package com.walker.tcp.netty;

import io.netty.channel.ChannelPipeline;
import io.netty.channel.socket.SocketChannel;
import io.netty.handler.codec.http.HttpObjectAggregator;
import io.netty.handler.codec.http.HttpServerCodec;
import io.netty.handler.logging.LogLevel;
import io.netty.handler.logging.LoggingHandler;
import io.netty.handler.ssl.SslHandler;
import io.netty.handler.stream.ChunkedWriteHandler;

import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import java.io.FileInputStream;
import java.io.InputStream;
import java.security.KeyStore;

public class WebSocketServerInitializer extends DefaultServerInitializer {

//	public void setPackageSeparator(String packageSeparator) {
//		throw new UnsupportedOperationException("websocket类型不支持该操作");
//	}

	@Override
	protected void initChannel(SocketChannel ch) throws Exception {
//	protected void initChannel(GenIdClientSocketChannel ch) throws Exception {
		logger.debug("SocketChannel = {}", ch.getClass().getName());
		ChannelPipeline pipeline = ch.pipeline();

		pipeline.addLast("logging",new LoggingHandler(LogLevel.INFO));

		// 设置30秒没有读到数据，则触发一个READER_IDLE事件。
		// pipeline.addLast(new IdleStateHandler(30, 0, 0));

		// HttpServerCodec：将请求和应答消息解码为HTTP消息
		pipeline.addLast("http-codec",new HttpServerCodec());

		// HttpObjectAggregator：将HTTP消息的多个部分合成一条完整的HTTP消息
		pipeline.addLast("aggregator",new HttpObjectAggregator(65536));

		// ChunkedWriteHandler：向客户端发送HTML5文件
		pipeline.addLast("http-chunked",new ChunkedWriteHandler());

		// 在管道中添加我们自己的接收数据实现方法
		pipeline.addLast("handler", this.getHandler());
	}

	/**
	 * 创建支持wss可靠连接的通信。暂时不使用。
	 * <pre>
	 *     1) 不过目前情况看，一般是在 nginx 端代理设置即可，一般不必在程序中支持
	 *     2) 确实需要在程序中支持，需要配置证书，这在集群环境下很难维护。
	 * </pre>
	 * @param pipeline
	 * @param password
	 * @throws Exception
	 * @date 2024-01-31
	 */
	private void createSSLHandler(ChannelPipeline pipeline, String password) throws Exception{
		KeyStore ks = KeyStore.getInstance("JKS");
		InputStream ksInputStream = new FileInputStream("/Users/liukun/ca/demo.liukun.com.keystore.jks");
		ks.load(ksInputStream, password.toCharArray());
		KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
		kmf.init(ks, password.toCharArray());
		SSLContext sslContext = SSLContext.getInstance("TLS");
		sslContext.init(kmf.getKeyManagers(), null, null);
		SSLEngine sslEngine = sslContext.createSSLEngine();
		sslEngine.setUseClientMode(false);
		sslEngine.setNeedClientAuth(false);
		// 需把SslHandler添加在第一位
		pipeline.addFirst("ssl", new SslHandler(sslEngine));
	}

	/**
	 * 是否允许使用：wss可靠通道
	 * @param enableSSL
	 * @date 2024-01-31
	 */
	public void setEnableSSL(boolean enableSSL) {
		this.enableSSL = enableSSL;
	}

	private boolean enableSSL = false;
}