package org.mule.extension.http.internal.listener;

import java.math.BigInteger;
import java.net.URI;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.stream.Collectors;
import org.mule.extension.http.api.HttpRequestAttributes;
import org.mule.extension.http.api.HttpRequestAttributesBuilder;
import org.mule.extension.http.api.certificate.AlternativeNameData;
import org.mule.extension.http.api.certificate.CertificateData;
import org.mule.extension.http.api.certificate.CertificateExtension;
import org.mule.extension.http.api.certificate.PrincipalData;
import org.mule.extension.http.api.certificate.PublicKeyData;
import org.mule.runtime.http.api.domain.message.request.HttpRequest;
import org.mule.runtime.http.api.domain.request.ClientConnection;
import org.mule.runtime.http.api.domain.request.HttpRequestContext;
import org.mule.runtime.http.api.utils.HttpEncoderDecoderUtils;

/* loaded from: input_file:org/mule/extension/http/internal/listener/HttpRequestAttributesResolver.class */
public class HttpRequestAttributesResolver {
    private static final String QUERY = "?";
    private HttpRequestContext requestContext;
    private ListenerPath listenerPath;

    public HttpRequestAttributesResolver setRequestContext(HttpRequestContext httpRequestContext) {
        this.requestContext = httpRequestContext;
        return this;
    }

    public HttpRequestAttributesResolver setListenerPath(ListenerPath listenerPath) {
        this.listenerPath = listenerPath;
        return this;
    }

    public HttpRequestAttributes resolve() {
        String resolvedPath = this.listenerPath.getResolvedPath();
        HttpRequest request = this.requestContext.getRequest();
        URI uri = request.getUri();
        String path = uri.getPath();
        String rawPath = uri.getRawPath();
        String str = path;
        String str2 = rawPath;
        String relativePath = this.listenerPath.getRelativePath(path);
        ClientConnection clientConnection = this.requestContext.getClientConnection();
        String query = uri.getQuery();
        String rawQuery = uri.getRawQuery();
        if (query != null) {
            str = str + QUERY + query;
            str2 = str2 + QUERY + rawQuery;
        } else {
            query = "";
        }
        return new HttpRequestAttributesBuilder().listenerPath(resolvedPath).relativePath(relativePath).requestPath(path).rawRequestPath(rawPath).requestUri(str).rawRequestUri(str2).method(request.getMethod()).scheme(this.requestContext.getScheme()).version(request.getProtocol().asString()).headers(request.getHeaders()).uriParams(HttpEncoderDecoderUtils.decodeUriParams(resolvedPath, rawPath)).queryString(query).queryParams(HttpEncoderDecoderUtils.decodeQueryString(rawQuery)).localAddress(this.requestContext.getServerConnection().getLocalHostAddress().toString()).remoteAddress(clientConnection.getRemoteHostAddress().toString()).clientCertificate(() -> {
            try {
                return buildCertificateData(clientConnection);
            } catch (CertificateEncodingException e) {
                throw new RuntimeException(e);
            } catch (Exception e2) {
                throw new RuntimeException(e2);
            }
        }).build();
    }

