package com.netflix.zuul.netty.server.http2;

import com.google.common.base.Preconditions;
import com.netflix.netty.common.Http2ConnectionCloseHandler;
import com.netflix.netty.common.Http2ConnectionExpiryHandler;
import com.netflix.netty.common.SwallowSomeHttp2ExceptionsHandler;
import com.netflix.netty.common.channel.config.ChannelConfig;
import com.netflix.netty.common.channel.config.CommonChannelConfigKeys;
import com.netflix.netty.common.metrics.Http2MetricsChannelHandlers;
import com.netflix.netty.common.ssl.ServerSslConfig;
import com.netflix.zuul.logging.Http2FrameLoggingPerClientIpHandler;
import com.netflix.zuul.netty.server.BaseZuulChannelInitializer;
import com.netflix.zuul.netty.ssl.SslContextFactory;
import io.netty.channel.Channel;
import io.netty.channel.ChannelHandler;
import io.netty.channel.ChannelPipeline;
import io.netty.channel.group.ChannelGroup;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/netflix/zuul/netty/server/http2/Http2SslChannelInitializer.class */
public final class Http2SslChannelInitializer extends BaseZuulChannelInitializer {
    private static final Logger LOG = LoggerFactory.getLogger(Http2SslChannelInitializer.class);
    private static final DummyChannelHandler DUMMY_HANDLER = new DummyChannelHandler();
    private final ServerSslConfig serverSslConfig;
    private final SslContext sslContext;
    private final boolean isSSlFromIntermediary;
    private final SwallowSomeHttp2ExceptionsHandler swallowSomeHttp2ExceptionsHandler;
    private final String http2SslMetricId;

    @Deprecated
    public Http2SslChannelInitializer(int i, ChannelConfig channelConfig, ChannelConfig channelConfig2, ChannelGroup channelGroup) {
        this(String.valueOf(i), channelConfig, channelConfig2, channelGroup);
    }

    public Http2SslChannelInitializer(String str, ChannelConfig channelConfig, ChannelConfig channelConfig2, ChannelGroup channelGroup) {
        super(str, channelConfig, channelConfig2, channelGroup);
        this.http2SslMetricId = (String) Preconditions.checkNotNull(str, "metricId");
        this.swallowSomeHttp2ExceptionsHandler = new SwallowSomeHttp2ExceptionsHandler(this.registry);
        this.serverSslConfig = (ServerSslConfig) channelConfig.get(CommonChannelConfigKeys.serverSslConfig);
        this.isSSlFromIntermediary = ((Boolean) channelConfig.get(CommonChannelConfigKeys.isSSlFromIntermediary)).booleanValue();
        this.sslContext = Http2Configuration.configureSSL((SslContextFactory) channelConfig.get(CommonChannelConfigKeys.sslContextFactory), str);
    }

    protected void initChannel(Channel channel) {
        SslHandler newHandler = this.sslContext.newHandler(channel.alloc());
        newHandler.engine().setEnabledProtocols(this.serverSslConfig.getProtocols());
        if (LOG.isDebugEnabled()) {
            LOG.debug("ssl protocols supported: {}", String.join(", ", newHandler.engine().getSupportedProtocols()));
            LOG.debug("ssl protocols enabled: {}", String.join(", ", newHandler.engine().getEnabledProtocols()));
            LOG.debug("ssl ciphers supported: {}", String.join(", ", newHandler.engine().getSupportedCipherSuites()));
            LOG.debug("ssl ciphers enabled: {}", String.join(", ", newHandler.engine().getEnabledCipherSuites()));
        }
        ChannelPipeline pipeline = channel.pipeline();
        storeChannel(channel);
        addTimeoutHandlers(pipeline);
        addPassportHandler(pipeline);
        addTcpRelatedHandlers(pipeline);
        pipeline.addLast(new ChannelHandler[]{new Http2FrameLoggingPerClientIpHandler()});
        pipeline.addLast("ssl", newHandler);
        addSslInfoHandlers(pipeline, this.isSSlFromIntermediary);
        addSslClientCertChecks(pipeline);
        pipeline.addLast("http2CodecSwapper", new Http2OrHttpHandler(new Http2StreamInitializer(channel, this::http1Handlers, new Http2MetricsChannelHandlers(this.registry, "server", "http2-" + this.http2SslMetricId), new Http2ConnectionCloseHandler(this.registry), new Http2ConnectionExpiryHandler(this.maxRequestsPerConnection, this.maxRequestsPerConnectionInBrownout, this.connectionExpiry)), this.channelConfig, channelPipeline -> {
            http1Codec(channelPipeline);
            http1Handlers(channelPipeline);
        }));
        pipeline.addLast("codec_placeholder", DUMMY_HANDLER);
        pipeline.addLast(new ChannelHandler[]{this.swallowSomeHttp2ExceptionsHandler});
    }

    private void http1Handlers(ChannelPipeline channelPipeline) {
        addHttpRelatedHandlers(channelPipeline);
        addZuulHandlers(channelPipeline);
    }

    private void http1Codec(ChannelPipeline channelPipeline) {
        channelPipeline.replace("codec_placeholder", BaseZuulChannelInitializer.HTTP_CODEC_HANDLER_NAME, createHttpServerCodec());
    }
}
