package org.hyperledger.besu.ethereum.api.jsonrpc;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
import com.google.common.base.Splitter;
import com.google.common.collect.Iterables;
import com.google.common.collect.Streams;
import io.netty.handler.codec.http.HttpResponseStatus;
import io.vertx.core.CompositeFuture;
import io.vertx.core.Future;
import io.vertx.core.Handler;
import io.vertx.core.Vertx;
import io.vertx.core.http.HttpMethod;
import io.vertx.core.http.HttpServer;
import io.vertx.core.http.HttpServerOptions;
import io.vertx.core.http.HttpServerResponse;
import io.vertx.core.json.DecodeException;
import io.vertx.core.json.Json;
import io.vertx.core.json.JsonArray;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.auth.User;
import io.vertx.ext.web.Route;
import io.vertx.ext.web.Router;
import io.vertx.ext.web.RoutingContext;
import io.vertx.ext.web.handler.BodyHandler;
import io.vertx.ext.web.handler.CorsHandler;
import java.net.InetSocketAddress;
import java.net.SocketException;
import java.nio.file.Path;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.StringJoiner;
import java.util.concurrent.CompletableFuture;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.hyperledger.besu.ethereum.api.jsonrpc.authentication.AuthenticationService;
import org.hyperledger.besu.ethereum.api.jsonrpc.authentication.AuthenticationUtils;
import org.hyperledger.besu.ethereum.api.jsonrpc.health.HealthService;
import org.hyperledger.besu.ethereum.api.jsonrpc.internal.JsonRpcRequest;
import org.hyperledger.besu.ethereum.api.jsonrpc.internal.JsonRpcRequestContext;
import org.hyperledger.besu.ethereum.api.jsonrpc.internal.JsonRpcRequestId;
import org.hyperledger.besu.ethereum.api.jsonrpc.internal.exception.InvalidJsonRpcParameters;
import org.hyperledger.besu.ethereum.api.jsonrpc.internal.methods.JsonRpcMethod;
import org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcError;
import org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcErrorResponse;
import org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcNoResponse;
import org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcResponse;
import org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcResponseType;
import org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcUnauthorizedResponse;
import org.hyperledger.besu.ethereum.mainnet.MainnetBlockHeaderValidator;
import org.hyperledger.besu.metrics.BesuMetricCategory;
import org.hyperledger.besu.nat.upnp.UpnpNatManager;
import org.hyperledger.besu.plugin.services.MetricsSystem;
import org.hyperledger.besu.plugin.services.metrics.LabelledMetric;
import org.hyperledger.besu.plugin.services.metrics.OperationTimer;
import org.hyperledger.besu.util.NetworkUtility;

/* loaded from: input_file:org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpService.class */
public class JsonRpcHttpService {
    private static final String APPLICATION_JSON = "application/json";
    private static final String EMPTY_RESPONSE = "";
    private final Vertx vertx;
    private final JsonRpcConfiguration config;
    private final Map<String, JsonRpcMethod> rpcMethods;
    private final Optional<UpnpNatManager> natManager;
    private final Path dataDir;
    private final LabelledMetric<OperationTimer> requestTimer;

    @VisibleForTesting
    public final Optional<AuthenticationService> authenticationService;
    private HttpServer httpServer;
    private final HealthService livenessService;
    private final HealthService readinessService;
    private static final Logger LOG = LogManager.getLogger();
    private static final InetSocketAddress EMPTY_SOCKET_ADDRESS = new InetSocketAddress(NetworkUtility.INADDR_ANY, 0);
    private static final JsonRpcResponse NO_RESPONSE = new JsonRpcNoResponse();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.hyperledger.besu.ethereum.api.jsonrpc.JsonRpcHttpService$1, reason: invalid class name */
    /* loaded from: input_file:org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpService$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$hyperledger$besu$ethereum$api$jsonrpc$internal$response$JsonRpcResponseType = new int[JsonRpcResponseType.values().length];

