package org.mule.extensions.jms.internal.connection.provider;

import java.io.EOFException;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.URL;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.List;
import java.util.NoSuchElementException;
import java.util.Objects;
import java.util.Optional;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.jms.ConnectionFactory;
import javax.jms.XAConnectionFactory;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.mule.extensions.jms.api.connection.factory.jndi.JndiConnectionFactory;
import org.mule.extensions.jms.internal.ExcludeFromGeneratedCoverage;
import org.mule.jms.commons.api.connection.LookupJndiDestination;
import org.mule.jms.commons.internal.support.Jms102bSupport;
import org.mule.jms.commons.internal.support.Jms11Support;
import org.mule.jms.commons.internal.support.Jms20Support;
import org.mule.jms.commons.internal.support.JmsSupport;
import org.mule.jms.commons.internal.support.JmsSupportFactory;
import org.mule.runtime.api.exception.MuleRuntimeException;
import org.mule.runtime.api.i18n.I18nMessageFactory;
import org.mule.runtime.api.meta.ExpressionSupport;
import org.mule.runtime.api.meta.ExternalLibraryType;
import org.mule.runtime.extension.api.annotation.Alias;
import org.mule.runtime.extension.api.annotation.Expression;
import org.mule.runtime.extension.api.annotation.ExternalLib;
import org.mule.runtime.extension.api.annotation.param.Parameter;
import org.mule.runtime.extension.api.annotation.param.display.DisplayName;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ExternalLib(name = "JMS Client", description = "Client which lets communicate with a JMS broker", type = ExternalLibraryType.DEPENDENCY)
@DisplayName("Generic Connection")
@Alias("generic")
/* loaded from: input_file:org/mule/extensions/jms/internal/connection/provider/GenericConnectionProvider.class */
public class GenericConnectionProvider extends BaseConnectionProvider {
    private static final Logger LOGGER = LoggerFactory.getLogger(GenericConnectionProvider.class);
    private final String DEFAULT_PROTOCOL = "SSL";
    private final String trustStorePassword = System.getProperty("mule.jms.generic.additionalCertificatePassword", "");
    private final String trustStoreName = System.getProperty("mule.jms.generic.additionalCertificateFileName", "");

    @Parameter
    @Expression(ExpressionSupport.NOT_SUPPORTED)
    private ConnectionFactory connectionFactory;

    @Override // org.mule.extensions.jms.internal.connection.provider.BaseConnectionProvider
    @ExcludeFromGeneratedCoverage
    public ConnectionFactory getConnectionFactory() {
        addCertificatesToSSLContextIfNeeded();
        return this.connectionFactory;
    }

    @Override // org.mule.extensions.jms.internal.connection.provider.BaseConnectionProvider
    protected boolean enableXa() {
        return this.connectionFactory instanceof XAConnectionFactory;
    }

    @Override // org.mule.extensions.jms.internal.connection.provider.BaseConnectionProvider
    protected Supplier<ConnectionFactory> getConnectionFactorySupplier() {
        return this::getConnectionFactory;
    }

    @Override // org.mule.extensions.jms.internal.connection.provider.BaseConnectionProvider
    protected void configureSSLContext() {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.mule.extensions.jms.internal.connection.provider.BaseConnectionProvider
    public JmsSupportFactory getJmsSupportFactory() {
        JndiConnectionFactory jndiConnectionFactory = (ConnectionFactory) getConnectionFactorySupplier().get();
        if (!(jndiConnectionFactory instanceof JndiConnectionFactory)) {
            return super.getJmsSupportFactory();
        }
        final JndiConnectionFactory jndiConnectionFactory2 = jndiConnectionFactory;
        final LookupJndiDestination jmsClientLookupJndiDestination = jndiConnectionFactory2.getLookupDestination().getJmsClientLookupJndiDestination();
        return new JmsSupportFactory() { // from class: org.mule.extensions.jms.internal.connection.provider.GenericConnectionProvider.1
            public JmsSupport create11Support() {
                LookupJndiDestination lookupJndiDestination = jmsClientLookupJndiDestination;
                JndiConnectionFactory jndiConnectionFactory3 = jndiConnectionFactory2;
                jndiConnectionFactory3.getClass();
                return new Jms11Support(lookupJndiDestination, jndiConnectionFactory3::getJndiDestination);
            }

