package org.zowe.apiml.zaasclient.service.internal;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import lombok.Generated;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.BasicCookieStore;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.zowe.apiml.zaasclient.config.ConfigProperties;
import org.zowe.apiml.zaasclient.exception.ZaasConfigurationErrorCodes;
import org.zowe.apiml.zaasclient.exception.ZaasConfigurationException;

/* loaded from: input_file:org/zowe/apiml/zaasclient/service/internal/HttpsClientProvider.class */
class HttpsClientProvider implements CloseableClientProvider {
    private final RequestConfig requestConfig;
    private TrustManagerFactory tmf;
    private KeyManagerFactory kmf;
    private final String keyStorePassword;
    private final String keyStoreType;
    private String keyStorePath;

    public HttpsClientProvider(ConfigProperties configProperties) throws ZaasConfigurationException {
        this.requestConfig = buildCustomRequestConfig();
        if (configProperties.getTrustStorePath() == null) {
            throw new ZaasConfigurationException(ZaasConfigurationErrorCodes.TRUST_STORE_NOT_PROVIDED);
        }
        initializeTrustManagerFactory(configProperties.getTrustStorePath(), configProperties.getTrustStoreType(), configProperties.getTrustStorePassword());
        this.keyStorePath = configProperties.getKeyStorePath();
        this.keyStorePassword = configProperties.getKeyStorePassword();
        this.keyStoreType = configProperties.getKeyStoreType();
    }

    @Override // org.zowe.apiml.zaasclient.service.internal.CloseableClientProvider
    public CloseableHttpClient getHttpsClientWithTrustStore() throws ZaasConfigurationException {
        return sharedHttpClientConfiguration(getSSLContext()).build();
    }

    @Override // org.zowe.apiml.zaasclient.service.internal.CloseableClientProvider
    public CloseableHttpClient getHttpsClientWithTrustStore(BasicCookieStore basicCookieStore) throws ZaasConfigurationException {
        return sharedHttpClientConfiguration(getSSLContext()).setDefaultCookieStore(basicCookieStore).build();
    }

    @Override // org.zowe.apiml.zaasclient.service.internal.CloseableClientProvider
    public CloseableHttpClient getHttpsClientWithKeyStoreAndTrustStore() throws ZaasConfigurationException {
        if (this.keyStorePath == null) {
            throw new ZaasConfigurationException(ZaasConfigurationErrorCodes.KEY_STORE_NOT_PROVIDED);
        }
        if (this.kmf == null) {
            initializeKeyStoreManagerFactory();
        }
        return sharedHttpClientConfiguration(getSSLContext()).build();
    }

    private void initializeTrustManagerFactory(String str, String str2, String str3) throws ZaasConfigurationException {
        try {
            this.tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            KeyStore keyStore = KeyStore.getInstance(str2);
            keyStore.load(new FileInputStream(new File(str)), str3.toCharArray());
            this.tmf.init(keyStore);
        } catch (IOException e) {
            throw new ZaasConfigurationException(ZaasConfigurationErrorCodes.IO_CONFIGURATION_ISSUE, e);
        } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
            throw new ZaasConfigurationException(ZaasConfigurationErrorCodes.WRONG_CRYPTO_CONFIGURATION, e2);
        }
    }

    private void initializeKeyStoreManagerFactory() throws ZaasConfigurationException {
        try {
            this.kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            KeyStore keyStore = KeyStore.getInstance(this.keyStoreType);
            keyStore.load(new FileInputStream(new File(this.keyStorePath)), this.keyStorePassword.toCharArray());
            this.kmf.init(keyStore, this.keyStorePassword.toCharArray());
        } catch (IOException e) {
            throw new ZaasConfigurationException(ZaasConfigurationErrorCodes.IO_CONFIGURATION_ISSUE, e);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e2) {
            throw new ZaasConfigurationException(ZaasConfigurationErrorCodes.WRONG_CRYPTO_CONFIGURATION, e2);
        }
    }

    private SSLContext getSSLContext() throws ZaasConfigurationException {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(this.kmf != null ? this.kmf.getKeyManagers() : null, this.tmf.getTrustManagers(), new SecureRandom());
            return sSLContext;
        } catch (KeyManagementException | NoSuchAlgorithmException e) {
            throw new ZaasConfigurationException(ZaasConfigurationErrorCodes.WRONG_CRYPTO_CONFIGURATION, e);
        }
    }

    private HttpClientBuilder sharedHttpClientConfiguration(SSLContext sSLContext) {
        return HttpClients.custom().setSSLSocketFactory(new SSLConnectionSocketFactory(sSLContext, SSLConnectionSocketFactory.getDefaultHostnameVerifier())).setDefaultRequestConfig(this.requestConfig).setMaxConnTotal(9).setMaxConnPerRoute(3);
    }

    private RequestConfig buildCustomRequestConfig() {
        RequestConfig.Builder custom = RequestConfig.custom();
        custom.setConnectionRequestTimeout(10000);
        custom.setSocketTimeout(10000);
        custom.setConnectTimeout(10000);
        return custom.build();
    }

    @Generated
    public HttpsClientProvider(RequestConfig requestConfig, TrustManagerFactory trustManagerFactory, KeyManagerFactory keyManagerFactory, String str, String str2, String str3) {
        this.requestConfig = requestConfig;
        this.tmf = trustManagerFactory;
        this.kmf = keyManagerFactory;
        this.keyStorePassword = str;
        this.keyStoreType = str2;
        this.keyStorePath = str3;
    }
}
