package org.teiid.spring.data.rest;

import java.io.File;
import java.io.IOException;
import java.security.KeyStore;
import java.util.Arrays;
import java.util.Base64;
import java.util.HashMap;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustAllStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContexts;
import org.springframework.beans.factory.BeanFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.http.converter.FormHttpMessageConverter;
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
import org.springframework.social.oauth2.AccessGrant;
import org.springframework.social.support.FormMapHttpMessageConverter;
import org.springframework.social.support.LoggingErrorHandler;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.web.client.RestTemplate;
import org.teiid.spring.data.BaseConnectionFactory;
import org.teiid.spring.data.ConnectionFactoryConfiguration;

@ConnectionFactoryConfiguration(alias = "rest", translatorName = "rest")
/* loaded from: input_file:org/teiid/spring/data/rest/RestConnectionFactory.class */
public class RestConnectionFactory implements BaseConnectionFactory<RestConnection> {
    private static final String AUTHORIZATION = "Authorization";
    private String securityType;
    private String clientId;
    private String clientSecret;
    private String userName;
    private String password;
    private String refreshToken;
    private String authorizeUrl;
    private String accessTokenUrl;
    private String scope;
    private String endpoint;
    private boolean disableTrustManager = true;
    private boolean disableHostNameVerification;

    @Value("${teiid.ssl.trustStoreFileName:/etc/tls/private/truststore.pkcs12}")
    private String trustStoreFileName;

    @Value("${teiid.ssl.trustStorePassword:changeit}")
    private String trustStorePassword;
    private RestTemplate template;

    @Autowired
    private BeanFactory beanFactory;
    private AccessGrant accessGrant;

    /* renamed from: getConnection, reason: merged with bridge method [inline-methods] */
    public RestConnection m0getConnection() throws Exception {
        if (this.template == null) {
            this.template = createRestTemplate();
        }
        if (this.securityType == null) {
            return new RestConnection(this.template, this.beanFactory, this.endpoint, new HashMap());
        }
        if (this.securityType.contentEquals("http-basic")) {
            if (this.userName == null || this.password == null) {
                throw new IllegalStateException("http-basic authentication configured, however userid/password information not provided");
            }
            HashMap hashMap = new HashMap();
            hashMap.put(AUTHORIZATION, Arrays.asList("Basic " + Base64.getEncoder().encodeToString((this.userName + ":" + this.password).getBytes())));
            return new RestConnection(this.template, this.beanFactory, this.endpoint, hashMap);
        }
        if (!this.securityType.contentEquals("openid-connect")) {
            throw new IllegalStateException("Unsupported authentication for Rest layer " + this.securityType);
        }
        if (!isAccessTokenValid()) {
            refreshAccessToken();
        }
        HashMap hashMap2 = new HashMap();
        hashMap2.put(AUTHORIZATION, Arrays.asList("Bearer " + this.accessGrant.getAccessToken()));
        return new RestConnection(this.template, this.beanFactory, this.endpoint, hashMap2);
    }

    private void refreshAccessToken() {
        RestOAuth2Template restOAuth2Template = new RestOAuth2Template(this.clientId, this.clientSecret, this.authorizeUrl, this.accessTokenUrl, this.template);
        if (this.refreshToken != null) {
            LinkedMultiValueMap linkedMultiValueMap = new LinkedMultiValueMap();
            linkedMultiValueMap.add("scope", this.scope);
            this.accessGrant = restOAuth2Template.refreshAccess(this.refreshToken, linkedMultiValueMap);
        } else {
            if (this.userName == null || this.password == null) {
                throw new IllegalStateException("openid-connect authentication configured, however userid/password information not provided nor refreshToken");
            }
            this.accessGrant = restOAuth2Template.exchangeCredentialsForAccess(this.userName, this.password, new LinkedMultiValueMap());
        }
    }

    private boolean isAccessTokenValid() {
        if (this.accessGrant == null) {
            return false;
        }
        return this.accessGrant.getExpireTime() != null ? this.accessGrant.getExpireTime().longValue() < System.currentTimeMillis() : this.accessGrant.getAccessToken() != null;
    }