            public JmsSupport create20Support() {
                LookupJndiDestination lookupJndiDestination = jmsClientLookupJndiDestination;
                JndiConnectionFactory jndiConnectionFactory3 = jndiConnectionFactory2;
                jndiConnectionFactory3.getClass();
                return new Jms20Support(lookupJndiDestination, jndiConnectionFactory3::getJndiDestination);
            }

            public JmsSupport create102bSupport() {
                LookupJndiDestination lookupJndiDestination = jmsClientLookupJndiDestination;
                JndiConnectionFactory jndiConnectionFactory3 = jndiConnectionFactory2;
                jndiConnectionFactory3.getClass();
                return new Jms102bSupport(lookupJndiDestination, jndiConnectionFactory3::getJndiDestination);
            }
        };
    }

    @ExcludeFromGeneratedCoverage
    protected void addCertificatesToSSLContextIfNeeded() {
        if (this.trustStorePassword.isEmpty() || this.trustStoreName.isEmpty()) {
            if (this.trustStorePassword.isEmpty() && this.trustStoreName.isEmpty()) {
                return;
            }
            LOGGER.warn("Both parameters are required to start the secure channel and only one was detected.");
            return;
        }
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(new KeyManager[0], getCustomTrustStoreWithDefaultCerts(getTruststoreFile(this.trustStoreName), this.trustStorePassword), new SecureRandom());
            SSLContext.setDefault(sSLContext);
        } catch (Exception e) {
            throw new MuleRuntimeException(I18nMessageFactory.createStaticMessage("Failed to set TrustStore"), e);
        }
    }

    @ExcludeFromGeneratedCoverage
    private TrustManager[] getCustomTrustStoreWithDefaultCerts(Optional<File> optional, String str) throws CertificateException, IOException, NoSuchAlgorithmException, KeyStoreException {
        KeyStore keyStoreWithCustomCerts = getKeyStoreWithCustomCerts(optional, str);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        Stream stream = Arrays.asList(trustManagerFactory.getTrustManagers()).stream();
        Class<X509TrustManager> cls = X509TrustManager.class;
        X509TrustManager.class.getClass();
        Stream filter = stream.filter((v1) -> {
            return r1.isInstance(v1);
        });
        Class<X509TrustManager> cls2 = X509TrustManager.class;
        X509TrustManager.class.getClass();
        for (X509Certificate x509Certificate : (List) filter.map((v1) -> {
            return r1.cast(v1);
        }).map(x509TrustManager -> {
            return Arrays.asList(x509TrustManager.getAcceptedIssuers());
        }).flatMap((v0) -> {
            return v0.stream();
        }).collect(Collectors.toList())) {
            keyStoreWithCustomCerts.setCertificateEntry(String.valueOf(x509Certificate.getSerialNumber()), x509Certificate);
        }
        TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory2.init(keyStoreWithCustomCerts);
        return trustManagerFactory2.getTrustManagers();
    }

    @ExcludeFromGeneratedCoverage
    private KeyStore getKeyStoreWithCustomCerts(Optional<File> optional, String str) throws CertificateException, IOException, NoSuchAlgorithmException, KeyStoreException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        try {
            FileInputStream fileInputStream = new FileInputStream(optional.get());
            Throwable th = null;
            try {
                try {
                    keyStore.load(fileInputStream, str.toCharArray());
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                    return keyStore;
                } finally {
                }
            } finally {
            }
        } catch (EOFException | NoSuchElementException e) {
            throw new IOException(String.format("Error loading TrustStore: %s not valid or not found", this.trustStoreName), e);
        }
    }

    @ExcludeFromGeneratedCoverage
    private Optional<File> getTruststoreFile(String str) {
        URL resource = getClass().getClassLoader().getResource(str);
        return Objects.isNull(resource) ? Optional.empty() : Optional.of(new File(resource.getPath()));
    }
}
