package org.apache.james.smtpserver.netty;

import io.netty.channel.ChannelInboundHandlerAdapter;
import java.net.MalformedURLException;
import java.util.ArrayList;
import java.util.Locale;
import java.util.Optional;
import java.util.StringTokenizer;
import javax.inject.Inject;
import org.apache.commons.configuration2.HierarchicalConfiguration;
import org.apache.commons.configuration2.ex.ConfigurationException;
import org.apache.commons.configuration2.tree.ImmutableNode;
import org.apache.james.dnsservice.api.DNSService;
import org.apache.james.dnsservice.library.netmatcher.NetMatcher;
import org.apache.james.protocols.api.OidcSASLConfiguration;
import org.apache.james.protocols.api.ProtocolSession;
import org.apache.james.protocols.api.ProtocolTransport;
import org.apache.james.protocols.lib.handler.HandlersPackage;
import org.apache.james.protocols.lib.netty.AbstractProtocolAsyncServer;
import org.apache.james.protocols.netty.AllButStartTlsLineChannelHandlerFactory;
import org.apache.james.protocols.netty.ChannelHandlerFactory;
import org.apache.james.protocols.smtp.SMTPConfiguration;
import org.apache.james.protocols.smtp.SMTPProtocol;
import org.apache.james.smtpserver.CoreCmdHandlerLoader;
import org.apache.james.smtpserver.ExtendedSMTPSession;
import org.apache.james.smtpserver.jmx.JMXHandlersLoader;
import org.apache.james.util.Size;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/james/smtpserver/netty/SMTPServer.class */
public class SMTPServer extends AbstractProtocolAsyncServer implements SMTPServerMBean {
    private static final Logger LOGGER = LoggerFactory.getLogger(SMTPServer.class);
    private SMTPProtocol transport;
    private AuthenticationConfiguration authenticationConfiguration;
    private final SmtpMetrics smtpMetrics;
    private boolean verifyIdentity;
    private DNSService dns;
    private String authorizedAddresses;
    private boolean heloEhloEnforcement = false;
    private String smtpGreeting = null;
    private NetMatcher authorizedNetworks = null;
    private long maxMessageSize = 0;
    private final SMTPConfiguration theConfigData = new SMTPHandlerConfigurationDataImpl();
    private boolean addressBracketsEnforcement = true;

    /* loaded from: input_file:org/apache/james/smtpserver/netty/SMTPServer$AuthenticationAnnounceMode.class */
    public enum AuthenticationAnnounceMode {
        NEVER,
        FOR_UNAUTHORIZED_ADDRESSES,
        ALWAYS;

        public static AuthenticationAnnounceMode parseFallback(String str) {
            String lowerCase = str.trim().toLowerCase(Locale.US);
            return lowerCase.equals("true") ? FOR_UNAUTHORIZED_ADDRESSES : lowerCase.equals("announce") ? ALWAYS : NEVER;
        }

        public static AuthenticationAnnounceMode parse(String str) {
            String lowerCase = str.trim().toLowerCase(Locale.US);
            boolean z = -1;
            switch (lowerCase.hashCode()) {
                case -1414557169:
                    if (lowerCase.equals("always")) {
                        z = true;
                        break;
                    }
                    break;
                case 104712844:
                    if (lowerCase.equals("never")) {
                        z = 2;
                        break;
                    }
                    break;
                case 569274373:
                    if (lowerCase.equals("forunauthorizedaddresses")) {
                        z = false;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    return FOR_UNAUTHORIZED_ADDRESSES;
                case true:
                    return ALWAYS;
                case true:
                    return NEVER;
                default:
                    throw new RuntimeException("Unknown value for 'auth.announce': " + str + ". Should be one of always, never, forUnauthorizedAddresses");
            }
        }
    }

    /* loaded from: input_file:org/apache/james/smtpserver/netty/SMTPServer$AuthenticationConfiguration.class */
    public static class AuthenticationConfiguration {
        private static final String OIDC_PATH = "auth.oidc";
        private final AuthenticationAnnounceMode authenticationAnnounceMode;
        private final boolean requireSSL;
        private final boolean plainAuthEnabled;
        private final Optional<OidcSASLConfiguration> saslConfiguration;

