package io.cellery.security.cell.sts.server.core.validators;

import io.cellery.security.cell.sts.server.core.CellStsUtils;
import java.util.Arrays;
import java.util.Locale;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;

/* loaded from: input_file:io/cellery/security/cell/sts/server/core/validators/CelleryHostnameVerifier.class */
public class CelleryHostnameVerifier implements HostnameVerifier {
    private HostnameVerifier hostnameVerifier;
    private boolean verifyHostname = Boolean.parseBoolean(CellStsUtils.resolveSystemVariable(HOSTNAME_VERIFICATION_ENABLED));
    private static final String HOSTNAME_VERIFICATION_ENABLED = "ENABLE_HOSTNAME_VERIFICATION";
    private static final String[] LOCALHOSTS = {"::1", "127.0.0.1", "localhost", "localhost.localdomain"};
    private static final String[] CELLERY_HOSTS = {"gateway.cellery-system", "idp.cellery-system", "wso2-apim", "wso2-apim-gateway"};

    public CelleryHostnameVerifier(HostnameVerifier hostnameVerifier) {
        this.hostnameVerifier = hostnameVerifier;
    }

    static boolean containsHost(String str, String[] strArr) {
        int lastIndexOf;
        String lowerCase = str != null ? str.trim().toLowerCase(Locale.US) : "";
        if (lowerCase.startsWith("::1") && (lastIndexOf = lowerCase.lastIndexOf(37)) >= 0) {
            lowerCase = lowerCase.substring(0, lastIndexOf);
        }
        return Arrays.binarySearch(strArr, lowerCase) >= 0;
    }

    @Override // javax.net.ssl.HostnameVerifier
    public boolean verify(String str, SSLSession sSLSession) {
        if (!this.verifyHostname || containsHost(str, LOCALHOSTS) || containsHost(str, CELLERY_HOSTS)) {
            return true;
        }
        return this.hostnameVerifier.verify(str, sSLSession);
    }
}
