package be.ehealth.technicalconnector.config.impl;

import be.ehealth.technicalconnector.config.Configuration;
import be.ehealth.technicalconnector.config.ConfigurationModule;
import be.ehealth.technicalconnector.exception.TechnicalConnectorException;
import be.ehealth.technicalconnector.exception.TechnicalConnectorExceptionValues;
import be.ehealth.technicalconnector.utils.ConnectorIOUtils;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:be/ehealth/technicalconnector/config/impl/ConfigurationModuleSSL.class */
public final class ConfigurationModuleSSL implements ConfigurationModule {
    private static final String JAVAX_NET_DEBUG = "javax.net.debug";
    private static final String CONNECTOR_CONFIGURATIONMODULE_SSL_DEBUG = "connector.configurationmodule.ssl.debug";
    private static final String JAVAX_NET_SSL_TRUST_STORE_PASSWORD = "javax.net.ssl.trustStorePassword";
    private static final String JAVAX_NET_SSL_TRUST_STORE = "javax.net.ssl.trustStore";
    private static final String TRUSTSTORE_PASSWORD = "truststore_password";
    private static final String KEYSTORE_DIR = "KEYSTORE_DIR";
    private static final String TRUSTSTORE_LOCATION = "truststore_location";
    private static final String TRUSTSTORE_LOCATION_ORIGINAL = "truststore_location_original";
    private static final Logger LOG = LoggerFactory.getLogger(ConfigurationModuleSSL.class);
    private Map<String, String> oldValues = new HashMap();

    @Override // be.ehealth.technicalconnector.config.ConfigurationModule
    public void init(Configuration configuration) throws TechnicalConnectorException {
        if (isValid(configuration)) {
            this.oldValues.put(JAVAX_NET_SSL_TRUST_STORE, System.getProperty(JAVAX_NET_SSL_TRUST_STORE));
            this.oldValues.put(JAVAX_NET_SSL_TRUST_STORE_PASSWORD, System.getProperty(JAVAX_NET_SSL_TRUST_STORE_PASSWORD));
            System.setProperty(JAVAX_NET_SSL_TRUST_STORE, configuration.getProperty(TRUSTSTORE_LOCATION));
            System.setProperty(JAVAX_NET_SSL_TRUST_STORE_PASSWORD, configuration.getProperty(TRUSTSTORE_PASSWORD));
        }
        if ("true".equals(configuration.getProperty(CONNECTOR_CONFIGURATIONMODULE_SSL_DEBUG, "false"))) {
            this.oldValues.put(JAVAX_NET_DEBUG, System.getProperty(JAVAX_NET_DEBUG));
            System.setProperty(JAVAX_NET_DEBUG, "all");
        }
        verifyTrustStore();
    }

    private void verifyTrustStore() throws TechnicalConnectorException {
        String trustStoreLocation = getTrustStoreLocation(System.getProperty(JAVAX_NET_SSL_TRUST_STORE));
        if (StringUtils.isEmpty(trustStoreLocation)) {
            return;
        }
        InputStream inputStream = null;
        try {
            try {
                KeyStore keyStore = KeyStore.getInstance("JKS");
                char[] cArr = new char[0];
                String property = System.getProperty(JAVAX_NET_SSL_TRUST_STORE_PASSWORD);
                if (property != null) {
                    cArr = property.toCharArray();
                }
                inputStream = ConnectorIOUtils.getResourceAsStream(trustStoreLocation);
                keyStore.load(inputStream, cArr);
                ArrayList<String> list = Collections.list(keyStore.aliases());
                LOG.debug("Content of truststore at location: " + trustStoreLocation);
                for (String str : list) {
                    LOG.debug("\t." + str + " :" + ((X509Certificate) keyStore.getCertificate(str)).getSubjectX500Principal().getName("RFC2253"));
                }
                ConnectorIOUtils.closeQuietly(inputStream);
            } catch (Exception e) {
                LOG.warn(e.getClass().getSimpleName() + ":" + e.getMessage());
                throw new TechnicalConnectorException(TechnicalConnectorExceptionValues.ERROR_CONFIG, e, e.getMessage());
            }
        } catch (Throwable th) {
            ConnectorIOUtils.closeQuietly(inputStream);
            throw th;
        }
    }

    private boolean isValid(Configuration configuration) throws TechnicalConnectorException {
        String trustStoreLocation;
        boolean z = false;
        String property = configuration.getProperty(KEYSTORE_DIR);
        String property2 = configuration.getProperty(TRUSTSTORE_LOCATION_ORIGINAL, "${truststore_location}");
        configuration.setProperty(TRUSTSTORE_LOCATION_ORIGINAL, property2);
        if (property == null) {
            LOG.warn("Missing property : KEYSTORE_DIR");
        }
        if (property2 == null) {
            LOG.warn("Missing property : truststore_location");
        }
        if (configuration.getProperty(TRUSTSTORE_PASSWORD) == null) {
            LOG.warn("Missing property : truststore_password");
        }
        if (property != null && property2 != null && (trustStoreLocation = getTrustStoreLocation(configuration.getProperty(KEYSTORE_DIR) + property2)) != null) {
            z = true;
            configuration.setProperty(TRUSTSTORE_LOCATION, trustStoreLocation);
            if (!trustStoreLocation.equals(configuration.getProperty(TRUSTSTORE_LOCATION))) {
                throw new TechnicalConnectorException(TechnicalConnectorExceptionValues.ERROR_CONFIG, "could not update configuration parameter truststore_location : config still returns old location ]" + configuration.getProperty(TRUSTSTORE_LOCATION) + "[ after update to location ]" + trustStoreLocation + "[");
            }
        }
        return z;
    }

    private String getTrustStoreLocation(String str) {
        try {
            try {
                InputStream resourceAsStream = ConnectorIOUtils.getResourceAsStream(str);
                LOG.debug("ConfigurationModuleSSL.getTrustStoreLocation: loading file on location [" + str + "]");
                if (resourceAsStream == null) {
                    throw new TechnicalConnectorException(TechnicalConnectorExceptionValues.ERROR_CONFIG, "trustStore file doesn't exist or is not a file on location [" + str + "] and resourceFilePath [" + str + "]");
                }
                LOG.debug("Creating new temp trustStore");
                File createTempFile = File.createTempFile(JAVAX_NET_SSL_TRUST_STORE, ".jks");
                createTempFile.deleteOnExit();
                LOG.debug("Creating new temp trustStore on path [" + createTempFile.getPath() + "] with filename [" + createTempFile.getName() + "]");
                FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
                IOUtils.copy(resourceAsStream, fileOutputStream);
                String path = createTempFile.getPath();
                ConnectorIOUtils.closeQuietly(resourceAsStream, fileOutputStream);
                return path;
            } catch (TechnicalConnectorException e) {
                LOG.error(e.getMessage());
                ConnectorIOUtils.closeQuietly(null, null);
                return null;
            } catch (IOException e2) {
                LOG.error(e2.getMessage());
                ConnectorIOUtils.closeQuietly(null, null);
                return null;
            }
        } catch (Throwable th) {
            ConnectorIOUtils.closeQuietly(null, null);
            throw th;
        }
    }

    @Override // be.ehealth.technicalconnector.config.ConfigurationModule
    public void unload() {
        LOG.debug("Unloading ConfigurationModule " + getClass().getName());
        ConfigurationModuleLoader.unloadSystemProperties(this.oldValues);
    }
}