        static {
            try {
                $SwitchMap$org$hyperledger$besu$ethereum$api$jsonrpc$internal$response$JsonRpcResponseType[JsonRpcResponseType.UNAUTHORIZED.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$hyperledger$besu$ethereum$api$jsonrpc$internal$response$JsonRpcResponseType[JsonRpcResponseType.ERROR.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$hyperledger$besu$ethereum$api$jsonrpc$internal$response$JsonRpcResponseType[JsonRpcResponseType.SUCCESS.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$hyperledger$besu$ethereum$api$jsonrpc$internal$response$JsonRpcResponseType[JsonRpcResponseType.NONE.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    public JsonRpcHttpService(Vertx vertx, Path path, JsonRpcConfiguration jsonRpcConfiguration, MetricsSystem metricsSystem, Optional<UpnpNatManager> optional, Map<String, JsonRpcMethod> map, HealthService healthService, HealthService healthService2) {
        this(vertx, path, jsonRpcConfiguration, metricsSystem, optional, map, AuthenticationService.create(vertx, jsonRpcConfiguration), healthService, healthService2);
    }

    private JsonRpcHttpService(Vertx vertx, Path path, JsonRpcConfiguration jsonRpcConfiguration, MetricsSystem metricsSystem, Optional<UpnpNatManager> optional, Map<String, JsonRpcMethod> map, Optional<AuthenticationService> optional2, HealthService healthService, HealthService healthService2) {
        this.dataDir = path;
        this.requestTimer = metricsSystem.createLabelledTimer(BesuMetricCategory.RPC, "request_time", "Time taken to process a JSON-RPC request", "methodName");
        validateConfig(jsonRpcConfiguration);
        this.config = jsonRpcConfiguration;
        this.vertx = vertx;
        this.natManager = optional;
        this.rpcMethods = map;
        this.authenticationService = optional2;
        this.livenessService = healthService;
        this.readinessService = healthService2;
    }

    private void validateConfig(JsonRpcConfiguration jsonRpcConfiguration) {
        Preconditions.checkArgument(jsonRpcConfiguration.getPort() == 0 || NetworkUtility.isValidPort(jsonRpcConfiguration.getPort()), "Invalid port configuration.");
        Preconditions.checkArgument(jsonRpcConfiguration.getHost() != null, "Required host is not configured.");
    }

    public CompletableFuture<?> start() {
        LOG.info("Starting JsonRPC service on {}:{}", this.config.getHost(), Integer.valueOf(this.config.getPort()));
        this.httpServer = this.vertx.createHttpServer(new HttpServerOptions().setHost(this.config.getHost()).setPort(this.config.getPort()).setHandle100ContinueAutomatically(true));
        Router router = Router.router(this.vertx);
        router.route().handler(checkWhitelistHostHeader());
        router.route().handler(CorsHandler.create(buildCorsRegexFromConfig()).allowedHeader("*").allowedHeader("content-type"));
        router.route().handler(BodyHandler.create().setUploadsDirectory(this.dataDir.resolve("uploads").toString()).setDeleteUploadedFilesOnEnd(true));
        router.route("/").method(HttpMethod.GET).handler(this::handleEmptyRequest);
        Route method = router.route(HealthService.LIVENESS_PATH).method(HttpMethod.GET);
        HealthService healthService = this.livenessService;
        Objects.requireNonNull(healthService);
        method.handler(healthService::handleRequest);
        Route method2 = router.route(HealthService.READINESS_PATH).method(HttpMethod.GET);
        HealthService healthService2 = this.readinessService;
        Objects.requireNonNull(healthService2);
        method2.handler(healthService2::handleRequest);
        router.route("/").method(HttpMethod.POST).produces(APPLICATION_JSON).handler(this::handleJsonRPCRequest);
        if (this.authenticationService.isPresent()) {
            Route produces = router.route("/login").method(HttpMethod.POST).produces(APPLICATION_JSON);
            AuthenticationService authenticationService = this.authenticationService.get();
            Objects.requireNonNull(authenticationService);
            produces.handler(authenticationService::handleLogin);
        } else {
            router.route("/login").method(HttpMethod.POST).produces(APPLICATION_JSON).handler(AuthenticationService::handleDisabledLogin);
        }
        CompletableFuture<?> completableFuture = new CompletableFuture<>();
        this.httpServer.requestHandler(router).listen(asyncResult -> {
            if (asyncResult.failed()) {
                this.httpServer = null;
                Throwable cause = asyncResult.cause();
                if (cause instanceof SocketException) {
                    completableFuture.completeExceptionally(new JsonRpcServiceException(String.format("Failed to bind Ethereum JSON RPC listener to %s:%s: %s", this.config.getHost(), Integer.valueOf(this.config.getPort()), cause.getMessage())));
                    return;
                } else {
                    completableFuture.completeExceptionally(cause);
                    return;
                }
            }
            completableFuture.complete(null);
            int actualPort = this.httpServer.actualPort();
            LOG.info("JsonRPC service started and listening on {}:{}", this.config.getHost(), Integer.valueOf(actualPort));
            this.config.setPort(actualPort);
            if (this.natManager.isPresent()) {
                this.natManager.get().requestPortForward(this.config.getPort(), UpnpNatManager.Protocol.TCP, "besu-json-rpc");
            }
        });
        return completableFuture;
    }

