package com.cloudera.server.cmf;

import com.cloudera.cmf.model.DbConfigContainerConfigProvider;
import com.cloudera.cmf.persist.CmfEntityManager;
import com.cloudera.cmf.service.config.ParamSpec;
import com.cloudera.cmf.service.scm.ScmHandler;
import com.cloudera.cmf.service.scm.ScmParams;
import com.cloudera.enterprise.ssl.DefaultFallbackX509TrustManager;
import io.netty.handler.ssl.ApplicationProtocolConfig;
import io.netty.handler.ssl.ClientAuth;
import io.netty.handler.ssl.IdentityCipherSuiteFilter;
import io.netty.handler.ssl.JdkSslContext;
import java.util.List;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import org.asynchttpclient.Dsl;
import org.asynchttpclient.proxy.ProxyServer;
import org.asynchttpclient.proxy.ProxyType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/cloudera/server/cmf/ArtifactDownloaderHelper.class */
public class ArtifactDownloaderHelper {
    private static Logger LOG = LoggerFactory.getLogger(ArtifactDownloaderHelper.class);

    public JdkSslContext wrapSslContext(SSLContext sSLContext) {
        return new JdkSslContext(sSLContext, true, (Iterable) null, IdentityCipherSuiteFilter.INSTANCE, ApplicationProtocolConfig.DISABLED, ClientAuth.NONE, (String[]) null, false);
    }

    public JdkSslContext getCustomSslContext(CmfEntityManager cmfEntityManager) {
        boolean z = false;
        try {
            if (!cmfEntityManager.isOpen()) {
                cmfEntityManager.beginForRollbackAndReadonly();
                z = true;
            }
            DbConfigContainerConfigProvider scmConfigProvider = cmfEntityManager.getScmConfigProvider();
            String str = (String) ScmHandler.getScmConfigValue(ScmParams.TRUSTSTORE_PATH, scmConfigProvider);
            String str2 = (String) ScmHandler.getScmConfigValue(ScmParams.TRUSTSTORE_PASSWORD, scmConfigProvider);
            if (z) {
                cmfEntityManager.close();
            }
            return getCustomSslContext(str, str2);
        } catch (Throwable th) {
            if (z) {
                cmfEntityManager.close();
            }
            throw th;
        }
    }

    public JdkSslContext getCustomSslContext(String str, String str2) {
        if (str == null || str.length() == 0 || str2 == null || str2.length() == 0) {
            return null;
        }
        try {
            DefaultFallbackX509TrustManager defaultFallbackX509TrustManager = new DefaultFallbackX509TrustManager(str, str2);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            if (sSLContext == null) {
                return null;
            }
            sSLContext.init(null, new TrustManager[]{defaultFallbackX509TrustManager}, null);
            return wrapSslContext(sSLContext);
        } catch (Exception e) {
            LOG.warn("Error creating custom SSL Context for the configured trustStore. Using default Trust Store location");
            return null;
        }
    }

    public ProxyServer getProxyServer(CmfEntityManager cmfEntityManager) {
        String str = (String) getScmConfig(ScmParams.PROXY_SERVER, cmfEntityManager);
        Long l = (Long) getScmConfig(ScmParams.PROXY_PORT, cmfEntityManager);
        if (str == null || l == null) {
            return null;
        }
        ProxyType valueOf = ProxyType.valueOf(((ScmParams.ParcelProxyProtocol) getScmConfig(ScmParams.PROXY_PROTOCOL, cmfEntityManager)).name());
        return new ProxyServer(str, l.intValue(), l.intValue(), Dsl.basicAuthRealm((String) getScmConfig(ScmParams.PROXY_USER, cmfEntityManager), (String) getScmConfig(ScmParams.PROXY_PASSWORD, cmfEntityManager)).build(), (List) null, valueOf);
    }

    public <T> T getScmConfig(ParamSpec<T> paramSpec, CmfEntityManager cmfEntityManager) {
        return (T) ScmHandler.getScmConfigValue(paramSpec, cmfEntityManager.getScmConfigProvider());
    }
}
