package dev.dsf.fhir.spring.config;

import de.rwh.utils.crypto.CertificateHelper;
import de.rwh.utils.crypto.io.CertificateReader;
import de.rwh.utils.crypto.io.PemIo;
import dev.dsf.fhir.client.ClientProvider;
import dev.dsf.fhir.client.ClientProviderImpl;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.UUID;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.pkcs.PKCSException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
/* loaded from: input_file:dev/dsf/fhir/spring/config/ClientConfig.class */
public class ClientConfig implements InitializingBean {
    private static final Logger logger = LoggerFactory.getLogger(ClientConfig.class);
    private static final BouncyCastleProvider provider = new BouncyCastleProvider();

    @Autowired
    private PropertiesConfig propertiesConfig;

    @Autowired
    private FhirConfig fhirConfig;

    @Autowired
    private DaoConfig daoConfig;

    @Autowired
    private HelperConfig helperConfig;

    @Autowired
    private ReferenceConfig referenceConfig;

    @Autowired
    private BuildInfoReaderConfig buildInfoReaderConfig;

    @Bean
    public ClientProvider clientProvider() {
        char[] charArray = UUID.randomUUID().toString().toCharArray();
        try {
            return new ClientProviderImpl(createTrustStore(this.propertiesConfig.getWebserviceClientCertificateTrustCertificatesFile()), createKeyStore(this.propertiesConfig.getWebserviceClientCertificateFile(), this.propertiesConfig.getWebserviceClientCertificatePrivateKeyFile(), this.propertiesConfig.getWebserviceClientCertificatePrivateKeyFilePassword(), charArray), charArray, this.propertiesConfig.getWebserviceClientReadTimeout(), this.propertiesConfig.getWebserviceClientConnectTimeout(), this.propertiesConfig.proxyConfig(), this.propertiesConfig.getWebserviceClientVerbose(), this.fhirConfig.fhirContext(), this.referenceConfig.referenceCleaner(), this.daoConfig.endpointDao(), this.helperConfig.exceptionHandler(), this.buildInfoReaderConfig.buildInfoReader());
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException | PKCSException e) {
            throw new RuntimeException(e);
        }
    }

    private KeyStore createTrustStore(String str) throws IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException {
        Path path = Paths.get(str, new String[0]);
        if (Files.isReadable(path)) {
            return CertificateReader.allFromCer(path);
        }
        throw new IOException("Trust store file '" + path.toString() + "' not readable");
    }

    private KeyStore createKeyStore(String str, String str2, char[] cArr, char[] cArr2) throws IOException, PKCSException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        Path path = Paths.get(str, new String[0]);
        Path path2 = Paths.get(str2, new String[0]);
        if (!Files.isReadable(path)) {
            throw new IOException("Certificate file '" + path.toString() + "' not readable");
        }
        if (!Files.isReadable(path)) {
            throw new IOException("Private key file '" + path2.toString() + "' not readable");
        }
        X509Certificate readX509CertificateFromPem = PemIo.readX509CertificateFromPem(path);
        return CertificateHelper.toJksKeyStore(PemIo.readPrivateKeyFromPem(provider, path2, cArr), new Certificate[]{readX509CertificateFromPem}, CertificateHelper.getSubjectCommonName(readX509CertificateFromPem), cArr2);
    }

    public void afterPropertiesSet() throws Exception {
        Logger logger2 = logger;
        Object[] objArr = new Object[6];
        objArr[0] = this.propertiesConfig.getWebserviceClientCertificateTrustCertificatesFile();
        objArr[1] = this.propertiesConfig.getWebserviceClientCertificateFile();
        objArr[2] = this.propertiesConfig.getWebserviceClientCertificatePrivateKeyFile();
        objArr[3] = this.propertiesConfig.getWebserviceClientCertificatePrivateKeyFilePassword() != null ? "***" : "null";
        objArr[4] = this.propertiesConfig.proxyConfig().isEnabled() ? "enabled" : "disabled";
        objArr[5] = this.propertiesConfig.proxyConfig().getNoProxyUrls();
        logger2.info("Remote webservice client config: {trustStorePath: {}, certificatePath: {}, privateKeyPath: {}, privateKeyPassword: {}, proxy: {}, no_proxy: {}}", objArr);
    }
}
