package net.corda.node.services.rpc;

import java.io.IOException;
import java.nio.file.Path;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import javax.security.auth.login.AppConfigurationEntry;
import kotlin.Metadata;
import kotlin.Pair;
import kotlin.TuplesKt;
import kotlin.Unit;
import kotlin.collections.MapsKt;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import net.corda.core.utilities.NetworkHostAndPort;
import net.corda.node.internal.artemis.ArtemisBroker;
import net.corda.node.internal.artemis.BrokerAddresses;
import net.corda.node.internal.artemis.CertificateChainCheckPolicy;
import net.corda.node.internal.security.RPCSecurityManager;
import net.corda.node.services.config.CertChainPolicyConfig;
import net.corda.nodeapi.internal.config.SSLConfiguration;
import net.corda.nodeapi.internal.crypto.KeyStoreUtilities;
import org.apache.activemq.artemis.api.core.SimpleString;
import org.apache.activemq.artemis.api.core.management.ActiveMQServerControl;
import org.apache.activemq.artemis.core.config.Configuration;
import org.apache.activemq.artemis.core.config.impl.SecurityConfiguration;
import org.apache.activemq.artemis.core.server.ActivationFailureListener;
import org.apache.activemq.artemis.core.server.ActiveMQServer;
import org.apache.activemq.artemis.core.server.PostQueueDeletionCallback;
import org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl;
import org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* compiled from: ArtemisRpcBroker.kt */
@Metadata(mv = {1, 1, 8}, bv = {1, 0, 2}, k = 1, d1 = {"��n\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000b\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010 \n\u0002\u0018\u0002\n��\n\u0002\u0010\b\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0006\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\u0010\u000e\n\u0002\u0010\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\b��\u0018�� +2\u00020\u0001:\u0001+BY\b��\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\b\u0010\u0004\u001a\u0004\u0018\u00010\u0003\u0012\u0006\u0010\u0005\u001a\u00020\u0006\u0012\u0006\u0010\u0007\u001a\u00020\b\u0012\u0006\u0010\t\u001a\u00020\n\u0012\f\u0010\u000b\u001a\b\u0012\u0004\u0012\u00020\r0\f\u0012\u0006\u0010\u000e\u001a\u00020\u000f\u0012\b\b\u0002\u0010\u0010\u001a\u00020\b\u0012\u0006\u0010\u0011\u001a\u00020\u0012¢\u0006\u0002\u0010\u0013J(\u0010!\u001a\u00020\"2\u0016\u0010#\u001a\u0012\u0012\u0004\u0012\u00020%\u0012\u0004\u0012\u00020&0$j\u0002`'2\u0006\u0010\u0005\u001a\u00020\u0006H\u0003J\b\u0010(\u001a\u00020\u0019H\u0002J\b\u0010)\u001a\u00020&H\u0016J\b\u0010*\u001a\u00020&H\u0016R\u0014\u0010\u0014\u001a\u00020\u0015X\u0096\u0004¢\u0006\b\n��\u001a\u0004\b\u0016\u0010\u0017R\u0010\u0010\u0004\u001a\u0004\u0018\u00010\u0003X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0011\u001a\u00020\u0012X\u0082\u0004¢\u0006\u0002\n��R\u0014\u0010\u000b\u001a\b\u0012\u0004\u0012\u00020\r0\fX\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0010\u001a\u00020\bX\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u000e\u001a\u00020\u000fX\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\t\u001a\u00020\nX\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0018\u001a\u00020\u0019X\u0082\u0004¢\u0006\u0002\n��R\u0014\u0010\u001a\u001a\u00020\u001b8VX\u0096\u0004¢\u0006\u0006\u001a\u0004\b\u001c\u0010\u001dR\u000e\u0010\u0005\u001a\u00020\u0006X\u0082\u0004¢\u0006\u0002\n��R\u0014\u0010\u001e\u001a\u00020\b8VX\u0096\u0004¢\u0006\u0006\u001a\u0004\b\u001f\u0010 R\u000e\u0010\u0007\u001a\u00020\bX\u0082\u0004¢\u0006\u0002\n��¨\u0006,"}, d2 = {"Lnet/corda/node/services/rpc/ArtemisRpcBroker;", "Lnet/corda/node/internal/artemis/ArtemisBroker;", "address", "Lnet/corda/core/utilities/NetworkHostAndPort;", "adminAddressOptional", "sslOptions", "Lnet/corda/nodeapi/internal/config/SSLConfiguration;", NodeLoginModule.USE_SSL_ARG, "", "securityManager", "Lnet/corda/node/internal/security/RPCSecurityManager;", "certificateChainCheckPolicies", "", "Lnet/corda/node/services/config/CertChainPolicyConfig;", "maxMessageSize", "", "jmxEnabled", "baseDirectory", "Ljava/nio/file/Path;", "(Lnet/corda/core/utilities/NetworkHostAndPort;Lnet/corda/core/utilities/NetworkHostAndPort;Lnet/corda/nodeapi/internal/config/SSLConfiguration;ZLnet/corda/node/internal/security/RPCSecurityManager;Ljava/util/List;IZLjava/nio/file/Path;)V", "addresses", "Lnet/corda/node/internal/artemis/BrokerAddresses;", "getAddresses", "()Lnet/corda/node/internal/artemis/BrokerAddresses;", "server", "Lorg/apache/activemq/artemis/core/server/ActiveMQServer;", "serverControl", "Lorg/apache/activemq/artemis/api/core/management/ActiveMQServerControl;", "getServerControl", "()Lorg/apache/activemq/artemis/api/core/management/ActiveMQServerControl;", "started", "getStarted", "()Z", "createArtemisSecurityManager", "Lorg/apache/activemq/artemis/spi/core/security/ActiveMQJAASSecurityManager;", "loginListener", "Lkotlin/Function1;", "", "", "Lnet/corda/node/services/rpc/LoginListener;", "initialiseServer", "start", "stop", "Companion", "node"})
/* loaded from: input_file:net/corda/node/services/rpc/ArtemisRpcBroker.class */
public final class ArtemisRpcBroker implements ArtemisBroker {

