package org.neo4j.bolt;

import io.netty.channel.Channel;
import io.netty.handler.ssl.SslContext;
import io.netty.util.internal.logging.InternalLoggerFactory;
import java.time.Clock;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.function.BiFunction;
import java.util.function.Function;
import java.util.stream.Collectors;
import org.neo4j.bolt.security.auth.Authentication;
import org.neo4j.bolt.security.auth.BasicAuthentication;
import org.neo4j.bolt.transport.BoltProtocol;
import org.neo4j.bolt.transport.Netty4LoggerFactory;
import org.neo4j.bolt.transport.NettyServer;
import org.neo4j.bolt.transport.SocketTransport;
import org.neo4j.bolt.v1.runtime.BoltConnectionDescriptor;
import org.neo4j.bolt.v1.runtime.BoltFactory;
import org.neo4j.bolt.v1.runtime.BoltFactoryImpl;
import org.neo4j.bolt.v1.runtime.MonitoredWorkerFactory;
import org.neo4j.bolt.v1.runtime.WorkerFactory;
import org.neo4j.bolt.v1.runtime.concurrent.ThreadedWorkerFactory;
import org.neo4j.bolt.v1.transport.BoltProtocolV1;
import org.neo4j.bolt.v1.transport.ChunkedOutput;
import org.neo4j.configuration.Description;
import org.neo4j.graphdb.GraphDatabaseService;
import org.neo4j.graphdb.config.Setting;
import org.neo4j.graphdb.factory.GraphDatabaseSettings;
import org.neo4j.helpers.ListenSocketAddress;
import org.neo4j.kernel.api.bolt.BoltConnectionTracker;
import org.neo4j.kernel.api.security.AuthManager;
import org.neo4j.kernel.api.security.UserManagerSupplier;
import org.neo4j.kernel.configuration.BoltConnector;
import org.neo4j.kernel.configuration.Config;
import org.neo4j.kernel.configuration.ConnectorPortRegister;
import org.neo4j.kernel.configuration.ssl.SslPolicyLoader;
import org.neo4j.kernel.extension.KernelExtensionFactory;
import org.neo4j.kernel.impl.core.ThreadToStatementContextBridge;
import org.neo4j.kernel.impl.logging.LogService;
import org.neo4j.kernel.impl.spi.KernelContext;
import org.neo4j.kernel.internal.GraphDatabaseAPI;
import org.neo4j.kernel.lifecycle.LifeSupport;
import org.neo4j.kernel.lifecycle.Lifecycle;
import org.neo4j.kernel.monitoring.Monitors;
import org.neo4j.logging.Log;
import org.neo4j.scheduler.JobScheduler;
import org.neo4j.udc.UsageData;

/* loaded from: input_file:org/neo4j/bolt/BoltKernelExtension.class */
public class BoltKernelExtension extends KernelExtensionFactory<Dependencies> {

    /* renamed from: org.neo4j.bolt.BoltKernelExtension$1, reason: invalid class name */
    /* loaded from: input_file:org/neo4j/bolt/BoltKernelExtension$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$neo4j$kernel$configuration$BoltConnector$EncryptionLevel = new int[BoltConnector.EncryptionLevel.values().length];

        static {
            try {
                $SwitchMap$org$neo4j$kernel$configuration$BoltConnector$EncryptionLevel[BoltConnector.EncryptionLevel.REQUIRED.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$neo4j$kernel$configuration$BoltConnector$EncryptionLevel[BoltConnector.EncryptionLevel.OPTIONAL.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$neo4j$kernel$configuration$BoltConnector$EncryptionLevel[BoltConnector.EncryptionLevel.DISABLED.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    /* loaded from: input_file:org/neo4j/bolt/BoltKernelExtension$Dependencies.class */
    public interface Dependencies {
        LogService logService();

        Config config();

        GraphDatabaseService db();

        JobScheduler scheduler();

        UsageData usageData();

        Monitors monitors();

        ThreadToStatementContextBridge txBridge();

        BoltConnectionTracker sessionTracker();

        ConnectorPortRegister connectionRegister();

        Clock clock();

        AuthManager authManager();

        UserManagerSupplier userManagerSupplier();

        SslPolicyLoader sslPolicyFactory();
    }

    /* loaded from: input_file:org/neo4j/bolt/BoltKernelExtension$Settings.class */
    public static class Settings {

