package org.eclipse.jetty.proxy;

import jakarta.servlet.AsyncContext;
import jakarta.servlet.AsyncEvent;
import jakarta.servlet.AsyncListener;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.Closeable;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.nio.ByteBuffer;
import java.nio.channels.SelectableChannel;
import java.nio.channels.SelectionKey;
import java.nio.channels.SocketChannel;
import java.util.HashSet;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import java.util.concurrent.Executor;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.http.HttpHeaderValue;
import org.eclipse.jetty.http.HttpMethod;
import org.eclipse.jetty.http.HttpStatus;
import org.eclipse.jetty.io.AbstractByteBufferPool;
import org.eclipse.jetty.io.ByteBufferPool;
import org.eclipse.jetty.io.Connection;
import org.eclipse.jetty.io.EndPoint;
import org.eclipse.jetty.io.ManagedSelector;
import org.eclipse.jetty.io.MappedByteBufferPool;
import org.eclipse.jetty.io.SelectorManager;
import org.eclipse.jetty.io.SocketChannelEndPoint;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.HttpChannel;
import org.eclipse.jetty.server.HttpTransport;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.handler.HandlerWrapper;
import org.eclipse.jetty.util.Callback;
import org.eclipse.jetty.util.HostPort;
import org.eclipse.jetty.util.Promise;
import org.eclipse.jetty.util.thread.ScheduledExecutorScheduler;
import org.eclipse.jetty.util.thread.Scheduler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/jetty-proxy-11.0.25.jar:org/eclipse/jetty/proxy/ConnectHandler.class */
public class ConnectHandler extends HandlerWrapper {
    protected static final Logger LOG = LoggerFactory.getLogger((Class<?>) ConnectHandler.class);
    private final Set<String> whiteList;
    private final Set<String> blackList;
    private Executor executor;
    private Scheduler scheduler;
    private ByteBufferPool bufferPool;
    private SelectorManager selector;
    private long connectTimeout;
    private long idleTimeout;
    private int bufferSize;

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:WEB-INF/lib/jetty-proxy-11.0.25.jar:org/eclipse/jetty/proxy/ConnectHandler$ConnectContext.class */
    public static class ConnectContext {
        private final ConcurrentMap<String, Object> context = new ConcurrentHashMap();
        private final HttpServletRequest request;
        private final HttpServletResponse response;
        private final AsyncContext asyncContext;
        private final EndPoint endPoint;

        public ConnectContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AsyncContext asyncContext, EndPoint endPoint) {
            this.request = httpServletRequest;
            this.response = httpServletResponse;
            this.asyncContext = asyncContext;
            this.endPoint = endPoint;
        }

        public ConcurrentMap<String, Object> getContext() {
            return this.context;
        }

        public HttpServletRequest getRequest() {
            return this.request;
        }

        public HttpServletResponse getResponse() {
            return this.response;
        }

        public AsyncContext getAsyncContext() {
            return this.asyncContext;
        }

        public EndPoint getEndPoint() {
            return this.endPoint;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:WEB-INF/lib/jetty-proxy-11.0.25.jar:org/eclipse/jetty/proxy/ConnectHandler$ConnectManager.class */
    public class ConnectManager extends SelectorManager {
        protected ConnectManager(Executor executor, Scheduler scheduler, int i) {
            super(executor, scheduler, i);
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // org.eclipse.jetty.io.SelectorManager
        public EndPoint newEndPoint(SelectableChannel selectableChannel, ManagedSelector managedSelector, SelectionKey selectionKey) {
            SocketChannelEndPoint socketChannelEndPoint = new SocketChannelEndPoint((SocketChannel) selectableChannel, managedSelector, selectionKey, getScheduler());
            socketChannelEndPoint.setIdleTimeout(ConnectHandler.this.getIdleTimeout());
            return socketChannelEndPoint;
        }

