package de.xxschrandxx.wsc.wscbridge.core;

import com.sun.net.httpserver.Authenticator;
import com.sun.net.httpserver.BasicAuthenticator;
import com.sun.net.httpserver.HttpContext;
import com.sun.net.httpserver.HttpExchange;
import com.sun.net.httpserver.HttpHandler;
import com.sun.net.httpserver.HttpServer;
import com.sun.net.httpserver.HttpsConfigurator;
import com.sun.net.httpserver.HttpsParameters;
import com.sun.net.httpserver.HttpsServer;
import de.xxschrandxx.wsc.wscbridge.core.authenticator.Floodgate;
import de.xxschrandxx.wsc.wscbridge.core.authenticator.PasswordAuthenticator;
import java.io.EOFException;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.BindException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.UnknownHostException;
import java.nio.file.InvalidPathException;
import java.nio.file.Paths;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManagerFactory;
import sun.net.httpserver.Code;

/* loaded from: input_file:de/xxschrandxx/wsc/wscbridge/core/MinecraftBridgeHandler.class */
public class MinecraftBridgeHandler {
    private final Logger logger;
    private HttpServer httpServer;
    private File dataFolder;
    private String whitelistPath;
    public ArrayList<InetAddress> whitelist;
    private String blacklistPath;
    public boolean blacklistEnabled;
    public ArrayList<InetAddress> blacklist;
    public Integer maxOverruns;
    public Integer maxTries;
    public Long resetTime;
    private Authenticator authenticator;
    private BasicAuthenticator passwordAuthenticator;
    public HashMap<InetAddress, Integer> overruns = new HashMap<>();
    public HashMap<InetAddress, Integer> tries = new HashMap<>();
    public HashMap<InetAddress, Long> times = new HashMap<>();

    public MinecraftBridgeHandler(Logger logger, InetSocketAddress inetSocketAddress, boolean z, String str, String str2) throws BindException, IOException {
        this.logger = logger;
        if (z) {
            this.httpServer = HttpsServer.create(inetSocketAddress, 0);
        } else {
            this.httpServer = HttpServer.create(inetSocketAddress, 0);
        }
        this.authenticator = new Floodgate(this);
        this.passwordAuthenticator = new PasswordAuthenticator(this, str, str2);
    }

    public HttpContext addHandler(String str, HttpHandler httpHandler) {
        this.logger.log(Level.INFO, "WebServer: Adding handler for path: \"" + str + "\" Handler: \"" + httpHandler.getClass().getName() + "\"");
        HttpContext createContext = this.httpServer.createContext(str, httpHandler);
        createContext.setAuthenticator(this.authenticator);
        return createContext;
    }

    public HttpContext addPasswordHandler(String str, HttpHandler httpHandler) {
        this.logger.log(Level.INFO, "WebServer: Adding password handler for path: \"" + str + "\" Handler: \"" + httpHandler.getClass().getName() + "\"");
        HttpContext createContext = this.httpServer.createContext(str, httpHandler);
        createContext.setAuthenticator(this.passwordAuthenticator);
        return createContext;
    }

    public boolean start(String str, String str2, Integer num, Long l, Integer num2, String str3, String str4, File file, String str5, String str6) {
        this.whitelistPath = str;
        this.blacklistPath = str2;
        this.maxTries = num;
        this.resetTime = l;
        this.maxOverruns = num2;
        this.dataFolder = file;
        loadLists();
        try {
            InputStream.class.getMethod("readAllBytes\u200b", new Class[0]);
            return (str3 == null || str4 == null || str5 == null || str6 == null) ? startHttp() : startHttps(str3, str4, str5, str6);
        } catch (Exception e) {
            return false;
        }
    }

    private boolean startHttp() {
        try {
            this.httpServer.start();
            return true;
        } catch (Exception e) {
            this.logger.log(Level.WARNING, "WebServer: Unsuppoerted java version. Please use 9 or higher.");
            return false;
        }
    }

    private boolean startHttps(String str, String str2, String str3, String str4) {
        return startHttps(str, str2.toCharArray(), str3, str4.toCharArray());
    }

