package org.kiwiproject.dropwizard.util.startup;

import com.google.common.annotations.VisibleForTesting;
import io.dropwizard.core.server.DefaultServerFactory;
import io.dropwizard.core.server.ServerFactory;
import io.dropwizard.jetty.HttpConnectorFactory;
import io.dropwizard.jetty.HttpsConnectorFactory;
import java.util.HashSet;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.OptionalInt;
import java.util.Set;
import java.util.concurrent.ThreadLocalRandom;
import java.util.stream.IntStream;
import lombok.Generated;
import org.kiwiproject.base.KiwiPreconditions;
import org.kiwiproject.base.KiwiStrings;
import org.kiwiproject.collect.KiwiLists;
import org.kiwiproject.config.TlsContextConfiguration;
import org.kiwiproject.dropwizard.util.exception.NoAvailablePortException;
import org.kiwiproject.dropwizard.util.server.DropwizardConnectors;
import org.kiwiproject.net.LocalPortChecker;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/kiwiproject/dropwizard/util/startup/PortAssigner.class */
public class PortAssigner {

    @Generated
    private static final Logger LOG = LoggerFactory.getLogger(PortAssigner.class);
    private final LocalPortChecker localPortChecker;
    private final TlsContextConfiguration tlsConfiguration;
    private final PortAssignment portAssignment;
    private final AllowablePortRange allowablePortRange;
    private final DefaultServerFactory serverFactory;
    private final PortSecurity portSecurity;

    @Generated
    /* loaded from: input_file:org/kiwiproject/dropwizard/util/startup/PortAssigner$PortAssignerBuilder.class */
    public static class PortAssignerBuilder {

        @Generated
        private LocalPortChecker localPortChecker;

        @Generated
        private TlsContextConfiguration tlsConfiguration;

        @Generated
        private PortAssignment portAssignment;

        @Generated
        private AllowablePortRange allowablePortRange;

        @Generated
        private ServerFactory serverFactory;

        @Generated
        private PortSecurity portSecurity;

        @Generated
        PortAssignerBuilder() {
        }

        @Generated
        public PortAssignerBuilder localPortChecker(LocalPortChecker localPortChecker) {
            this.localPortChecker = localPortChecker;
            return this;
        }

        @Generated
        public PortAssignerBuilder tlsConfiguration(TlsContextConfiguration tlsContextConfiguration) {
            this.tlsConfiguration = tlsContextConfiguration;
            return this;
        }

        @Generated
        public PortAssignerBuilder portAssignment(PortAssignment portAssignment) {
            this.portAssignment = portAssignment;
            return this;
        }

        @Generated
        public PortAssignerBuilder allowablePortRange(AllowablePortRange allowablePortRange) {
            this.allowablePortRange = allowablePortRange;
            return this;
        }

        @Generated
        public PortAssignerBuilder serverFactory(ServerFactory serverFactory) {
            this.serverFactory = serverFactory;
            return this;
        }

        @Generated
        public PortAssignerBuilder portSecurity(PortSecurity portSecurity) {
            this.portSecurity = portSecurity;
            return this;
        }

        @Generated
        public PortAssigner build() {
            return new PortAssigner(this.localPortChecker, this.tlsConfiguration, this.portAssignment, this.allowablePortRange, this.serverFactory, this.portSecurity);
        }

        @Generated
        public String toString() {
            return "PortAssigner.PortAssignerBuilder(localPortChecker=" + this.localPortChecker + ", tlsConfiguration=" + this.tlsConfiguration + ", portAssignment=" + this.portAssignment + ", allowablePortRange=" + this.allowablePortRange + ", serverFactory=" + this.serverFactory + ", portSecurity=" + this.portSecurity + ")";
        }
    }

    /* loaded from: input_file:org/kiwiproject/dropwizard/util/startup/PortAssigner$PortAssignment.class */
    public enum PortAssignment {
        STATIC,
        DYNAMIC
    }

    /* loaded from: input_file:org/kiwiproject/dropwizard/util/startup/PortAssigner$PortSecurity.class */
    public enum PortSecurity {
        SECURE,
        NON_SECURE
    }

    private PortAssigner(LocalPortChecker localPortChecker, TlsContextConfiguration tlsContextConfiguration, PortAssignment portAssignment, AllowablePortRange allowablePortRange, ServerFactory serverFactory, PortSecurity portSecurity) {
        this.localPortChecker = (LocalPortChecker) Optional.ofNullable(localPortChecker).orElse(new LocalPortChecker());
        this.portSecurity = (PortSecurity) Optional.ofNullable(portSecurity).orElse(PortSecurity.SECURE);
        this.tlsConfiguration = this.portSecurity == PortSecurity.SECURE ? (TlsContextConfiguration) KiwiPreconditions.requireNotNull(tlsContextConfiguration) : null;
        this.portAssignment = (PortAssignment) Optional.ofNullable(portAssignment).orElse(PortAssignment.DYNAMIC);
        this.allowablePortRange = allowablePortRange;
        this.serverFactory = DropwizardConnectors.requireDefaultServerFactory(serverFactory);
    }