        @Override // org.eclipse.jetty.io.SelectorManager
        public Connection newConnection(SelectableChannel selectableChannel, EndPoint endPoint, Object obj) throws IOException {
            if (ConnectHandler.LOG.isDebugEnabled()) {
                ConnectHandler.LOG.debug("Connected to {}", ((SocketChannel) selectableChannel).getRemoteAddress());
            }
            UpstreamConnection newUpstreamConnection = ConnectHandler.this.newUpstreamConnection(endPoint, (ConnectContext) obj);
            newUpstreamConnection.setInputBufferSize(ConnectHandler.this.getBufferSize());
            return newUpstreamConnection;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // org.eclipse.jetty.io.SelectorManager
        public void connectionFailed(SelectableChannel selectableChannel, Throwable th, Object obj) {
            ConnectHandler.this.close(selectableChannel);
            ConnectContext connectContext = (ConnectContext) obj;
            ConnectHandler.this.onConnectFailure(connectContext.request, connectContext.response, connectContext.asyncContext, th);
        }
    }

    /* loaded from: input_file:WEB-INF/lib/jetty-proxy-11.0.25.jar:org/eclipse/jetty/proxy/ConnectHandler$DownstreamConnection.class */
    public class DownstreamConnection extends ProxyConnection implements Connection.UpgradeTo {
        private ByteBuffer buffer;

        public DownstreamConnection(EndPoint endPoint, Executor executor, ByteBufferPool byteBufferPool, ConcurrentMap<String, Object> concurrentMap) {
            super(endPoint, executor, byteBufferPool, concurrentMap);
        }

        @Override // org.eclipse.jetty.io.Connection.UpgradeTo
        public void onUpgradeTo(ByteBuffer byteBuffer) {
            this.buffer = byteBuffer;
        }

        @Override // org.eclipse.jetty.io.AbstractConnection, org.eclipse.jetty.io.Connection
        public void onOpen() {
            super.onOpen();
            if (this.buffer == null) {
                fillInterested();
            } else {
                final int remaining = this.buffer.remaining();
                write(getConnection().getEndPoint(), this.buffer, new Callback() { // from class: org.eclipse.jetty.proxy.ConnectHandler.DownstreamConnection.1
                    @Override // org.eclipse.jetty.util.Callback
                    public void succeeded() {
                        DownstreamConnection.this.buffer = null;
                        if (ProxyConnection.LOG.isDebugEnabled()) {
                            ProxyConnection.LOG.debug("{} wrote initial {} bytes to server", DownstreamConnection.this, Integer.valueOf(remaining));
                        }
                        DownstreamConnection.this.fillInterested();
                    }

                    @Override // org.eclipse.jetty.util.Callback
                    public void failed(Throwable th) {
                        DownstreamConnection.this.buffer = null;
                        if (ProxyConnection.LOG.isDebugEnabled()) {
                            ProxyConnection.LOG.debug("{} failed to write initial {} bytes to server", this, Integer.valueOf(remaining), th);
                        }
                        DownstreamConnection.this.close();
                        DownstreamConnection.this.getConnection().close();
                    }
                });
            }
        }

        @Override // org.eclipse.jetty.proxy.ProxyConnection
        protected int read(EndPoint endPoint, ByteBuffer byteBuffer) throws IOException {
            return ConnectHandler.this.read(endPoint, byteBuffer, getContext());
        }

        @Override // org.eclipse.jetty.proxy.ProxyConnection
        protected void write(EndPoint endPoint, ByteBuffer byteBuffer, Callback callback) {
            ConnectHandler.this.write(endPoint, byteBuffer, callback, getContext());
        }
    }

    /* loaded from: input_file:WEB-INF/lib/jetty-proxy-11.0.25.jar:org/eclipse/jetty/proxy/ConnectHandler$UpstreamConnection.class */
    public class UpstreamConnection extends ProxyConnection implements AsyncListener {
        private final ConnectContext connectContext;

        public UpstreamConnection(EndPoint endPoint, Executor executor, ByteBufferPool byteBufferPool, ConnectContext connectContext) {
            super(endPoint, executor, byteBufferPool, connectContext.getContext());
            this.connectContext = connectContext;
        }

