package com.gradle.maven.extension.internal.dep.org.eclipse.jetty.util.ssl;

import com.gradle.maven.extension.internal.dep.org.eclipse.jetty.util.log.Log;
import com.gradle.maven.extension.internal.dep.org.eclipse.jetty.util.log.Logger;
import com.gradle.maven.extension.internal.dep.org.eclipse.jetty.util.ssl.SslContextFactory;
import java.net.Socket;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.LinkedHashMap;
import java.util.Objects;
import java.util.function.UnaryOperator;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.net.ssl.SNIMatcher;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.X509ExtendedKeyManager;

/* loaded from: input_file:WEB-INF/lib/gradle-rc885.d903b_dce4cf2.jar:hudson/plugins/gradle/injection/gradle-enterprise-maven-extension-1.20.jar:com/gradle/maven/extension/internal/dep/org/eclipse/jetty/util/ssl/SniX509ExtendedKeyManager.class */
public class SniX509ExtendedKeyManager extends X509ExtendedKeyManager {
    private static final Logger LOG = Log.getLogger((Class<?>) SniX509ExtendedKeyManager.class);
    private final X509ExtendedKeyManager _delegate;
    private final SslContextFactory.Server _sslContextFactory;
    private UnaryOperator<String> _aliasMapper = UnaryOperator.identity();

    @FunctionalInterface
    /* loaded from: input_file:WEB-INF/lib/gradle-rc885.d903b_dce4cf2.jar:hudson/plugins/gradle/injection/gradle-enterprise-maven-extension-1.20.jar:com/gradle/maven/extension/internal/dep/org/eclipse/jetty/util/ssl/SniX509ExtendedKeyManager$SniSelector.class */
    public interface SniSelector {
        String sniSelect(String str, Principal[] principalArr, SSLSession sSLSession, String str2, Collection<X509> collection) throws SSLHandshakeException;
    }

    public SniX509ExtendedKeyManager(X509ExtendedKeyManager x509ExtendedKeyManager, SslContextFactory.Server server) {
        this._delegate = x509ExtendedKeyManager;
        this._sslContextFactory = (SslContextFactory.Server) Objects.requireNonNull(server, "SslContextFactory.Server must be provided");
    }

    public UnaryOperator<String> getAliasMapper() {
        return this._aliasMapper;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        return this._delegate.chooseClientAlias(strArr, principalArr, socket);
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineClientAlias(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
        return this._delegate.chooseEngineClientAlias(strArr, principalArr, sSLEngine);
    }

    protected String chooseServerAlias(String str, Principal[] principalArr, Collection<SNIMatcher> collection, SSLSession sSLSession) {
        String str2;
        String[] serverAliases = this._delegate.getServerAliases(str, principalArr);
        if (serverAliases == null || serverAliases.length == 0) {
            return null;
        }
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        Arrays.stream(serverAliases).forEach(str3 -> {
            linkedHashMap.put((String) getAliasMapper().apply(str3), str3);
        });
        if (collection == null) {
            str2 = null;
        } else {
            Stream<SNIMatcher> stream = collection.stream();
            Class<SslContextFactory.AliasSNIMatcher> cls = SslContextFactory.AliasSNIMatcher.class;
            Objects.requireNonNull(SslContextFactory.AliasSNIMatcher.class);
            Stream<SNIMatcher> filter = stream.filter((v1) -> {
                return r1.isInstance(v1);
            });
            Class<SslContextFactory.AliasSNIMatcher> cls2 = SslContextFactory.AliasSNIMatcher.class;
            Objects.requireNonNull(SslContextFactory.AliasSNIMatcher.class);
            str2 = (String) filter.map((v1) -> {
                return r1.cast(v1);
            }).findFirst().map((v0) -> {
                return v0.getHost();
            }).orElse(null);
        }
        String str4 = str2;
        try {
            Stream stream2 = linkedHashMap.keySet().stream();
            SslContextFactory.Server server = this._sslContextFactory;
            Objects.requireNonNull(server);
            Collection<X509> collection2 = (Collection) stream2.map(server::getX509).filter((v0) -> {
                return Objects.nonNull(v0);
            }).collect(Collectors.toList());
            SniSelector sNISelector = this._sslContextFactory.getSNISelector();
            if (sNISelector == null) {
                sNISelector = this._sslContextFactory;
            }
            String sniSelect = sNISelector.sniSelect(str, principalArr, sSLSession, str4, collection2);
            if (sniSelect == null || sniSelect == "delegate_no_sni_match") {
                return sniSelect;
            }
            X509 x509 = this._sslContextFactory.getX509(sniSelect);
            if (!linkedHashMap.containsKey(sniSelect) || x509 == null) {
                if (!LOG.isDebugEnabled()) {
                    return null;
                }
                LOG.debug("Invalid X509 match for SNI {}: {}", str4, sniSelect);
                return null;
            }
            if (sSLSession != null) {
                sSLSession.putValue("com.gradle.maven.extension.internal.dep.org.eclipse.jetty.util.ssl.snix509", x509);
            }
            String str5 = (String) linkedHashMap.get(sniSelect);
            if (LOG.isDebugEnabled()) {
                LOG.debug("Matched SNI {} with alias {}, certificate {} from aliases {}", str4, str5, x509, linkedHashMap.keySet());
            }
            return str5;
        } catch (Throwable th) {
            if (!LOG.isDebugEnabled()) {
                return null;
            }
            LOG.debug("Failure matching X509 for SNI " + str4, th);
            return null;
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        SSLSocket sSLSocket = (SSLSocket) socket;
        String chooseServerAlias = socket == null ? chooseServerAlias(str, principalArr, Collections.emptyList(), null) : chooseServerAlias(str, principalArr, sSLSocket.getSSLParameters().getSNIMatchers(), sSLSocket.getHandshakeSession());
        boolean z = chooseServerAlias == "delegate_no_sni_match";
        if (z) {
            chooseServerAlias = this._delegate.chooseServerAlias(str, principalArr, socket);
        }
        if (LOG.isDebugEnabled()) {
            Logger logger = LOG;
            Object[] objArr = new Object[4];
            objArr[0] = z ? "delegate" : "explicit";
            objArr[1] = String.valueOf(chooseServerAlias);
            objArr[2] = str;
            objArr[3] = socket;
            logger.debug("Chose {} alias={} keyType={} on {}", objArr);
        }
        return chooseServerAlias;
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineServerAlias(String str, Principal[] principalArr, SSLEngine sSLEngine) {
        String chooseServerAlias = sSLEngine == null ? chooseServerAlias(str, principalArr, Collections.emptyList(), null) : chooseServerAlias(str, principalArr, sSLEngine.getSSLParameters().getSNIMatchers(), sSLEngine.getHandshakeSession());
        boolean z = chooseServerAlias == "delegate_no_sni_match";
        if (z) {
            chooseServerAlias = this._delegate.chooseEngineServerAlias(str, principalArr, sSLEngine);
        }
        if (LOG.isDebugEnabled()) {
            Logger logger = LOG;
            Object[] objArr = new Object[4];
            objArr[0] = z ? "delegate" : "explicit";
            objArr[1] = String.valueOf(chooseServerAlias);
            objArr[2] = str;
            objArr[3] = sSLEngine;
            logger.debug("Chose {} alias={} keyType={} on {}", objArr);
        }
        return chooseServerAlias;
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        return this._delegate.getCertificateChain(str);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        return this._delegate.getClientAliases(str, principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        return this._delegate.getPrivateKey(str);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return this._delegate.getServerAliases(str, principalArr);
    }
}