    private Handler<RoutingContext> checkWhitelistHostHeader() {
        return routingContext -> {
            Optional<String> andValidateHostHeader = getAndValidateHostHeader(routingContext);
            if (this.config.getHostsWhitelist().contains("*") || (andValidateHostHeader.isPresent() && hostIsInWhitelist(andValidateHostHeader.get()))) {
                routingContext.next();
            } else {
                routingContext.response().setStatusCode(403).putHeader("Content-Type", "application/json; charset=utf-8").end("{\"message\":\"Host not authorized.\"}");
            }
        };
    }

    private String getAuthToken(RoutingContext routingContext) {
        return AuthenticationUtils.getJwtTokenFromAuthorizationHeaderValue(routingContext.request().getHeader("Authorization"));
    }

    private Optional<String> getAndValidateHostHeader(RoutingContext routingContext) {
        Iterable split = Splitter.on(':').split(routingContext.request().host());
        long count = Streams.stream(split).count();
        return (count <= 1 || (count <= 2 && ((String) Iterables.get(split, 1)).matches("\\d{1,5}+"))) ? Optional.ofNullable((String) Iterables.get(split, 0)) : Optional.empty();
    }

    private boolean hostIsInWhitelist(String str) {
        return this.config.getHostsWhitelist().stream().anyMatch(str2 -> {
            return str2.toLowerCase().equals(str.toLowerCase());
        });
    }

    public CompletableFuture<?> stop() {
        if (this.httpServer == null) {
            return CompletableFuture.completedFuture(null);
        }
        CompletableFuture<?> completableFuture = new CompletableFuture<>();
        this.httpServer.close(asyncResult -> {
            if (asyncResult.failed()) {
                completableFuture.completeExceptionally(asyncResult.cause());
            } else {
                this.httpServer = null;
                completableFuture.complete(null);
            }
        });
        return completableFuture;
    }

    public InetSocketAddress socketAddress() {
        return this.httpServer == null ? EMPTY_SOCKET_ADDRESS : new InetSocketAddress(this.config.getHost(), this.httpServer.actualPort());
    }

    @VisibleForTesting
    public String url() {
        return this.httpServer == null ? EMPTY_RESPONSE : NetworkUtility.urlForSocketAddress("http", socketAddress());
    }

    private void handleJsonRPCRequest(RoutingContext routingContext) {
        String authToken = getAuthToken(routingContext);
        if (this.authenticationService.isPresent() && authToken == null) {
            handleJsonRpcUnauthorizedError(routingContext, null, JsonRpcError.UNAUTHORIZED);
            return;
        }
        try {
            String trim = routingContext.getBodyAsString().trim();
            if (trim.isEmpty() || trim.charAt(0) != '{') {
                JsonArray jsonArray = new JsonArray(trim);
                if (jsonArray.size() < 1) {
                    handleJsonRpcError(routingContext, null, JsonRpcError.INVALID_REQUEST);
                    return;
                }
                AuthenticationUtils.getUser(this.authenticationService, authToken, optional -> {
                    handleJsonBatchRequest(routingContext, jsonArray, optional);
                });
            } else {
                AuthenticationUtils.getUser(this.authenticationService, authToken, optional2 -> {
                    handleJsonSingleRequest(routingContext, new JsonObject(trim), optional2);
                });
            }
        } catch (DecodeException e) {
            handleJsonRpcError(routingContext, null, JsonRpcError.PARSE_ERROR);
        }
    }

