package org.apache.catalina.tribes.membership.cloud;

import java.io.BufferedInputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Map;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;

/* loaded from: input_file:org/apache/catalina/tribes/membership/cloud/TokenStreamProvider.class */
public class TokenStreamProvider extends AbstractStreamProvider {
    private static final Log log = LogFactory.getLog(TokenStreamProvider.class);
    private String token;
    private String caCertFile;
    private SSLSocketFactory factory;

    /* JADX INFO: Access modifiers changed from: package-private */
    public TokenStreamProvider(String str, String str2) throws Exception {
        this.token = str;
        this.caCertFile = str2;
        TrustManager[] configureCaCert = configureCaCert(this.caCertFile);
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, configureCaCert, null);
        this.factory = sSLContext.getSocketFactory();
    }

    @Override // org.apache.catalina.tribes.membership.cloud.AbstractStreamProvider
    protected SSLSocketFactory getSocketFactory() {
        return this.factory;
    }

    @Override // org.apache.catalina.tribes.membership.cloud.AbstractStreamProvider, org.apache.catalina.tribes.membership.cloud.StreamProvider
    public InputStream openStream(String str, Map<String, String> map, int i, int i2) throws IOException {
        if (this.token != null) {
            map.put("Authorization", "Bearer " + this.token);
        }
        try {
            return super.openStream(str, map, i, i2);
        } catch (IOException e) {
            throw new IOException(sm.getString("tokenStream.failedConnection", str, this.token, this.caCertFile), e);
        }
    }

    private TrustManager[] configureCaCert(String str) throws Exception {
        if (str == null) {
            log.warn(sm.getString("tokenStream.CACertUndefined"));
            return InsecureStreamProvider.INSECURE_TRUST_MANAGERS;
        }
        try {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(str));
            Throwable th = null;
            try {
                try {
                    X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(bufferedInputStream);
                    KeyStore keyStore = KeyStore.getInstance("JKS");
                    keyStore.load(null);
                    keyStore.setCertificateEntry(x509Certificate.getSubjectX500Principal().getName(), x509Certificate);
                    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                    trustManagerFactory.init(keyStore);
                    TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                    if (bufferedInputStream != null) {
                        if (0 != 0) {
                            try {
                                bufferedInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            bufferedInputStream.close();
                        }
                    }
                    return trustManagers;
                } finally {
                }
            } catch (Throwable th3) {
                if (bufferedInputStream != null) {
                    if (th != null) {
                        try {
                            bufferedInputStream.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        bufferedInputStream.close();
                    }
                }
                throw th3;
            }
        } catch (FileNotFoundException e) {
            log.error(sm.getString("tokenStream.fileNotFound", str));
            throw e;
        } catch (Exception e2) {
            log.error(sm.getString("tokenStream.trustManagerError", str), e2);
            throw e2;
        }
    }
}
