package org.restlet.ext.jetty;

import java.io.File;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocketFactory;
import org.eclipse.jetty.server.AbstractConnector;
import org.eclipse.jetty.server.ssl.SslSelectChannelConnector;
import org.eclipse.jetty.server.ssl.SslSocketConnector;
import org.restlet.Server;
import org.restlet.data.Protocol;
import org.restlet.engine.http.HttpsUtils;
import org.restlet.engine.security.SslContextFactory;

/* loaded from: input_file:org/restlet/ext/jetty/HttpsServerHelper.class */
public class HttpsServerHelper extends JettyServerHelper {
    public HttpsServerHelper(Server server) {
        super(server);
        getProtocols().add(Protocol.HTTPS);
    }

    @Override // org.restlet.ext.jetty.JettyServerHelper
    protected AbstractConnector createConnector() {
        SslSelectChannelConnector sslSelectChannelConnector;
        SslSelectChannelConnector sslSelectChannelConnector2;
        SslSelectChannelConnector sslSelectChannelConnector3 = null;
        final SslContextFactory sslContextFactory = HttpsUtils.getSslContextFactory(this);
        String[] disabledCipherSuites = HttpsUtils.getDisabledCipherSuites(this);
        switch (getType()) {
            case 1:
                if (sslContextFactory == null) {
                    sslSelectChannelConnector2 = new SslSelectChannelConnector();
                    sslSelectChannelConnector2.setKeyPassword(getKeyPassword());
                    sslSelectChannelConnector2.setKeystore(getKeystorePath());
                    sslSelectChannelConnector2.setKeystoreType(getKeystoreType());
                    sslSelectChannelConnector2.setPassword(getKeystorePassword());
                    sslSelectChannelConnector2.setProtocol(getSslProtocol());
                    sslSelectChannelConnector2.setProvider(getSecurityProvider());
                    sslSelectChannelConnector2.setSecureRandomAlgorithm(getSecureRandomAlgorithm());
                    sslSelectChannelConnector2.setSslKeyManagerFactoryAlgorithm(getCertAlgorithm());
                    sslSelectChannelConnector2.setSslTrustManagerFactoryAlgorithm(getCertAlgorithm());
                    sslSelectChannelConnector2.setTrustPassword(getKeystorePassword());
                } else {
                    sslSelectChannelConnector2 = new SslSelectChannelConnector() { // from class: org.restlet.ext.jetty.HttpsServerHelper.1
                        protected SSLContext createSSLContext() throws Exception {
                            return sslContextFactory.createSslContext();
                        }
                    };
                }
                if (isNeedClientAuthentication()) {
                    sslSelectChannelConnector2.setNeedClientAuth(true);
                } else if (isWantClientAuthentication()) {
                    sslSelectChannelConnector2.setWantClientAuth(true);
                }
                if (disabledCipherSuites != null) {
                    sslSelectChannelConnector2.setExcludeCipherSuites(disabledCipherSuites);
                }
                sslSelectChannelConnector3 = sslSelectChannelConnector2;
                break;
            case 2:
                if (sslContextFactory == null) {
                    sslSelectChannelConnector = new SslSocketConnector();
                    sslSelectChannelConnector.setKeyPassword(getKeyPassword());
                    sslSelectChannelConnector.setKeystore(getKeystorePath());
                    sslSelectChannelConnector.setKeystoreType(getKeystoreType());
                    sslSelectChannelConnector.setPassword(getKeystorePassword());
                    sslSelectChannelConnector.setProtocol(getSslProtocol());
                    sslSelectChannelConnector.setProvider(getSecurityProvider());
                    sslSelectChannelConnector.setSecureRandomAlgorithm(getSecureRandomAlgorithm());
                    sslSelectChannelConnector.setSslKeyManagerFactoryAlgorithm(getCertAlgorithm());
                    sslSelectChannelConnector.setSslTrustManagerFactoryAlgorithm(getCertAlgorithm());
                    sslSelectChannelConnector.setTrustPassword(getKeystorePassword());
                } else {
                    sslSelectChannelConnector = new SslSocketConnector() { // from class: org.restlet.ext.jetty.HttpsServerHelper.2
                        protected SSLServerSocketFactory createFactory() throws Exception {
                            return sslContextFactory.createSslContext().getServerSocketFactory();
                        }
                    };
                }
                if (isNeedClientAuthentication()) {
                    sslSelectChannelConnector.setNeedClientAuth(true);
                } else if (isWantClientAuthentication()) {
                    sslSelectChannelConnector.setWantClientAuth(true);
                }
                if (disabledCipherSuites != null) {
                    sslSelectChannelConnector.setExcludeCipherSuites(disabledCipherSuites);
                }
                sslSelectChannelConnector3 = sslSelectChannelConnector;
                break;
        }
        return sslSelectChannelConnector3;
    }

    public String getCertAlgorithm() {
        return getHelpedParameters().getFirstValue("certAlgorithm", "SunX509");
    }

    public String getKeyPassword() {
        return getHelpedParameters().getFirstValue("keyPassword", getKeystorePassword());
    }

    public String getKeystorePassword() {
        return getHelpedParameters().getFirstValue("keystorePassword", "");
    }

    public String getKeystorePath() {
        return getHelpedParameters().getFirstValue("keystorePath", System.getProperty("user.home") + File.separator + ".keystore");
    }

    public String getKeystoreType() {
        return getHelpedParameters().getFirstValue("keystoreType", "JKS");
    }

    public String getSecureRandomAlgorithm() {
        return getHelpedParameters().getFirstValue("secureRandomAlgorithm", (String) null);
    }

    public String getSecurityProvider() {
        return getHelpedParameters().getFirstValue("securityProvider", (String) null);
    }

    public String getSslProtocol() {
        return getHelpedParameters().getFirstValue("sslProtocol", "TLS");
    }

    public int getType() {
        return Integer.parseInt(getHelpedParameters().getFirstValue("type", "2"));
    }

    public boolean isNeedClientAuthentication() {
        return Boolean.parseBoolean(getHelpedParameters().getFirstValue("needClientAuthentication", "false"));
    }

    public boolean isWantClientAuthentication() {
        return Boolean.parseBoolean(getHelpedParameters().getFirstValue("wantClientAuthentication", "false"));
    }
}
