package org.apache.knox.gateway.websockets;

import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.security.KeyStore;
import java.util.Collections;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import javax.websocket.ClientEndpointConfig;
import org.apache.commons.lang3.StringUtils;
import org.apache.knox.gateway.config.GatewayConfig;
import org.apache.knox.gateway.i18n.messages.MessagesFactory;
import org.apache.knox.gateway.services.GatewayServices;
import org.apache.knox.gateway.services.ServiceType;
import org.apache.knox.gateway.services.registry.ServiceDefEntry;
import org.apache.knox.gateway.services.registry.ServiceDefinitionRegistry;
import org.apache.knox.gateway.services.registry.ServiceRegistry;
import org.apache.knox.gateway.services.security.KeystoreService;
import org.apache.knox.gateway.services.security.KeystoreServiceException;
import org.apache.knox.gateway.services.security.impl.ZookeeperRemoteAliasService;
import org.eclipse.jetty.websocket.server.WebSocketHandler;
import org.eclipse.jetty.websocket.servlet.ServletUpgradeRequest;
import org.eclipse.jetty.websocket.servlet.ServletUpgradeResponse;
import org.eclipse.jetty.websocket.servlet.WebSocketCreator;
import org.eclipse.jetty.websocket.servlet.WebSocketServletFactory;

/* loaded from: input_file:org/apache/knox/gateway/websockets/GatewayWebsocketHandler.class */
public class GatewayWebsocketHandler extends WebSocketHandler implements WebSocketCreator {
    private static final WebsocketLogMessages LOG = (WebsocketLogMessages) MessagesFactory.get(WebsocketLogMessages.class);
    public static final String WEBSOCKET_PROTOCOL_STRING = "ws://";
    public static final String SECURE_WEBSOCKET_PROTOCOL_STRING = "wss://";
    static final String REGEX_SPLIT_CONTEXT = "^((?:[^/]*/){2}[^/]*)";
    static final String REGEX_SPLIT_SERVICE_PATH = "^((?:[^/]*/){3}[^/]*)";
    private static final int POOL_SIZE = 10;
    private final ExecutorService pool = Executors.newFixedThreadPool(POOL_SIZE);
    final GatewayConfig config;
    final GatewayServices services;

    public GatewayWebsocketHandler(GatewayConfig gatewayConfig, GatewayServices gatewayServices) {
        this.config = gatewayConfig;
        this.services = gatewayServices;
    }

    public void configure(WebSocketServletFactory webSocketServletFactory) {
        webSocketServletFactory.setCreator(this);
        webSocketServletFactory.getPolicy().setMaxTextMessageSize(this.config.getWebsocketMaxTextMessageSize());
        webSocketServletFactory.getPolicy().setMaxBinaryMessageSize(this.config.getWebsocketMaxBinaryMessageSize());
        webSocketServletFactory.getPolicy().setMaxBinaryMessageBufferSize(this.config.getWebsocketMaxBinaryMessageBufferSize());
        webSocketServletFactory.getPolicy().setMaxTextMessageBufferSize(this.config.getWebsocketMaxTextMessageBufferSize());
        webSocketServletFactory.getPolicy().setInputBufferSize(this.config.getWebsocketInputBufferSize());
        webSocketServletFactory.getPolicy().setAsyncWriteTimeout(this.config.getWebsocketAsyncWriteTimeout());
        webSocketServletFactory.getPolicy().setIdleTimeout(this.config.getWebsocketIdleTimeout());
    }

    public Object createWebSocket(ServletUpgradeRequest servletUpgradeRequest, ServletUpgradeResponse servletUpgradeResponse) {
        try {
            String matchedBackendURL = getMatchedBackendURL(servletUpgradeRequest.getRequestURI());
            ClientEndpointConfig clientEndpointConfig = getClientEndpointConfig(servletUpgradeRequest);
            clientEndpointConfig.getUserProperties().put("org.apache.knox.gateway.websockets.truststore", getTruststore());
            return new ProxyWebSocketAdapter(URI.create(matchedBackendURL), this.pool, clientEndpointConfig);
        } catch (Exception e) {
            LOG.failedCreatingWebSocket(e);
            throw new RuntimeException(e);
        }
    }

