package eu.europeana.corelib.db.wrapper;

import com.mongodb.MongoClient;
import com.mongodb.MongoClientException;
import com.mongodb.MongoClientOptions;
import com.mongodb.MongoClientURI;
import com.mongodb.MongoException;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.mongodb.morphia.Datastore;
import org.mongodb.morphia.Morphia;
import org.mongodb.morphia.mapping.Mapper;
import org.mongodb.morphia.mapping.MapperOptions;

/* loaded from: input_file:eu/europeana/corelib/db/wrapper/ApiMongoConnector.class */
public class ApiMongoConnector {
    private static final Logger log = LogManager.getLogger(ApiMongoConnector.class);
    SSLContext sslContext = null;
    MongoClient mongoClient = null;
    int DEFAULT_IDLE_TIME = 5000;

    public Datastore createDatastore(String str, String str2, String str3) {
        return createDatastore(str, str2, str3, this.DEFAULT_IDLE_TIME);
    }

    public Datastore createDatastore(String str, String str2, String str3, int i) {
        return createDatastore(str, str2, str3, i, (String[]) null);
    }

    public Datastore createDatastore(String str, String str2, String str3, int i, String... strArr) {
        try {
            log.debug("Connecting to mongo server:" + str);
            MongoClientOptions.Builder buildMongoConnectionOptions = buildMongoConnectionOptions(str, str2, str3);
            if (i > 0) {
                buildMongoConnectionOptions.maxConnectionIdleTime(i);
            } else {
                buildMongoConnectionOptions.maxConnectionIdleTime(this.DEFAULT_IDLE_TIME);
            }
            MongoClientURI mongoClientURI = new MongoClientURI(str, buildMongoConnectionOptions);
            this.mongoClient = new MongoClient(mongoClientURI);
            Datastore createDatastore = (strArr == null || strArr.length <= 0) ? new Morphia().createDatastore(this.mongoClient, mongoClientURI.getDatabase()) : createConnectionAndIndices(mongoClientURI, strArr);
            log.info(String.format("Connection to db '%s' mongo server was successful", mongoClientURI.getDatabase()));
            return createDatastore;
        } catch (MongoException e) {
            throw e;
        }
    }

    private Datastore createConnectionAndIndices(MongoClientURI mongoClientURI, String... strArr) {
        MapperOptions mapperOptions = new MapperOptions();
        mapperOptions.setMapSubPackages(true);
        Morphia morphia = new Morphia(new Mapper(mapperOptions));
        for (String str : strArr) {
            morphia.mapPackage(str, false);
        }
        Datastore createDatastore = morphia.createDatastore(this.mongoClient, mongoClientURI.getDatabase());
        createDatastore.ensureIndexes();
        return createDatastore;
    }

    private MongoClientOptions.Builder buildMongoConnectionOptions(String str, String str2, String str3) {
        MongoClientOptions.Builder builder = MongoClientOptions.builder();
        if (isSslEnabled(str)) {
            builder.sslEnabled(true).sslInvalidHostNameAllowed(true);
            if (!StringUtils.isEmpty(str2)) {
                validateTrustStoreConfig(str2, str3);
                log.debug("Enabling ssl connection using truststore: " + str2 + ":" + str3);
                builder.socketFactory(getSslContext(str2, str3).getSocketFactory());
            }
        }
        return builder;
    }

    public SSLContext getSslContext(String str, String str2) {
        return this.sslContext != null ? this.sslContext : str.startsWith("/") ? loadTrustStoreFromFile(str, str2) : loadTrustStoreFromClasspath(str, str2);
    }

    public void close() {
        if (this.mongoClient != null) {
            try {
                log.info("Shutting down connections to Mongo...");
                this.mongoClient.close();
            } catch (Throwable th) {
                log.error("cannot close mongo connetions", th);
            }
        }
    }

    protected void validateTrustStoreConfig(String str, String str2) {
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2)) {
            throw new IllegalArgumentException("Both trustore and truststorePass must be provided, when trustore is used! " + str + ":" + str2);
        }
    }

    private boolean isSslEnabled(String str) {
        return str.contains("tls=true") || str.contains("ssl=true");
    }

    private SSLContext loadTrustStoreFromClasspath(String str, String str2) {
        log.debug("Loading trustore from classpath: {}", str);
        String str3 = "/" + str;
        if (getClass().getResource(str3) == null) {
            log.info("truststore not at location: {}, search in config subfolder.", str3);
            str3 = "/config/" + str;
            if (getClass().getResource(str3) == null) {
                log.info("truststore not at location: {}, search in config subfolder.", str3);
                throw new MongoClientException("cannot find trustore file in classpath: " + str3);
            }
        }
        try {
            InputStream resourceAsStream = getClass().getResourceAsStream(str3);
            try {
                SSLContext loadCertificateToSslContext = loadCertificateToSslContext(resourceAsStream, str2);
                if (resourceAsStream != null) {
                    resourceAsStream.close();
                }
                return loadCertificateToSslContext;
            } catch (Throwable th) {
                if (resourceAsStream != null) {
                    try {
                        resourceAsStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new MongoClientException("Cannot initialize mongo truststore", e);
        }
    }

    private SSLContext loadTrustStoreFromFile(String str, String str2) {
        File file = new File(str);
        if (!file.exists()) {
            throw new MongoClientException("Trustore file location does not exist: " + str);
        }
        log.debug("Loading truststore from file {}", file);
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            try {
                SSLContext loadCertificateToSslContext = loadCertificateToSslContext(fileInputStream, str2);
                fileInputStream.close();
                return loadCertificateToSslContext;
            } catch (Throwable th) {
                try {
                    fileInputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new MongoClientException("Cannot initialize mongo truststore", e);
        }
    }

    private SSLContext loadCertificateToSslContext(InputStream inputStream, String str) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, KeyManagementException {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(inputStream, str.toCharArray());
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        this.sslContext = SSLContext.getInstance("TLSv1.2");
        this.sslContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
        return this.sslContext;
    }
}
