package software.aws.neptune.jdbc.utilities;

import com.jcraft.jsch.HostKey;
import com.jcraft.jsch.JSch;
import com.jcraft.jsch.JSchException;
import com.jcraft.jsch.Session;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.sql.SQLException;
import java.util.Arrays;
import java.util.regex.Matcher;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:software/aws/neptune/jdbc/utilities/SshTunnel.class */
public class SshTunnel {
    public static final String SSH_KNOWN_HOSTS_FILE = "~/.ssh/known_hosts";
    public static final String STRICT_HOST_KEY_CHECKING = "StrictHostKeyChecking";
    public static final String HASH_KNOWN_HOSTS = "HashKnownHosts";
    public static final String SERVER_HOST_KEY = "server_host_key";
    public static final String USER_HOME_PROPERTY = "user.home";
    public static final String HOME_PATH_PREFIX_REG_EXPR = "^~[/\\\\].*$";
    public static final String YES = "yes";
    public static final String NO = "no";
    private static final Logger LOGGER = LoggerFactory.getLogger(SshTunnel.class);
    private static final int DEFAULT_PORT = 22;
    private static final String LOCALHOST = "localhost";
    private static final int CONNECTION_TIMEOUT_MILLISECONDS = 3000;
    private Integer localPort;
    private Session session;

    public SshTunnel(ConnectionProperties connectionProperties) throws SQLException {
        this.localPort = null;
        this.session = null;
        if (connectionProperties.enableSshTunnel()) {
            try {
                JSch jSch = new JSch();
                jSch.addIdentity(getPath(connectionProperties.getSshPrivateKeyFile()).toString());
                this.session = jSch.getSession(connectionProperties.getSshUser(), getHostName(connectionProperties), getPort(connectionProperties));
                setHostKeyType(jSch, this.session, connectionProperties);
                this.session.connect(CONNECTION_TIMEOUT_MILLISECONDS);
                this.localPort = Integer.valueOf(this.session.setPortForwardingL(LOCALHOST, 0, connectionProperties.getHostname(), connectionProperties.getPort()));
            } catch (Exception e) {
                this.localPort = null;
                this.session = null;
                if (!(e instanceof SQLException)) {
                    throw new SQLException(e.getMessage(), e);
                }
            }
        }
    }

    public static Path getPath(String str) {
        return str.matches(HOME_PATH_PREFIX_REG_EXPR) ? Paths.get(str.replaceFirst("~", Matcher.quoteReplacement(System.getProperty(USER_HOME_PROPERTY))), new String[0]).toAbsolutePath() : Paths.get(str, new String[0]).toAbsolutePath();
    }

    private static int getPort(ConnectionProperties connectionProperties) {
        int indexOf = connectionProperties.getSshHostname().indexOf(58);
        return indexOf >= 0 ? Integer.parseInt(connectionProperties.getSshHostname().substring(indexOf + 1)) : DEFAULT_PORT;
    }

    private static String getHostName(ConnectionProperties connectionProperties) {
        int indexOf = connectionProperties.getSshHostname().indexOf(58);
        return indexOf >= 0 ? connectionProperties.getSshHostname().substring(0, indexOf) : connectionProperties.getSshHostname();
    }

    private static void setHostKeyType(JSch jSch, Session session, ConnectionProperties connectionProperties) throws SQLException {
        if (!connectionProperties.getSshStrictHostKeyChecking()) {
            session.setConfig(STRICT_HOST_KEY_CHECKING, NO);
            return;
        }
        String path = getPath(StringUtils.isBlank(connectionProperties.getSshKnownHostsFile()) ? SSH_KNOWN_HOSTS_FILE : connectionProperties.getSshKnownHostsFile()).toString();
        if (!Files.exists(Paths.get(path, new String[0]), new LinkOption[0])) {
            throw SqlError.createSQLException(LOGGER, SqlState.INVALID_AUTHORIZATION_SPECIFICATION, SqlError.KNOWN_HOSTS_FILE_NOT_FOUND, connectionProperties.getSshKnownHostsFile());
        }
        try {
            jSch.setKnownHosts(path);
            HostKey hostKey = (HostKey) Arrays.stream(jSch.getHostKeyRepository().getHostKey()).filter(hostKey2 -> {
                return hostKey2.getHost().equals(getHostName(connectionProperties));
            }).findFirst().orElse(null);
            String type = hostKey != null ? hostKey.getType() : null;
            if (type != null) {
                session.setConfig(SERVER_HOST_KEY, type);
            }
            session.setConfig(HASH_KNOWN_HOSTS, YES);
        } catch (JSchException e) {
            throw new SQLException(e.getMessage(), (Throwable) e);
        }
    }

    public String getTunnelHost() {
        return LOCALHOST;
    }

    public int getTunnelPort() {
        if (this.localPort != null) {
            return this.localPort.intValue();
        }
        return 0;
    }

    public boolean sshTunnelValid() {
        return this.session != null;
    }

    public void disconnect() {
        if (sshTunnelValid()) {
            this.session.disconnect();
        }
    }
}
