package com.ibm.ws.collective.singleton.internal;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ssl.SSLConfigurationNotAvailableException;
import com.ibm.websphere.ssl.SSLException;
import com.ibm.ws.collective.singleton.RestClientService;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.jmx.connector.converter.JSONConverter;
import com.ibm.ws.jmx.connector.datatypes.ConversionException;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.wsspi.kernel.service.utils.AtomicServiceReference;
import com.ibm.wsspi.ssl.SSLSupport;
import java.io.IOException;
import java.io.OutputStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import org.apache.cxf.transport.https.HttpsURLConnectionFactory;
import org.osgi.framework.ServiceReference;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.component.annotations.Reference;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@Component(service = {RestClientService.class}, configurationPolicy = ConfigurationPolicy.IGNORE, immediate = true, property = {"service.vendor=IBM"})
/* loaded from: input_file:wlp/lib/com.ibm.ws.collective.singleton_1.0.15.jar:com/ibm/ws/collective/singleton/internal/RestClientServiceImpl.class */
public class RestClientServiceImpl implements RestClientService {
    private static final String CERTIFICATE_AUTHENTICATION = "com.ibm.ws.jmx.connector.client.CLIENT_CERT_AUTH";
    private static final String CREDENTIALS = "jmx.remote.credentials";
    private static final int READ_TIMEOUT_MILLISECONDS = 60000;
    private static final String SSL_CONFIG_ID = "controllerConnectionConfig";
    private static final TraceComponent tc = Tr.register((Class<?>) RestClientServiceImpl.class, TraceConstants.TRACE_GROUP, TraceConstants.MESSAGE_BUNDLE);
    private static final String KEY_SSL_SUPPORT = "sslSupport";
    static final long serialVersionUID = 7748354998305878099L;
    private HostnameVerifier hostnameVerificationDisabler = null;
    private final AtomicServiceReference<SSLSupport> sslSupportRef = new AtomicServiceReference<>("sslSupport");

    @Reference(name = "sslSupport", service = SSLSupport.class)
    protected void setSslSupport(ServiceReference<SSLSupport> serviceReference) {
        this.sslSupportRef.setReference(serviceReference);
    }

    protected void unsetSslSupport(ServiceReference<SSLSupport> serviceReference) {
        this.sslSupportRef.unsetReference(serviceReference);
    }

    protected void activate(ComponentContext componentContext) {
        this.sslSupportRef.activate(componentContext);
    }

    protected void deactivate(ComponentContext componentContext) {
        this.sslSupportRef.deactivate(componentContext);
    }

    @Override // com.ibm.ws.collective.singleton.RestClientService
    public boolean sendRestMessage(String str, String str2, String str3, String str4, String str5) {
        return performSendRestMessage(str, str2, str3, str4, str5);
    }

    private boolean performSendRestMessage(final String str, final String str2, final String str3, String str4, String str5) {
        boolean z = true;
        try {
            try {
                HttpsURLConnection basicConnection = getBasicConnection((URL) AccessController.doPrivileged(new PrivilegedExceptionAction<URL>() { // from class: com.ibm.ws.collective.singleton.internal.RestClientServiceImpl.1
                    static final long serialVersionUID = 7231780855079784298L;
                    private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(AnonymousClass1.class);

                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedExceptionAction
                    public URL run() throws MalformedURLException {
                        return new URL(HttpsURLConnectionFactory.HTTPS_URL_PROTOCOL_ID, str, new Integer(str2).intValue(), str3);
                    }
                }), "POST", str4, true);
                OutputStream outputStream = basicConnection.getOutputStream();
                outputStream.write(str5.getBytes("UTF-8"));
                outputStream.flush();
                outputStream.close();
                int responseCode = basicConnection.getResponseCode();
                switch (responseCode) {
                    case 200:
                        break;
                    default:
                        z = false;
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "sendRestMessage error response: " + responseCode, new Object[0]);
                            break;
                        }
                        break;
                }
            } catch (PrivilegedActionException e) {
                FFDCFilter.processException(e, "com.ibm.ws.collective.singleton.internal.RestClientServiceImpl", "116", this, new Object[]{str, str2, str3, str4, str5});
                throw new IOException(e.getMessage());
            }
        } catch (Exception e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.collective.singleton.internal.RestClientServiceImpl", "136", this, new Object[]{str, str2, str3, str4, str5});
            z = false;
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "sendRestMessage exception: " + e2, new Object[0]);
            }
        }
        return z;
    }

