package org.citrusframework.http.security;

import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Collections;
import javax.net.ssl.HostnameVerifier;
import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
import org.apache.hc.client5.http.io.HttpClientConnectionManager;
import org.apache.hc.client5.http.ssl.NoopHostnameVerifier;
import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory;
import org.apache.hc.client5.http.ssl.TrustAllStrategy;
import org.apache.hc.client5.http.ssl.TrustSelfSignedStrategy;
import org.apache.hc.core5.ssl.SSLContextBuilder;
import org.apache.hc.core5.ssl.SSLContexts;
import org.citrusframework.spi.Resource;
import org.citrusframework.spi.Resources;
import org.eclipse.jetty.http.HttpVersion;
import org.eclipse.jetty.server.ConnectionFactory;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.springframework.beans.factory.BeanCreationException;

/* loaded from: input_file:org/citrusframework/http/security/SSLConnection.class */
public class SSLConnection implements HttpSecureConnection {
    private Resource keyStore;
    private String keyStorePassword;
    private Resource trustStore;
    private String trustStorePassword;
    private HostnameVerifier hostnameVerifier = NoopHostnameVerifier.INSTANCE;

    public SSLConnection() {
    }

    public SSLConnection(Resource resource, String str) {
        this.keyStore = resource;
        this.keyStorePassword = str;
    }

    public SSLConnection(Resource resource, String str, Resource resource2, String str2) {
        this.keyStore = resource;
        this.keyStorePassword = str;
        this.trustStore = resource2;
        this.trustStorePassword = str2;
    }

    @Override // org.citrusframework.http.security.HttpSecureConnection
    public ServerConnector getServerConnector(int i) {
        ServerConnector serverConnector = new ServerConnector(new Server(), new ConnectionFactory[]{new SslConnectionFactory(sslContextFactory(), HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpConfiguration(i))});
        serverConnector.setPort(i);
        return serverConnector;
    }

    @Override // org.citrusframework.http.security.HttpSecureConnection
    public HttpClientConnectionManager getClientConnectionManager() {
        try {
            SSLContextBuilder loadTrustMaterial = this.trustStore != null ? SSLContexts.custom().loadTrustMaterial(this.trustStore.getFile(), this.trustStorePassword.toCharArray(), new TrustSelfSignedStrategy()) : SSLContexts.custom().loadTrustMaterial(TrustAllStrategy.INSTANCE);
            if (this.keyStore != null) {
                loadTrustMaterial.loadKeyMaterial(KeyStore.getInstance(this.keyStore.getFile(), this.keyStorePassword.toCharArray()), this.keyStorePassword.toCharArray());
            }
            return PoolingHttpClientConnectionManagerBuilder.create().setSSLSocketFactory(new SSLConnectionSocketFactory(loadTrustMaterial.build(), this.hostnameVerifier)).build();
        } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
            throw new BeanCreationException("Failed to create http client for ssl connection", e);
        }
    }

    public SSLConnection trustStore(String str, String str2) {
        return trustStore(Resources.create(str), str2);
    }

    public SSLConnection trustStore(Resource resource, String str) {
        this.trustStore = resource;
        this.trustStorePassword = str;
        return this;
    }

    public SSLConnection keyStore(String str, String str2) {
        return keyStore(Resources.create(str), str2);
    }

    public SSLConnection keyStore(Resource resource, String str) {
        this.keyStore = resource;
        this.keyStorePassword = str;
        return this;
    }

    public SSLConnection hostnameVerifier(HostnameVerifier hostnameVerifier) {
        this.hostnameVerifier = hostnameVerifier;
        return this;
    }

    private SslContextFactory.Server sslContextFactory() {
        SslContextFactory.Server server = new SslContextFactory.Server();
        if (this.trustStore != null) {
            server.setTrustStorePath(this.trustStore.getFile().getPath());
            server.setTrustStorePassword(this.trustStorePassword);
        } else {
            server.setTrustAll(true);
        }
        if (this.keyStore != null) {
            server.setKeyStorePath(this.keyStore.getFile().getPath());
            server.setKeyStorePassword(this.keyStorePassword);
        }
        return server;
    }

    private HttpConfiguration httpConfiguration(int i) {
        HttpConfiguration httpConfiguration = new HttpConfiguration();
        httpConfiguration.setSecureScheme("https");
        httpConfiguration.setSecurePort(i);
        HttpConfiguration httpConfiguration2 = new HttpConfiguration(httpConfiguration);
        SecureRequestCustomizer secureRequestCustomizer = new SecureRequestCustomizer();
        secureRequestCustomizer.setSniHostCheck(false);
        httpConfiguration2.setCustomizers(Collections.singletonList(secureRequestCustomizer));
        return httpConfiguration2;
    }
}
