package org.eclipse.milo.opcua.stack.server.transport.http;

import io.netty.buffer.ByteBuf;
import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.SimpleChannelInboundHandler;
import io.netty.handler.codec.http.DefaultFullHttpResponse;
import io.netty.handler.codec.http.FullHttpRequest;
import io.netty.handler.codec.http.HttpHeaderNames;
import io.netty.handler.codec.http.HttpHeaderValues;
import io.netty.handler.codec.http.HttpResponseStatus;
import io.netty.handler.codec.http.HttpVersion;
import java.net.InetSocketAddress;
import java.security.KeyPair;
import java.security.cert.X509Certificate;
import java.util.Objects;
import java.util.Optional;
import org.eclipse.milo.opcua.stack.core.StatusCodes;
import org.eclipse.milo.opcua.stack.core.UaException;
import org.eclipse.milo.opcua.stack.core.channel.ServerSecureChannel;
import org.eclipse.milo.opcua.stack.core.security.SecurityPolicy;
import org.eclipse.milo.opcua.stack.core.serialization.OpcUaBinaryStreamDecoder;
import org.eclipse.milo.opcua.stack.core.serialization.OpcUaBinaryStreamEncoder;
import org.eclipse.milo.opcua.stack.core.serialization.UaRequestMessage;
import org.eclipse.milo.opcua.stack.core.serialization.UaResponseMessage;
import org.eclipse.milo.opcua.stack.core.transport.TransportProfile;
import org.eclipse.milo.opcua.stack.core.types.builtin.ByteString;
import org.eclipse.milo.opcua.stack.core.types.builtin.DateTime;
import org.eclipse.milo.opcua.stack.core.types.builtin.StatusCode;
import org.eclipse.milo.opcua.stack.core.types.builtin.unsigned.UInteger;
import org.eclipse.milo.opcua.stack.core.types.enumerated.MessageSecurityMode;
import org.eclipse.milo.opcua.stack.core.types.structured.EndpointDescription;
import org.eclipse.milo.opcua.stack.core.types.structured.ResponseHeader;
import org.eclipse.milo.opcua.stack.core.types.structured.ServiceFault;
import org.eclipse.milo.opcua.stack.core.util.BufferUtil;
import org.eclipse.milo.opcua.stack.core.util.DigestUtil;
import org.eclipse.milo.opcua.stack.core.util.EndpointUtil;
import org.eclipse.milo.opcua.stack.server.UaStackServer;
import org.eclipse.milo.opcua.stack.server.services.ServiceRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/milo/opcua/stack/server/transport/http/OpcServerHttpRequestHandler.class */
public class OpcServerHttpRequestHandler extends SimpleChannelInboundHandler<FullHttpRequest> {
    private static final String UABINARY_CONTENT_TYPE = HttpHeaderValues.APPLICATION_OCTET_STREAM.toString();
    private final Logger logger = LoggerFactory.getLogger(getClass());
    private final UaStackServer stackServer;

