package org.wso2.carbon.identity.application.authentication.endpoint.util;

import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Map;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:authenticationendpoint.war:WEB-INF/classes/org/wso2/carbon/identity/application/authentication/endpoint/util/MutualSSLClient.class */
public class MutualSSLClient {
    private static KeyStore keyStore;
    private static KeyStore trustStore;
    private static String keyStorePassword;
    private static HttpsURLConnection httpsURLConnection;
    private static SSLSocketFactory sslSocketFactory;
    private static final Log log = LogFactory.getLog(MutualSSLClient.class);
    private static String KEY_STORE_TYPE = "JKS";
    private static String TRUST_STORE_TYPE = "JKS";
    private static String KEY_MANAGER_TYPE = "SunX509";
    private static String TRUST_MANAGER_TYPE = "SunX509";
    private static String PROTOCOL = "SSLv3";

    public static void loadKeyStore(String str, String str2) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
        keyStorePassword = str2;
        keyStore = KeyStore.getInstance(KEY_STORE_TYPE);
        keyStore.load(new FileInputStream(str), str2.toCharArray());
    }

    public static void loadTrustStore(String str, String str2) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
        trustStore = KeyStore.getInstance(TRUST_STORE_TYPE);
        trustStore.load(new FileInputStream(str), str2.toCharArray());
    }

    public static void initMutualSSLConnection(boolean z) throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException, IOException, UnrecoverableKeyException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KEY_MANAGER_TYPE);
        keyManagerFactory.init(keyStore, keyStorePassword.toCharArray());
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TRUST_MANAGER_TYPE);
        trustManagerFactory.init(trustStore);
        SSLContext sSLContext = SSLContext.getInstance(PROTOCOL);
        if (z) {
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
            sslSocketFactory = sSLContext.getSocketFactory();
            if (log.isDebugEnabled()) {
                log.debug("Mutual SSL Client initialized with Hostname Verification enabled");
                return;
            }
            return;
        }
        HostnameVerifier hostnameVerifier = new HostnameVerifier() { // from class: org.wso2.carbon.identity.application.authentication.endpoint.util.MutualSSLClient.1
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str, SSLSession sSLSession) {
                return true;
            }
        };
        sSLContext.init(keyManagerFactory.getKeyManagers(), new TrustManager[]{new X509TrustManager() { // from class: org.wso2.carbon.identity.application.authentication.endpoint.util.MutualSSLClient.2
            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            }
        }}, new SecureRandom());
        if (log.isDebugEnabled()) {
            log.debug("SSL Context is initialized with trust manager for excluding certificate validation");
        }
        SSLContext.setDefault(sSLContext);
        sslSocketFactory = sSLContext.getSocketFactory();
        HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
        if (log.isDebugEnabled()) {
            log.debug("Mutual SSL Client initialized with Hostname Verification disabled");
        }
    }

    public static String sendPostRequest(String str, String str2, Map<String, String> map) throws IOException {
        URL url = new URL(str);
        httpsURLConnection = (HttpsURLConnection) url.openConnection();
        httpsURLConnection.setSSLSocketFactory(sslSocketFactory);
        httpsURLConnection.setDoOutput(true);
        httpsURLConnection.setDoInput(true);
        httpsURLConnection.setRequestMethod("POST");
        if (map != null && map.size() > 0) {
            for (Map.Entry<String, String> entry : map.entrySet()) {
                httpsURLConnection.setRequestProperty(entry.getKey(), entry.getValue());
            }
        }
        OutputStream outputStream = null;
        InputStream inputStream = null;
        BufferedReader bufferedReader = null;
        StringBuilder sb = null;
        try {
            try {
                outputStream = httpsURLConnection.getOutputStream();
                outputStream.write(str2.getBytes());
                inputStream = httpsURLConnection.getInputStream();
                bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
                sb = new StringBuilder();
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    sb.append(readLine);
                }
                bufferedReader.close();
                inputStream.close();
                outputStream.close();
            } catch (IOException e) {
                log.error("Calling url : " + url + "failed. ", e);
                bufferedReader.close();
                inputStream.close();
                outputStream.close();
            }
            return sb.toString();
        } catch (Throwable th) {
            bufferedReader.close();
            inputStream.close();
            outputStream.close();
            throw th;
        }
    }

    public static String sendGetRequest(String str, String str2, Map<String, String> map) throws IOException {
        URL url = new URL(str);
        httpsURLConnection = (HttpsURLConnection) url.openConnection();
        httpsURLConnection.setSSLSocketFactory(sslSocketFactory);
        httpsURLConnection.setDoOutput(true);
        httpsURLConnection.setDoInput(true);
        httpsURLConnection.setRequestMethod("GET");
        if (map != null && map.size() > 0) {
            for (Map.Entry<String, String> entry : map.entrySet()) {
                httpsURLConnection.setRequestProperty(entry.getKey(), entry.getValue());
            }
        }
        OutputStream outputStream = null;
        InputStream inputStream = null;
        BufferedReader bufferedReader = null;
        StringBuilder sb = null;
        try {
            try {
                outputStream = httpsURLConnection.getOutputStream();
                inputStream = httpsURLConnection.getInputStream();
                bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
                sb = new StringBuilder();
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    sb.append(readLine);
                }
                bufferedReader.close();
                inputStream.close();
                outputStream.close();
            } catch (IOException e) {
                log.error("Calling url : " + url + "failed. ", e);
                bufferedReader.close();
                inputStream.close();
                outputStream.close();
            }
            return sb.toString();
        } catch (Throwable th) {
            bufferedReader.close();
            inputStream.close();
            outputStream.close();
            throw th;
        }
    }

    public static String getKeyStoreType() {
        return KEY_STORE_TYPE;
    }

    public static void setKeyStoreType(String str) {
        KEY_STORE_TYPE = str;
    }

    public static String getTrustStoreType() {
        return TRUST_STORE_TYPE;
    }

    public static void setTrustStoreType(String str) {
        TRUST_STORE_TYPE = str;
    }

    public static String getKeyManagerType() {
        return KEY_MANAGER_TYPE;
    }

    public static void settKeyManagerType(String str) {
        KEY_MANAGER_TYPE = str;
    }

    public static String getTrustManagerType() {
        return TRUST_MANAGER_TYPE;
    }

    public static void getTrustManagerType(String str) {
        TRUST_MANAGER_TYPE = str;
    }

    public static HttpsURLConnection getHttpsURLConnection() {
        return httpsURLConnection;
    }

    public static void setProtocol(String str) {
        PROTOCOL = str;
    }
}