        @Override // org.eclipse.jetty.io.AbstractConnection, org.eclipse.jetty.io.Connection
        public void onOpen() {
            super.onOpen();
            this.connectContext.asyncContext.addListener(this);
            ConnectHandler.this.onConnectSuccess(this.connectContext, this);
        }

        @Override // org.eclipse.jetty.proxy.ProxyConnection
        protected int read(EndPoint endPoint, ByteBuffer byteBuffer) throws IOException {
            return ConnectHandler.this.read(endPoint, byteBuffer, getContext());
        }

        @Override // org.eclipse.jetty.proxy.ProxyConnection
        protected void write(EndPoint endPoint, ByteBuffer byteBuffer, Callback callback) {
            ConnectHandler.this.write(endPoint, byteBuffer, callback, getContext());
        }

        public void onComplete(AsyncEvent asyncEvent) {
            fillInterested();
        }

        public void onTimeout(AsyncEvent asyncEvent) {
        }

        public void onError(AsyncEvent asyncEvent) {
            close(asyncEvent.getThrowable());
        }

        public void onStartAsync(AsyncEvent asyncEvent) {
        }
    }

    public ConnectHandler() {
        this(null);
    }

    public ConnectHandler(Handler handler) {
        this.whiteList = new HashSet();
        this.blackList = new HashSet();
        this.connectTimeout = 15000L;
        this.idleTimeout = 30000L;
        this.bufferSize = AbstractByteBufferPool.DEFAULT_FACTOR;
        setHandler(handler);
    }

    public Executor getExecutor() {
        return this.executor;
    }

    public void setExecutor(Executor executor) {
        this.executor = executor;
    }

    public Scheduler getScheduler() {
        return this.scheduler;
    }

    public void setScheduler(Scheduler scheduler) {
        updateBean(this.scheduler, scheduler);
        this.scheduler = scheduler;
    }

    public ByteBufferPool getByteBufferPool() {
        return this.bufferPool;
    }

    public void setByteBufferPool(ByteBufferPool byteBufferPool) {
        updateBean(this.bufferPool, byteBufferPool);
        this.bufferPool = byteBufferPool;
    }

    public long getConnectTimeout() {
        return this.connectTimeout;
    }

    public void setConnectTimeout(long j) {
        this.connectTimeout = j;
    }

    public long getIdleTimeout() {
        return this.idleTimeout;
    }

    public void setIdleTimeout(long j) {
        this.idleTimeout = j;
    }

    public int getBufferSize() {
        return this.bufferSize;
    }

    public void setBufferSize(int i) {
        this.bufferSize = i;
    }

    protected void doStart() throws Exception {
        if (this.executor == null) {
            this.executor = getServer().getThreadPool();
        }
        if (this.scheduler == null) {
            this.scheduler = (Scheduler) getServer().getBean(Scheduler.class);
            if (this.scheduler == null) {
                this.scheduler = new ScheduledExecutorScheduler(String.format("Proxy-Scheduler-%x", Integer.valueOf(hashCode())), false);
            }
            addBean(this.scheduler);
        }
        if (this.bufferPool == null) {
            this.bufferPool = new MappedByteBufferPool();
            addBean(this.bufferPool);
        }
        SelectorManager newSelectorManager = newSelectorManager();
        this.selector = newSelectorManager;
        addBean(newSelectorManager);
        this.selector.setConnectTimeout(getConnectTimeout());
        super.doStart();
    }

    protected SelectorManager newSelectorManager() {
        return new ConnectManager(getExecutor(), getScheduler(), 1);
    }

