            ChannelHandler first = channel2.pipeline().first();
            if (first instanceof SslHandler) {
                Future<Channel> await2 = ((SslHandler) first).handshakeFuture().await2();
                if (!await2.isSuccess()) {
                    LOG.warn("Unable to complete the SSL Handshake with remote node " + inetSocketAddress, await2.cause());
                    channel2.close();
                    return null;
                }
            }
            return channel2;
        } catch (InterruptedException e) {
            LOG.error("Unable to connect to the remote address" + inetSocketAddress, e);
            if (0 == 0) {
                return null;
            }
            channelFuture.channel().close();
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void notifyClosing(UUID uuid, MethodCallHandlerFactoryImpl methodCallHandlerFactoryImpl) {
        this.activeHandlers.remove(uuid, methodCallHandlerFactoryImpl);
        Channel channel = methodCallHandlerFactoryImpl.getChannel();
        if (this.channelsToHandlers.computeIfPresent(channel, (channel2, set) -> {
            HashSet hashSet = new HashSet(set);
            hashSet.remove(methodCallHandlerFactoryImpl);
            if (hashSet.isEmpty()) {
                return null;
            }
            return hashSet;
        }) == null) {
            this.activeChannels.remove(channel.remoteAddress());
            channel.close();
        }
    }

    public void close() {
        this.activeChannels.values().stream().forEach((v0) -> {
            v0.close();
        });
        Future<?> shutdownGracefully = this.clientIo.shutdownGracefully(250L, 1000L, TimeUnit.MILLISECONDS);
        Future<?> shutdownGracefully2 = this.clientWorkers.shutdownGracefully(250L, 1000L, TimeUnit.MILLISECONDS);
        try {
            shutdownGracefully.await(2000L);
            shutdownGracefully2.await(2000L);
        } catch (InterruptedException e) {
        }
    }
}
