package org.wso2.carbon.identity.application.authentication.endpoint.util;

import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Map;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:org/wso2/carbon/identity/application/authentication/endpoint/util/TenantMgtAdminServiceClient.class */
public class TenantMgtAdminServiceClient {
    private static final String HTTP_POST = "POST";
    private static KeyStore keyStore;
    private static KeyStore trustStore;
    private static char[] keyStorePassword;
    private static HttpsURLConnection httpsURLConnection;
    private static SSLSocketFactory sslSocketFactory;
    private static final Log log = LogFactory.getLog(TenantMgtAdminServiceClient.class);
    private static String keyStoreType = "JKS";
    private static String trustStoreType = "JKS";
    private static String keyManagerType = "SunX509";
    private static String trustManagerType = "SunX509";
    private static String protocol = "SSLv3";

    private TenantMgtAdminServiceClient() {
    }

    public static void loadKeyStore(String str, String str2) throws AuthenticationException {
        FileInputStream fileInputStream = null;
        try {
            try {
                keyStorePassword = str2.toCharArray();
                keyStore = KeyStore.getInstance(keyStoreType);
                fileInputStream = new FileInputStream(str);
                keyStore.load(fileInputStream, keyStorePassword);
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e) {
                        log.error("Failed to close file. ", e);
                    }
                }
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
                throw new AuthenticationException("Error while trying to load Key Store.", e2);
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e3) {
                    log.error("Failed to close file. ", e3);
                }
            }
            throw th;
        }
    }

    public static void loadTrustStore(String str, String str2) throws AuthenticationException {
        FileInputStream fileInputStream = null;
        try {
            try {
                trustStore = KeyStore.getInstance(trustStoreType);
                fileInputStream = new FileInputStream(str);
                trustStore.load(fileInputStream, str2.toCharArray());
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e) {
                        log.error("Failed to close file. ", e);
                    }
                }
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
                throw new AuthenticationException("Error while trying to load Trust Store.", e2);
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e3) {
                    log.error("Failed to close file. ", e3);
                }
            }
            throw th;
        }
    }

    public static void initMutualSSLConnection(boolean z) throws AuthenticationException {
        try {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(keyManagerType);
            keyManagerFactory.init(keyStore, keyStorePassword);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(trustManagerType);
            trustManagerFactory.init(trustStore);
            SSLContext sSLContext = SSLContext.getInstance(protocol);
            if (z) {
                sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
                sslSocketFactory = sSLContext.getSocketFactory();
                if (log.isDebugEnabled()) {
                    log.debug("Mutual SSL Client initialized with Hostname Verification enabled");
                }
            } else {
                HostnameVerifier hostnameVerifier = new HostnameVerifier() { // from class: org.wso2.carbon.identity.application.authentication.endpoint.util.TenantMgtAdminServiceClient.1
                    @Override // javax.net.ssl.HostnameVerifier
                    public boolean verify(String str, SSLSession sSLSession) {
                        return true;
                    }
                };
                sSLContext.init(keyManagerFactory.getKeyManagers(), new TrustManager[]{new X509TrustManager() { // from class: org.wso2.carbon.identity.application.authentication.endpoint.util.TenantMgtAdminServiceClient.2
                    @Override // javax.net.ssl.X509TrustManager
                    public X509Certificate[] getAcceptedIssuers() {
                        return new X509Certificate[0];
                    }

                    @Override // javax.net.ssl.X509TrustManager
                    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                    }

                    @Override // javax.net.ssl.X509TrustManager
                    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                    }
                }}, new SecureRandom());
                if (log.isDebugEnabled()) {
                    log.debug("SSL Context is initialized with trust manager for excluding certificate validation");
                }
                SSLContext.setDefault(sSLContext);
                sslSocketFactory = sSLContext.getSocketFactory();
                HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
                if (log.isDebugEnabled()) {
                    log.debug("Mutual SSL Client initialized with Hostname Verification disabled");
                }
            }
        } catch (KeyManagementException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            throw new AuthenticationException("Error while trying to load Trust Store.", e);
        }
    }

    public static String sendPostRequest(String str, String str2, Map<String, String> map) {
        OutputStream outputStream = null;
        InputStream inputStream = null;
        BufferedReader bufferedReader = null;
        String str3 = null;
        URL url = null;
        try {
            try {
                url = new URL(str);
                httpsURLConnection = (HttpsURLConnection) url.openConnection();
                httpsURLConnection.setSSLSocketFactory(sslSocketFactory);
                httpsURLConnection.setDoOutput(true);
                httpsURLConnection.setDoInput(true);
                httpsURLConnection.setRequestMethod(HTTP_POST);
                if (map != null) {
                    for (Map.Entry<String, String> entry : map.entrySet()) {
                        httpsURLConnection.setRequestProperty(entry.getKey(), entry.getValue());
                    }
                }
                outputStream = httpsURLConnection.getOutputStream();
                if (StringUtils.isNotEmpty(str2)) {
                    outputStream.write(str2.getBytes(StandardCharsets.UTF_8));
                }
                inputStream = httpsURLConnection.getInputStream();
                bufferedReader = new BufferedReader(new InputStreamReader(inputStream, StandardCharsets.UTF_8));
                StringBuilder sb = new StringBuilder();
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (!StringUtils.isNotEmpty(readLine)) {
                        break;
                    }
                    sb.append(readLine);
                }
                str3 = sb.toString();
                if (bufferedReader != null) {
                    try {
                        bufferedReader.close();
                    } catch (IOException e) {
                        log.error("Closing stream for " + url + " failed", e);
                    }
                }
                if (inputStream != null) {
                    inputStream.close();
                }
                if (outputStream != null) {
                    outputStream.close();
                }
            } catch (Throwable th) {
                if (bufferedReader != null) {
                    try {
                        bufferedReader.close();
                    } catch (IOException e2) {
                        log.error("Closing stream for " + url + " failed", e2);
                        throw th;
                    }
                }
                if (inputStream != null) {
                    inputStream.close();
                }
                if (outputStream != null) {
                    outputStream.close();
                }
                throw th;
            }
        } catch (IOException e3) {
            log.error("Sending POST request to URL : " + url + "failed.", e3);
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (IOException e4) {
                    log.error("Closing stream for " + url + " failed", e4);
                }
            }
            if (inputStream != null) {
                inputStream.close();
            }
            if (outputStream != null) {
                outputStream.close();
            }
        }
        return str3;
    }

    public static String getKeyStoreType() {
        return keyStoreType;
    }

    public static void setKeyStoreType(String str) {
        keyStoreType = str;
    }

    public static String getTrustStoreType() {
        return trustStoreType;
    }

    public static void setTrustStoreType(String str) {
        trustStoreType = str;
    }

    public static String getKeyManagerType() {
        return keyManagerType;
    }

    public static void setKeyManagerType(String str) {
        keyManagerType = str;
    }

    public static String getTrustManagerType() {
        return trustManagerType;
    }

    public static void setTrustManagerType(String str) {
        trustManagerType = str;
    }

    public static HttpsURLConnection getHttpsURLConnection() {
        return httpsURLConnection;
    }

    public static void setProtocol(String str) {
        protocol = str;
    }
}