    @NotNull
    private final BrokerAddresses addresses;
    private final ActiveMQServer server;
    private final NetworkHostAndPort adminAddressOptional;
    private final SSLConfiguration sslOptions;
    private final boolean useSsl;
    private final RPCSecurityManager securityManager;
    private final List<CertChainPolicyConfig> certificateChainCheckPolicies;
    private final int maxMessageSize;
    private final boolean jmxEnabled;
    private final Path baseDirectory;
    private static final Logger logger;
    public static final Companion Companion = new Companion(null);

    /* compiled from: ArtemisRpcBroker.kt */
    @Metadata(mv = {1, 1, 8}, bv = {1, 0, 2}, k = 1, d1 = {"��J\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010 \n\u0002\u0018\u0002\n��\n\u0002\u0010\b\n��\n\u0002\u0010\u000b\n��\n\u0002\u0018\u0002\n\u0002\b\u0003\b\u0086\u0003\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002JD\u0010\u0007\u001a\u00020\b2\u0006\u0010\t\u001a\u00020\n2\u0006\u0010\u000b\u001a\u00020\f2\u0006\u0010\r\u001a\u00020\u000e2\f\u0010\u000f\u001a\b\u0012\u0004\u0012\u00020\u00110\u00102\u0006\u0010\u0012\u001a\u00020\u00132\u0006\u0010\u0014\u001a\u00020\u00152\u0006\u0010\u0016\u001a\u00020\u0017JL\u0010\u0018\u001a\u00020\b2\u0006\u0010\t\u001a\u00020\n2\u0006\u0010\u0019\u001a\u00020\n2\u0006\u0010\u000b\u001a\u00020\f2\u0006\u0010\r\u001a\u00020\u000e2\f\u0010\u000f\u001a\b\u0012\u0004\u0012\u00020\u00110\u00102\u0006\u0010\u0012\u001a\u00020\u00132\u0006\u0010\u0014\u001a\u00020\u00152\u0006\u0010\u0016\u001a\u00020\u0017R\u0014\u0010\u0003\u001a\u00020\u0004X\u0082\u0004¢\u0006\b\n��\u001a\u0004\b\u0005\u0010\u0006¨\u0006\u001a"}, d2 = {"Lnet/corda/node/services/rpc/ArtemisRpcBroker$Companion;", "", "()V", "logger", "Lorg/slf4j/Logger;", "getLogger", "()Lorg/slf4j/Logger;", "withSsl", "Lnet/corda/node/internal/artemis/ArtemisBroker;", "address", "Lnet/corda/core/utilities/NetworkHostAndPort;", "sslOptions", "Lnet/corda/nodeapi/internal/config/SSLConfiguration;", "securityManager", "Lnet/corda/node/internal/security/RPCSecurityManager;", "certificateChainCheckPolicies", "", "Lnet/corda/node/services/config/CertChainPolicyConfig;", "maxMessageSize", "", "jmxEnabled", "", "baseDirectory", "Ljava/nio/file/Path;", "withoutSsl", "adminAddress", "node"})
    /* loaded from: input_file:net/corda/node/services/rpc/ArtemisRpcBroker$Companion.class */
    public static final class Companion {
        /* JADX INFO: Access modifiers changed from: private */
        public final Logger getLogger() {
            return ArtemisRpcBroker.logger;
        }