    public static CertificateData buildCertificateData(ClientConnection clientConnection) throws Exception {
        Certificate clientCertificate = clientConnection.getClientCertificate();
        if (clientCertificate == null) {
            return null;
        }
        if (!(clientCertificate instanceof X509Certificate)) {
            throw new IllegalArgumentException("Only X509Certificates are supported.");
        }
        X509Certificate x509Certificate = (X509Certificate) clientCertificate;
        String type = x509Certificate.getType();
        byte[] encoded = x509Certificate.getEncoded();
        int version = x509Certificate.getVersion();
        PrincipalData principalData = new PrincipalData(x509Certificate.getSubjectDN().getName());
        PrincipalData principalData2 = new PrincipalData(x509Certificate.getIssuerDN().getName());
        BigInteger serialNumber = x509Certificate.getSerialNumber();
        Date notBefore = x509Certificate.getNotBefore();
        Date notAfter = x509Certificate.getNotAfter();
        RSAPublicKey rSAPublicKey = (RSAPublicKey) clientCertificate.getPublicKey();
        PublicKeyData publicKeyData = new PublicKeyData(rSAPublicKey.toString(), rSAPublicKey.getModulus(), rSAPublicKey.getPublicExponent(), rSAPublicKey.getAlgorithm(), rSAPublicKey.getEncoded());
        String sigAlgName = x509Certificate.getSigAlgName();
        String sigAlgOID = x509Certificate.getSigAlgOID();
        byte[] sigAlgParams = x509Certificate.getSigAlgParams();
        byte[] signature = x509Certificate.getSignature();
        int basicConstraints = x509Certificate.getBasicConstraints();
        List<String> emptyList = Collections.emptyList();
        try {
            emptyList = x509Certificate.getExtendedKeyUsage();
        } catch (Exception e) {
        }
        boolean[] keyUsage = x509Certificate.getKeyUsage();
        boolean[] issuerUniqueID = x509Certificate.getIssuerUniqueID();
        List emptyList2 = Collections.emptyList();
        try {
            Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
            if (subjectAlternativeNames != null) {
                emptyList2 = (List) subjectAlternativeNames.stream().map(list -> {
                    return new AlternativeNameData(((Number) list.get(0)).intValue(), list.get(1).toString());
                }).collect(Collectors.toList());
            }
        } catch (Exception e2) {
        }
        List emptyList3 = Collections.emptyList();
        try {
            Collection<List<?>> issuerAlternativeNames = x509Certificate.getIssuerAlternativeNames();
            if (issuerAlternativeNames != null) {
                emptyList3 = (List) issuerAlternativeNames.stream().map(list2 -> {
                    return new AlternativeNameData(((Number) list2.get(0)).intValue(), list2.get(1).toString());
                }).collect(Collectors.toList());
            }
        } catch (Exception e3) {
        }
        ArrayList arrayList = new ArrayList();
        for (String str : x509Certificate.getNonCriticalExtensionOIDs()) {
            arrayList.add(new CertificateExtension(str, false, decodeExtensionValue(x509Certificate.getExtensionValue(str)), parseSubjectAlternativeName(x509Certificate)));
        }
        for (String str2 : x509Certificate.getCriticalExtensionOIDs()) {
            arrayList.add(new CertificateExtension(str2, true, decodeExtensionValue(x509Certificate.getExtensionValue(str2)), parseSubjectAlternativeName(x509Certificate)));
        }
        Collections.reverse(arrayList);
        return new CertificateData(type, encoded, version, principalData, principalData2, serialNumber, notBefore, notAfter, publicKeyData, sigAlgName, sigAlgOID, sigAlgParams, signature, basicConstraints, emptyList, keyUsage, issuerUniqueID, emptyList2, emptyList3, arrayList, x509Certificate.getCriticalExtensionOIDs(), x509Certificate.getNonCriticalExtensionOIDs(), x509Certificate.hasUnsupportedCriticalExtension());
    }

    public static String parseSubjectAlternativeName(X509Certificate x509Certificate) {
        StringBuilder sb = new StringBuilder();
        try {
            Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
            if (subjectAlternativeNames != null) {
                for (List<?> list : subjectAlternativeNames) {
                    Integer num = (Integer) list.get(0);
                    String obj = list.get(1).toString();
                    switch (num.intValue()) {
                        case 2:
                            sb.append("  DNSName: ").append(obj).append("\n");
                            break;
                        case 7:
                            sb.append("  IPAddress: ").append(obj).append("\n");
                            break;
                        default:
                            sb.append("  OtherName: ").append(obj).append("\n");
                            break;
                    }
                }
            }
        } catch (CertificateParsingException e) {
            sb.append("  Error parsing Subject Alternative Name: ").append(e.getMessage()).append("\n");
        }
        return sb.toString();
    }

    private static byte[] decodeExtensionValue(byte[] bArr) throws Exception {
        if (bArr[0] != 4 || (bArr[1] & 255) != bArr.length - 2) {
            return bArr;
        }
        int i = bArr[3] & 255;
        byte[] bArr2 = new byte[i];
        System.arraycopy(bArr, 4, bArr2, 0, i);
        return bArr2;
    }
}
