package org.ldaptive.provider.apache;

import java.security.GeneralSecurityException;
import javax.net.ssl.KeyManager;
import javax.net.ssl.TrustManager;
import org.apache.directory.ldap.client.api.LdapConnectionConfig;
import org.ldaptive.ConnectionConfig;
import org.ldaptive.LdapURL;
import org.ldaptive.provider.Provider;
import org.ldaptive.provider.ProviderConnectionFactory;
import org.ldaptive.ssl.DefaultHostnameVerifier;
import org.ldaptive.ssl.DefaultSSLContextInitializer;
import org.ldaptive.ssl.HostnameVerifyingTrustManager;
import org.ldaptive.ssl.SSLContextInitializer;

/* loaded from: input_file:org/ldaptive/provider/apache/ApacheLdapProvider.class */
public class ApacheLdapProvider implements Provider<ApacheLdapProviderConfig> {
    private ApacheLdapProviderConfig config = new ApacheLdapProviderConfig();

    public ProviderConnectionFactory<ApacheLdapProviderConfig> getConnectionFactory(ConnectionConfig connectionConfig) {
        LdapConnectionConfig ldapConnectionConfig = this.config.getLdapConnectionConfig();
        if (ldapConnectionConfig == null) {
            ldapConnectionConfig = getDefaultLdapConnectionConfig(connectionConfig);
        }
        return new ApacheLdapConnectionFactory(connectionConfig.getLdapUrl(), connectionConfig.getConnectionStrategy(), this.config, ldapConnectionConfig, connectionConfig.getUseStartTLS(), connectionConfig.getResponseTimeout());
    }

    protected SSLContextInitializer getHostnameVerifierSSLContextInitializer(ConnectionConfig connectionConfig) {
        SSLContextInitializer defaultSSLContextInitializer;
        if (connectionConfig.getSslConfig() == null || connectionConfig.getSslConfig().getCredentialConfig() == null) {
            defaultSSLContextInitializer = new DefaultSSLContextInitializer();
        } else {
            try {
                defaultSSLContextInitializer = connectionConfig.getSslConfig().getCredentialConfig().createSSLContextInitializer();
            } catch (GeneralSecurityException e) {
                throw new IllegalArgumentException(e);
            }
        }
        if (connectionConfig.getSslConfig() == null || connectionConfig.getSslConfig().getTrustManagers() == null) {
            defaultSSLContextInitializer.setTrustManagers(new TrustManager[]{new HostnameVerifyingTrustManager(new DefaultHostnameVerifier(), new LdapURL(connectionConfig.getLdapUrl()).getHostnames())});
        } else {
            defaultSSLContextInitializer.setTrustManagers(connectionConfig.getSslConfig().getTrustManagers());
        }
        return defaultSSLContextInitializer;
    }

    protected LdapConnectionConfig getDefaultLdapConnectionConfig(ConnectionConfig connectionConfig) {
        LdapConnectionConfig ldapConnectionConfig = new LdapConnectionConfig();
        if (connectionConfig.getUseSSL() || connectionConfig.getUseStartTLS()) {
            SSLContextInitializer hostnameVerifierSSLContextInitializer = getHostnameVerifierSSLContextInitializer(connectionConfig);
            try {
                TrustManager[] trustManagers = hostnameVerifierSSLContextInitializer.getTrustManagers();
                KeyManager[] keyManagers = hostnameVerifierSSLContextInitializer.getKeyManagers();
                ldapConnectionConfig.setUseSsl(connectionConfig.getUseSSL());
                ldapConnectionConfig.setTrustManagers(trustManagers);
                ldapConnectionConfig.setKeyManagers(keyManagers);
                if (connectionConfig.getSslConfig() != null && connectionConfig.getSslConfig().getEnabledCipherSuites() != null) {
                    ldapConnectionConfig.setEnabledCipherSuites(connectionConfig.getSslConfig().getEnabledCipherSuites());
                }
                if (connectionConfig.getSslConfig() != null && connectionConfig.getSslConfig().getEnabledProtocols() != null) {
                    ldapConnectionConfig.setSslProtocol(connectionConfig.getSslConfig().getEnabledProtocols()[0]);
                }
            } catch (GeneralSecurityException e) {
                throw new IllegalArgumentException(e);
            }
        }
        return ldapConnectionConfig;
    }

    /* renamed from: getProviderConfig, reason: merged with bridge method [inline-methods] */
    public ApacheLdapProviderConfig m4getProviderConfig() {
        return this.config;
    }

    public void setProviderConfig(ApacheLdapProviderConfig apacheLdapProviderConfig) {
        this.config = apacheLdapProviderConfig;
    }

    /* renamed from: newInstance, reason: merged with bridge method [inline-methods] */
    public ApacheLdapProvider m3newInstance() {
        return new ApacheLdapProvider();
    }
}
