package io.covenantsql.connector.util;

import io.covenantsql.connector.settings.CovenantProperties;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import javax.net.ssl.SSLContext;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.config.ConnectionConfig;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustAllStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.ssl.SSLContexts;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/covenantsql/connector/util/CovenantHTTPClientBuilder.class */
public class CovenantHTTPClientBuilder {
    private static final Logger LOG = LoggerFactory.getLogger(CovenantHTTPClientBuilder.class);
    private static CovenantProperties properties;

    public CovenantHTTPClientBuilder(CovenantProperties covenantProperties) {
        properties = covenantProperties;
    }

    public CloseableHttpClient buildClient() throws Exception {
        return HttpClientBuilder.create().setConnectionManager(getConnectionManager()).setDefaultConnectionConfig(getConnectionConfig()).setDefaultRequestConfig(getRequestConfig()).disableContentCompression().build();
    }

    private PoolingHttpClientConnectionManager getConnectionManager() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException, IOException, UnrecoverableKeyException {
        RegistryBuilder register = RegistryBuilder.create().register("http", PlainConnectionSocketFactory.getSocketFactory());
        if (properties.isSsl()) {
            register.register("https", new SSLConnectionSocketFactory(getSSLContext(), new NoopHostnameVerifier()));
        }
        return new PoolingHttpClientConnectionManager(register.build());
    }

    private ConnectionConfig getConnectionConfig() {
        return ConnectionConfig.custom().build();
    }

    private RequestConfig getRequestConfig() {
        return RequestConfig.custom().setConnectTimeout(properties.getConnectionTimeout()).build();
    }

    private SSLContext getSSLContext() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, KeyManagementException, UnrecoverableKeyException {
        SSLContextBuilder custom = SSLContexts.custom();
        if (!properties.getKeyPath().isEmpty() && !properties.getCertPath().isEmpty()) {
            custom.loadKeyMaterial(getKeyStore(), "".toCharArray());
        }
        if (StringUtils.equalsIgnoreCase(properties.getSslMode(), "none")) {
            custom.loadTrustMaterial(new TrustAllStrategy());
        }
        return custom.build();
    }

    private KeyStore getKeyStore() throws NoSuchAlgorithmException, IOException, CertificateException, KeyStoreException {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, null);
        keyStore.setKeyEntry("client", new JcaPEMKeyConverter().getKeyPair((PEMKeyPair) new PEMParser(new InputStreamReader(getFileStream(properties.getKeyPath()))).readObject()).getPrivate(), "".toCharArray(), new Certificate[]{CertificateFactory.getInstance("X.509").generateCertificate(getFileStream(properties.getCertPath()))});
        return keyStore;
    }

    private InputStream getFileStream(String str) throws IOException {
        InputStream resourceAsStream;
        try {
            resourceAsStream = new FileInputStream(str);
        } catch (FileNotFoundException e) {
            resourceAsStream = getClass().getResourceAsStream("/" + str);
        }
        if (resourceAsStream == null) {
            throw new IOException("load key/cert file " + str + " failed");
        }
        return resourceAsStream;
    }
}