    public void assignDynamicPorts() {
        if (this.portAssignment == PortAssignment.STATIC) {
            LOG.info("Static port assignment is being used, will rely on Dropwizard configuration for the connector setup");
        } else if (this.portSecurity == PortSecurity.SECURE) {
            assignSecureDynamicPorts();
        } else {
            assignNonSecureDynamicPorts();
        }
    }

    private void assignSecureDynamicPorts() {
        LOG.debug("Secure (https): replace Dropwizard HTTP app/admin connectors with HTTPS ones using dynamic ports");
        HashSet hashSet = new HashSet();
        this.serverFactory.setApplicationConnectors(List.of(newHttpsConnectorFactory(findFreePort(hashSet))));
        this.serverFactory.setAdminConnectors(List.of(newHttpsConnectorFactory(findFreePort(hashSet))));
    }

    private HttpsConnectorFactory newHttpsConnectorFactory(int i) {
        HttpsConnectorFactory httpsConnectorFactory = new HttpsConnectorFactory();
        httpsConnectorFactory.setPort(i);
        httpsConnectorFactory.setKeyStorePath(this.tlsConfiguration.getKeyStorePath());
        httpsConnectorFactory.setKeyStorePassword(this.tlsConfiguration.getKeyStorePassword());
        httpsConnectorFactory.setKeyStoreType(this.tlsConfiguration.getKeyStoreType());
        httpsConnectorFactory.setKeyStoreProvider(this.tlsConfiguration.getKeyStoreProvider());
        httpsConnectorFactory.setTrustStorePath(this.tlsConfiguration.getTrustStorePath());
        httpsConnectorFactory.setTrustStorePassword(this.tlsConfiguration.getTrustStorePassword());
        httpsConnectorFactory.setTrustStoreType(this.tlsConfiguration.getTrustStoreType());
        httpsConnectorFactory.setTrustStoreProvider(this.tlsConfiguration.getTrustStoreProvider());
        httpsConnectorFactory.setJceProvider(this.tlsConfiguration.getProvider());
        httpsConnectorFactory.setCertAlias(this.tlsConfiguration.getCertAlias());
        httpsConnectorFactory.setSupportedProtocols(this.tlsConfiguration.getSupportedProtocols());
        httpsConnectorFactory.setSupportedCipherSuites(this.tlsConfiguration.getSupportedCiphers());
        httpsConnectorFactory.setDisableSniHostCheck(this.tlsConfiguration.isDisableSniHostCheck());
        return httpsConnectorFactory;
    }

    private void assignNonSecureDynamicPorts() {
        LOG.debug("Insecure (http): modify Dropwizard HTTP app/admin connectors using dynamic ports");
        HashSet hashSet = new HashSet();
        ((HttpConnectorFactory) KiwiLists.first(this.serverFactory.getApplicationConnectors())).setPort(findFreePort(hashSet));
        ((HttpConnectorFactory) KiwiLists.first(this.serverFactory.getAdminConnectors())).setPort(findFreePort(hashSet));
        LOG.warn("This server has been explicitly configured to run with dynamically assigned ports in NON-SECURE mode (HTTP)!");
    }

    @VisibleForTesting
    int findFreePort(Set<Integer> set) {
        if (Objects.isNull(this.allowablePortRange)) {
            return 0;
        }
        OptionalInt findFirst = IntStream.generate(() -> {
            return this.allowablePortRange.minPortNumber + ThreadLocalRandom.current().nextInt(this.allowablePortRange.numPortsInRange);
        }).limit(this.allowablePortRange.maxPortCheckAttempts).filter(i -> {
            return availableAndUnused(i, set);
        }).findFirst();
        if (!findFirst.isPresent()) {
            throw new NoAvailablePortException(KiwiStrings.format("Could not find an available port between {} and {} after {} attempts. I give up.", new Object[]{Integer.valueOf(this.allowablePortRange.minPortNumber), Integer.valueOf(this.allowablePortRange.maxPortNumber), Integer.valueOf(this.allowablePortRange.maxPortCheckAttempts)}));
        }
        set.add(Integer.valueOf(findFirst.getAsInt()));
        return findFirst.getAsInt();
    }

    private boolean availableAndUnused(int i, Set<Integer> set) {
        LOG.trace("Checking if port {} is available", Integer.valueOf(i));
        return this.localPortChecker.isPortAvailable(i) && !set.contains(Integer.valueOf(i));
    }

    @Generated
    public static PortAssignerBuilder builder() {
        return new PortAssignerBuilder();
    }

    @Generated
    LocalPortChecker getLocalPortChecker() {
        return this.localPortChecker;
    }

    @Generated
    TlsContextConfiguration getTlsConfiguration() {
        return this.tlsConfiguration;
    }

    @Generated
    PortAssignment getPortAssignment() {
        return this.portAssignment;
    }

    @Generated
    AllowablePortRange getAllowablePortRange() {
        return this.allowablePortRange;
    }

    @Generated
    DefaultServerFactory getServerFactory() {
        return this.serverFactory;
    }

    @Generated
    PortSecurity getPortSecurity() {
        return this.portSecurity;
    }
}