    private void handleEmptyRequest(RoutingContext routingContext) {
        routingContext.response().setStatusCode(201).end();
    }

    private void handleJsonSingleRequest(RoutingContext routingContext, JsonObject jsonObject, Optional<User> optional) {
        HttpServerResponse response = routingContext.response();
        this.vertx.executeBlocking(promise -> {
            promise.complete(process(jsonObject, optional));
        }, false, asyncResult -> {
            if (asyncResult.failed()) {
                response.setStatusCode(HttpResponseStatus.INTERNAL_SERVER_ERROR.code()).end();
                return;
            }
            JsonRpcResponse jsonRpcResponse = (JsonRpcResponse) asyncResult.result();
            response.setStatusCode(status(jsonRpcResponse).code());
            response.putHeader("Content-Type", APPLICATION_JSON);
            response.end(serialise(jsonRpcResponse));
        });
    }

    private HttpResponseStatus status(JsonRpcResponse jsonRpcResponse) {
        switch (AnonymousClass1.$SwitchMap$org$hyperledger$besu$ethereum$api$jsonrpc$internal$response$JsonRpcResponseType[jsonRpcResponse.getType().ordinal()]) {
            case MainnetBlockHeaderValidator.MINIMUM_SECONDS_SINCE_PARENT /* 1 */:
                return HttpResponseStatus.UNAUTHORIZED;
            case 2:
                return HttpResponseStatus.BAD_REQUEST;
            case 3:
            case 4:
            default:
                return HttpResponseStatus.OK;
        }
    }

    private String serialise(JsonRpcResponse jsonRpcResponse) {
        return jsonRpcResponse.getType() == JsonRpcResponseType.NONE ? EMPTY_RESPONSE : Json.encodePrettily(jsonRpcResponse);
    }

    private void handleJsonBatchRequest(RoutingContext routingContext, JsonArray jsonArray, Optional<User> optional) {
        CompositeFuture.all((List) jsonArray.stream().map(obj -> {
            if (!(obj instanceof JsonObject)) {
                return Future.succeededFuture(errorResponse(null, JsonRpcError.INVALID_REQUEST));
            }
            JsonObject jsonObject = (JsonObject) obj;
            Future future = Future.future();
            this.vertx.executeBlocking(promise -> {
                promise.complete(process(jsonObject, optional));
            }, false, asyncResult -> {
                if (asyncResult.failed()) {
                    future.fail(asyncResult.cause());
                } else {
                    future.complete((JsonRpcResponse) asyncResult.result());
                }
            });
            return future;
        }).collect(Collectors.toList())).setHandler(asyncResult -> {
            if (asyncResult.failed()) {
                routingContext.response().setStatusCode(HttpResponseStatus.INTERNAL_SERVER_ERROR.code()).end();
                return;
            }
            Stream stream = ((CompositeFuture) asyncResult.result()).list().stream();
            Class<JsonRpcResponse> cls = JsonRpcResponse.class;
            Objects.requireNonNull(JsonRpcResponse.class);
            routingContext.response().end(Json.encode((JsonRpcResponse[]) stream.map(cls::cast).filter(this::isNonEmptyResponses).toArray(i -> {
                return new JsonRpcResponse[i];
            })));
        });
    }

    private boolean isNonEmptyResponses(JsonRpcResponse jsonRpcResponse) {
        return jsonRpcResponse.getType() != JsonRpcResponseType.NONE;
    }

