package org.wso2.am.analytics.publisher.auth;

import java.io.FileInputStream;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Proxy;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Arrays;
import java.util.Map;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.Credentials;
import okhttp3.OkHttpClient;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.am.analytics.publisher.util.Constants;

/* loaded from: input_file:org/wso2/am/analytics/publisher/auth/AuthProxyUtils.class */
public class AuthProxyUtils {
    private static final Logger log = LoggerFactory.getLogger(AuthProxyUtils.class);
    private static KeyStore trustStore;
    private static TrustManagerFactory trustManagerFactory;
    private static final String KEYSTORE_TYPE = "JKS";
    private static final String PROTOCOL = "TLS";
    private static final String ALGORITHM = "SunX509";

    public static OkHttpClient getProxyClient(Map<String, String> map) {
        String str = map.get(Constants.PROXY_HOST);
        String str2 = map.get(Constants.PROXY_PORT);
        String str3 = map.get(Constants.PROXY_USERNAME);
        String str4 = map.get(Constants.PROXY_PASSWORD);
        SSLSocketFactory trustedSSLSocketFactory = getTrustedSSLSocketFactory(map);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
            throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
        }
        OkHttpClient.Builder proxy = new OkHttpClient.Builder().sslSocketFactory(trustedSSLSocketFactory, (X509TrustManager) trustManagers[0]).proxy(new Proxy(Proxy.Type.HTTP, new InetSocketAddress(str, Integer.parseInt(str2))));
        if (StringUtils.isNotEmpty(str3) && StringUtils.isNotEmpty(str4)) {
            proxy.proxyAuthenticator((route, response) -> {
                return response.request().newBuilder().header("Proxy-Authorization", Credentials.basic(str3, str4)).build();
            });
        }
        return proxy.build();
    }

    private static SSLSocketFactory getTrustedSSLSocketFactory(Map<String, String> map) {
        try {
            String str = map.get(Constants.KEYSTORE_PASSWORD);
            String str2 = map.get(Constants.KEYSTORE_LOCATION);
            String str3 = map.get(Constants.TRUSTSTORE_PASSWORD);
            String str4 = map.get(Constants.TRUSTSTORE_LOCATION);
            KeyStore loadKeyStore = loadKeyStore(str2, str);
            trustStore = loadTrustStore(str4, str3);
            return initSSLConnection(loadKeyStore, str);
        } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
            log.error("Error while creating the SSL socket factory", e);
            return null;
        }
    }

    private static SSLSocketFactory initSSLConnection(KeyStore keyStore, String str) throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, KeyManagementException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(ALGORITHM);
        keyManagerFactory.init(keyStore, str.toCharArray());
        trustManagerFactory = TrustManagerFactory.getInstance(ALGORITHM);
        trustManagerFactory.init(trustStore);
        SSLContext sSLContext = SSLContext.getInstance(PROTOCOL);
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
        SSLContext.setDefault(sSLContext);
        return sSLContext.getSocketFactory();
    }

    private static KeyStore loadKeyStore(String str, String str2) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
        FileInputStream fileInputStream = null;
        try {
            char[] charArray = str2.toCharArray();
            KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
            fileInputStream = new FileInputStream(str);
            keyStore.load(fileInputStream, charArray);
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            return keyStore;
        } catch (Throwable th) {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }

    private static KeyStore loadTrustStore(String str, String str2) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
        return loadKeyStore(str, str2);
    }
}
