package org.springframework.amqp.rabbit.connection;

import com.rabbitmq.client.ExceptionHandler;
import com.rabbitmq.client.MetricsCollector;
import com.rabbitmq.client.SaslConfig;
import com.rabbitmq.client.SocketConfigurator;
import com.rabbitmq.client.impl.CredentialsProvider;
import com.rabbitmq.client.impl.CredentialsRefreshService;
import com.rabbitmq.client.impl.nio.NioParams;
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Arrays;
import java.util.Map;
import java.util.Properties;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.ThreadFactory;
import javax.net.SocketFactory;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.springframework.amqp.rabbit.support.RabbitExceptionTranslator;
import org.springframework.beans.factory.config.AbstractFactoryBean;
import org.springframework.core.io.Resource;
import org.springframework.core.io.ResourceLoader;
import org.springframework.core.io.support.PathMatchingResourcePatternResolver;
import org.springframework.lang.Nullable;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

/* loaded from: input_file:WEB-INF/lib/spring-rabbit-3.1.7.jar:org/springframework/amqp/rabbit/connection/RabbitConnectionFactoryBean.class */
public class RabbitConnectionFactoryBean extends AbstractFactoryBean<com.rabbitmq.client.ConnectionFactory> {
    private static final String SUN_X509 = "SunX509";
    private static final String KEY_STORE = "keyStore";
    private static final String TRUST_STORE = "trustStore";
    private static final String KEY_STORE_PASS_PHRASE = "keyStore.passPhrase";
    private static final String TRUST_STORE_PASS_PHRASE = "trustStore.passPhrase";
    private static final String KEY_STORE_TYPE = "keyStore.type";
    private static final String TRUST_STORE_TYPE = "trustStore.type";
    private static final String DEFAULT_PROTOCOL;
    private static final String KEY_STORE_DEFAULT_TYPE = "PKCS12";
    private static final String TRUST_STORE_DEFAULT_TYPE = "JKS";
    private boolean useSSL;
    private Resource sslPropertiesLocation;
    private String keyStore;
    private String trustStore;
    private Resource keyStoreResource;
    private Resource trustStoreResource;
    private String keyStorePassphrase;
    private String trustStorePassphrase;
    private String keyStoreType;
    private String trustStoreType;
    private boolean sslAlgorithmSet;
    private SecureRandom secureRandom;
    private boolean skipServerCertificateValidation;
    protected final com.rabbitmq.client.ConnectionFactory connectionFactory = new com.rabbitmq.client.ConnectionFactory();
    private final Properties sslProperties = new Properties();
    private ResourceLoader resourceLoader = new PathMatchingResourcePatternResolver();
    private String sslAlgorithm = DEFAULT_PROTOCOL;
    private boolean enableHostnameVerification = true;
    private String keyStoreAlgorithm = SUN_X509;
    private String trustStoreAlgorithm = SUN_X509;

    public RabbitConnectionFactoryBean() {
        this.connectionFactory.setAutomaticRecoveryEnabled(false);
    }

    public boolean isSkipServerCertificateValidation() {
        return this.skipServerCertificateValidation;
    }

    public void setSkipServerCertificateValidation(boolean z) {
        this.skipServerCertificateValidation = z;
    }

    public void setUseSSL(boolean z) {
        this.useSSL = z;
    }

    protected boolean isUseSSL() {
        return this.useSSL;
    }

    public void setSslAlgorithm(String str) {
        this.sslAlgorithm = str;
        this.sslAlgorithmSet = true;
    }

    protected String getSslAlgorithm() {
        return this.sslAlgorithm;
    }

    public void setSslPropertiesLocation(Resource resource) {
        this.sslPropertiesLocation = resource;
    }

    protected Resource getSslPropertiesLocation() {
        return this.sslPropertiesLocation;
    }

    protected String getKeyStore() {
        return this.keyStore == null ? this.sslProperties.getProperty(KEY_STORE) : this.keyStore;
    }

    public void setKeyStore(String str) {
        this.keyStore = str;
    }

    protected Resource getKeyStoreResource() {
        return this.keyStoreResource;
    }

