package io.fabric8.utils.cxf;

import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider;
import io.fabric8.utils.Strings;
import io.fabric8.utils.ssl.TrustEverythingSSLTrustManager;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.concurrent.Callable;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.ws.rs.WebApplicationException;
import net.oauth.signature.pem.PEMReader;
import net.oauth.signature.pem.PKCS1EncodedKeySpec;
import org.apache.cxf.attachment.Base64DecoderStream;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.transport.http.HTTPConduit;
import org.apache.cxf.transport.http.auth.DigestAuthSupplier;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/cxf-utils-2.2.73-SNAPSHOT.jar:io/fabric8/utils/cxf/WebClients.class */
public class WebClients {
    private static final transient Logger LOG = LoggerFactory.getLogger((Class<?>) WebClients.class);

    public static InputStream getInputStreamFromDataOrFile(String str, File file) throws FileNotFoundException {
        if (str != null) {
            return new Base64DecoderStream(new ByteArrayInputStream(str.getBytes()));
        }
        if (file != null) {
            return new FileInputStream(file);
        }
        return null;
    }

    public static KeyStore createTrustStore(String str, File file) throws Exception {
        InputStream inputStreamFromDataOrFile = getInputStreamFromDataOrFile(str, file);
        Throwable th = null;
        try {
            try {
                X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(inputStreamFromDataOrFile);
                KeyStore keyStore = KeyStore.getInstance("JKS");
                keyStore.load(null);
                keyStore.setCertificateEntry(x509Certificate.getSubjectX500Principal().getName(), x509Certificate);
                if (inputStreamFromDataOrFile != null) {
                    if (0 != 0) {
                        try {
                            inputStreamFromDataOrFile.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        inputStreamFromDataOrFile.close();
                    }
                }
                return keyStore;
            } finally {
            }
        } catch (Throwable th3) {
            if (inputStreamFromDataOrFile != null) {
                if (th != null) {
                    try {
                        inputStreamFromDataOrFile.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    inputStreamFromDataOrFile.close();
                }
            }
            throw th3;
        }
    }

    public static void configureCaCert(WebClient webClient, String str, File file) {
        try {
            KeyStore createTrustStore = createTrustStore(str, file);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(createTrustStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            HTTPConduit httpConduit = WebClient.getConfig(webClient).getHttpConduit();
            TLSClientParameters tlsClientParameters = httpConduit.getTlsClientParameters();
            if (tlsClientParameters == null) {
                tlsClientParameters = new TLSClientParameters();
                httpConduit.setTlsClientParameters(tlsClientParameters);
            }
            TrustManager[] trustManagers2 = tlsClientParameters.getTrustManagers();
            if (trustManagers2 != null && trustManagers2.length > 0) {
                ArrayList arrayList = new ArrayList();
                arrayList.addAll(Arrays.asList(trustManagers2));
                arrayList.addAll(Arrays.asList(trustManagers));
                trustManagers = (TrustManager[]) arrayList.toArray(new TrustManager[arrayList.size()]);
            }
            tlsClientParameters.setTrustManagers(trustManagers);
        } catch (Exception e) {
            LOG.error("Could not create trust manager for " + file, (Throwable) e);
        }
    }

    public static void disableSslChecks(WebClient webClient) {
        HTTPConduit httpConduit = WebClient.getConfig(webClient).getHttpConduit();
        TLSClientParameters tlsClientParameters = httpConduit.getTlsClientParameters();
        if (tlsClientParameters == null) {
            tlsClientParameters = new TLSClientParameters();
            httpConduit.setTlsClientParameters(tlsClientParameters);
        }
        tlsClientParameters.setTrustManagers(new TrustManager[]{new TrustEverythingSSLTrustManager()});
        tlsClientParameters.setDisableCNCheck(true);
    }