        @NotNull
        public final ArtemisBroker withSsl(@NotNull NetworkHostAndPort networkHostAndPort, @NotNull SSLConfiguration sSLConfiguration, @NotNull RPCSecurityManager rPCSecurityManager, @NotNull List<CertChainPolicyConfig> list, int i, boolean z, @NotNull Path path) {
            Intrinsics.checkParameterIsNotNull(networkHostAndPort, "address");
            Intrinsics.checkParameterIsNotNull(sSLConfiguration, "sslOptions");
            Intrinsics.checkParameterIsNotNull(rPCSecurityManager, "securityManager");
            Intrinsics.checkParameterIsNotNull(list, "certificateChainCheckPolicies");
            Intrinsics.checkParameterIsNotNull(path, "baseDirectory");
            return new ArtemisRpcBroker(networkHostAndPort, null, sSLConfiguration, true, rPCSecurityManager, list, i, z, path);
        }

        @NotNull
        public final ArtemisBroker withoutSsl(@NotNull NetworkHostAndPort networkHostAndPort, @NotNull NetworkHostAndPort networkHostAndPort2, @NotNull SSLConfiguration sSLConfiguration, @NotNull RPCSecurityManager rPCSecurityManager, @NotNull List<CertChainPolicyConfig> list, int i, boolean z, @NotNull Path path) {
            Intrinsics.checkParameterIsNotNull(networkHostAndPort, "address");
            Intrinsics.checkParameterIsNotNull(networkHostAndPort2, "adminAddress");
            Intrinsics.checkParameterIsNotNull(sSLConfiguration, "sslOptions");
            Intrinsics.checkParameterIsNotNull(rPCSecurityManager, "securityManager");
            Intrinsics.checkParameterIsNotNull(list, "certificateChainCheckPolicies");
            Intrinsics.checkParameterIsNotNull(path, "baseDirectory");
            return new ArtemisRpcBroker(networkHostAndPort, networkHostAndPort2, sSLConfiguration, false, rPCSecurityManager, list, i, z, path);
        }

        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    @Override // net.corda.node.internal.Startable
    public void start() {
        Companion.getLogger().debug("Artemis RPC broker is starting.");
        this.server.start();
        Companion.getLogger().debug("Artemis RPC broker is started.");
    }

    @Override // net.corda.node.internal.Stoppable
    public void stop() {
        Companion.getLogger().debug("Artemis RPC broker is stopping.");
        this.server.stop(true);
        Companion.getLogger().debug("Artemis RPC broker is stopped.");
    }

    @Override // net.corda.node.internal.Startable
    public boolean getStarted() {
        return this.server.isStarted();
    }

