package org.apache.ambari.server.ldap.service.ads;

import java.io.FileInputStream;
import java.security.KeyStore;
import javax.inject.Inject;
import javax.inject.Singleton;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.ambari.server.ldap.domain.AmbariLdapConfiguration;
import org.apache.ambari.server.ldap.service.AmbariLdapException;
import org.apache.ambari.server.ldap.service.LdapConnectionConfigService;
import org.apache.directory.api.util.Strings;
import org.apache.directory.ldap.client.api.LdapConnectionConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Singleton
/* loaded from: input_file:org/apache/ambari/server/ldap/service/ads/DefaultLdapConnectionConfigService.class */
public class DefaultLdapConnectionConfigService implements LdapConnectionConfigService {
    private static final Logger LOG = LoggerFactory.getLogger(DefaultLdapConnectionConfigService.class);

    @Inject
    public DefaultLdapConnectionConfigService() {
    }

    @Override // org.apache.ambari.server.ldap.service.LdapConnectionConfigService
    public LdapConnectionConfig createLdapConnectionConfig(AmbariLdapConfiguration ambariLdapConfiguration) throws AmbariLdapException {
        LOG.debug("Assembling ldap connection config based on: {}", ambariLdapConfiguration);
        LdapConnectionConfig ldapConnectionConfig = new LdapConnectionConfig();
        ldapConnectionConfig.setLdapHost(ambariLdapConfiguration.serverHost());
        ldapConnectionConfig.setLdapPort(ambariLdapConfiguration.serverPort());
        ldapConnectionConfig.setName(ambariLdapConfiguration.bindDn());
        ldapConnectionConfig.setCredentials(ambariLdapConfiguration.bindPassword());
        ldapConnectionConfig.setUseSsl(ambariLdapConfiguration.useSSL());
        if ("custom".equals(ambariLdapConfiguration.trustStore())) {
            LOG.info("Using custom trust manager configuration");
            ldapConnectionConfig.setTrustManagers(trustManagers(ambariLdapConfiguration));
        }
        return ldapConnectionConfig;
    }

    private TrustManager[] trustManagers(AmbariLdapConfiguration ambariLdapConfiguration) throws AmbariLdapException {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore(ambariLdapConfiguration));
            return trustManagerFactory.getTrustManagers();
        } catch (Exception e) {
            LOG.error("Failed to initialize trust managers", e);
            throw new AmbariLdapException(e);
        }
    }

    private KeyStore keyStore(AmbariLdapConfiguration ambariLdapConfiguration) throws AmbariLdapException {
        if (Strings.isEmpty(ambariLdapConfiguration.trustStoreType())) {
            throw new AmbariLdapException("Key Store Type must be specified");
        }
        if (Strings.isEmpty(ambariLdapConfiguration.trustStorePath())) {
            throw new AmbariLdapException("Key Store Path must be specified");
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(ambariLdapConfiguration.trustStoreType());
            keyStore.load(new FileInputStream(ambariLdapConfiguration.trustStorePath()), ambariLdapConfiguration.trustStorePassword().toCharArray());
            return keyStore;
        } catch (Exception e) {
            LOG.error("Failed to create keystore", e);
            throw new AmbariLdapException(e);
        }
    }
}