    public void setKeyStoreResource(Resource resource) {
        this.keyStoreResource = resource;
    }

    protected String getTrustStore() {
        return this.trustStore == null ? this.sslProperties.getProperty(TRUST_STORE) : this.trustStore;
    }

    public void setTrustStore(String str) {
        this.trustStore = str;
    }

    protected Resource getTrustStoreResource() {
        return this.trustStoreResource;
    }

    public void setTrustStoreResource(Resource resource) {
        this.trustStoreResource = resource;
    }

    protected String getKeyStorePassphrase() {
        return this.keyStorePassphrase == null ? this.sslProperties.getProperty(KEY_STORE_PASS_PHRASE) : this.keyStorePassphrase;
    }

    public void setKeyStorePassphrase(String str) {
        this.keyStorePassphrase = str;
    }

    protected String getTrustStorePassphrase() {
        return this.trustStorePassphrase == null ? this.sslProperties.getProperty(TRUST_STORE_PASS_PHRASE) : this.trustStorePassphrase;
    }

    public void setTrustStorePassphrase(String str) {
        this.trustStorePassphrase = str;
    }

    protected String getKeyStoreType() {
        return (this.keyStoreType == null && this.sslProperties.getProperty(KEY_STORE_TYPE) == null) ? KEY_STORE_DEFAULT_TYPE : this.keyStoreType != null ? this.keyStoreType : this.sslProperties.getProperty(KEY_STORE_TYPE);
    }

    public void setKeyStoreType(String str) {
        this.keyStoreType = str;
    }

    protected String getTrustStoreType() {
        return (this.trustStoreType == null && this.sslProperties.getProperty(TRUST_STORE_TYPE) == null) ? "JKS" : this.trustStoreType != null ? this.trustStoreType : this.sslProperties.getProperty(TRUST_STORE_TYPE);
    }

    public void setTrustStoreType(String str) {
        this.trustStoreType = str;
    }

    protected SecureRandom getSecureRandom() {
        return this.secureRandom;
    }

    public void setSecureRandom(SecureRandom secureRandom) {
        this.secureRandom = secureRandom;
    }

    public void setHost(String str) {
        this.connectionFactory.setHost(str);
    }

    public void setPort(int i) {
        this.connectionFactory.setPort(i);
    }

    public void setUsername(String str) {
        this.connectionFactory.setUsername(str);
    }

    public void setPassword(String str) {
        this.connectionFactory.setPassword(str);
    }

    public void setCredentialsProvider(CredentialsProvider credentialsProvider) {
        this.connectionFactory.setCredentialsProvider(credentialsProvider);
    }

    public void setCredentialsRefreshService(CredentialsRefreshService credentialsRefreshService) {
        this.connectionFactory.setCredentialsRefreshService(credentialsRefreshService);
    }

    public void setVirtualHost(String str) {
        this.connectionFactory.setVirtualHost(str);
    }

    public void setUri(URI uri) {
        try {
            this.connectionFactory.setUri(uri);
        } catch (URISyntaxException | KeyManagementException | NoSuchAlgorithmException e) {
            throw new IllegalArgumentException("Unable to set uri", e);
        }
    }

    public void setUri(String str) {
        try {
            this.connectionFactory.setUri(str);
        } catch (URISyntaxException | KeyManagementException | NoSuchAlgorithmException e) {
            throw new IllegalArgumentException("Unable to set uri", e);
        }
    }

    public void setRequestedChannelMax(int i) {
        this.connectionFactory.setRequestedChannelMax(i);
    }

    public void setRequestedFrameMax(int i) {
        this.connectionFactory.setRequestedFrameMax(i);
    }

    public void setConnectionTimeout(int i) {
        this.connectionFactory.setConnectionTimeout(i);
    }

    public void setRequestedHeartbeat(int i) {
        this.connectionFactory.setRequestedHeartbeat(i);
    }

    public void setClientProperties(Map<String, Object> map) {
        this.connectionFactory.getClientProperties().putAll(map);
    }