    @Override // net.corda.node.internal.artemis.ArtemisBroker
    @NotNull
    public ActiveMQServerControl getServerControl() {
        ActiveMQServerControl activeMQServerControl = this.server.getActiveMQServerControl();
        Intrinsics.checkExpressionValueIsNotNull(activeMQServerControl, "server.activeMQServerControl");
        return activeMQServerControl;
    }

    @Override // net.corda.node.internal.artemis.ArtemisBroker
    @NotNull
    public BrokerAddresses getAddresses() {
        return this.addresses;
    }

    private final ActiveMQServer initialiseServer() {
        Configuration rpcBrokerConfiguration = new RpcBrokerConfiguration(this.baseDirectory, this.maxMessageSize, this.jmxEnabled, getAddresses().getPrimary(), this.adminAddressOptional, this.sslOptions, this.useSsl);
        ActiveMQServer activeMQServerImpl = new ActiveMQServerImpl(rpcBrokerConfiguration, createArtemisSecurityManager(rpcBrokerConfiguration.getLoginListener(), this.sslOptions));
        activeMQServerImpl.registerActivationFailureListener(new ActivationFailureListener() { // from class: net.corda.node.services.rpc.ArtemisRpcBroker$initialiseServer$1$1
            public final void activationFailed(Exception exc) {
                Intrinsics.checkExpressionValueIsNotNull(exc, "exception");
                throw exc;
            }
        });
        activeMQServerImpl.registerPostQueueDeletionCallback(new PostQueueDeletionCallback() { // from class: net.corda.node.services.rpc.ArtemisRpcBroker$initialiseServer$1$2
            public final void callback(SimpleString simpleString, SimpleString simpleString2) {
                ArtemisRpcBroker.Companion.getLogger().debug("Queue deleted: " + simpleString2 + " for " + simpleString);
            }
        });
        return activeMQServerImpl;
    }

    private final ActiveMQJAASSecurityManager createArtemisSecurityManager(final Function1<? super String, Unit> function1, SSLConfiguration sSLConfiguration) throws IOException, KeyStoreException {
        Object obj;
        CertificateChainCheckPolicy certificateChainCheckPolicy;
        KeyStore loadKeyStore = KeyStoreUtilities.loadKeyStore(sSLConfiguration.getSslKeystore(), sSLConfiguration.getKeyStorePassword());
        KeyStore loadKeyStore2 = KeyStoreUtilities.loadKeyStore(sSLConfiguration.getTrustStoreFile(), sSLConfiguration.getTrustStorePassword());
        Map mapOf = MapsKt.mapOf(new Pair[]{TuplesKt.to("SystemRoles/Node", CertificateChainCheckPolicy.LeafMustMatch.INSTANCE), TuplesKt.to(NodeLoginModule.RPC_ROLE, CertificateChainCheckPolicy.Any.INSTANCE)});
        final LinkedHashMap linkedHashMap = new LinkedHashMap(MapsKt.mapCapacity(mapOf.size()));
        for (Object obj2 : mapOf.entrySet()) {
            Object key = ((Map.Entry) obj2).getKey();
            Map.Entry entry = (Map.Entry) obj2;
            String str = (String) entry.getKey();
            CertificateChainCheckPolicy certificateChainCheckPolicy2 = (CertificateChainCheckPolicy) entry.getValue();
            Iterator<T> it = this.certificateChainCheckPolicies.iterator();
            while (true) {
                if (!it.hasNext()) {
                    obj = null;
                    break;
                }
                Object next = it.next();
                if (Intrinsics.areEqual(((CertChainPolicyConfig) next).getRole(), str)) {
                    while (it.hasNext()) {
                        if (Intrinsics.areEqual(((CertChainPolicyConfig) it.next()).getRole(), str)) {
                            throw new IllegalArgumentException("Collection contains more than one matching element.");
                        }
                    }
                    obj = next;
                }
            }
            CertChainPolicyConfig certChainPolicyConfig = (CertChainPolicyConfig) obj;
            if (certChainPolicyConfig != null) {
                certificateChainCheckPolicy = certChainPolicyConfig.getCertificateChainCheckPolicy();
                if (certificateChainCheckPolicy != null) {
                    linkedHashMap.put(key, certificateChainCheckPolicy.createCheck(loadKeyStore, loadKeyStore2));
                }
            }
            certificateChainCheckPolicy = certificateChainCheckPolicy2;
            linkedHashMap.put(key, certificateChainCheckPolicy.createCheck(loadKeyStore, loadKeyStore2));
        }
        return new ActiveMQJAASSecurityManager(NodeLoginModule.class.getName(), new SecurityConfiguration() { // from class: net.corda.node.services.rpc.ArtemisRpcBroker$createArtemisSecurityManager$securityConfig$1
            @NotNull
            public AppConfigurationEntry[] getAppConfigurationEntry(@NotNull String str2) {
                RPCSecurityManager rPCSecurityManager;
                boolean z;
                Intrinsics.checkParameterIsNotNull(str2, "name");
                String sECURITY_MANAGER_ARG$node = NodeLoginModule.Companion.getSECURITY_MANAGER_ARG$node();
                rPCSecurityManager = ArtemisRpcBroker.this.securityManager;
                z = ArtemisRpcBroker.this.useSsl;
                return new AppConfigurationEntry[]{new AppConfigurationEntry(str2, AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, MapsKt.mapOf(new Pair[]{TuplesKt.to(NodeLoginModule.Companion.getLOGIN_LISTENER_ARG$node(), function1), TuplesKt.to(sECURITY_MANAGER_ARG$node, rPCSecurityManager), TuplesKt.to(NodeLoginModule.USE_SSL_ARG, Boolean.valueOf(z)), TuplesKt.to("CertChainChecks", linkedHashMap)}))};
            }
        });
    }

