package org.wso2.carbon.databridge.agent.thrift.internal.pool.client.secure;

import java.net.SocketException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.pool.BaseKeyedPoolableObjectFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.thrift.protocol.TBinaryProtocol;
import org.apache.thrift.protocol.TCompactProtocol;
import org.apache.thrift.transport.THttpClient;
import org.apache.thrift.transport.TSSLTransportFactory;
import org.apache.thrift.transport.TSocket;
import org.apache.thrift.transport.TTransportException;
import org.wso2.carbon.databridge.agent.thrift.conf.ReceiverConfiguration;
import org.wso2.carbon.databridge.agent.thrift.exception.AgentSecurityException;
import org.wso2.carbon.databridge.agent.thrift.internal.utils.AgentConstants;
import org.wso2.carbon.databridge.commons.thrift.service.secure.ThriftSecureEventTransmissionService;
import org.wso2.carbon.databridge.commons.thrift.utils.HostAddressFinder;

/* loaded from: input_file:org/wso2/carbon/databridge/agent/thrift/internal/pool/client/secure/SecureClientPoolFactory.class */
public class SecureClientPoolFactory extends BaseKeyedPoolableObjectFactory {
    private TSSLTransportFactory.TSSLTransportParameters params;
    private String trustStorePassword;
    private String trustStore;

    public SecureClientPoolFactory(String str, String str2) {
        this.trustStorePassword = str;
        this.trustStore = str2;
    }

    /* renamed from: makeObject, reason: merged with bridge method [inline-methods] */
    public ThriftSecureEventTransmissionService.Client m7makeObject(Object obj) throws AgentSecurityException, TTransportException {
        String[] split = obj.toString().split(AgentConstants.SEPARATOR);
        if (split[2].equals(ReceiverConfiguration.Protocol.TCP.toString())) {
            if (this.params == null) {
                if (this.trustStore == null) {
                    this.trustStore = System.getProperty("javax.net.ssl.trustStore");
                    if (this.trustStore == null) {
                        throw new AgentSecurityException("No trustStore found");
                    }
                }
                if (this.trustStorePassword == null) {
                    this.trustStorePassword = System.getProperty("javax.net.ssl.trustStorePassword");
                    if (this.trustStorePassword == null) {
                        throw new AgentSecurityException("No trustStore password found");
                    }
                }
                this.params = new TSSLTransportFactory.TSSLTransportParameters();
                this.params.setTrustStore(this.trustStore, this.trustStorePassword);
            }
            String[] split2 = split[3].split(AgentConstants.HOSTNAME_AND_PORT_SEPARATOR);
            TSocket tSocket = null;
            try {
                tSocket = TSSLTransportFactory.getClientSocket(HostAddressFinder.findAddress(split2[0]), Integer.parseInt(split2[1]), 0, this.params);
            } catch (SocketException e) {
            }
            return new ThriftSecureEventTransmissionService.Client(new TBinaryProtocol(tSocket));
        }
        try {
            X509TrustManager x509TrustManager = new X509TrustManager() { // from class: org.wso2.carbon.databridge.agent.thrift.internal.pool.client.secure.SecureClientPoolFactory.1
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
            };
            String[] split3 = split[3].split(AgentConstants.HOSTNAME_AND_PORT_SEPARATOR);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{x509TrustManager}, null);
            SSLSocketFactory sSLSocketFactory = new SSLSocketFactory(sSLContext);
            sSLSocketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
            Scheme scheme = new Scheme("https", sSLSocketFactory, Integer.parseInt(split3[1]));
            DefaultHttpClient defaultHttpClient = new DefaultHttpClient();
            defaultHttpClient.getConnectionManager().getSchemeRegistry().register(scheme);
            THttpClient tHttpClient = new THttpClient("https://" + split[3] + "/thriftAuthenticator", defaultHttpClient);
            ThriftSecureEventTransmissionService.Client client = new ThriftSecureEventTransmissionService.Client(new TCompactProtocol(tHttpClient));
            tHttpClient.open();
            return client;
        } catch (Exception e2) {
            throw new AgentSecurityException("Cannot create Secure client for " + split[3], e2);
        }
    }

    public boolean validateObject(Object obj, Object obj2) {
        return ((ThriftSecureEventTransmissionService.Client) obj2).getOutputProtocol().getTransport().isOpen();
    }
}