    private boolean startHttps(String str, char[] cArr, String str2, char[] cArr2) {
        FileInputStream fileInputStream;
        KeyStore keyStore;
        Certificate certificate;
        try {
            if (!Paths.get(str, new String[0]).isAbsolute()) {
                str = this.dataFolder + File.separator + str;
            }
        } catch (InvalidPathException e) {
            this.logger.log(Level.WARNING, "WebServer: Could not find Keystore: ", (Throwable) e);
        }
        boolean z = false;
        String str3 = str.endsWith(".p12") ? "PKCS12" : "JKS";
        try {
            fileInputStream = new FileInputStream(str);
            try {
                keyStore = KeyStore.getInstance(str3);
                keyStore.load(fileInputStream, cArr);
                certificate = keyStore.getCertificate(str2);
            } catch (Throwable th) {
                try {
                    fileInputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        } catch (EOFException e2) {
            this.logger.log(Level.WARNING, "WebServer: EOF when reading Certificate file. (Check that the file is not empty)", (Throwable) e2);
        } catch (FileNotFoundException e3) {
            this.logger.log(Level.WARNING, "WebServer: No certificate file in " + str + " not found!");
        } catch (IOException e4) {
            this.logger.log(Level.WARNING, "WebServer: ", (Throwable) e4);
        } catch (IllegalStateException e5) {
            this.logger.log(Level.WARNING, "WebServer: ", (Throwable) e5);
        } catch (KeyManagementException | NoSuchAlgorithmException e6) {
            this.logger.log(Level.WARNING, "WebServer: SSL Context Initialization Failed.", e6);
        } catch (KeyStoreException | UnrecoverableKeyException | CertificateException e7) {
            this.logger.log(Level.WARNING, "WebServer: SSL Certificate loading Failed.", e7);
        }
        if (certificate == null) {
            throw new IllegalStateException("Alias: '" + str2 + "' was not found in file " + str + ".");
        }
        this.logger.log(Level.INFO, "WebServer: Certificate: " + certificate.getType());
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        keyManagerFactory.init(keyStore, cArr2);
        TrustManagerFactory.getInstance("SunX509").init(keyStore);
        SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
        sSLContext.init(keyManagerFactory.getKeyManagers(), null, null);
        ((HttpsServer) this.httpServer).setHttpsConfigurator(new HttpsConfigurator(sSLContext) { // from class: de.xxschrandxx.wsc.wscbridge.core.MinecraftBridgeHandler.1
            @Override // com.sun.net.httpserver.HttpsConfigurator
            public void configure(HttpsParameters httpsParameters) {
                SSLEngine createSSLEngine = getSSLContext().createSSLEngine();
                httpsParameters.setNeedClientAuth(false);
                httpsParameters.setCipherSuites(createSSLEngine.getEnabledCipherSuites());
                httpsParameters.setProtocols(createSSLEngine.getEnabledProtocols());
                httpsParameters.setSSLParameters(getSSLContext().getDefaultSSLParameters());
            }
        });
        this.httpServer.start();
        z = true;
        fileInputStream.close();
        return z;
    }

    public void stop() {
        stop(true);
    }

    public void stop(boolean z) {
        if (z) {
            saveLists();
        }
        this.httpServer.stop(0);
    }

    public void loadLists() {
        FileInputStream fileInputStream;
        this.whitelist = null;
        try {
            if (!Paths.get(this.whitelistPath, new String[0]).isAbsolute()) {
                this.whitelistPath = this.dataFolder + File.separator + this.whitelistPath;
            }
            try {
                fileInputStream = new FileInputStream(this.whitelistPath);
                try {
                    String str = new String(fileInputStream.readAllBytes());
                    this.whitelist = new ArrayList<>();
                    for (String str2 : str.split("\n")) {
                        String strip = str2.strip();
                        if (!strip.isEmpty()) {
                            try {
                                this.whitelist.add(InetAddress.getByName(strip));
                            } catch (SecurityException | UnknownHostException e) {
                                this.logger.log(Level.WARNING, "WebServer: Could not add " + strip + " to whitelist.", e);
                            }
                        }
                    }
                    fileInputStream.close();
                } finally {
                }
            } catch (FileNotFoundException e2) {
                this.logger.log(Level.INFO, "WebServer: No whitelist set.");
            } catch (IOException | SecurityException e3) {
                this.logger.log(Level.WARNING, "WebServer: Could open " + this.whitelistPath, e3);
            }
        } catch (InvalidPathException e4) {
            this.logger.log(Level.WARNING, "WebServer: Could not find whitelist: ", (Throwable) e4);
        }
        this.blacklist = new ArrayList<>();
        this.blacklistEnabled = false;
        try {
            if (!Paths.get(this.blacklistPath, new String[0]).isAbsolute()) {
                this.blacklistPath = this.dataFolder + File.separator + this.blacklistPath;
            }
            try {
                fileInputStream = new FileInputStream(this.blacklistPath);
                try {
                    String str3 = new String(fileInputStream.readAllBytes());
                    this.blacklistEnabled = true;
                    for (String str4 : str3.split("\n")) {
                        String strip2 = str4.strip();
                        if (!strip2.isEmpty()) {
                            try {
                                this.blacklist.add(InetAddress.getByName(strip2));
                            } catch (SecurityException | UnknownHostException e5) {
                                this.logger.log(Level.WARNING, "WebServer: Could not add " + strip2 + " to blacklist.", e5);
                            }
                        }
                    }
                    fileInputStream.close();
                } finally {
                }
            } catch (FileNotFoundException e6) {
                this.logger.log(Level.INFO, "WebServer: No blacklist set.");
            } catch (IOException | SecurityException e7) {
                this.logger.log(Level.WARNING, "WebServer: Could open " + this.blacklistPath, e7);
            }
        } catch (InvalidPathException e8) {
            this.logger.log(Level.WARNING, "WebServer: Could not find blacklist: ", (Throwable) e8);
        }
    }