    public void handle(String str, Request request, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String protocol = request.getMetaData().getProtocol();
        if (!HttpMethod.CONNECT.is(httpServletRequest.getMethod()) || protocol != null) {
            super.handle(str, request, httpServletRequest, httpServletResponse);
            return;
        }
        String authority = request.getHttpURI().getAuthority();
        if (LOG.isDebugEnabled()) {
            LOG.debug("CONNECT request for {}", authority);
        }
        handleConnect(request, httpServletRequest, httpServletResponse, authority);
    }

    protected void handleConnect(Request request, final HttpServletRequest httpServletRequest, final HttpServletResponse httpServletResponse, String str) {
        request.setHandled(true);
        try {
            if (!handleAuthentication(httpServletRequest, httpServletResponse, str)) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Missing proxy authentication");
                }
                sendConnectResponse(httpServletRequest, httpServletResponse, HttpStatus.PROXY_AUTHENTICATION_REQUIRED_407);
                return;
            }
            HostPort hostPort = new HostPort(str);
            String host = hostPort.getHost();
            int port = hostPort.getPort(80);
            if (!validateDestination(host, port)) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Destination {}:{} forbidden", host, Integer.valueOf(port));
                }
                sendConnectResponse(httpServletRequest, httpServletResponse, HttpStatus.FORBIDDEN_403);
                return;
            }
            final HttpChannel httpChannel = request.getHttpChannel();
            if (!httpChannel.isTunnellingSupported()) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("CONNECT not supported for {}", httpChannel);
                }
                sendConnectResponse(httpServletRequest, httpServletResponse, HttpStatus.FORBIDDEN_403);
            } else {
                final AsyncContext startAsync = httpServletRequest.startAsync();
                startAsync.setTimeout(0L);
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Connecting to {}:{}", host, Integer.valueOf(port));
                }
                connectToServer(httpServletRequest, host, port, new Promise<SocketChannel>() { // from class: org.eclipse.jetty.proxy.ConnectHandler.1
                    @Override // org.eclipse.jetty.util.Promise
                    public void succeeded(SocketChannel socketChannel) {
                        ConnectContext connectContext = new ConnectContext(httpServletRequest, httpServletResponse, startAsync, httpChannel.getTunnellingEndPoint());
                        if (socketChannel.isConnected()) {
                            ConnectHandler.this.selector.accept(socketChannel, connectContext);
                        } else {
                            ConnectHandler.this.selector.connect(socketChannel, connectContext);
                        }
                    }

                    @Override // org.eclipse.jetty.util.Promise
                    public void failed(Throwable th) {
                        ConnectHandler.this.onConnectFailure(httpServletRequest, httpServletResponse, startAsync, th);
                    }
                });
            }
        } catch (Exception e) {
            onConnectFailure(httpServletRequest, httpServletResponse, null, e);
        }
    }

    protected void connectToServer(HttpServletRequest httpServletRequest, String str, int i, Promise<SocketChannel> promise) {
        SocketChannel socketChannel = null;
        try {
            socketChannel = SocketChannel.open();
            socketChannel.socket().setTcpNoDelay(true);
            socketChannel.configureBlocking(false);
            socketChannel.connect(newConnectAddress(str, i));
            promise.succeeded(socketChannel);
        } catch (Throwable th) {
            close(socketChannel);
            promise.failed(th);
        }
    }

    private void close(Closeable closeable) {
        if (closeable != null) {
            try {
                closeable.close();
            } catch (Throwable th) {
                LOG.trace("IGNORED", th);
            }
        }
    }

    protected InetSocketAddress newConnectAddress(String str, int i) {
        return new InetSocketAddress(str, i);
    }

