package org.apache.nifi.jetty.configuration.connector;

import java.util.ArrayList;
import java.util.Collections;
import java.util.Objects;
import java.util.Set;
import javax.net.ssl.SSLContext;
import org.eclipse.jetty.alpn.server.ALPNServerConnectionFactory;
import org.eclipse.jetty.http.HttpScheme;
import org.eclipse.jetty.http2.HTTP2Cipher;
import org.eclipse.jetty.http2.server.HTTP2ServerConnectionFactory;
import org.eclipse.jetty.server.ConnectionFactory;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.util.ssl.SslContextFactory;

/* loaded from: input_file:org/apache/nifi/jetty/configuration/connector/StandardServerConnectorFactory.class */
public class StandardServerConnectorFactory implements ServerConnectorFactory {
    private static final boolean SEND_SERVER_VERSION = false;
    private static final String[] INCLUDE_ALL_SECURITY_PROTOCOLS = new String[SEND_SERVER_VERSION];
    private static final Set<ApplicationLayerProtocol> DEFAULT_APPLICATION_LAYER_PROTOCOLS = Collections.singleton(ApplicationLayerProtocol.HTTP_1_1);
    private static final String ALPN_PROTOCOL = "alpn";
    private static final String[] APPLICATION_PROTOCOLS = {ALPN_PROTOCOL, ApplicationLayerProtocol.H2.getProtocol(), ApplicationLayerProtocol.HTTP_1_1.getProtocol()};
    private final Server server;
    private final int port;
    private SSLContext sslContext;
    private boolean needClientAuth;
    private boolean wantClientAuth;
    private Set<ApplicationLayerProtocol> applicationLayerProtocols = DEFAULT_APPLICATION_LAYER_PROTOCOLS;
    private String[] includeSecurityProtocols = INCLUDE_ALL_SECURITY_PROTOCOLS;

    public StandardServerConnectorFactory(Server server, int i) {
        this.server = (Server) Objects.requireNonNull(server, "Server required");
        this.port = i;
    }

    @Override // org.apache.nifi.jetty.configuration.connector.ServerConnectorFactory
    public ServerConnector getServerConnector() {
        ServerConnector serverConnector;
        HttpConfiguration httpConfiguration = getHttpConfiguration();
        ConnectionFactory httpConnectionFactory = new HttpConnectionFactory(httpConfiguration);
        if (this.sslContext == null) {
            serverConnector = new ServerConnector(this.server, new ConnectionFactory[]{httpConnectionFactory});
        } else {
            ArrayList arrayList = new ArrayList();
            if (this.applicationLayerProtocols.contains(ApplicationLayerProtocol.H2)) {
                ALPNServerConnectionFactory aLPNServerConnectionFactory = new ALPNServerConnectionFactory(APPLICATION_PROTOCOLS);
                HTTP2ServerConnectionFactory hTTP2ServerConnectionFactory = new HTTP2ServerConnectionFactory(httpConfiguration);
                arrayList.add(aLPNServerConnectionFactory);
                arrayList.add(hTTP2ServerConnectionFactory);
            }
            if (this.applicationLayerProtocols.contains(ApplicationLayerProtocol.HTTP_1_1)) {
                arrayList.add(httpConnectionFactory);
            }
            arrayList.add(SEND_SERVER_VERSION, new SslConnectionFactory(getSslContextFactory(), ((ConnectionFactory) arrayList.get(SEND_SERVER_VERSION)).getProtocol()));
            serverConnector = new ServerConnector(this.server, (ConnectionFactory[]) arrayList.toArray(new ConnectionFactory[SEND_SERVER_VERSION]));
        }
        serverConnector.setPort(this.port);
        return serverConnector;
    }

    public void setSslContext(SSLContext sSLContext) {
        this.sslContext = sSLContext;
    }

    public void setNeedClientAuth(boolean z) {
        this.needClientAuth = z;
    }

    public void setWantClientAuth(boolean z) {
        this.wantClientAuth = z;
    }

    public void setIncludeSecurityProtocols(String[] strArr) {
        this.includeSecurityProtocols = strArr == null ? INCLUDE_ALL_SECURITY_PROTOCOLS : strArr;
    }

    public void setApplicationLayerProtocols(Set<ApplicationLayerProtocol> set) {
        if (((Set) Objects.requireNonNull(set, "Application Layer Protocols required")).isEmpty()) {
            throw new IllegalArgumentException("Application Layer Protocols not specified");
        }
        this.applicationLayerProtocols = set;
    }

    protected Server getServer() {
        return this.server;
    }

    protected HttpConfiguration getHttpConfiguration() {
        HttpConfiguration httpConfiguration = new HttpConfiguration();
        if (this.sslContext != null) {
            httpConfiguration.setSecurePort(this.port);
            httpConfiguration.setSecureScheme(HttpScheme.HTTPS.asString());
            httpConfiguration.setSendServerVersion(false);
            httpConfiguration.addCustomizer(new SecureRequestCustomizer());
        }
        return httpConfiguration;
    }

    protected SslContextFactory.Server getSslContextFactory() {
        SslContextFactory.Server server = new SslContextFactory.Server();
        server.setSslContext(this.sslContext);
        server.setNeedClientAuth(this.needClientAuth);
        server.setWantClientAuth(this.wantClientAuth);
        server.setIncludeProtocols(this.includeSecurityProtocols);
        if (this.applicationLayerProtocols.contains(ApplicationLayerProtocol.H2)) {
            server.setCipherComparator(HTTP2Cipher.COMPARATOR);
        }
        return server;
    }
}