    public void setSaslConfig(SaslConfig saslConfig) {
        this.connectionFactory.setSaslConfig(saslConfig);
    }

    public void setSocketFactory(SocketFactory socketFactory) {
        this.connectionFactory.setSocketFactory(socketFactory);
    }

    public void setSocketConfigurator(SocketConfigurator socketConfigurator) {
        this.connectionFactory.setSocketConfigurator(socketConfigurator);
    }

    public void setSharedExecutor(ExecutorService executorService) {
        this.connectionFactory.setSharedExecutor(executorService);
    }

    public void setThreadFactory(ThreadFactory threadFactory) {
        this.connectionFactory.setThreadFactory(threadFactory);
    }

    public void setExceptionHandler(ExceptionHandler exceptionHandler) {
        this.connectionFactory.setExceptionHandler(exceptionHandler);
    }

    public void setUseNio(boolean z) {
        if (z) {
            this.connectionFactory.useNio();
        } else {
            this.connectionFactory.useBlockingIo();
        }
    }

    public void setNioParams(NioParams nioParams) {
        this.connectionFactory.setNioParams(nioParams);
    }

    public void setMetricsCollector(MetricsCollector metricsCollector) {
        this.connectionFactory.setMetricsCollector(metricsCollector);
    }

    public void setAutomaticRecoveryEnabled(boolean z) {
        this.connectionFactory.setAutomaticRecoveryEnabled(z);
    }

    public void setTopologyRecoveryEnabled(boolean z) {
        this.connectionFactory.setTopologyRecoveryEnabled(z);
    }

    public void setChannelRpcTimeout(int i) {
        this.connectionFactory.setChannelRpcTimeout(i);
    }

    public void setEnableHostnameVerification(boolean z) {
        this.enableHostnameVerification = z;
    }

    public void setMaxInboundMessageBodySize(int i) {
        this.connectionFactory.setMaxInboundMessageBodySize(i);
    }

    protected String getKeyStoreAlgorithm() {
        return this.keyStoreAlgorithm;
    }

    public void setKeyStoreAlgorithm(String str) {
        this.keyStoreAlgorithm = str;
    }

    protected String getTrustStoreAlgorithm() {
        return this.trustStoreAlgorithm;
    }

    public void setTrustStoreAlgorithm(String str) {
        this.trustStoreAlgorithm = str;
    }

    protected ResourceLoader getResourceLoader() {
        return this.resourceLoader;
    }

    public void setResourceLoader(ResourceLoader resourceLoader) {
        Assert.notNull(resourceLoader, "'resourceLoader' cannot be null");
        this.resourceLoader = resourceLoader;
    }

    public com.rabbitmq.client.ConnectionFactory getRabbitConnectionFactory() {
        return this.connectionFactory;
    }

    @Override // org.springframework.beans.factory.config.AbstractFactoryBean, org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() {
        try {
            super.afterPropertiesSet();
        } catch (Exception e) {
            throw RabbitExceptionTranslator.convertRabbitAccessException(e);
        }
    }

    @Override // org.springframework.beans.factory.config.AbstractFactoryBean, org.springframework.beans.factory.FactoryBean
    public Class<?> getObjectType() {
        return com.rabbitmq.client.ConnectionFactory.class;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Can't rename method to resolve collision */
    @Override // org.springframework.beans.factory.config.AbstractFactoryBean
    public com.rabbitmq.client.ConnectionFactory createInstance() {
        if (this.useSSL) {
            setUpSSL();
        }
        return this.connectionFactory;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setUpSSL() {
        try {
            if (this.sslPropertiesLocation == null && this.keyStore == null && this.trustStore == null && this.keyStoreResource == null && this.trustStoreResource == null) {
                setupBasicSSL();
            } else {
                if (this.sslPropertiesLocation != null) {
                    this.sslProperties.load(this.sslPropertiesLocation.getInputStream());
                }
                KeyManager[] configureKeyManagers = configureKeyManagers();
                TrustManager[] configureTrustManagers = configureTrustManagers();
                if (this.logger.isDebugEnabled()) {
                    this.logger.debug("Initializing SSLContext with KM: " + Arrays.toString(configureKeyManagers) + ", TM: " + Arrays.toString(configureTrustManagers) + ", random: " + this.secureRandom);
                }
                SSLContext createSSLContext = createSSLContext();
                createSSLContext.init(configureKeyManagers, configureTrustManagers, this.secureRandom);
                this.connectionFactory.useSslProtocol(createSSLContext);
                if (this.enableHostnameVerification) {
                    this.connectionFactory.enableHostnameVerification();
                }
            }
        } catch (Exception e) {
            throw RabbitExceptionTranslator.convertRabbitAccessException(e);
        }
    }

