package com.ibm.ws.localhttp.channel.outbound.impl;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.security.WSSecurityException;
import com.ibm.websphere.sib.mediation.handler.SIMediationHandlerConstants;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.localhttp.channel.LHttpSSLConnectionContext;
import com.ibm.ws.localhttp.channel.LocalChannelRegistryService;
import com.ibm.ws.localhttp.channel.LocalHttpConfigConstants;
import com.ibm.ws.localhttp.channel.inbound.impl.LHttpInboundChannel;
import com.ibm.ws.localhttp.channel.inbound.impl.LHttpInboundLink;
import com.ibm.ws.localhttp.channel.resources.LocalHttpMessages;
import com.ibm.ws.security.core.ContextManager;
import com.ibm.ws.security.core.SecurityContext;
import com.ibm.ws.sib.admin.JsConfigConstants;
import com.ibm.ws.sib.mfp.mqinterop.CMQC;
import com.ibm.ws.ssl.channel.impl.SSLUtils;
import com.ibm.wsspi.buffermgmt.WsByteBuffer;
import com.ibm.wsspi.channel.OutboundProtocol;
import com.ibm.wsspi.channel.base.OutboundConnectorLink;
import com.ibm.wsspi.channel.framework.VirtualConnection;
import com.ibm.wsspi.channel.framework.VirtualConnectionFactory;
import com.ibm.wsspi.http.channel.HttpRequestMessage;
import com.ibm.wsspi.http.channel.HttpResponseMessage;
import com.ibm.wsspi.http.channel.outbound.HttpAddress;
import com.ibm.wsspi.http.channel.values.ConnectionValues;
import com.ibm.wsspi.tcp.channel.SSLConnectionContext;
import javax.net.ssl.SSLEngine;
import javax.security.auth.Subject;

/* loaded from: input_file:lib/com.ibm.ws.runtime.jar:com/ibm/ws/localhttp/channel/outbound/impl/LHttpOutboundLink.class */
public class LHttpOutboundLink extends OutboundConnectorLink implements LocalHttpConfigConstants, OutboundProtocol {
    private static final TraceComponent tc = Tr.register((Class<?>) LHttpOutboundLink.class, LocalHttpMessages.LOCALHTTP_TRACE_NAME, LocalHttpMessages.LOCALHTTP_BUNDLE);
    private static ContextManager contextManager = SecurityContext.getContextManager();
    private static boolean bSecureEnv = SecurityContext.isSecurityEnabled();
    private LHttpOutboundChannel channelRef;
    private LocalChannelRegistryService svc;
    private VirtualConnectionFactory inboundVCF;
    private VirtualConnection peerInboundVC;
    private LHttpOutboundServiceContext oscRef;
    private HttpAddress targetAddress;
    private LHttpSSLConnectionContext lhttpSSLConnCtxt = null;
    private int connectPort = 0;
    private LHttpInboundChannel peerInboundChannel = null;
    private LHttpInboundLink peerInboundLink = null;

    /* JADX INFO: Access modifiers changed from: package-private */
    public LHttpOutboundLink(VirtualConnection virtualConnection, VirtualConnectionFactory virtualConnectionFactory, LocalChannelRegistryService localChannelRegistryService, LHttpOutboundChannel lHttpOutboundChannel) {
        this.inboundVCF = null;
        this.oscRef = null;
        init(virtualConnection);
        this.inboundVCF = virtualConnectionFactory;
        this.svc = localChannelRegistryService;
        this.channelRef = lHttpOutboundChannel;
        this.oscRef = null;
    }

    public void connectAsynch(Object obj) {
        try {
            connect(obj);
            getApplicationCallback().ready(getVirtualConnection());
        } catch (Exception e) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Could not connect to peer" + e);
            }
            getApplicationCallback().destroy(e);
        }
    }

    public void connect(Object obj) throws Exception {
        if (null == this.svc) {
            throw new Exception("Local Channel Registry service unavailable");
        }
        if (null == obj) {
            throw new Exception("No port specified");
        }
        this.targetAddress = (HttpAddress) obj;
        this.peerInboundVC = this.inboundVCF.createConnection();
        this.connectPort = this.targetAddress.getRemoteAddress().getPort();
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Using port: " + this.connectPort + " to locate local inbound channel");
        }
        String str = String.valueOf(this.connectPort) + LocalHttpConfigConstants.INBOUND_PORT_STR;
        this.peerInboundChannel = this.svc.lookupInboundChannel(str);
        if (null == this.peerInboundChannel) {
            throw new Exception("No local channel associated with " + str);
        }
        SSLEngine sSLEngine = null;
        if (this.channelRef.isSecure() && this.peerInboundChannel.isSecure()) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Beginning SSL Handshake for local channels");
            }
            SSLEngine createSSLEngine = this.channelRef.createSSLEngine(getVirtualConnection(), obj);
            sSLEngine = this.peerInboundChannel.createSSLEngine(this.peerInboundVC);
            SSLUtils.handleHandshake(createSSLEngine, sSLEngine);
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Finished SSL Handshake for local channels");
            }
            setSSLConnectionContext(new LHttpSSLConnectionContext(createSSLEngine));
        } else if (this.channelRef.isSecure() || this.peerInboundChannel.isSecure()) {
            throw new Exception("Outbound channel is " + (this.channelRef.isSecure() ? JsConfigConstants.SIBUS_SECURE : "not secure") + " while Inbound channel is " + (this.peerInboundChannel.isSecure() ? JsConfigConstants.SIBUS_SECURE : "not secure"));
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "start: Located inbound channel " + this.peerInboundChannel);
        }
        this.peerInboundVC.getStateMap().put(LocalHttpConfigConstants.LOCAL_HTTP_OUTBOUND_LINK, this);
        this.peerInboundLink = this.peerInboundChannel.getHttpLink(this.peerInboundVC);
        if (this.peerInboundChannel.isSecure()) {
            this.peerInboundLink.setSSLConnectionContext(new LHttpSSLConnectionContext(sSLEngine));
        }
    }