    private HttpsURLConnection getBasicConnection(URL url, String str, String str2, boolean z) throws IOException, SSLConfigurationNotAvailableException {
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) url.openConnection();
        httpsURLConnection.setDoInput(true);
        httpsURLConnection.setDoOutput(z);
        httpsURLConnection.setUseCaches(false);
        httpsURLConnection.setRequestMethod(str);
        httpsURLConnection.setRequestProperty("Content-Type", str2);
        httpsURLConnection.setReadTimeout(60000);
        if (getBasicAuthHeader() != null) {
            httpsURLConnection.setRequestProperty("Authorization", getBasicAuthHeader());
        }
        this.hostnameVerificationDisabler = new HostnameVerifier() { // from class: com.ibm.ws.collective.singleton.internal.RestClientServiceImpl.2
            static final long serialVersionUID = 3841698045322926491L;
            private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(AnonymousClass2.class);

            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str3, SSLSession sSLSession) {
                return true;
            }
        };
        httpsURLConnection.setHostnameVerifier(this.hostnameVerificationDisabler);
        httpsURLConnection.setSSLSocketFactory(getSSLSocketFactory());
        return httpsURLConnection;
    }

    private String getBasicAuthHeader() throws IOException {
        String str = null;
        Object credentials = getCredentials();
        if (!areRequiedCredentialsSet(credentials)) {
            throw new IOException("jmx.remote.credentials not provided. Set to a String[2] {user,password}.");
        }
        if (!"com.ibm.ws.jmx.connector.client.CLIENT_CERT_AUTH".equals(credentials)) {
            String[] strArr = (String[]) credentials;
            String str2 = strArr[0];
            JSONConverter converter = JSONConverter.getConverter();
            try {
                try {
                    str = "Basic " + converter.encodeStringAsBase64(str2 + ":" + strArr[1]);
                    JSONConverter.returnConverter(converter);
                } catch (ConversionException e) {
                    FFDCFilter.processException(e, "com.ibm.ws.collective.singleton.internal.RestClientServiceImpl", "193", this, new Object[0]);
                    throw new IOException("Failure encoding credentials", e);
                }
            } catch (Throwable th) {
                JSONConverter.returnConverter(converter);
                throw th;
            }
        }
        return str;
    }

    private boolean areRequiedCredentialsSet(Object obj) {
        if (obj == null) {
            return false;
        }
        if ("com.ibm.ws.jmx.connector.client.CLIENT_CERT_AUTH".equals(obj)) {
            return true;
        }
        return (obj instanceof String[]) && ((String[]) obj).length == 2;
    }

    private Object getCredentials() {
        return "com.ibm.ws.jmx.connector.client.CLIENT_CERT_AUTH";
    }

    @FFDCIgnore({SSLConfigurationNotAvailableException.class})
    private SSLSocketFactory getSSLSocketFactory() throws IOException, SSLConfigurationNotAvailableException {
        try {
            if (this.sslSupportRef == null) {
                if (!tc.isDebugEnabled()) {
                    return null;
                }
                Tr.debug(tc, "sslSupport is null ", new Object[0]);
                return null;
            }
            SSLSupport service = this.sslSupportRef.getService();
            if (service == null) {
                if (!tc.isDebugEnabled()) {
                    return null;
                }
                Tr.debug(tc, "SSLSupport is null", new Object[0]);
                return null;
            }
            SSLContext sSLContext = service.getJSSEHelper().getSSLContext("controllerConnectionConfig", null, null, false);
            if (sSLContext == null) {
                throw new IllegalStateException("Could not get an SSL context for the specified SSL configuration: controllerConnectionConfig. Check that the specified SSL configuration is correct.");
            }
            try {
                SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
                if (socketFactory == null) {
                    throw new IllegalStateException("Factory from context was null");
                }
                return socketFactory;
            } catch (IllegalStateException e) {
                FFDCFilter.processException(e, "com.ibm.ws.collective.singleton.internal.RestClientServiceImpl", "265", this, new Object[0]);
                throw e;
            }
        } catch (SSLConfigurationNotAvailableException e2) {
            throw e2;
        } catch (SSLException e3) {
            FFDCFilter.processException(e3, "com.ibm.ws.collective.singleton.internal.RestClientServiceImpl", "255", this, new Object[0]);
            throw new IOException("Could not get an SSL context for the specified SSL configuration: controllerConnectionConfig. Check that the specified SSL configuration is correct.", e3);
        }
    }
}