    private void setupBasicSSL() throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException {
        if (!this.skipServerCertificateValidation) {
            useDefaultTrustStoreMechanism();
        } else if (this.sslAlgorithmSet) {
            this.connectionFactory.useSslProtocol(this.sslAlgorithm);
        } else {
            this.connectionFactory.useSslProtocol();
        }
    }

    @Nullable
    protected KeyManager[] configureKeyManagers() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        String keyStore = getKeyStore();
        String keyStorePassphrase = getKeyStorePassphrase();
        String keyStoreType = getKeyStoreType();
        char[] cArr = null;
        if (keyStorePassphrase != null) {
            cArr = keyStorePassphrase.toCharArray();
        }
        KeyManager[] keyManagerArr = null;
        if (StringUtils.hasText(keyStore) || this.keyStoreResource != null) {
            Resource resource = this.keyStoreResource != null ? this.keyStoreResource : this.resourceLoader.getResource(keyStore);
            KeyStore keyStore2 = KeyStore.getInstance(keyStoreType);
            InputStream inputStream = resource.getInputStream();
            try {
                keyStore2.load(inputStream, cArr);
                if (inputStream != null) {
                    inputStream.close();
                }
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(this.keyStoreAlgorithm);
                keyManagerFactory.init(keyStore2, cArr);
                keyManagerArr = keyManagerFactory.getKeyManagers();
            } catch (Throwable th) {
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        }
        return keyManagerArr;
    }

    @Nullable
    protected TrustManager[] configureTrustManagers() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
        String trustStore = getTrustStore();
        String trustStorePassphrase = getTrustStorePassphrase();
        String trustStoreType = getTrustStoreType();
        char[] cArr = null;
        if (trustStorePassphrase != null) {
            cArr = trustStorePassphrase.toCharArray();
        }
        TrustManager[] trustManagerArr = null;
        if (StringUtils.hasText(trustStore) || this.trustStoreResource != null) {
            Resource resource = this.trustStoreResource != null ? this.trustStoreResource : this.resourceLoader.getResource(trustStore);
            KeyStore keyStore = KeyStore.getInstance(trustStoreType);
            InputStream inputStream = resource.getInputStream();
            try {
                keyStore.load(inputStream, cArr);
                if (inputStream != null) {
                    inputStream.close();
                }
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(this.trustStoreAlgorithm);
                trustManagerFactory.init(keyStore);
                trustManagerArr = trustManagerFactory.getTrustManagers();
            } catch (Throwable th) {
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        }
        return trustManagerArr;
    }

    protected SSLContext createSSLContext() throws NoSuchAlgorithmException {
        return SSLContext.getInstance(this.sslAlgorithm);
    }

    private void useDefaultTrustStoreMechanism() throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException {
        SSLContext sSLContext = SSLContext.getInstance(this.sslAlgorithm);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
        this.connectionFactory.useSslProtocol(sSLContext);
        if (this.enableHostnameVerification) {
            this.connectionFactory.enableHostnameVerification();
        }
    }

    static {
        String str = "TLSv1.1";
        try {
            String[] protocols = SSLContext.getDefault().getSupportedSSLParameters().getProtocols();
            int length = protocols.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                if ("TLSv1.2".equals(protocols[i])) {
                    str = "TLSv1.2";
                    break;
                }
                i++;
            }
        } catch (NoSuchAlgorithmException e) {
        }
        DEFAULT_PROTOCOL = str;
    }
}
