package io.confluent.rest.handlers;

import java.io.IOException;
import java.util.List;
import java.util.Optional;
import javax.net.ssl.ExtendedSSLSession;
import javax.net.ssl.SNIHostName;
import javax.net.ssl.SNIServerName;
import javax.net.ssl.SSLSession;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.jetty.http.HttpStatus;
import org.eclipse.jetty.io.ssl.SslConnection;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.handler.HandlerWrapper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/confluent/rest/handlers/SniHandler.class */
public class SniHandler extends HandlerWrapper {
    private static final Logger log = LoggerFactory.getLogger(SniHandler.class);

    public void handle(String str, Request request, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        String serverName = httpServletRequest.getServerName();
        String sniServerName = getSniServerName(request);
        if (sniServerName != null && !sniServerName.equals(serverName)) {
            log.debug("Sni check failed, host header: {}, sni value: {}", serverName, sniServerName);
            request.setHandled(true);
            httpServletResponse.sendError(HttpStatus.Code.MISDIRECTED_REQUEST.getCode(), HttpStatus.Code.MISDIRECTED_REQUEST.getMessage());
        }
        super.handle(str, request, httpServletRequest, httpServletResponse);
    }

    private static String getSniServerName(Request request) {
        List<SNIServerName> requestedServerNames;
        SslConnection.DecryptedEndPoint endPoint = request.getHttpChannel().getEndPoint();
        if (!(endPoint instanceof SslConnection.DecryptedEndPoint)) {
            return null;
        }
        SSLSession session = endPoint.getSslConnection().getSSLEngine().getSession();
        if (!(session instanceof ExtendedSSLSession) || (requestedServerNames = ((ExtendedSSLSession) session).getRequestedServerNames()) == null) {
            return null;
        }
        Optional<SNIServerName> findAny = requestedServerNames.stream().findAny();
        Class<SNIHostName> cls = SNIHostName.class;
        SNIHostName.class.getClass();
        Optional<SNIServerName> filter = findAny.filter((v1) -> {
            return r1.isInstance(v1);
        });
        Class<SNIHostName> cls2 = SNIHostName.class;
        SNIHostName.class.getClass();
        return (String) filter.map((v1) -> {
            return r1.cast(v1);
        }).map((v0) -> {
            return v0.getAsciiName();
        }).orElse(null);
    }
}