    private JsonRpcResponse process(JsonObject jsonObject, Optional<User> optional) {
        Object obj = null;
        try {
            obj = new JsonRpcRequestId(jsonObject.getValue("id")).getValue();
            JsonRpcRequest jsonRpcRequest = (JsonRpcRequest) jsonObject.mapTo(JsonRpcRequest.class);
            if (jsonRpcRequest.isNotification()) {
                return NO_RESPONSE;
            }
            Optional<JsonRpcError> validateMethodAvailability = validateMethodAvailability(jsonRpcRequest);
            if (validateMethodAvailability.isPresent()) {
                return errorResponse(obj, validateMethodAvailability.get());
            }
            JsonRpcMethod jsonRpcMethod = this.rpcMethods.get(jsonRpcRequest.getMethod());
            if (!AuthenticationUtils.isPermitted(this.authenticationService, optional, jsonRpcMethod)) {
                return unauthorizedResponse(obj, JsonRpcError.UNAUTHORIZED);
            }
            try {
                OperationTimer.TimingContext startTimer = this.requestTimer.labels(jsonRpcRequest.getMethod()).startTimer();
                try {
                    if (optional.isPresent()) {
                        JsonRpcResponse response = jsonRpcMethod.response(new JsonRpcRequestContext(jsonRpcRequest, optional.get()));
                        if (startTimer != null) {
                            startTimer.close();
                        }
                        return response;
                    }
                    JsonRpcResponse response2 = jsonRpcMethod.response(new JsonRpcRequestContext(jsonRpcRequest));
                    if (startTimer != null) {
                        startTimer.close();
                    }
                    return response2;
                } catch (Throwable th) {
                    if (startTimer != null) {
                        try {
                            startTimer.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } catch (InvalidJsonRpcParameters e) {
                LOG.debug("Invalid Params", e);
                return errorResponse(obj, JsonRpcError.INVALID_PARAMS);
            } catch (RuntimeException e2) {
                LOG.error("Error processing JSON-RPC requestBody", e2);
                return errorResponse(obj, JsonRpcError.INTERNAL_ERROR);
            }
        } catch (IllegalArgumentException e3) {
            return errorResponse(obj, JsonRpcError.INVALID_REQUEST);
        }
    }

    private Optional<JsonRpcError> validateMethodAvailability(JsonRpcRequest jsonRpcRequest) {
        String method = jsonRpcRequest.getMethod();
        LOG.debug("JSON-RPC request -> {}", method);
        if (this.rpcMethods.get(method) == null) {
            if (!RpcMethod.rpcMethodExists(method)) {
                return Optional.of(JsonRpcError.METHOD_NOT_FOUND);
            }
            if (!this.rpcMethods.containsKey(method)) {
                return Optional.of(JsonRpcError.METHOD_NOT_ENABLED);
            }
        }
        return Optional.empty();
    }

    private void handleJsonRpcError(RoutingContext routingContext, Object obj, JsonRpcError jsonRpcError) {
        routingContext.response().setStatusCode(HttpResponseStatus.BAD_REQUEST.code()).end(Json.encode(new JsonRpcErrorResponse(obj, jsonRpcError)));
    }

    private void handleJsonRpcUnauthorizedError(RoutingContext routingContext, Object obj, JsonRpcError jsonRpcError) {
        routingContext.response().setStatusCode(HttpResponseStatus.UNAUTHORIZED.code()).end(Json.encode(new JsonRpcErrorResponse(obj, jsonRpcError)));
    }

    private JsonRpcResponse errorResponse(Object obj, JsonRpcError jsonRpcError) {
        return new JsonRpcErrorResponse(obj, jsonRpcError);
    }

    private JsonRpcResponse unauthorizedResponse(Object obj, JsonRpcError jsonRpcError) {
        return new JsonRpcUnauthorizedResponse(obj, jsonRpcError);
    }

    private String buildCorsRegexFromConfig() {
        if (this.config.getCorsAllowedDomains().isEmpty()) {
            return EMPTY_RESPONSE;
        }
        if (this.config.getCorsAllowedDomains().contains("*")) {
            return "*";
        }
        StringJoiner stringJoiner = new StringJoiner("|");
        Stream<String> filter = this.config.getCorsAllowedDomains().stream().filter(str -> {
            return !str.isEmpty();
        });
        Objects.requireNonNull(stringJoiner);
        filter.forEach((v1) -> {
            r1.add(v1);
        });
        return stringJoiner.toString();
    }
}