        @Description("SSL policy to use")
        public static Setting<String> ssl_policy = org.neo4j.kernel.configuration.Settings.setting("bolt.ssl_policy", org.neo4j.kernel.configuration.Settings.STRING, "legacy");
    }

    public BoltKernelExtension() {
        super("bolt-server");
    }

    public Lifecycle newInstance(KernelContext kernelContext, Dependencies dependencies) throws Throwable {
        Config config = dependencies.config();
        GraphDatabaseAPI db = dependencies.db();
        LogService logService = dependencies.logService();
        Clock clock = dependencies.clock();
        SslPolicyLoader sslPolicyFactory = dependencies.sslPolicyFactory();
        Log internalLog = logService.getInternalLog(WorkerFactory.class);
        LifeSupport lifeSupport = new LifeSupport();
        JobScheduler scheduler = dependencies.scheduler();
        InternalLoggerFactory.setDefaultFactory(new Netty4LoggerFactory(logService.getInternalLogProvider()));
        WorkerFactory createWorkerFactory = createWorkerFactory((BoltFactory) lifeSupport.add(new BoltFactoryImpl(db, dependencies.usageData(), logService, dependencies.txBridge(), authentication(dependencies.authManager(), dependencies.userManagerSupplier()), dependencies.sessionTracker(), config)), scheduler, dependencies, logService, clock);
        ConnectorPortRegister connectionRegister = dependencies.connectionRegister();
        Map map = (Map) config.enabledBoltConnectors().stream().collect(Collectors.toMap(Function.identity(), boltConnector -> {
            boolean z;
            SslContext sslContext;
            ListenSocketAddress listenSocketAddress = (ListenSocketAddress) config.get(boltConnector.listen_address);
            BoltConnector.EncryptionLevel encryptionLevel = (BoltConnector.EncryptionLevel) config.get(boltConnector.encryption_level);
            switch (AnonymousClass1.$SwitchMap$org$neo4j$kernel$configuration$BoltConnector$EncryptionLevel[encryptionLevel.ordinal()]) {
                case BoltProtocolV1.VERSION /* 1 */:
                    z = true;
                    sslContext = createSslContext(sslPolicyFactory, config);
                    break;
                case ChunkedOutput.CHUNK_HEADER_SIZE /* 2 */:
                    z = false;
                    sslContext = createSslContext(sslPolicyFactory, config);
                    break;
                case 3:
                    z = false;
                    sslContext = null;
                    break;
                default:
                    internalLog.warn(String.format("Unhandled encryption level %s - assuming DISABLED.", encryptionLevel.name()));
                    z = false;
                    sslContext = null;
                    break;
            }
            return new SocketTransport(listenSocketAddress, sslContext, z, logService.getInternalLogProvider(), newVersions(logService, createWorkerFactory));
        }));
        if (map.size() > 0 && !((Boolean) config.get(GraphDatabaseSettings.disconnected)).booleanValue()) {
            lifeSupport.add(new NettyServer(scheduler.threadFactory(JobScheduler.Groups.boltNetworkIO), map, connectionRegister));
            internalLog.info("Bolt Server extension loaded.");
            Iterator it = map.values().iterator();
            while (it.hasNext()) {
                logService.getUserLog(WorkerFactory.class).info("Bolt enabled on %s.", new Object[]{((NettyServer.ProtocolInitializer) it.next()).address()});
            }
        }
        return lifeSupport;
    }

    protected WorkerFactory createWorkerFactory(BoltFactory boltFactory, JobScheduler jobScheduler, Dependencies dependencies, LogService logService, Clock clock) {
        return new MonitoredWorkerFactory(dependencies.monitors(), new ThreadedWorkerFactory(boltFactory, jobScheduler, logService, clock), clock);
    }

    private SslContext createSslContext(SslPolicyLoader sslPolicyLoader, Config config) {
        try {
            String str = (String) config.get(Settings.ssl_policy);
            if (str == null) {
                throw new IllegalArgumentException("No SSL policy has been configured for bolt");
            }
            return sslPolicyLoader.getPolicy(str).nettyServerContext();
        } catch (Exception e) {
            throw new RuntimeException("Failed to initialize SSL encryption support, which is required to start this connector. Error was: " + e.getMessage(), e);
        }
    }

    private Map<Long, BiFunction<Channel, Boolean, BoltProtocol>> newVersions(LogService logService, WorkerFactory workerFactory) {
        HashMap hashMap = new HashMap();
        hashMap.put(1L, (channel, bool) -> {
            BoltConnectionDescriptor boltConnectionDescriptor = new BoltConnectionDescriptor(channel.remoteAddress(), channel.localAddress());
            channel.getClass();
            return new BoltProtocolV1(workerFactory.newWorker(boltConnectionDescriptor, channel::close), channel, logService);
        });
        return hashMap;
    }

    private Authentication authentication(AuthManager authManager, UserManagerSupplier userManagerSupplier) {
        return new BasicAuthentication(authManager, userManagerSupplier);
    }
}
