package org.kuali.coeus.propdev.impl.s2s.nih;

import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.concurrent.Callable;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManagerFactory;
import javax.xml.bind.JAXBException;
import org.apache.commons.lang3.StringUtils;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;
import org.apache.cxf.transport.http.HTTPConduit;
import org.apache.cxf.transports.http.configuration.HTTPClientPolicy;
import org.apache.logging.log4j.Logger;
import org.kuali.coeus.common.framework.multicampus.MultiCampusConstants;
import org.kuali.coeus.propdev.api.s2s.S2SConfigurationService;
import org.kuali.coeus.propdev.impl.s2s.connect.S2sCommunicationException;
import org.kuali.coeus.sys.framework.util.JaxbUtils;
import org.kuali.kra.infrastructure.KeyConstants;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;

/* loaded from: input_file:org/kuali/coeus/propdev/impl/s2s/nih/NihServiceBase.class */
public abstract class NihServiceBase {
    private static final String KEY_TYPE = "JKS";
    private static final String NIH_GOV_S2S_CN_CHECK = "nih.gov.s2s.cn.check";
    private static final String NIH_GOV_S2S_KEYSTORE_PASSWORD = "nih.gov.s2s.keystore.password";
    private static final String NIH_GOV_S2S_KEYSTORE_LOCATION = "nih.gov.s2s.keystore.location";
    private static final String NIH_GOV_S2S_TRUSTSTORE_LOCATION = "nih.gov.s2s.truststore.location";
    private static final String NIH_GOV_S2S_TRUSTSTORE_PASSWORD = "nih.gov.s2s.truststore.password";
    private static final String NIH_GOV_S2S_CONNECTION_TIMEOUT_MS = "nih.gov.s2s.connection.timeout.ms";
    private static final String NIH_GOV_S2S_RECEIVE_TIMEOUT_MS = "nih.gov.s2s.receive.timeout.ms";
    private static final Cache<Integer, Object> requestCache = CacheBuilder.newBuilder().maximumSize(500).expireAfterAccess(10, TimeUnit.MINUTES).build();

    @Autowired
    @Qualifier("s2SConfigurationService")
    private S2SConfigurationService s2SConfigurationService;

    public abstract String getServiceHost();

    public abstract String getServicePort();

    /* JADX INFO: Access modifiers changed from: protected */
    public Object optionallyCache(Integer num, Callable callable) {
        try {
            return isNihServiceCacheEnabled() ? getNihServiceCache().get(num, callable) : callable.call();
        } catch (Exception e) {
            throw new S2sCommunicationException(NihConstants.ERROR_NIH_SERVICE_UNKNOWN, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public <T> T createConfiguredService(String str, Class<T> cls) {
        Boolean valueAsBoolean = this.s2SConfigurationService.getValueAsBoolean(MultiCampusConstants.PARAMETER_MULTI_CAMPUS_ENABLED);
        TLSClientParameters tLSClientParameters = new TLSClientParameters();
        tLSClientParameters.setDisableCNCheck(this.s2SConfigurationService.getValueAsBoolean(NIH_GOV_S2S_CN_CHECK).booleanValue());
        try {
            String valueAsString = this.s2SConfigurationService.getValueAsString(NIH_GOV_S2S_KEYSTORE_PASSWORD);
            KeyStore keyStore = KeyStore.getInstance(KEY_TYPE);
            keyStore.load(new FileInputStream(this.s2SConfigurationService.getValueAsString(NIH_GOV_S2S_KEYSTORE_LOCATION)), valueAsString.toCharArray());
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            if (StringUtils.isNotBlank(str) && valueAsBoolean.booleanValue()) {
                KeyStore keyStore2 = KeyStore.getInstance(KEY_TYPE);
                Certificate[] certificateChain = keyStore.getCertificateChain(str);
                Key key = keyStore.getKey(str, valueAsString.toCharArray());
                keyStore2.load(null, null);
                keyStore2.setKeyEntry(str, key, valueAsString.toCharArray(), certificateChain);
                keyManagerFactory.init(keyStore2, valueAsString.toCharArray());
            } else {
                keyManagerFactory.init(keyStore, valueAsString.toCharArray());
            }
            tLSClientParameters.setKeyManagers(keyManagerFactory.getKeyManagers());
            KeyStore keyStore3 = KeyStore.getInstance(KEY_TYPE);
            keyStore3.load(new FileInputStream(this.s2SConfigurationService.getValueAsString(NIH_GOV_S2S_TRUSTSTORE_LOCATION)), this.s2SConfigurationService.getValueAsString(NIH_GOV_S2S_TRUSTSTORE_PASSWORD).toCharArray());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore3);
            tLSClientParameters.setTrustManagers(trustManagerFactory.getTrustManagers());
            JaxWsProxyFactoryBean jaxWsProxyFactoryBean = new JaxWsProxyFactoryBean();
            jaxWsProxyFactoryBean.setAddress(getSoapHost(getServiceHost(), getServicePort()));
            jaxWsProxyFactoryBean.setServiceClass(cls);
            T t = (T) jaxWsProxyFactoryBean.create();
            Client client = ClientProxy.getClient(t);
            HTTPClientPolicy hTTPClientPolicy = new HTTPClientPolicy();
            hTTPClientPolicy.setConnectionTimeout(Long.parseUnsignedLong(this.s2SConfigurationService.getValueAsString(NIH_GOV_S2S_CONNECTION_TIMEOUT_MS)));
            hTTPClientPolicy.setReceiveTimeout(Long.parseUnsignedLong(this.s2SConfigurationService.getValueAsString(NIH_GOV_S2S_RECEIVE_TIMEOUT_MS)));
            HTTPConduit conduit = client.getConduit();
            conduit.setClient(hTTPClientPolicy);
            conduit.setTlsClientParameters(tLSClientParameters);
            return t;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
            throw new S2sCommunicationException(KeyConstants.ERROR_S2S_UNKNOWN, e);
        }
    }

    protected String getSoapHost(String str, String str2) {
        StringBuilder sb = new StringBuilder();
        sb.append(str);
        if (!sb.toString().endsWith("/") && !str2.startsWith("/")) {
            sb.append("/");
        }
        sb.append(str2);
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isNihServiceEnabled() {
        return getS2SConfigurationService().getValueAsBoolean(NihConstants.ENABLE_NIH_SERVICE_PARAM).booleanValue();
    }

    protected boolean isNihServiceCacheEnabled() {
        return getS2SConfigurationService().getValueAsBoolean(NihConstants.ENABLE_NIH_SERVICE_CACHING_PARAM).booleanValue();
    }

    protected Cache getNihServiceCache() {
        return requestCache;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public S2SConfigurationService getS2SConfigurationService() {
        return this.s2SConfigurationService;
    }

    protected void setS2SConfigurationService(S2SConfigurationService s2SConfigurationService) {
        this.s2SConfigurationService = s2SConfigurationService;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public <T> void debugLogJaxbObject(Class<? extends T> cls, T t, Logger logger) {
        if (logger.isDebugEnabled()) {
            try {
                logger.debug(JaxbUtils.toString(cls, t));
            } catch (JAXBException e) {
                logger.debug("Unable to marshall object", e);
            }
        }
    }
}