    public void saveLists() {
        FileOutputStream fileOutputStream;
        if (this.whitelist == null) {
            this.logger.log(Level.WARNING, "WebServer: Whitelist not initialised.");
        } else if (this.whitelist.isEmpty()) {
            this.logger.log(Level.WARNING, "WebServer: Initialised whitelist is empty.");
        } else {
            try {
                fileOutputStream = new FileOutputStream(this.whitelistPath);
                try {
                    boolean z = true;
                    Iterator<InetAddress> it = this.whitelist.iterator();
                    while (it.hasNext()) {
                        InetAddress next = it.next();
                        if (z) {
                            fileOutputStream.write(next.getHostAddress().getBytes());
                            z = false;
                        } else {
                            fileOutputStream.write("\n".getBytes());
                            fileOutputStream.write(next.getHostAddress().getBytes());
                        }
                    }
                    fileOutputStream.close();
                } finally {
                }
            } catch (IOException | SecurityException e) {
                this.logger.log(Level.WARNING, "WebServer: Could not write into " + this.whitelistPath, e);
            }
        }
        if (!this.blacklistEnabled) {
            this.logger.log(Level.WARNING, "WebServer: Blacklist not initialised.");
            return;
        }
        if (this.blacklist.isEmpty()) {
            this.logger.log(Level.WARNING, "WebServer: Initialised blacklist is empty.");
            return;
        }
        try {
            fileOutputStream = new FileOutputStream(this.blacklistPath);
            try {
                boolean z2 = true;
                Iterator<InetAddress> it2 = this.blacklist.iterator();
                while (it2.hasNext()) {
                    InetAddress next2 = it2.next();
                    if (z2) {
                        fileOutputStream.write(next2.getHostAddress().getBytes());
                        z2 = false;
                    } else {
                        fileOutputStream.write("\n".getBytes());
                        fileOutputStream.write(next2.getHostAddress().getBytes());
                    }
                }
                fileOutputStream.close();
            } finally {
                try {
                    fileOutputStream.close();
                } catch (Throwable th) {
                    th.addSuppressed(th);
                }
            }
        } catch (IOException | SecurityException e2) {
            this.logger.log(Level.WARNING, "WebServer: Could not write into " + this.blacklistPath, e2);
        }
    }

    public Authenticator.Result authenticate(HttpExchange httpExchange) {
        InetAddress address = httpExchange.getRemoteAddress().getAddress();
        if (this.whitelist != null && this.whitelist.contains(address)) {
            return new Authenticator.Success(httpExchange.getPrincipal());
        }
        if (this.blacklist.contains(address)) {
            return new Authenticator.Failure(Code.HTTP_FORBIDDEN);
        }
        if (this.maxTries.intValue() <= 0) {
            return new Authenticator.Success(httpExchange.getPrincipal());
        }
        Date date = new Date();
        if (this.tries.containsKey(address) && this.times.containsKey(address)) {
            Date date2 = new Date(this.times.get(address).longValue() + this.resetTime.longValue());
            if (date2.before(date)) {
                this.tries.put(address, 1);
                this.times.put(address, Long.valueOf(date.getTime()));
                this.overruns.put(address, 1);
            } else {
                if (this.maxTries.intValue() <= this.tries.get(address).intValue()) {
                    if (this.maxOverruns.intValue() > 0) {
                        int intValue = this.overruns.getOrDefault(address, 0).intValue();
                        if (this.maxOverruns.intValue() < intValue) {
                            this.logger.log(Level.WARNING, "WebServer: Adding " + address.toString() + " to blacklist.");
                            this.blacklist.add(address);
                            return new Authenticator.Failure(Code.HTTP_FORBIDDEN);
                        }
                        int i = intValue + 1;
                        this.logger.log(Level.WARNING, "WebServer: Setting " + i + " for " + address.toString() + ".");
                        this.overruns.put(address, Integer.valueOf(i));
                    }
                    httpExchange.getResponseHeaders().add("Retry-After", Long.toString((date2.getTime() - date.getTime()) / 1000));
                    return new Authenticator.Failure(429);
                }
                this.tries.put(address, Integer.valueOf(this.tries.get(address).intValue() + 1));
            }
        } else {
            this.tries.put(address, 1);
            this.times.put(address, Long.valueOf(date.getTime()));
        }
        return new Authenticator.Success(httpExchange.getPrincipal());
    }
}