    /* JADX INFO: Access modifiers changed from: package-private */
    public OpcServerHttpRequestHandler(UaStackServer uaStackServer) {
        this.stackServer = uaStackServer;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // io.netty.channel.SimpleChannelInboundHandler
    public void channelRead0(ChannelHandlerContext channelHandlerContext, FullHttpRequest fullHttpRequest) throws Exception {
        String str = fullHttpRequest.headers().get(HttpHeaderNames.HOST);
        String uri = fullHttpRequest.uri();
        String str2 = fullHttpRequest.headers().get(HttpHeaderNames.CONTENT_TYPE);
        String str3 = fullHttpRequest.headers().get("OPCUA-SecurityPolicy");
        this.logger.debug("host={} uri={} contentType={} securityPolicy={}", new Object[]{str, uri, str2, str3});
        SecurityPolicy fromUri = str3 != null ? SecurityPolicy.fromUri(str3) : SecurityPolicy.None;
        MessageSecurityMode messageSecurityMode = fromUri == SecurityPolicy.None ? MessageSecurityMode.None : MessageSecurityMode.Sign;
        EndpointDescription endpointDescription = (EndpointDescription) this.stackServer.getEndpointDescriptions().stream().filter(endpointDescription2 -> {
            return Objects.equals(endpointDescription2.getTransportProfileUri(), TransportProfile.HTTPS_UABINARY.getUri()) && Objects.equals(EndpointUtil.getPath(endpointDescription2.getEndpointUrl()), uri) && Objects.equals(endpointDescription2.getSecurityPolicyUri(), fromUri.getUri()) && Objects.equals(endpointDescription2.getSecurityMode(), messageSecurityMode);
        }).findFirst().orElseThrow(() -> {
            return new UaException(StatusCodes.Bad_TcpEndpointUrlInvalid, "unrecognized endpoint uri: " + uri);
        });
        ServerSecureChannel serverSecureChannel = new ServerSecureChannel();
        serverSecureChannel.setChannelId(0L);
        serverSecureChannel.setSecurityPolicy(fromUri);
        serverSecureChannel.setMessageSecurityMode(messageSecurityMode);
        ByteString of = ByteString.of(DigestUtil.sha1(endpointDescription.getServerCertificate().bytesOrEmpty()));
        Optional<X509Certificate[]> certificateChain = this.stackServer.getConfig().getCertificateManager().getCertificateChain(of);
        Optional<KeyPair> keyPair = this.stackServer.getConfig().getCertificateManager().getKeyPair(of);
        certificateChain.ifPresent(x509CertificateArr -> {
            serverSecureChannel.setLocalCertificateChain(x509CertificateArr);
            serverSecureChannel.setLocalCertificate(x509CertificateArr[0]);
        });
        serverSecureChannel.getClass();
        keyPair.ifPresent(serverSecureChannel::setKeyPair);
        OpcUaBinaryStreamDecoder opcUaBinaryStreamDecoder = new OpcUaBinaryStreamDecoder(this.stackServer.getSerializationContext());
        opcUaBinaryStreamDecoder.setBuffer(fullHttpRequest.content());
        try {
            UaRequestMessage uaRequestMessage = (UaRequestMessage) opcUaBinaryStreamDecoder.readMessage(null);
            UInteger requestHandle = uaRequestMessage.getRequestHeader().getRequestHandle();
            ServiceRequest serviceRequest = new ServiceRequest(this.stackServer, uaRequestMessage, endpointDescription, serverSecureChannel.getChannelId(), ((InetSocketAddress) channelHandlerContext.channel().remoteAddress()).getAddress(), null);
            serviceRequest.getFuture().whenComplete((uaResponseMessage, th) -> {
                if (uaResponseMessage != null) {
                    sendServiceResponse(channelHandlerContext, uaRequestMessage, uaResponseMessage);
                } else {
                    sendServiceFault(channelHandlerContext, requestHandle, th);
                }
            });
            this.stackServer.onServiceRequest(uri, serviceRequest);
        } catch (Throwable th2) {
            this.logger.error("Error decoding UaRequestMessage", th2);
            sendServiceFault(channelHandlerContext, null, th2);
        }
    }

    private void sendServiceResponse(ChannelHandlerContext channelHandlerContext, UaRequestMessage uaRequestMessage, UaResponseMessage uaResponseMessage) {
        ByteBuf pooledBuffer = BufferUtil.pooledBuffer();
        OpcUaBinaryStreamEncoder opcUaBinaryStreamEncoder = new OpcUaBinaryStreamEncoder(this.stackServer.getSerializationContext());
        opcUaBinaryStreamEncoder.setBuffer(pooledBuffer);
        opcUaBinaryStreamEncoder.writeMessage(null, uaResponseMessage);
        DefaultFullHttpResponse defaultFullHttpResponse = new DefaultFullHttpResponse(HttpVersion.HTTP_1_1, HttpResponseStatus.OK, pooledBuffer);
        defaultFullHttpResponse.headers().set(HttpHeaderNames.CONNECTION, HttpHeaderValues.KEEP_ALIVE);
        defaultFullHttpResponse.headers().set(HttpHeaderNames.CONTENT_TYPE, UABINARY_CONTENT_TYPE);
        defaultFullHttpResponse.headers().set(HttpHeaderNames.CONTENT_LENGTH, Integer.valueOf(pooledBuffer.readableBytes()));
        channelHandlerContext.writeAndFlush(defaultFullHttpResponse);
    }

    private void sendServiceFault(ChannelHandlerContext channelHandlerContext, UInteger uInteger, Throwable th) {
        ServiceFault serviceFault = new ServiceFault(new ResponseHeader(DateTime.now(), uInteger, (StatusCode) UaException.extract(th).map((v0) -> {
            return v0.getStatusCode();
        }).orElse(StatusCode.BAD), null, null, null));
        ByteBuf pooledBuffer = BufferUtil.pooledBuffer();
        OpcUaBinaryStreamEncoder opcUaBinaryStreamEncoder = new OpcUaBinaryStreamEncoder(this.stackServer.getSerializationContext());
        opcUaBinaryStreamEncoder.setBuffer(pooledBuffer);
        opcUaBinaryStreamEncoder.writeMessage(null, serviceFault);
        DefaultFullHttpResponse defaultFullHttpResponse = new DefaultFullHttpResponse(HttpVersion.HTTP_1_1, HttpResponseStatus.OK, pooledBuffer);
        defaultFullHttpResponse.headers().set(HttpHeaderNames.CONNECTION, HttpHeaderValues.KEEP_ALIVE);
        defaultFullHttpResponse.headers().set(HttpHeaderNames.CONTENT_TYPE, UABINARY_CONTENT_TYPE);
        defaultFullHttpResponse.headers().set(HttpHeaderNames.CONTENT_LENGTH, Integer.valueOf(pooledBuffer.readableBytes()));
        channelHandlerContext.writeAndFlush(defaultFullHttpResponse);
    }
}