    protected void onConnectSuccess(ConnectContext connectContext, UpstreamConnection upstreamConnection) {
        ConcurrentMap<String, Object> context = connectContext.getContext();
        HttpServletRequest request = connectContext.getRequest();
        prepareContext(request, context);
        DownstreamConnection newDownstreamConnection = newDownstreamConnection(connectContext.getEndPoint(), context);
        newDownstreamConnection.setInputBufferSize(getBufferSize());
        upstreamConnection.setConnection(newDownstreamConnection);
        newDownstreamConnection.setConnection(upstreamConnection);
        if (LOG.isDebugEnabled()) {
            LOG.debug("Connection setup completed: {}<->{}", newDownstreamConnection, upstreamConnection);
        }
        HttpServletResponse response = connectContext.getResponse();
        sendConnectResponse(request, response, HttpStatus.OK_200);
        upgradeConnection(request, response, newDownstreamConnection);
        connectContext.getAsyncContext().complete();
    }

    protected void onConnectFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AsyncContext asyncContext, Throwable th) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("CONNECT failed", th);
        }
        sendConnectResponse(httpServletRequest, httpServletResponse, HttpStatus.INTERNAL_SERVER_ERROR_500);
        if (asyncContext != null) {
            asyncContext.complete();
        }
    }

    private void sendConnectResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, int i) {
        try {
            httpServletResponse.setStatus(i);
            httpServletResponse.setContentLength(0);
            if (i != 200) {
                httpServletResponse.setHeader(HttpHeader.CONNECTION.asString(), HttpHeaderValue.CLOSE.asString());
            }
            if (LOG.isDebugEnabled()) {
                LOG.debug("CONNECT response sent {} {}", httpServletRequest.getProtocol(), Integer.valueOf(httpServletResponse.getStatus()));
            }
        } catch (Throwable th) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Could not send CONNECT response", th);
            }
        }
    }

    protected boolean handleAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        return true;
    }

    protected DownstreamConnection newDownstreamConnection(EndPoint endPoint, ConcurrentMap<String, Object> concurrentMap) {
        return new DownstreamConnection(endPoint, getExecutor(), getByteBufferPool(), concurrentMap);
    }

    protected UpstreamConnection newUpstreamConnection(EndPoint endPoint, ConnectContext connectContext) {
        return new UpstreamConnection(endPoint, getExecutor(), getByteBufferPool(), connectContext);
    }

    protected void prepareContext(HttpServletRequest httpServletRequest, ConcurrentMap<String, Object> concurrentMap) {
    }

    private void upgradeConnection(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Connection connection) {
        httpServletRequest.setAttribute(HttpTransport.UPGRADE_CONNECTION_ATTRIBUTE, connection);
        if (LOG.isDebugEnabled()) {
            LOG.debug("Upgraded connection to {}", connection);
        }
    }

    protected int read(EndPoint endPoint, ByteBuffer byteBuffer, ConcurrentMap<String, Object> concurrentMap) throws IOException {
        int fill = endPoint.fill(byteBuffer);
        if (LOG.isDebugEnabled()) {
            LOG.debug("{} read {} bytes", this, Integer.valueOf(fill));
        }
        return fill;
    }

    protected void write(EndPoint endPoint, ByteBuffer byteBuffer, Callback callback, ConcurrentMap<String, Object> concurrentMap) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("{} writing {} bytes", this, Integer.valueOf(byteBuffer.remaining()));
        }
        endPoint.write(callback, byteBuffer);
    }

    public Set<String> getWhiteListHosts() {
        return this.whiteList;
    }

    public Set<String> getBlackListHosts() {
        return this.blackList;
    }

    public boolean validateDestination(String str, int i) {
        String str2 = str + ":" + i;
        if (!this.whiteList.isEmpty() && !this.whiteList.contains(str2)) {
            if (!LOG.isDebugEnabled()) {
                return false;
            }
            LOG.debug("Host {}:{} not whitelisted", str, Integer.valueOf(i));
            return false;
        }
        if (this.blackList.isEmpty() || !this.blackList.contains(str2)) {
            return true;
        }
        if (!LOG.isDebugEnabled()) {
            return false;
        }
        LOG.debug("Host {}:{} blacklisted", str, Integer.valueOf(i));
        return false;
    }
}