    public ArtemisRpcBroker(@NotNull NetworkHostAndPort networkHostAndPort, @Nullable NetworkHostAndPort networkHostAndPort2, @NotNull SSLConfiguration sSLConfiguration, boolean z, @NotNull RPCSecurityManager rPCSecurityManager, @NotNull List<CertChainPolicyConfig> list, int i, boolean z2, @NotNull Path path) {
        Intrinsics.checkParameterIsNotNull(networkHostAndPort, "address");
        Intrinsics.checkParameterIsNotNull(sSLConfiguration, "sslOptions");
        Intrinsics.checkParameterIsNotNull(rPCSecurityManager, "securityManager");
        Intrinsics.checkParameterIsNotNull(list, "certificateChainCheckPolicies");
        Intrinsics.checkParameterIsNotNull(path, "baseDirectory");
        this.adminAddressOptional = networkHostAndPort2;
        this.sslOptions = sSLConfiguration;
        this.useSsl = z;
        this.securityManager = rPCSecurityManager;
        this.certificateChainCheckPolicies = list;
        this.maxMessageSize = i;
        this.jmxEnabled = z2;
        this.baseDirectory = path;
        NetworkHostAndPort networkHostAndPort3 = this.adminAddressOptional;
        this.addresses = new BrokerAddresses(networkHostAndPort, networkHostAndPort3 == null ? networkHostAndPort : networkHostAndPort3);
        this.server = initialiseServer();
    }

    public /* synthetic */ ArtemisRpcBroker(NetworkHostAndPort networkHostAndPort, NetworkHostAndPort networkHostAndPort2, SSLConfiguration sSLConfiguration, boolean z, RPCSecurityManager rPCSecurityManager, List list, int i, boolean z2, Path path, int i2, DefaultConstructorMarker defaultConstructorMarker) {
        this(networkHostAndPort, networkHostAndPort2, sSLConfiguration, z, rPCSecurityManager, list, i, (i2 & 128) != 0 ? false : z2, path);
    }

    static {
        Logger logger2 = LoggerFactory.getLogger(ArtemisRpcBroker.class);
        Intrinsics.checkExpressionValueIsNotNull(logger2, "LoggerFactory.getLogger(T::class.java)");
        logger = logger2;
    }

    @Override // net.corda.node.internal.artemis.ArtemisBroker, net.corda.node.internal.Stoppable, java.lang.AutoCloseable
    public void close() {
        ArtemisBroker.DefaultImpls.close(this);
    }
}