        public static AuthenticationConfiguration parse(HierarchicalConfiguration<ImmutableNode> hierarchicalConfiguration) throws ConfigurationException {
            return new AuthenticationConfiguration((AuthenticationAnnounceMode) Optional.ofNullable(hierarchicalConfiguration.getString("auth.announce", (String) null)).map(AuthenticationAnnounceMode::parse).orElseGet(() -> {
                return fallbackAuthenticationAnnounceMode(hierarchicalConfiguration);
            }), hierarchicalConfiguration.getBoolean("auth.requireSSL", false), hierarchicalConfiguration.getBoolean("auth.plainAuthEnabled", true), parseSASLConfiguration(hierarchicalConfiguration));
        }

        private static Optional<OidcSASLConfiguration> parseSASLConfiguration(HierarchicalConfiguration<ImmutableNode> hierarchicalConfiguration) throws ConfigurationException {
            if (!hierarchicalConfiguration.getKeys(OIDC_PATH).hasNext()) {
                return Optional.empty();
            }
            try {
                return Optional.of(OidcSASLConfiguration.parse(hierarchicalConfiguration.configurationAt(OIDC_PATH)));
            } catch (MalformedURLException e) {
                throw new ConfigurationException("Failed to retrieve oauth component", e);
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static AuthenticationAnnounceMode fallbackAuthenticationAnnounceMode(HierarchicalConfiguration<ImmutableNode> hierarchicalConfiguration) {
            return AuthenticationAnnounceMode.parseFallback(hierarchicalConfiguration.getString("authRequired", "false"));
        }

        public AuthenticationConfiguration(AuthenticationAnnounceMode authenticationAnnounceMode, boolean z, boolean z2, Optional<OidcSASLConfiguration> optional) {
            this.authenticationAnnounceMode = authenticationAnnounceMode;
            this.requireSSL = z;
            this.plainAuthEnabled = z2;
            this.saslConfiguration = optional;
        }

        public AuthenticationAnnounceMode getAuthenticationAnnounceMode() {
            return this.authenticationAnnounceMode;
        }

        public boolean isRequireSSL() {
            return this.requireSSL;
        }

        public boolean isPlainAuthEnabled() {
            return this.plainAuthEnabled;
        }

        public Optional<OidcSASLConfiguration> getSaslConfiguration() {
            return this.saslConfiguration;
        }
    }

    /* loaded from: input_file:org/apache/james/smtpserver/netty/SMTPServer$SMTPHandlerConfigurationDataImpl.class */
    public class SMTPHandlerConfigurationDataImpl implements SMTPConfiguration {
        public SMTPHandlerConfigurationDataImpl() {
        }

        public String getHelloName() {
            return SMTPServer.this.getHelloName();
        }

        public long getMaxMessageSize() {
            return SMTPServer.this.maxMessageSize;
        }

        public boolean isRelayingAllowed(String str) {
            if (SMTPServer.this.authorizedNetworks != null) {
                return SMTPServer.this.authorizedNetworks.matchInetNetwork(str);
            }
            return false;
        }

        public boolean useHeloEhloEnforcement() {
            return SMTPServer.this.heloEhloEnforcement;
        }

        public boolean useAddressBracketsEnforcement() {
            return SMTPServer.this.addressBracketsEnforcement;
        }

        public boolean isPlainAuthEnabled() {
            return SMTPServer.this.authenticationConfiguration.isPlainAuthEnabled();
        }

        public boolean isAuthAnnounced(String str, boolean z) {
            if (SMTPServer.this.authenticationConfiguration.requireSSL && !z) {
                return false;
            }
            if (SMTPServer.this.authenticationConfiguration.getAuthenticationAnnounceMode() == AuthenticationAnnounceMode.ALWAYS) {
                return true;
            }
            if (SMTPServer.this.authenticationConfiguration.getAuthenticationAnnounceMode() == AuthenticationAnnounceMode.NEVER) {
                return false;
            }
            return ((Boolean) Optional.ofNullable(SMTPServer.this.authorizedNetworks).map(netMatcher -> {
                return Boolean.valueOf(!netMatcher.matchInetNetwork(str));
            }).orElse(true)).booleanValue();
        }

        public boolean verifyIdentity() {
            return SMTPServer.this.verifyIdentity;
        }

        public String getGreeting() {
            return SMTPServer.this.smtpGreeting;
        }

        public String getSoftwareName() {
            return "JAMES SMTP Server ";
        }

        public Optional<OidcSASLConfiguration> saslConfiguration() {
            return SMTPServer.this.authenticationConfiguration.getSaslConfiguration();
        }
    }

    public SMTPServer(SmtpMetrics smtpMetrics) {
        this.smtpMetrics = smtpMetrics;
    }

