package org.wso2.choreo.connect.enforcer.throttle.databridge.agent.endpoint.binary;

import java.io.IOException;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.wso2.choreo.connect.enforcer.throttle.databridge.agent.AgentHolder;
import org.wso2.choreo.connect.enforcer.throttle.databridge.agent.client.AbstractSecureClientPoolFactory;
import org.wso2.choreo.connect.enforcer.throttle.databridge.agent.conf.DataEndpointConfiguration;
import org.wso2.choreo.connect.enforcer.throttle.databridge.agent.exception.DataEndpointException;

/* loaded from: input_file:org/wso2/choreo/connect/enforcer/throttle/databridge/agent/endpoint/binary/BinarySecureClientPoolFactory.class */
public class BinarySecureClientPoolFactory extends AbstractSecureClientPoolFactory {
    private static final Logger log = LogManager.getLogger(BinarySecureClientPoolFactory.class);
    private static SSLSocketFactory sslSocketFactory;

    public BinarySecureClientPoolFactory(KeyStore keyStore) {
        super(keyStore);
        try {
            sslSocketFactory = createSSLContext().getSocketFactory();
        } catch (DataEndpointException e) {
            log.error("Error while initializing the SSL Context with provided parameters" + e.getErrorMessage(), e);
            log.warn("Default SSLSocketFactory will be used for the data publishing clients.");
            sslSocketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
        }
    }

    @Override // org.wso2.choreo.connect.enforcer.throttle.databridge.agent.client.AbstractClientPoolFactory
    public Object createClient(String str, String str2, int i) throws DataEndpointException {
        if (!str.equalsIgnoreCase(DataEndpointConfiguration.Protocol.SSL.toString())) {
            throw new DataEndpointException("Unsupported protocol: " + str + ". Currently only " + DataEndpointConfiguration.Protocol.SSL.toString() + " supported.");
        }
        int socketTimeoutMS = AgentHolder.getInstance().getDataEndpointAgent().getAgentConfiguration().getSocketTimeoutMS();
        String sslEnabledProtocols = AgentHolder.getInstance().getDataEndpointAgent().getAgentConfiguration().getSslEnabledProtocols();
        String ciphers = AgentHolder.getInstance().getDataEndpointAgent().getAgentConfiguration().getCiphers();
        try {
            SSLSocket sSLSocket = (SSLSocket) sslSocketFactory.createSocket(str2, i);
            sSLSocket.setSoTimeout(socketTimeoutMS);
            if (sslEnabledProtocols != null && sslEnabledProtocols.length() != 0) {
                sSLSocket.setEnabledProtocols(sslEnabledProtocols.split(","));
            }
            if (ciphers == null || ciphers.length() == 0) {
                sSLSocket.setEnabledCipherSuites(sSLSocket.getSupportedCipherSuites());
            } else {
                sSLSocket.setEnabledCipherSuites(ciphers.replaceAll(" ", "").split(","));
            }
            return sSLSocket;
        } catch (IOException e) {
            throw new DataEndpointException("Error while opening socket to " + str2 + ":" + i + ". " + e.getMessage(), e);
        }
    }

    @Override // org.wso2.choreo.connect.enforcer.throttle.databridge.agent.client.AbstractClientPoolFactory
    public boolean validateClient(Object obj) {
        return ((Socket) obj).isConnected();
    }

    @Override // org.wso2.choreo.connect.enforcer.throttle.databridge.agent.client.AbstractClientPoolFactory
    public void terminateClient(Object obj) {
        Socket socket = null;
        try {
            socket = (Socket) obj;
            socket.close();
        } catch (IOException e) {
            log.warn("Cannot close the socket successfully from " + socket.getLocalAddress().getHostAddress() + ":" + socket.getPort());
        }
    }

    private SSLContext createSSLContext() throws DataEndpointException {
        try {
            return SSLContexts.custom().loadTrustMaterial(getTrustStore()).build();
        } catch (KeyManagementException | KeyStoreException | NoSuchAlgorithmException e) {
            throw new DataEndpointException("Error while creating the SSLContext with instance type : TLS.", e);
        }
    }
}