    protected RestTemplate createRestTemplate() {
        SSLConnectionSocketFactory sSLConnectionSocketFactory;
        try {
            if (this.disableTrustManager) {
                sSLConnectionSocketFactory = new SSLConnectionSocketFactory(SSLContexts.custom().loadTrustMaterial((KeyStore) null, new TrustAllStrategy()).build(), NoopHostnameVerifier.INSTANCE);
            } else {
                if (this.trustStoreFileName == null || !new File(this.trustStoreFileName).exists()) {
                    throw new IllegalStateException("Truststore name is not provided for Rest based datasource, if `https` verification is not required then turn on 'disableTrustManager` to skip the certifictate verification");
                }
                sSLConnectionSocketFactory = new SSLConnectionSocketFactory(SSLContexts.custom().loadTrustMaterial(new File(this.trustStoreFileName), this.trustStorePassword.toCharArray()).build(), this.disableHostNameVerification ? NoopHostnameVerifier.INSTANCE : null);
            }
            CloseableHttpClient build = HttpClients.custom().setSSLSocketFactory(sSLConnectionSocketFactory).build();
            HttpComponentsClientHttpRequestFactory httpComponentsClientHttpRequestFactory = new HttpComponentsClientHttpRequestFactory();
            httpComponentsClientHttpRequestFactory.setHttpClient(build);
            RestTemplate restTemplate = new RestTemplate(httpComponentsClientHttpRequestFactory);
            restTemplate.getMessageConverters().add(new FormHttpMessageConverter());
            restTemplate.getMessageConverters().add(new FormMapHttpMessageConverter());
            restTemplate.getMessageConverters().add(new MappingJackson2HttpMessageConverter());
            restTemplate.setErrorHandler(new LoggingErrorHandler());
            return restTemplate;
        } catch (Exception e) {
            throw new IllegalStateException("failed to create Rest cleint for making outgoing API calls", e);
        }
    }

    public String getSecurityType() {
        return this.securityType;
    }

    public void setSecurityType(String str) {
        this.securityType = str;
    }

    public String getClientId() {
        return this.clientId;
    }

    public void setClientId(String str) {
        this.clientId = str;
    }

    public String getClientSecret() {
        return this.clientSecret;
    }

    public void setClientSecret(String str) {
        this.clientSecret = str;
    }

    public String getUserName() {
        return this.userName;
    }

    public void setUserName(String str) {
        this.userName = str;
    }

    public String getPassword() {
        return this.password;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public String getRefreshToken() {
        return this.refreshToken;
    }

    public void setRefreshToken(String str) {
        this.refreshToken = str;
    }

    public String getAuthorizeUrl() {
        return this.authorizeUrl;
    }

    public void setAuthorizeUrl(String str) {
        this.authorizeUrl = str;
    }

    public String getAccessTokenUrl() {
        return this.accessTokenUrl;
    }

    public void setAccessTokenUrl(String str) {
        this.accessTokenUrl = str;
    }

    public String getScope() {
        return this.scope;
    }

    public void setScope(String str) {
        this.scope = str;
    }

    public String getEndpoint() {
        return this.endpoint;
    }

    public void setEndpoint(String str) {
        this.endpoint = str;
    }

    public boolean isDisableTrustManager() {
        return this.disableTrustManager;
    }

    public void setDisableTrustManager(boolean z) {
        this.disableTrustManager = z;
    }

    public boolean isDisableHostNameVerification() {
        return this.disableHostNameVerification;
    }

    public void setDisableHostNameVerification(boolean z) {
        this.disableHostNameVerification = z;
    }

    public String getTrustStoreFileName() {
        return this.trustStoreFileName;
    }

    public void setTrustStoreFileName(String str) {
        this.trustStoreFileName = str;
    }

    public String getTrustStorePassword() {
        return this.trustStorePassword;
    }

    public void setTrustStorePassword(String str) {
        this.trustStorePassword = str;
    }

    public void close() throws IOException {
        if (this.template != null) {
            this.template = null;
        }
    }
}
