package org.zowe.api.common.connectors.zosmf;

import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.Header;
import org.apache.http.HttpHost;
import org.apache.http.HttpResponse;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.CredentialsProvider;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.impl.auth.BasicScheme;
import org.apache.http.impl.client.BasicAuthCache;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.message.BasicHeader;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Service;
import org.zowe.api.common.security.CustomUser;

@Service
/* loaded from: input_file:org/zowe/api/common/connectors/zosmf/ZosmfConnectorLtpaAuth.class */
public class ZosmfConnectorLtpaAuth extends ZosmfConnector {
    @Autowired
    public ZosmfConnectorLtpaAuth(ConnectionProperties connectionProperties) {
        super(connectionProperties);
    }

    @Override // org.zowe.api.common.connectors.zosmf.ZosmfConnector
    public Header getAuthHeader() {
        return new BasicHeader("Cookie", ((CustomUser) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getLtpa());
    }

    public Header getLtpaHeader(String str, String str2) throws IOException, KeyManagementException, NoSuchAlgorithmException, URISyntaxException {
        URI fullUrl = getFullUrl("restjobs/jobs");
        CredentialsProvider credentialProvider = getCredentialProvider(str, str2);
        HttpClient createPreemptiveHttpClientIgnoreSSL = createPreemptiveHttpClientIgnoreSSL(credentialProvider);
        HttpGet httpGet = new HttpGet(fullUrl);
        httpGet.setHeader("X-CSRF-ZOSMF-HEADER", "");
        HttpResponse execute = createPreemptiveHttpClientIgnoreSSL.execute(httpGet, createPreemptiveHttpClientContext(credentialProvider, fullUrl));
        Header firstHeader = execute.getFirstHeader("Set-Cookie");
        if (execute.getStatusLine().getStatusCode() == 200) {
            return firstHeader;
        }
        throw new IOException("login failed");
    }

    private CredentialsProvider getCredentialProvider(String str, String str2) {
        BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
        basicCredentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(str, str2));
        return basicCredentialsProvider;
    }

    private HttpClientContext createPreemptiveHttpClientContext(CredentialsProvider credentialsProvider, URI uri) {
        HttpHost httpHost = new HttpHost(uri.getHost(), uri.getPort(), uri.getScheme());
        BasicAuthCache basicAuthCache = new BasicAuthCache();
        basicAuthCache.put(httpHost, new BasicScheme());
        HttpClientContext create = HttpClientContext.create();
        create.setCredentialsProvider(credentialsProvider);
        create.setAuthCache(basicAuthCache);
        return create;
    }

    public static HttpClient createPreemptiveHttpClientIgnoreSSL(CredentialsProvider credentialsProvider) throws NoSuchAlgorithmException, KeyManagementException {
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, new TrustManager[]{new X509TrustManager() { // from class: org.zowe.api.common.connectors.zosmf.ZosmfConnectorLtpaAuth.1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        }}, new SecureRandom());
        return HttpClientBuilder.create().setSSLContext(sSLContext).setDefaultCredentialsProvider(credentialsProvider).setSSLHostnameVerifier(new HostnameVerifier() { // from class: org.zowe.api.common.connectors.zosmf.ZosmfConnectorLtpaAuth.2
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str, SSLSession sSLSession) {
                return true;
            }
        }).build();
    }

    public static HttpClient createIgnoreSSLClientWithPassword(String str, String str2) throws NoSuchAlgorithmException, KeyManagementException {
        BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
        basicCredentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(str, str2));
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, new TrustManager[]{new X509TrustManager() { // from class: org.zowe.api.common.connectors.zosmf.ZosmfConnectorLtpaAuth.3
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str3) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str3) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        }}, new SecureRandom());
        return HttpClientBuilder.create().setSSLContext(sSLContext).setDefaultCredentialsProvider(basicCredentialsProvider).setSSLHostnameVerifier(new HostnameVerifier() { // from class: org.zowe.api.common.connectors.zosmf.ZosmfConnectorLtpaAuth.4
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str3, SSLSession sSLSession) {
                return true;
            }
        }).build();
    }
}
