package org.qubership.integration.platform.engine.configuration;

import jakarta.annotation.PostConstruct;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.file.FileVisitOption;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.CertificateFactory;
import java.util.List;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;

@Configuration
/* loaded from: input_file:org/qubership/integration/platform/engine/configuration/TruststoreConfiguration.class */
public class TruststoreConfiguration {
    private static final Logger log = LoggerFactory.getLogger(TruststoreConfiguration.class);
    public final String storeFilePath;
    public final String storePassword;
    public final String certsLocation;
    private final String JAVA_HOME_PROPERTY = "java.home";
    private final String JAVA_TRUSTSTORE_PROPERTY = "javax.net.ssl.trustStore";
    private final String JAVA_TRUSTSTORE_PASSWORD_PROPERTY = "javax.net.ssl.trustStorePassword";
    private final String JAVA_DEFAULT_TRUSTSTORE_JSSE = "/lib/security/jssecacerts";
    private final String JAVA_DEFAULT_TRUSTSTORE = "/lib/security/cacerts";
    private final String JAVA_DEFAULT_TRUSTSTORE_PASSWORD = "changeit";

    @Autowired
    public TruststoreConfiguration(@Value("${qip.local-truststore.store.path}") String str, @Value("${qip.local-truststore.store.password}") String str2, @Value("${qip.local-truststore.certs.location}") String str3) {
        this.storeFilePath = str;
        this.storePassword = str2;
        this.certsLocation = str3;
    }

    @PostConstruct
    public void buildTruststore() {
        File file;
        BufferedInputStream bufferedInputStream;
        try {
            KeyStore defaultTrustStore = getDefaultTrustStore();
            if (Files.exists(Paths.get(this.certsLocation, new String[0]), new LinkOption[0])) {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                Stream<Path> walk = Files.walk(Paths.get(this.certsLocation, new String[0]), new FileVisitOption[0]);
                try {
                    List<Path> list = (List) walk.filter(path -> {
                        return Files.isRegularFile(path, new LinkOption[0]);
                    }).filter(path2 -> {
                        String path2 = path2.toString();
                        return path2.endsWith(".cer") || path2.endsWith(".pem") || path2.endsWith(".crt") || path2.endsWith(".key");
                    }).collect(Collectors.toList());
                    log.info("Found {} trusted certificates (.cer|.pem|.crt|.key)", Integer.valueOf(list.size()));
                    for (Path path3 : list) {
                        try {
                            file = new File(path3.toString());
                            bufferedInputStream = new BufferedInputStream(new FileInputStream(file));
                        } catch (Exception e) {
                            log.error("Failed to load trusted certificate: {}", path3.toString(), e);
                        }
                        try {
                            defaultTrustStore.setCertificateEntry(file.getName(), certificateFactory.generateCertificate(bufferedInputStream));
                            bufferedInputStream.close();
                        } catch (Throwable th) {
                            try {
                                bufferedInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                            throw th;
                            break;
                        }
                    }
                    if (walk != null) {
                        walk.close();
                    }
                } finally {
                }
            } else {
                log.warn("SSL certificates folder {} not exists", this.certsLocation);
            }
            File file2 = new File(this.storeFilePath);
            if (file2.getParentFile() != null) {
                file2.getParentFile().mkdirs();
            }
            FileOutputStream fileOutputStream = new FileOutputStream(file2, false);
            try {
                defaultTrustStore.store(fileOutputStream, this.storePassword.toCharArray());
                fileOutputStream.close();
            } finally {
            }
        } catch (Exception e2) {
            log.error("Failed to load trusted certificates from volume", e2);
        }
    }

    private KeyStore getDefaultTrustStore() throws GeneralSecurityException, IOException {
        String[] strArr = {"/lib/security/jssecacerts", "/lib/security/cacerts"};
        String property = System.getProperty("javax.net.ssl.trustStore");
        String property2 = System.getProperty("javax.net.ssl.trustStorePassword");
        if (StringUtils.isBlank(property)) {
            String property3 = System.getProperty("java.home");
            int length = strArr.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                String str = property3 + strArr[i];
                if (new File(str).isFile()) {
                    property = str;
                    property2 = "changeit";
                    break;
                }
                i++;
            }
        }
        if (property2 == null) {
            property2 = "";
        }
        File file = StringUtils.isBlank(property) ? null : new File(property);
        FileInputStream fileInputStream = (file == null || !file.isFile()) ? null : new FileInputStream(file);
        try {
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(fileInputStream, property2.toCharArray());
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            return keyStore;
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }
}
