package org.wildfly.camel.examples.cxf.jaxws;

import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import javax.enterprise.inject.Produces;
import javax.inject.Inject;
import javax.inject.Named;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import org.apache.camel.CamelContext;
import org.apache.camel.Processor;
import org.apache.camel.cdi.ContextName;
import org.apache.camel.component.cxf.CxfComponent;
import org.apache.camel.component.cxf.CxfEndpoint;
import org.apache.camel.util.jsse.ClientAuthentication;
import org.apache.camel.util.jsse.KeyManagersParameters;
import org.apache.camel.util.jsse.KeyStoreParameters;
import org.apache.camel.util.jsse.SSLContextClientParameters;
import org.apache.camel.util.jsse.SSLContextParameters;
import org.apache.camel.util.jsse.SSLContextServerParameters;
import org.apache.camel.util.jsse.TrustManagersParameters;
import org.apache.cxf.interceptor.security.JAASLoginInterceptor;
import org.apache.cxf.interceptor.security.SimpleAuthorizingInterceptor;

@Named("cxf_cdi_security_app")
/* loaded from: input_file:WEB-INF/classes/org/wildfly/camel/examples/cxf/jaxws/Application.class */
public class Application {
    private static final String CXF_PRODUCER_ENDPOINT_ADDRESS = "https://localhost:8443/webservices/greeting-secure-cdi";
    private static final String CXF_CONSUMER_ENDPOINT_ADDRESS = "https://localhost:8443/webservices/greeting-secure-cdi";
    private static final String WILDFLY_SECURITY_DOMAIN_NAME = "client-cert";
    private static final String KEYSTORE_PATH = System.getProperty("jboss.server.config.dir") + "/application.keystore";
    private static final String KEYSTORE_PASSWORD = "password";
    private static final String TRUSTSTORE_ALIAS_NAME = "server";

    @Inject
    @ContextName("cxfws-security-camel-context")
    CamelContext camelContext;

    @Produces
    @Named("greetingsProcessor")
    public Processor produceGreetingsProcessor() {
        return new GreetingsProcessor();
    }

    @Produces
    @Named("cxfProducerEndpoint")
    public CxfEndpoint createCxfProducerEndpoint() {
        CxfEndpoint cxfEndpoint = new CxfEndpoint("https://localhost:8443/webservices/greeting-secure-cdi", new CxfComponent(this.camelContext));
        cxfEndpoint.setBeanId("cxfProducerEndpoint");
        cxfEndpoint.setServiceClass(GreetingService.class);
        cxfEndpoint.setSslContextParameters(createProducerSSLContextParameters());
        cxfEndpoint.setHostnameVerifier(new HostnameVerifier() { // from class: org.wildfly.camel.examples.cxf.jaxws.Application.1
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str, SSLSession sSLSession) {
                return true;
            }
        });
        return cxfEndpoint;
    }

    @Produces
    @Named("cxfConsumerEndpoint")
    public CxfEndpoint createCxfConsumerEndpoint() {
        CxfEndpoint cxfEndpoint = new CxfEndpoint("https://localhost:8443/webservices/greeting-secure-cdi", new CxfComponent(this.camelContext));
        cxfEndpoint.setBeanId("cxfConsumerEndpoint");
        cxfEndpoint.setServiceClass(GreetingService.class);
        cxfEndpoint.setSslContextParameters(createConsumerSSLContextParameters());
        List inInterceptors = cxfEndpoint.getInInterceptors();
        JAASLoginInterceptor jAASLoginInterceptor = new JAASLoginInterceptor();
        jAASLoginInterceptor.setContextName(WILDFLY_SECURITY_DOMAIN_NAME);
        jAASLoginInterceptor.setAllowAnonymous(false);
        jAASLoginInterceptor.setCallbackHandlerProviders(Arrays.asList(new JBossCallbackHandlerTlsCert()));
        inInterceptors.add(jAASLoginInterceptor);
        SimpleAuthorizingInterceptor simpleAuthorizingInterceptor = new SimpleAuthorizingInterceptor();
        simpleAuthorizingInterceptor.setAllowAnonymousUsers(false);
        HashMap hashMap = new HashMap(1);
        hashMap.put("greet", "testRole");
        simpleAuthorizingInterceptor.setMethodRolesMap(hashMap);
        inInterceptors.add(simpleAuthorizingInterceptor);
        return cxfEndpoint;
    }

    private SSLContextParameters createProducerSSLContextParameters() {
        KeyStoreParameters keyStoreParameters = new KeyStoreParameters();
        keyStoreParameters.setResource(KEYSTORE_PATH);
        keyStoreParameters.setPassword(KEYSTORE_PASSWORD);
        KeyManagersParameters keyManagersParameters = new KeyManagersParameters();
        keyManagersParameters.setKeyStore(keyStoreParameters);
        keyManagersParameters.setKeyPassword(KEYSTORE_PASSWORD);
        SSLContextClientParameters sSLContextClientParameters = new SSLContextClientParameters();
        SSLContextParameters sSLContextParameters = new SSLContextParameters();
        sSLContextParameters.setClientParameters(sSLContextClientParameters);
        sSLContextParameters.setKeyManagers(keyManagersParameters);
        sSLContextParameters.setCertAlias(TRUSTSTORE_ALIAS_NAME);
        TrustManagersParameters trustManagersParameters = new TrustManagersParameters();
        trustManagersParameters.setKeyStore(keyStoreParameters);
        sSLContextParameters.setTrustManagers(trustManagersParameters);
        return sSLContextParameters;
    }

    private SSLContextParameters createConsumerSSLContextParameters() {
        KeyStoreParameters keyStoreParameters = new KeyStoreParameters();
        keyStoreParameters.setResource(KEYSTORE_PATH);
        keyStoreParameters.setPassword(KEYSTORE_PASSWORD);
        TrustManagersParameters trustManagersParameters = new TrustManagersParameters();
        trustManagersParameters.setKeyStore(keyStoreParameters);
        SSLContextServerParameters sSLContextServerParameters = new SSLContextServerParameters();
        sSLContextServerParameters.setClientAuthentication(ClientAuthentication.REQUIRE.name());
        SSLContextParameters sSLContextParameters = new SSLContextParameters();
        sSLContextParameters.setServerParameters(sSLContextServerParameters);
        sSLContextParameters.setTrustManagers(trustManagersParameters);
        KeyManagersParameters keyManagersParameters = new KeyManagersParameters();
        keyManagersParameters.setKeyStore(keyStoreParameters);
        keyManagersParameters.setKeyPassword(KEYSTORE_PASSWORD);
        sSLContextParameters.setKeyManagers(keyManagersParameters);
        return sSLContextParameters;
    }
}
