package io.jans.ca.server.service;

import com.fasterxml.jackson.databind.JsonNode;
import com.google.common.base.Strings;
import com.google.inject.Inject;
import io.jans.ca.common.CoreUtils;
import io.jans.ca.common.Jackson2;
import io.jans.ca.common.proxy.ProxyConfiguration;
import io.jans.ca.server.RpServerConfiguration;
import java.io.File;
import java.util.List;
import java.util.Optional;
import org.apache.http.client.HttpClient;
import org.jboss.resteasy.client.jaxrs.ClientHttpEngine;
import org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient43Engine;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/jans/ca/server/service/HttpService.class */
public class HttpService {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) HttpService.class);
    private RpServerConfiguration configuration;

    @Inject
    public HttpService(RpServerConfiguration rpServerConfiguration) {
        this.configuration = rpServerConfiguration;
    }

    public HttpClient getHttpClient() {
        Optional<ProxyConfiguration> asProxyConfiguration = asProxyConfiguration(this.configuration);
        String[] listToArray = listToArray(this.configuration.getTlsVersion());
        String[] listToArray2 = listToArray(this.configuration.getTlsSecureCipher());
        try {
            validate(asProxyConfiguration);
            Boolean trustAllCerts = this.configuration.getTrustAllCerts();
            if (trustAllCerts != null && trustAllCerts.booleanValue()) {
                LOG.trace("Created TRUST_ALL client.");
                return CoreUtils.createHttpClientTrustAll(asProxyConfiguration, listToArray, listToArray2);
            }
            String keyStorePath = this.configuration.getKeyStorePath();
            if (Strings.isNullOrEmpty(keyStorePath)) {
                return CoreUtils.createClientFallback(asProxyConfiguration);
            }
            File file = new File(keyStorePath);
            if (!file.exists()) {
                LOG.error("ERROR in configuration. Trust store path is invalid! Please fix key_store_path in jans_client_api configuration");
                return CoreUtils.createClientFallback(asProxyConfiguration);
            }
            if (!this.configuration.getMtlsEnabled().booleanValue()) {
                return CoreUtils.createHttpClientWithKeyStore(file, this.configuration.getKeyStorePassword(), listToArray, listToArray2, asProxyConfiguration);
            }
            String mtlsClientKeyStorePath = this.configuration.getMtlsClientKeyStorePath();
            if (Strings.isNullOrEmpty(mtlsClientKeyStorePath)) {
                LOG.error("Mtls Client key store path is empty! Please fix mtls_client_key_store_path in jans_client_api configuration");
                return CoreUtils.createHttpClientWithKeyStore(file, this.configuration.getKeyStorePassword(), listToArray, listToArray2, asProxyConfiguration);
            }
            File file2 = new File(mtlsClientKeyStorePath);
            if (file2.exists()) {
                return CoreUtils.createHttpClientForMutualAuthentication(file, this.configuration.getKeyStorePassword(), file2, this.configuration.getMtlsClientKeyStorePassword(), listToArray, listToArray2, asProxyConfiguration);
            }
            LOG.error("ERROR in configuration. Mtls Client key stroe path is invalid! Please fix mtls_client_key_store_path in jans_client_api configuration");
            return CoreUtils.createHttpClientWithKeyStore(file, this.configuration.getKeyStorePassword(), listToArray, listToArray2, asProxyConfiguration);
        } catch (Exception e) {
            LOG.error(e.getMessage(), (Throwable) e);
            LOG.error("Failed to create http client based on jans_client_api configuration. Created default client.");
            return CoreUtils.createClientFallback(asProxyConfiguration);
        }
    }

    private static Optional<ProxyConfiguration> asProxyConfiguration(RpServerConfiguration rpServerConfiguration) {
        try {
            JsonNode proxyConfiguration = rpServerConfiguration.getProxyConfiguration();
            if (proxyConfiguration != null) {
                return Optional.ofNullable((ProxyConfiguration) Jackson2.createJsonMapper().treeToValue(proxyConfiguration, ProxyConfiguration.class));
            }
        } catch (Exception e) {
            LOG.error("Failed to parse ProxyConfiguration.", (Throwable) e);
        }
        return Optional.empty();
    }

    private void validate(Optional<ProxyConfiguration> optional) {
        if (optional.isPresent() && Strings.isNullOrEmpty(optional.get().getHost())) {
            throw new RuntimeException("Invalid proxy server `hostname` provided (empty or null). jans_client_api will connect to OP_HOST without proxy configuration.");
        }
    }

    public ClientHttpEngine getClientEngine() {
        return new ApacheHttpClient43Engine(getHttpClient());
    }

    private static String[] listToArray(List<String> list) {
        if (list == null || list.isEmpty()) {
            return null;
        }
        return (String[]) list.stream().toArray(i -> {
            return new String[i];
        });
    }
}
