package org.shredzone.acme4j.connector;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.ManualTrace;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.websphere.ssl.JSSEHelper;
import com.ibm.websphere.ssl.SSLConfig;
import com.ibm.websphere.ssl.SSLException;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.acme.internal.AcmeConfigService;
import com.ibm.ws.security.acme.internal.AcmeProviderImpl;
import com.ibm.ws.security.acme.internal.TraceConstants;
import com.ibm.ws.ssl.provider.AbstractJSSEProvider;
import java.io.IOException;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.Proxy;
import java.net.URL;
import java.util.HashMap;
import java.util.Properties;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@TraceOptions
/* loaded from: input_file:org/shredzone/acme4j/connector/HttpConnector.class */
public class HttpConnector {
    private static final TraceComponent tc = Tr.register(HttpConnector.class, TraceConstants.TRACE_GROUP, TraceConstants.MESSAGE_BUNDLE);
    private static final String USER_AGENT;
    static final long serialVersionUID = 119443865648977802L;

    public static String defaultUserAgent() {
        return USER_AGENT;
    }

    public HttpURLConnection openConnection(URL url, Proxy proxy) throws IOException {
        HttpURLConnection httpURLConnection = (HttpURLConnection) url.openConnection(proxy);
        configure(httpURLConnection, url);
        return httpURLConnection;
    }

    protected void configure(HttpURLConnection httpURLConnection, URL url) throws IOException {
        int intValue;
        int intValue2;
        if (AcmeConfigService.getThreadLocalAcmeConfig() != null) {
            intValue = AcmeConfigService.getThreadLocalAcmeConfig().getHTTPConnectTimeout().intValue();
            intValue2 = AcmeConfigService.getThreadLocalAcmeConfig().getHTTPReadTimeout().intValue();
        } else {
            intValue = AcmeProviderImpl.getAcmeConfig().getHTTPConnectTimeout().intValue();
            intValue2 = AcmeProviderImpl.getAcmeConfig().getHTTPReadTimeout().intValue();
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Setting http timeouts for ACME calls, connectTimeout: " + intValue + " and readTimeout: " + intValue2, new Object[0]);
        }
        httpURLConnection.setConnectTimeout(intValue);
        httpURLConnection.setReadTimeout(intValue2);
        httpURLConnection.setUseCaches(false);
        httpURLConnection.setRequestProperty("User-Agent", USER_AGENT);
        String protocol = url.getProtocol();
        String host = url.getHost();
        if (httpURLConnection instanceof HttpsURLConnection) {
            if ("acme".equalsIgnoreCase(protocol) && "pebble".equalsIgnoreCase(host)) {
                return;
            }
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) httpURLConnection;
            httpsURLConnection.setSSLSocketFactory(createSocketFactory(url));
            httpsURLConnection.setHostnameVerifier((str, sSLSession) -> {
                return true;
            });
        }
    }

    @ManualTrace
    protected synchronized SSLSocketFactory createSocketFactory(URL url) throws IOException {
        SSLContext sSLContext;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            Tr.entry(tc, "createSocketFactory(URL)", new Object[]{url});
        }
        HashMap hashMap = new HashMap();
        hashMap.put("com.ibm.ssl.direction", "outbound");
        hashMap.put("com.ibm.ssl.remoteHost", url.getHost());
        hashMap.put("com.ibm.ssl.remotePort", url.getPort() == -1 ? "434" : Integer.toString(url.getPort()));
        SSLConfig sSLConfig = AcmeConfigService.getThreadLocalAcmeConfig() != null ? AcmeConfigService.getThreadLocalAcmeConfig().getSSLConfig() : AcmeProviderImpl.getSSLConfig();
        if (sSLConfig.getProperty("com.ibm.ssl.trustStore") != null) {
            try {
                SSLContext sSLContext2 = JSSEHelper.getInstance().getSSLContext(hashMap, sSLConfig);
                if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                    Tr.exit(tc, "createSocketFactory(URL)", sSLContext2.getClass());
                }
                return sSLContext2.getSocketFactory();
            } catch (SSLException e) {
                FFDCFilter.processException(e, "org.shredzone.acme4j.connector.HttpConnector", "225", this, new Object[]{url});
                throw new IOException("Failed to generate SSLContext with custom TrustManager.", e);
            }
        }
        try {
            String property = sSLConfig.getProperty("com.ibm.ssl.protocol");
            if (property != null) {
                sSLContext = SSLContext.getInstance(property);
                sSLContext.init(null, AbstractJSSEProvider.getDefaultTrustManager(), null);
            } else {
                sSLContext = SSLContext.getDefault();
            }
            return sSLContext.getSocketFactory();
        } catch (Exception e2) {
            FFDCFilter.processException(e2, "org.shredzone.acme4j.connector.HttpConnector", "251", this, new Object[]{url});
            throw new IOException("Failed to generate SSLSocketFactory with default TrustManager.", e2);
        }
    }

    static {
        StringBuilder sb = new StringBuilder("acme4j");
        try {
            InputStream resourceAsStream = HttpConnector.class.getResourceAsStream("/org/shredzone/acme4j/version.properties");
            try {
                if (resourceAsStream != null) {
                    Properties properties = new Properties();
                    properties.load(resourceAsStream);
                    sb.append('/').append(properties.getProperty("version"));
                } else if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Could not read /org/shredzone/acme4j/version.properties, ignore and skip library version.", new Object[0]);
                }
                if (resourceAsStream != null) {
                    resourceAsStream.close();
                }
            } finally {
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "org.shredzone.acme4j.connector.HttpConnector", "74", (Object) null, new Object[0]);
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Could not read library version, ignore and skip adding it.", new Object[]{e});
            }
        }
        sb.append(" Java/").append(System.getProperty("java.version"));
        USER_AGENT = sb.toString();
    }
}
