package de.adorsys.aspsp.xs2a.config.rest.keycloak;

import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContexts;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.http.converter.StringHttpMessageConverter;
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
import org.springframework.web.client.RestTemplate;

@Configuration
/* loaded from: input_file:de/adorsys/aspsp/xs2a/config/rest/keycloak/KeycloakRestConfig.class */
public class KeycloakRestConfig {

    @Value("${skip.ssl.certificate.verification}")
    private boolean skipSslCertificateVerification;

    @Bean(name = {"keycloakRestTemplate"})
    public RestTemplate keycloakRestTemplate() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
        RestTemplate restTemplate = this.skipSslCertificateVerification ? new RestTemplate(buildHttpRequestFactoryWithoutSSLVerification()) : new RestTemplate();
        restTemplate.getMessageConverters().add(new MappingJackson2HttpMessageConverter());
        restTemplate.getMessageConverters().add(new StringHttpMessageConverter());
        restTemplate.setErrorHandler(new KeycloakRestErrorHandler());
        return restTemplate;
    }

    private HttpComponentsClientHttpRequestFactory buildHttpRequestFactoryWithoutSSLVerification() throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException {
        CloseableHttpClient build = HttpClients.custom().setSSLSocketFactory(new SSLConnectionSocketFactory(SSLContexts.custom().loadTrustMaterial((KeyStore) null, (x509CertificateArr, str) -> {
            return true;
        }).build())).setSSLHostnameVerifier(new NoopHostnameVerifier()).build();
        HttpComponentsClientHttpRequestFactory httpComponentsClientHttpRequestFactory = new HttpComponentsClientHttpRequestFactory();
        httpComponentsClientHttpRequestFactory.setHttpClient(build);
        return httpComponentsClientHttpRequestFactory;
    }
}
