package be.ehealth.technicalconnector.config.impl;

import be.ehealth.technicalconnector.config.Configuration;
import be.ehealth.technicalconnector.config.ConfigurationModule;
import be.ehealth.technicalconnector.exception.ConfigurationException;
import be.ehealth.technicalconnector.exception.TechnicalConnectorException;
import be.ehealth.technicalconnector.exception.TechnicalConnectorExceptionValues;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:be/ehealth/technicalconnector/config/impl/ConfigurationModuleSSL.class */
public final class ConfigurationModuleSSL implements ConfigurationModule {
    private static final String JAVAX_NET_DEBUG = "javax.net.debug";
    private static final String CONNECTOR_CONFIGURATIONMODULE_SSL_DEBUG = "connector.configurationmodule.ssl.debug";
    public static final String CONNECTOR_CONFIGURATIONMODULE_SSL_VERIFICATIONFLAVOUR = "connector.configurationmodule.ssl.verifcation.flavour";
    private static final Logger LOG = LoggerFactory.getLogger(ConfigurationModuleSSL.class);
    public static final String SSL_VERIFICATION_FLAVOUR_PASSTHROUGH = "passthrough";
    public static final String SSL_VERIFICATION_FLAVOUR_TRUSTSTORE = "truststore";
    private SSLSocketFactory oldDefaultSSLSocketFactory;

    @Override // be.ehealth.technicalconnector.config.ConfigurationModule
    public void init(Configuration configuration) throws TechnicalConnectorException {
        TrustManager[] trustManagerArr;
        LOG.debug("Initializing ConfigurationModule {}", getClass().getName());
        if (ConfigUtils.isNet()) {
            LOG.debug("Activating TLSv1.2 for .NET");
            System.setProperty("https.protocols", "TLSv1,TLSv1.1,TLSv1.2");
        }
        try {
            this.oldDefaultSSLSocketFactory = HttpsURLConnection.getDefaultSSLSocketFactory();
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            String property = configuration.getProperty(CONNECTOR_CONFIGURATIONMODULE_SSL_VERIFICATIONFLAVOUR, SSL_VERIFICATION_FLAVOUR_TRUSTSTORE);
            if (SSL_VERIFICATION_FLAVOUR_PASSTHROUGH.equals(property)) {
                trustManagerArr = new TrustManager[]{TrustManagerFactory.passThroughTrustManager()};
            } else {
                if (!SSL_VERIFICATION_FLAVOUR_TRUSTSTORE.equals(property)) {
                    throw new ConfigurationException("Unsupported SSL verifcation flavour " + property);
                }
                trustManagerArr = new TrustManager[]{TrustManagerFactory.keystoreTrustManager(configuration)};
            }
            sSLContext.init(null, trustManagerArr, null);
            HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
        } catch (Exception e) {
            throw new TechnicalConnectorException(TechnicalConnectorExceptionValues.ERROR_GENERAL, e, e.getMessage());
        }
    }

    @Override // be.ehealth.technicalconnector.config.ConfigurationModule
    public void unload() throws TechnicalConnectorException {
        LOG.debug("Unloading ConfigurationModule {}", getClass().getName());
        HttpsURLConnection.setDefaultSSLSocketFactory(this.oldDefaultSSLSocketFactory);
    }
}
