package com.github.cafapi.ssl.dropwizard;

import com.hpe.caf.secret.SecretUtil;
import io.dropwizard.core.Configuration;
import io.dropwizard.core.ConfiguredBundle;
import io.dropwizard.core.server.DefaultServerFactory;
import io.dropwizard.core.setup.Environment;
import io.dropwizard.jetty.HttpsConnectorFactory;
import java.util.ArrayList;
import java.util.List;

/* loaded from: input_file:com/github/cafapi/ssl/dropwizard/DropWizardSslBundle.class */
enum DropWizardSslBundle implements ConfiguredBundle<Configuration> {
    INSTANCE;

    private static final String SSL_KEYSTORE_PATH = System.getenv("SSL_KEYSTORE_PATH");
    private static final String SSL_KEYSTORE = System.getenv("SSL_KEYSTORE");
    private static final String SSL_CERT_ALIAS = System.getenv("SSL_CERT_ALIAS");
    private static final String SSL_KEYSTORE_TYPE = System.getenv("SSL_KEYSTORE_TYPE");
    private static final String SSL_VALIDATE_CERTS = System.getenv("SSL_VALIDATE_CERTS");
    private static final String SSL_DISABLE_SNI_HOST_CHECK = System.getenv("SSL_DISABLE_SNI_HOST_CHECK");
    private static final String HTTPS_PORT = System.getenv("HTTPS_PORT");

    public void run(Configuration configuration, Environment environment) throws Exception {
        String secret = SecretUtil.getSecret("SSL_KEYSTORE_PASSWORD");
        if (isHttpsEnabled(secret)) {
            HttpsConnectorFactory httpsConnectorFactory = new HttpsConnectorFactory();
            httpsConnectorFactory.setPort(isNotNullOrEmpty(HTTPS_PORT) ? Integer.parseInt(HTTPS_PORT) : 8443);
            httpsConnectorFactory.setKeyStorePath(SSL_KEYSTORE_PATH + "/" + SSL_KEYSTORE);
            httpsConnectorFactory.setKeyStorePassword(secret);
            httpsConnectorFactory.setKeyStoreType(isNotNullOrEmpty(SSL_KEYSTORE_TYPE) ? SSL_KEYSTORE_TYPE : "JKS");
            httpsConnectorFactory.setCertAlias(SSL_CERT_ALIAS);
            httpsConnectorFactory.setValidateCerts(isNotNullOrEmpty(SSL_VALIDATE_CERTS) && Boolean.parseBoolean(SSL_VALIDATE_CERTS));
            httpsConnectorFactory.setDisableSniHostCheck(isNotNullOrEmpty(SSL_DISABLE_SNI_HOST_CHECK) && Boolean.parseBoolean(SSL_DISABLE_SNI_HOST_CHECK));
            DefaultServerFactory serverFactory = configuration.getServerFactory();
            List applicationConnectors = serverFactory.getApplicationConnectors();
            try {
                applicationConnectors.add(httpsConnectorFactory);
            } catch (UnsupportedOperationException e) {
                ArrayList arrayList = new ArrayList(applicationConnectors);
                arrayList.add(httpsConnectorFactory);
                serverFactory.setApplicationConnectors(arrayList);
            }
        }
    }

    private static boolean isHttpsEnabled(String str) {
        return isNotNullOrEmpty(SSL_KEYSTORE_PATH) && isNotNullOrEmpty(SSL_KEYSTORE) && isNotNullOrEmpty(str) && isNotNullOrEmpty(SSL_CERT_ALIAS);
    }

    private static boolean isNotNullOrEmpty(String str) {
        return (str == null || str.isEmpty()) ? false : true;
    }
}