    public int getConnectPort() {
        return this.connectPort;
    }

    public HttpAddress getTargetAddress() {
        return this.targetAddress;
    }

    public Object getChannelAccessor() {
        if (null == this.oscRef) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "getChannelAccessor: creating new OutboundService context");
            }
            this.oscRef = new LHttpOutboundServiceContext(getVirtualConnection(), this.channelRef.getHttpConfig(), this);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "getChannelAccessor: returning ctxt " + this.oscRef + "for this link " + this);
        }
        return this.oscRef;
    }

    @Override // com.ibm.wsspi.channel.OutboundProtocol
    public String getProtocol() {
        return "HTTP";
    }

    public void ready(VirtualConnection virtualConnection) {
    }

    public void destroy(Exception exc) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "destroy");
        }
        super.destroy(exc);
        if (null != this.oscRef) {
            this.oscRef.destroy();
            this.oscRef = null;
        }
        disconnect();
        if (null != this.lhttpSSLConnCtxt) {
            this.lhttpSSLConnCtxt.destroy();
            this.lhttpSSLConnCtxt = null;
        }
        this.channelRef = null;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "destroy");
        }
    }

    public boolean isConnected() {
        return this.peerInboundLink != null;
    }

    public void transferRequest(HttpRequestMessage httpRequestMessage) {
        if (null != this.peerInboundLink) {
            this.peerInboundLink.transferRequest(httpRequestMessage);
        }
    }

    public void transferRequestBody(WsByteBuffer[] wsByteBufferArr, boolean z) {
        if (null != this.peerInboundLink) {
            this.peerInboundLink.transferRequestBody(wsByteBufferArr, z);
        }
    }

    public void transferResponse(HttpResponseMessage httpResponseMessage) {
        this.oscRef.transferResponse(httpResponseMessage);
    }

    public void transferResponseBody(WsByteBuffer[] wsByteBufferArr) {
        this.oscRef.transferResponseBody(wsByteBufferArr);
    }

    public void dispatch() {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "dispatch : (secure=" + bSecureEnv + ") " + this);
        }
        Subject[] subjectArr = null;
        if (bSecureEnv) {
            subjectArr = saveSecurity();
            if (null == subjectArr) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                    Tr.exit(tc, "dispatch: failure saving security");
                    return;
                }
                return;
            }
        }
        try {
            this.peerInboundLink.ready(this.peerInboundVC);
        } catch (Exception e) {
            FFDCFilter.processException(e, "LHttpOutboundLink.dispatch", SIMediationHandlerConstants.SI_MESSAGE_CONTEXT_PROXY_IMPL_101);
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception from peer inbound ready(): " + e);
            }
        }
        this.oscRef.resetRequestOwnership();
        if (bSecureEnv) {
            restoreSecurity(subjectArr);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "dispatch");
        }
    }

    private Subject[] saveSecurity() {
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Saving security subjects...");
        }
        Subject[] subjectArr = new Subject[2];
        try {
            subjectArr[0] = contextManager.getInvocationSubject();
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Saved invokedSubject: " + subjectArr[0]);
            }
            subjectArr[1] = contextManager.getCallerSubject();
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Saved receivedSubject: " + subjectArr[1]);
            }
            return subjectArr;
        } catch (WSSecurityException e) {
            FFDCFilter.processException(e, "LHttpOutboundLink.saveSecurity", "%C", this);
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception saving security contexts: " + e);
            }
            generateError(CMQC.MQFB_CICS_BRIDGE_FAILURE);
            return null;
        }
    }

    private boolean restoreSecurity(Subject[] subjectArr) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Restoring security subjects");
        }
        try {
            if (null != subjectArr[0]) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Restoring invokedSub: " + subjectArr[0]);
                }
                contextManager.setInvocationSubject(subjectArr[0]);
            }
            if (null != subjectArr[1]) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Restoring receivedSub: " + subjectArr[1]);
                }
                contextManager.setCallerSubject(subjectArr[1]);
            }
            return true;
        } catch (WSSecurityException e) {
            FFDCFilter.processException(e, "LHttpOutboundLink.restoreSecurity", "%C", this);
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception restoring security contexts: " + e);
            }
            generateError(CMQC.MQFB_CICS_BRIDGE_FAILURE);
            return false;
        }
    }

    private void generateError(int i) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Generating error response message, status=" + i);
        }
        HttpResponseMessage response = this.oscRef.getResponse();
        response.clear();
        response.setStatusCode(i);
        response.setConnection(ConnectionValues.CLOSE);
        this.oscRef.cleanUnusedResponseBuffers();
    }

    public void disconnect() {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "disconnect: " + this);
        }
        if (null != this.peerInboundVC) {
            this.peerInboundVC.getStateMap().remove(LocalHttpConfigConstants.LOCAL_HTTP_OUTBOUND_LINK);
        }
        this.peerInboundLink = null;
        this.peerInboundVC = null;
        this.inboundVCF = null;
        this.svc = null;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.exit(tc, "disconnect");
        }
    }

    public SSLConnectionContext getSSLConnectionContext() {
        return this.lhttpSSLConnCtxt;
    }

    public void setSSLConnectionContext(LHttpSSLConnectionContext lHttpSSLConnectionContext) {
        this.lhttpSSLConnCtxt = lHttpSSLConnectionContext;
    }
}