    private KeyStore getTruststore() throws KeystoreServiceException {
        KeystoreService keystoreService = (KeystoreService) this.services.getService(ServiceType.KEYSTORE_SERVICE);
        KeyStore truststoreForHttpClient = keystoreService.getTruststoreForHttpClient();
        if (truststoreForHttpClient == null) {
            truststoreForHttpClient = keystoreService.getKeystoreForGateway();
        }
        return truststoreForHttpClient;
    }

    private ClientEndpointConfig getClientEndpointConfig(final ServletUpgradeRequest servletUpgradeRequest) {
        return ClientEndpointConfig.Builder.create().configurator(new ClientEndpointConfig.Configurator() { // from class: org.apache.knox.gateway.websockets.GatewayWebsocketHandler.1
            public void beforeRequest(Map<String, List<String>> map) {
                Map headers = servletUpgradeRequest.getHeaders();
                map.getClass();
                headers.forEach((v1, v2) -> {
                    r1.putIfAbsent(v1, v2);
                });
                try {
                    URI uri = new URI(GatewayWebsocketHandler.this.getMatchedBackendURL(servletUpgradeRequest.getRequestURI()));
                    map.put("Host", Collections.singletonList(uri.getHost() + ":" + uri.getPort()));
                } catch (URISyntaxException e) {
                    GatewayWebsocketHandler.LOG.onError(String.format(Locale.ROOT, "Error getting backend url, this could cause 'Host does not match SNI' exception. Cause: %s", e.toString()));
                }
            }
        }).build();
    }

    protected synchronized String getMatchedBackendURL(URI uri) {
        String rawPath = uri.getRawPath();
        String rawQuery = uri.getRawQuery();
        ServiceRegistry serviceRegistry = (ServiceRegistry) this.services.getService(ServiceType.SERVICE_REGISTRY_SERVICE);
        ServiceDefEntry matchingService = ((ServiceDefinitionRegistry) this.services.getService(ServiceType.SERVICE_DEFINITION_REGISTRY)).getMatchingService(rawPath.split(REGEX_SPLIT_CONTEXT)[1]);
        if (matchingService == null) {
            throw new RuntimeException(String.format(Locale.ROOT, "Cannot find service for the given path: %s", rawPath));
        }
        String[] split = rawPath.split(REGEX_SPLIT_SERVICE_PATH);
        String urlFromServiceDefinition = urlFromServiceDefinition(serviceRegistry, matchingService, rawPath);
        StringBuilder sb = new StringBuilder();
        try {
            if (StringUtils.containsAny(urlFromServiceDefinition, new CharSequence[]{WEBSOCKET_PROTOCOL_STRING, SECURE_WEBSOCKET_PROTOCOL_STRING})) {
                sb.append(new URI(urlFromServiceDefinition));
                if (!StringUtils.endsWith(sb.toString(), "/ws") && split.length > 0 && split[1] != null) {
                    sb.append(split[1]);
                }
            } else {
                URL url = new URL(urlFromServiceDefinition);
                sb.append((url.getProtocol().equals("ws") || url.getProtocol().equals("wss")) ? url.getProtocol() : "ws").append("://");
                sb.append(url.getHost()).append(':');
                sb.append(url.getPort()).append('/');
                sb.append(url.getPath());
            }
            if (!StringUtils.isBlank(rawQuery)) {
                sb.append('?').append(rawQuery);
            }
            return sb.toString();
        } catch (MalformedURLException e) {
            LOG.badUrlError(e);
            throw new RuntimeException(e.toString());
        } catch (Exception e2) {
            LOG.failedCreatingWebSocket(e2);
            throw new RuntimeException(e2.toString());
        }
    }

    private static String urlFromServiceDefinition(ServiceRegistry serviceRegistry, ServiceDefEntry serviceDefEntry, String str) {
        return serviceRegistry.lookupServiceURL(str.split(ZookeeperRemoteAliasService.PATH_SEPARATOR)[2], serviceDefEntry.getName().toUpperCase(Locale.ROOT));
    }
}