    public static void disableHostNameChecks(WebClient webClient) {
        HTTPConduit httpConduit = WebClient.getConfig(webClient).getHttpConduit();
        TLSClientParameters tlsClientParameters = httpConduit.getTlsClientParameters();
        if (tlsClientParameters == null) {
            tlsClientParameters = new TLSClientParameters();
            httpConduit.setTlsClientParameters(tlsClientParameters);
        }
        LOG.debug("Disabling host name checks");
        tlsClientParameters.setHostnameVerifier(new HostnameVerifier() { // from class: io.fabric8.utils.cxf.WebClients.1
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str, SSLSession sSLSession) {
                return true;
            }
        });
    }

    public static void configureClientCert(WebClient webClient, String str, File file, String str2, File file2, String str3, char[] cArr) {
        try {
            KeyStore createKeyStore = createKeyStore(str, file, str2, file2, str3, cArr);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(createKeyStore, cArr);
            KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
            HTTPConduit httpConduit = WebClient.getConfig(webClient).getHttpConduit();
            TLSClientParameters tlsClientParameters = httpConduit.getTlsClientParameters();
            if (tlsClientParameters == null) {
                tlsClientParameters = new TLSClientParameters();
                httpConduit.setTlsClientParameters(tlsClientParameters);
            }
            KeyManager[] keyManagers2 = tlsClientParameters.getKeyManagers();
            if (keyManagers2 != null && keyManagers2.length > 0) {
                ArrayList arrayList = new ArrayList();
                arrayList.addAll(Arrays.asList(keyManagers2));
                arrayList.addAll(Arrays.asList(keyManagers));
                keyManagers = (KeyManager[]) arrayList.toArray(new KeyManager[arrayList.size()]);
            }
            tlsClientParameters.setKeyManagers(keyManagers);
        } catch (Exception e) {
            LOG.error("Could not create key manager for " + file + " (" + file2 + ")", (Throwable) e);
        }
    }

    public static KeyStore createKeyStore(String str, File file, String str2, File file2, String str3, char[] cArr) throws Exception {
        InputStream inputStreamFromDataOrFile = getInputStreamFromDataOrFile(str, file);
        Throwable th = null;
        try {
            try {
                X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(inputStreamFromDataOrFile);
                RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) KeyFactory.getInstance(str3).generatePrivate(new PKCS1EncodedKeySpec(new PEMReader(getInputStreamFromDataOrFile(str2, file2)).getDerBytes()).getKeySpec());
                KeyStore keyStore = KeyStore.getInstance("JKS");
                keyStore.load(null, cArr);
                keyStore.setKeyEntry(x509Certificate.getSubjectX500Principal().getName(), rSAPrivateKey, cArr, new Certificate[]{x509Certificate});
                if (inputStreamFromDataOrFile != null) {
                    if (0 != 0) {
                        try {
                            inputStreamFromDataOrFile.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        inputStreamFromDataOrFile.close();
                    }
                }
                return keyStore;
            } finally {
            }
        } catch (Throwable th3) {
            if (inputStreamFromDataOrFile != null) {
                if (th != null) {
                    try {
                        inputStreamFromDataOrFile.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    inputStreamFromDataOrFile.close();
                }
            }
            throw th3;
        }
    }

    public static void configureUserAndPassword(WebClient webClient, String str, String str2) {
        if (Strings.isNotBlank(str) && Strings.isNotBlank(str2)) {
            HTTPConduit httpConduit = WebClient.getConfig(webClient).getHttpConduit();
            httpConduit.getAuthorization().setUserName(str);
            httpConduit.getAuthorization().setPassword(str2);
        }
    }

    public static void enableDigestAuthenticaionType(WebClient webClient) {
        WebClient.getConfig(webClient).getHttpConduit().setAuthSupplier(new DigestAuthSupplier());
    }

    public static List<Object> createProviders() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new JacksonJaxbJsonProvider(JsonHelper.createObjectMapper(), JacksonJaxbJsonProvider.DEFAULT_ANNOTATIONS));
        arrayList.add(new ExceptionResponseMapper());
        return arrayList;
    }

    public static <T> T handle404ByReturningNull(Callable<T> callable) {
        try {
            return callable.call();
        } catch (WebApplicationException e) {
            if (e.getResponse().getStatus() == 404) {
                return null;
            }
            throw e;
        } catch (Exception e2) {
            throw new WebApplicationException(e2);
        }
    }
}
