package org.apereo.cas.authentication;

import java.security.KeyStore;
import java.security.Provider;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.TrustManagerFactorySpi;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.DefaultHostnameVerifier;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.ssl.SSLContexts;
import org.jooq.lambda.Unchecked;

/* loaded from: input_file:org/apereo/cas/authentication/CasSSLContext.class */
public interface CasSSLContext {
    public static final String BEAN_NAME = "casSslContext";

    /* loaded from: input_file:org/apereo/cas/authentication/CasSSLContext$DisabledCasSslContext.class */
    public static class DisabledCasSslContext implements CasSSLContext {
        private static final X509Certificate[] ACCEPTED_ISSUERS = new X509Certificate[0];

        private static X509TrustManager getDisabledTrustedManager() {
            return new X509TrustManager() { // from class: org.apereo.cas.authentication.CasSSLContext.DisabledCasSslContext.1
                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return DisabledCasSslContext.ACCEPTED_ISSUERS;
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                }
            };
        }

        @Override // org.apereo.cas.authentication.CasSSLContext
        public SSLContext getSslContext() {
            return (SSLContext) Unchecked.supplier(() -> {
                SSLContext sSLContext = SSLContext.getInstance("SSL");
                sSLContext.init(getKeyManagers(), getTrustManagers(), null);
                return sSLContext;
            }).get();
        }

        @Override // org.apereo.cas.authentication.CasSSLContext
        public KeyManagerFactory getKeyManagerFactory() {
            return (KeyManagerFactory) Unchecked.supplier(() -> {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                keyManagerFactory.init(null, null);
                return keyManagerFactory;
            }).get();
        }

        @Override // org.apereo.cas.authentication.CasSSLContext
        public TrustManagerFactory getTrustManagerFactory() {
            return new TrustManagerFactory(new TrustManagerFactorySpi() { // from class: org.apereo.cas.authentication.CasSSLContext.DisabledCasSslContext.3
                @Override // javax.net.ssl.TrustManagerFactorySpi
                protected void engineInit(KeyStore keyStore) {
                }

                @Override // javax.net.ssl.TrustManagerFactorySpi
                protected void engineInit(ManagerFactoryParameters managerFactoryParameters) {
                }

                @Override // javax.net.ssl.TrustManagerFactorySpi
                protected TrustManager[] engineGetTrustManagers() {
                    return DisabledCasSslContext.this.getTrustManagers();
                }
            }, new Provider("", "0.0", "") { // from class: org.apereo.cas.authentication.CasSSLContext.DisabledCasSslContext.2
                private static final long serialVersionUID = -2680540247105807895L;
            }, "") { // from class: org.apereo.cas.authentication.CasSSLContext.DisabledCasSslContext.4
            };
        }

        @Override // org.apereo.cas.authentication.CasSSLContext
        public TrustManager[] getTrustManagers() {
            return new TrustManager[]{getDisabledTrustedManager()};
        }

        @Override // org.apereo.cas.authentication.CasSSLContext
        public KeyManager[] getKeyManagers() {
            return new KeyManager[0];
        }

        @Override // org.apereo.cas.authentication.CasSSLContext
        public HostnameVerifier getHostnameVerifier() {
            return NoopHostnameVerifier.INSTANCE;
        }
    }

    static CasSSLContext system() {
        return new CasSSLContext() { // from class: org.apereo.cas.authentication.CasSSLContext.1
            @Override // org.apereo.cas.authentication.CasSSLContext
            public KeyManagerFactory getKeyManagerFactory() {
                return (KeyManagerFactory) Unchecked.supplier(() -> {
                    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                    keyManagerFactory.init(null, null);
                    return keyManagerFactory;
                }).get();
            }

            @Override // org.apereo.cas.authentication.CasSSLContext
            public SSLContext getSslContext() {
                return SSLContexts.createSystemDefault();
            }

            @Override // org.apereo.cas.authentication.CasSSLContext
            public TrustManagerFactory getTrustManagerFactory() {
                return (TrustManagerFactory) Unchecked.supplier(() -> {
                    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                    trustManagerFactory.init((KeyStore) null);
                    return trustManagerFactory;
                }).get();
            }

            @Override // org.apereo.cas.authentication.CasSSLContext
            public TrustManager[] getTrustManagers() {
                return getTrustManagerFactory().getTrustManagers();
            }

            @Override // org.apereo.cas.authentication.CasSSLContext
            public HostnameVerifier getHostnameVerifier() {
                return new DefaultHostnameVerifier();
            }

            @Override // org.apereo.cas.authentication.CasSSLContext
            public KeyManager[] getKeyManagers() {
                return (KeyManager[]) Unchecked.supplier(() -> {
                    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                    keyManagerFactory.init(null, null);
                    return keyManagerFactory.getKeyManagers();
                }).get();
            }
        };
    }

    static CasSSLContext disabled() {
        return new DisabledCasSslContext();
    }

    SSLContext getSslContext();

    TrustManager[] getTrustManagers();

    KeyManager[] getKeyManagers();

    HostnameVerifier getHostnameVerifier();

    TrustManagerFactory getTrustManagerFactory();

    KeyManagerFactory getKeyManagerFactory();
}
