package com.sitewhere.communication.mqtt;

import com.sitewhere.spi.SiteWhereException;
import java.io.File;
import java.io.FileInputStream;
import java.net.URISyntaxException;
import java.security.KeyStore;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.apache.commons.lang3.StringUtils;
import org.fusesource.mqtt.client.MQTT;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/sitewhere/communication/mqtt/MqttConfigurer.class */
public class MqttConfigurer {
    private static Logger LOGGER = LoggerFactory.getLogger(MqttConfigurer.class);

    public static MQTT configure(IMqttConfiguration iMqttConfiguration) throws SiteWhereException {
        MQTT mqtt = new MQTT();
        boolean startsWith = iMqttConfiguration.getProtocol().startsWith("ssl");
        boolean startsWith2 = iMqttConfiguration.getProtocol().startsWith("tls");
        if (iMqttConfiguration.getClientId() != null) {
            mqtt.setClientId(iMqttConfiguration.getClientId());
            LOGGER.info("MQTT connection will use client id '" + iMqttConfiguration.getClientId() + "'.");
        }
        mqtt.setCleanSession(iMqttConfiguration.isCleanSession());
        LOGGER.info("MQTT clean session flag being set to '" + iMqttConfiguration.isCleanSession() + "'.");
        if (startsWith || startsWith2) {
            handleSecureTransport(mqtt, iMqttConfiguration);
        }
        if (!StringUtils.isEmpty(iMqttConfiguration.getUsername())) {
            mqtt.setUserName(iMqttConfiguration.getUsername());
        }
        if (!StringUtils.isEmpty(iMqttConfiguration.getPassword())) {
            mqtt.setPassword(iMqttConfiguration.getPassword());
        }
        try {
            mqtt.setHost(iMqttConfiguration.getProtocol() + "://" + iMqttConfiguration.getHostname() + ":" + iMqttConfiguration.getPort());
            return mqtt;
        } catch (URISyntaxException e) {
            throw new SiteWhereException("Invalid hostname for MQTT server.", e);
        }
    }

    protected static void handleSecureTransport(MQTT mqtt, IMqttConfiguration iMqttConfiguration) throws SiteWhereException {
        LOGGER.info("MQTT client using secure protocol '" + iMqttConfiguration.getProtocol() + "'.");
        boolean z = (iMqttConfiguration.getTrustStorePath() == null || iMqttConfiguration.getTrustStorePassword() == null) ? false : true;
        boolean z2 = (iMqttConfiguration.getKeyStorePath() == null || iMqttConfiguration.getKeyStorePassword() == null) ? false : true;
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            TrustManagerFactory trustManagerFactory = null;
            if (z) {
                trustManagerFactory = configureTrustStore(sSLContext, iMqttConfiguration.getTrustStorePath(), iMqttConfiguration.getTrustStorePassword());
            } else {
                LOGGER.info("No trust store configured for MQTT client.");
            }
            if (z2) {
                sSLContext.init(configureKeyStore(sSLContext, iMqttConfiguration.getKeyStorePath(), iMqttConfiguration.getKeyStorePassword()).getKeyManagers(), trustManagerFactory != null ? trustManagerFactory.getTrustManagers() : null, null);
            } else if (z) {
                sSLContext.init(null, trustManagerFactory != null ? trustManagerFactory.getTrustManagers() : null, null);
            }
            mqtt.setSslContext(sSLContext);
            LOGGER.info("Created SSL context for MQTT receiver.");
        } catch (Throwable th) {
            throw new SiteWhereException("Unable to configure secure transport.", th);
        }
    }

    protected static TrustManagerFactory configureTrustStore(SSLContext sSLContext, String str, String str2) throws Exception {
        LOGGER.info("MQTT client using truststore path: " + str);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(new FileInputStream(new File(str)), str2.toCharArray());
        trustManagerFactory.init(keyStore);
        return trustManagerFactory;
    }

    protected static KeyManagerFactory configureKeyStore(SSLContext sSLContext, String str, String str2) throws Exception {
        LOGGER.info("MQTT client using keystore path: " + str);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(new FileInputStream(new File(str)), str2.toCharArray());
        keyManagerFactory.init(keyStore, str2.toCharArray());
        return keyManagerFactory;
    }
}