    @Inject
    public void setDnsService(DNSService dNSService) {
        this.dns = dNSService;
    }

    protected void preInit() throws Exception {
        super.preInit();
        if (this.authorizedAddresses != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(this.authorizedAddresses, ", ", false);
            ArrayList arrayList = new ArrayList();
            while (stringTokenizer.hasMoreTokens()) {
                arrayList.add(stringTokenizer.nextToken());
            }
            this.authorizedNetworks = new NetMatcher(arrayList, this.dns);
            LOGGER.info("Authorized addresses: {}", this.authorizedNetworks);
        }
        this.transport = new SMTPProtocol(getProtocolHandlerChain(), this.theConfigData) { // from class: org.apache.james.smtpserver.netty.SMTPServer.1
            public ProtocolSession newSession(ProtocolTransport protocolTransport) {
                return new ExtendedSMTPSession(SMTPServer.this.theConfigData, protocolTransport);
            }
        };
    }

    public void doConfigure(HierarchicalConfiguration<ImmutableNode> hierarchicalConfiguration) throws ConfigurationException {
        super.doConfigure(hierarchicalConfiguration);
        if (isEnabled()) {
            this.authenticationConfiguration = AuthenticationConfiguration.parse(hierarchicalConfiguration);
            this.authorizedAddresses = hierarchicalConfiguration.getString("authorizedAddresses", (String) null);
            this.maxMessageSize = Size.parse(hierarchicalConfiguration.getString("maxmessagesize", "0"), Size.Unit.K).asBytes();
            if (this.maxMessageSize > 0) {
                LOGGER.info("The maximum allowed message size is {} bytes.", Long.valueOf(this.maxMessageSize));
            } else {
                LOGGER.info("No maximum message size is enforced for this server.");
            }
            this.heloEhloEnforcement = hierarchicalConfiguration.getBoolean("heloEhloEnforcement", true);
            this.smtpGreeting = hierarchicalConfiguration.getString("smtpGreeting", (String) null);
            this.addressBracketsEnforcement = hierarchicalConfiguration.getBoolean("addressBracketsEnforcement", true);
            this.verifyIdentity = hierarchicalConfiguration.getBoolean("verifyIdentity", false);
            if (this.authenticationConfiguration.getAuthenticationAnnounceMode() == AuthenticationAnnounceMode.NEVER && this.verifyIdentity) {
                throw new ConfigurationException("SMTP configuration: 'verifyIdentity' can't be set to true if 'authRequired' is set to false.");
            }
        }
    }

    protected int getDefaultPort() {
        return 25;
    }

    public String getServiceType() {
        return "SMTP Service";
    }

    @Override // org.apache.james.smtpserver.netty.SMTPServerMBean
    public long getMaximalMessageSize() {
        return this.maxMessageSize;
    }

    @Override // org.apache.james.smtpserver.netty.SMTPServerMBean
    public boolean getAddressBracketsEnforcement() {
        return this.addressBracketsEnforcement;
    }

    @Override // org.apache.james.smtpserver.netty.SMTPServerMBean
    public boolean getHeloEhloEnforcement() {
        return this.heloEhloEnforcement;
    }

    protected String getDefaultJMXName() {
        return "smtpserver";
    }

    @Override // org.apache.james.smtpserver.netty.SMTPServerMBean
    public void setMaximalMessageSize(long j) {
        this.maxMessageSize = j;
    }

    @Override // org.apache.james.smtpserver.netty.SMTPServerMBean
    public void setAddressBracketsEnforcement(boolean z) {
        this.addressBracketsEnforcement = z;
    }

    @Override // org.apache.james.smtpserver.netty.SMTPServerMBean
    public void setHeloEhloEnforcement(boolean z) {
        this.heloEhloEnforcement = z;
    }

    @Override // org.apache.james.smtpserver.netty.SMTPServerMBean
    public String getHeloName() {
        return this.theConfigData.getHelloName();
    }

    protected ChannelInboundHandlerAdapter createCoreHandler() {
        return new SMTPChannelInboundHandler(this.transport, getEncryption(), this.proxyRequired, this.smtpMetrics);
    }

    protected Class<? extends HandlersPackage> getCoreHandlersPackage() {
        return CoreCmdHandlerLoader.class;
    }

    protected Class<? extends HandlersPackage> getJMXHandlersPackage() {
        return JMXHandlersLoader.class;
    }

    protected ChannelHandlerFactory createFrameHandlerFactory() {
        return new AllButStartTlsLineChannelHandlerFactory("starttls", 8192);
    }

    public AuthenticationAnnounceMode getAuthRequired() {
        return this.authenticationConfiguration.getAuthenticationAnnounceMode();
    }
}
