package cat.gencat.ctti.canigo.arch.integration.psgd.utils;

import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.net.HttpURLConnection;
import java.net.Proxy;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.io.support.PathMatchingResourcePatternResolver;
import org.springframework.http.client.SimpleClientHttpRequestFactory;

/* loaded from: input_file:cat/gencat/ctti/canigo/arch/integration/psgd/utils/RestHttpClientFactory.class */
public class RestHttpClientFactory extends SimpleClientHttpRequestFactory {
    private static final Logger log = LoggerFactory.getLogger(RestHttpClientFactory.class);
    public static final String HTTPS_URL_PROTOCOL_ID = "https";
    private String keyStoreFile;
    private String keyPassword;
    private String trustStoreFile;
    private String trustStorePassword;

    public RestHttpClientFactory() {
        log.info("Creating RestHttpClientFactory");
    }

    protected HttpURLConnection openConnection(URL url, Proxy proxy) throws IOException {
        log.info("RestHttpClientFactory:: openConnection");
        HttpURLConnection openConnection = super.openConnection(url, proxy);
        if (url.getProtocol().equals("https")) {
            try {
                if (!(openConnection instanceof HttpsURLConnection)) {
                    decorateWithTLS(openConnection);
                }
            } catch (Exception e) {
                log.error(e.getMessage());
            }
        }
        openConnection.setRequestProperty("connection", "close");
        return openConnection;
    }

    public synchronized void decorateWithTLS(HttpURLConnection httpURLConnection) {
        log.info("RestHttpClientFactory:: decorateWithTLS");
        try {
            SSLSocketFactory createSslSocketFactory = createSslSocketFactory();
            Method method = httpURLConnection.getClass().getMethod("getSSLSocketFactory", new Class[0]);
            Method method2 = httpURLConnection.getClass().getMethod("setSSLSocketFactory", method.getReturnType());
            if (method.getReturnType().isInstance(createSslSocketFactory)) {
                method2.invoke(httpURLConnection, createSslSocketFactory);
            } else {
                Constructor<?> declaredConstructor = method.getReturnType().getDeclaredConstructor(SSLSocketFactory.class);
                declaredConstructor.setAccessible(true);
                method2.invoke(httpURLConnection, declaredConstructor.newInstance(createSslSocketFactory));
            }
        } catch (IllegalAccessException | IllegalArgumentException | InstantiationException | NoSuchMethodException | SecurityException | InvocationTargetException e) {
            throw new IllegalArgumentException("Error decorating connection class " + httpURLConnection.getClass().getName(), e);
        }
    }

    private SSLSocketFactory createSslSocketFactory() {
        log.info("RestHttpClientFactory:: createSslSocketFactory");
        PathMatchingResourcePatternResolver pathMatchingResourcePatternResolver = new PathMatchingResourcePatternResolver();
        if (this.keyStoreFile == null || this.keyStoreFile.equals("") || this.trustStoreFile == null || this.trustStoreFile.equals("")) {
            return null;
        }
        try {
            if (pathMatchingResourcePatternResolver.getResources(this.keyStoreFile).length <= 0 || pathMatchingResourcePatternResolver.getResources(this.trustStoreFile).length <= 0) {
                return null;
            }
            InputStream inputStream = pathMatchingResourcePatternResolver.getResources(this.keyStoreFile)[0].getInputStream();
            InputStream inputStream2 = pathMatchingResourcePatternResolver.getResources(this.trustStoreFile)[0].getInputStream();
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(inputStream, this.keyPassword.toCharArray());
            keyManagerFactory.init(keyStore, this.keyPassword.toCharArray());
            KeyStore keyStore2 = KeyStore.getInstance("JKS");
            keyStore2.load(inputStream2, this.trustStorePassword.toCharArray());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
            trustManagerFactory.init(keyStore2);
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
            return sSLContext.getSocketFactory();
        } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
            if (log.isErrorEnabled()) {
                log.error("Error in client config for SSH/HTTPS", e);
            }
            throw new IllegalStateException("Error in client config for SSH/HTTPS", e);
        }
    }

    public void setKeyPassword(String str) {
        this.keyPassword = str;
    }

    public void setKeyStoreFile(String str) {
        this.keyStoreFile = str;
    }

    public void setTrustStorePassword(String str) {
        this.trustStorePassword = str;
    }

    public void setTrustStoreFile(String str) {
        this.trustStoreFile = str;
    }
}
