package org.spf4j.kube.client;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.concurrent.TimeUnit;
import javax.annotation.Nullable;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.MediaType;
import org.spf4j.http.DeadlineProtocol;
import org.spf4j.jaxrs.client.Spf4JClient;
import org.spf4j.jaxrs.client.providers.BearerAuthClientFilter;
import org.spf4j.jaxrs.client.providers.ClientCustomExecutorServiceProvider;
import org.spf4j.jaxrs.client.providers.ClientCustomScheduledExecutionServiceProvider;
import org.spf4j.jaxrs.client.providers.ExecutionContextClientFilter;
import org.spf4j.jaxrs.common.providers.avro.SchemaProtocol;
import org.spf4j.jaxrs.common.providers.avro.XJsonAvroMessageBodyReader;

/* loaded from: input_file:org/spf4j/kube/client/Client.class */
public final class Client {
    private final WebTarget apiTarget;

    public Client(@Nullable String str, @Nullable byte[] bArr) {
        this("kubernetes.default.svc", str, bArr);
    }

    public Client(String str, @Nullable String str2, @Nullable byte[] bArr) {
        ClientBuilder readTimeout = ClientBuilder.newBuilder().connectTimeout(2L, TimeUnit.SECONDS).readTimeout(30L, TimeUnit.SECONDS);
        readTimeout = bArr != null ? readTimeout.sslContext(buildSslContext(bArr)) : readTimeout;
        this.apiTarget = new Spf4JClient((str2 != null ? (ClientBuilder) readTimeout.register(new BearerAuthClientFilter(sb -> {
            sb.append(str2);
        })) : readTimeout).register(new ExecutionContextClientFilter(DeadlineProtocol.NONE, true)).register(ClientCustomExecutorServiceProvider.class).register(ClientCustomScheduledExecutionServiceProvider.class).register(new XJsonAvroMessageBodyReader(SchemaProtocol.NONE)).property("jersey.config.client.useEncoding", "gzip").build()).target((bArr == null ? "http://" : "https://") + str).path("api/v1");
    }

    public Endpoints getEndpoints(String str, String str2) {
        return (Endpoints) this.apiTarget.path("namespaces/{namespace}/endpoints/{endpointName}").resolveTemplate("namespace", str).resolveTemplate("endpointName", str2).request(new MediaType[]{MediaType.APPLICATION_JSON_TYPE}).get(Endpoints.class);
    }

    private Certificate generateCertificate(byte[] bArr) throws IOException, CertificateException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        Throwable th = null;
        try {
            try {
                Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
                if (byteArrayInputStream != null) {
                    if (0 != 0) {
                        try {
                            byteArrayInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        byteArrayInputStream.close();
                    }
                }
                return generateCertificate;
            } finally {
            }
        } catch (Throwable th3) {
            if (byteArrayInputStream != null) {
                if (th != null) {
                    try {
                        byteArrayInputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    byteArrayInputStream.close();
                }
            }
            throw th3;
        }
    }

    private SSLContext buildSslContext(byte[] bArr) {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            keyStore.setCertificateEntry("ca", generateCertificate(bArr));
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
            sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
            return sSLContext;
        } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new RuntimeException(e);
        }
    }

    public String toString() {
        return "Client{apiTarget=" + this.apiTarget + '}';
    }
}
