package io.nity.grpc.autoconfigure;

import io.grpc.netty.GrpcSslContexts;
import io.grpc.netty.NegotiationType;
import io.grpc.netty.NettyChannelBuilder;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import io.nity.grpc.DisposableManagedChannel;
import java.io.File;
import javax.net.ssl.SSLException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.AutoConfigureOrder;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.util.StringUtils;

@AutoConfigureOrder
/* loaded from: input_file:io/nity/grpc/autoconfigure/GrpcClientTlsAutoConfiguration.class */
public class GrpcClientTlsAutoConfiguration {
    private static final Logger log = LoggerFactory.getLogger(GrpcClientTlsAutoConfiguration.class);

    @Autowired
    private GrpcClientProperties clientProperties;

    @ConditionalOnProperty(value = {"grpc.client.model"}, havingValue = GrpcClientProperties.SERVER_MODEL_TLS)
    @Bean
    public DisposableManagedChannel getChannel() throws SSLException {
        int port = this.clientProperties.getPort();
        String host = this.clientProperties.getHost();
        String trustCertCollectionFilePath = this.clientProperties.getTrustCertCollectionFilePath();
        if (!StringUtils.hasText(host)) {
            log.error("please config required property [host] for Tls model");
            throw new RuntimeException("Failed to create Tls channel");
        }
        if (!StringUtils.hasText(trustCertCollectionFilePath)) {
            log.error("please config required property [trustCertCollectionFilePath] for Tls model");
            throw new RuntimeException("Failed to create Tls channel");
        }
        log.info("will create channel with tls");
        log.info("creating channel on {}:{}", host, Integer.valueOf(port));
        return new DisposableManagedChannel(NettyChannelBuilder.forAddress(host, port).negotiationType(NegotiationType.TLS).sslContext(buildSslContext(trustCertCollectionFilePath, null, null)).build());
    }

    private static SslContext buildSslContext(String str, String str2, String str3) throws SSLException {
        SslContextBuilder forClient = GrpcSslContexts.forClient();
        if (str != null) {
            forClient.trustManager(new File(str));
        }
        if (str2 != null && str3 != null) {
            forClient.keyManager(new File(str2), new File(str3));
        }
        forClient.protocols(new String[]{"TLSv1.2"});
        return forClient.build();
    }
}
