package no.difi.oxalis.commons.mode;

import com.google.inject.Provides;
import com.google.inject.Singleton;
import com.typesafe.config.Config;
import io.opentracing.Span;
import io.opentracing.Tracer;
import io.opentracing.contrib.spanmanager.DefaultSpanManager;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import javax.inject.Named;
import net.klakegg.pkix.ocsp.api.OcspFetcher;
import no.difi.certvalidator.api.CrlCache;
import no.difi.certvalidator.api.CrlFetcher;
import no.difi.certvalidator.util.SimpleCrlCache;
import no.difi.oxalis.api.lang.OxalisLoadingException;
import no.difi.oxalis.commons.guice.OxalisModule;
import no.difi.vefa.peppol.common.lang.PeppolLoadingException;
import no.difi.vefa.peppol.mode.Mode;
import no.difi.vefa.peppol.security.ModeDetector;
import no.difi.vefa.peppol.security.api.CertificateValidator;
import org.apache.http.client.config.RequestConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:no/difi/oxalis/commons/mode/ModeModule.class */
public class ModeModule extends OxalisModule {
    private static final Logger log = LoggerFactory.getLogger(ModeModule.class);

    protected void configure() {
        bind(OcspFetcher.class).to(OxalisOcspFetcher.class);
        bind(CrlCache.class).toInstance(new SimpleCrlCache());
        bind(CrlFetcher.class).to(OxalisCrlFetcher.class);
    }

    @Singleton
    @Provides
    protected Mode providesMode(X509Certificate x509Certificate, Config config, OcspFetcher ocspFetcher, CrlFetcher crlFetcher, Tracer tracer) throws PeppolLoadingException {
        Span start = tracer.buildSpan("Mode detection").start();
        DefaultSpanManager.getInstance().activate(start);
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("ocsp_fetcher", ocspFetcher);
            hashMap.put("crlFetcher", crlFetcher);
            Mode detect = ModeDetector.detect(x509Certificate, config, hashMap);
            log.info("Detected mode: {}", detect.getIdentifier());
            start.finish();
            return detect;
        } catch (Throwable th) {
            start.finish();
            throw th;
        }
    }

    @Singleton
    @Provides
    protected CertificateValidator getCertificateValidator(Mode mode) throws PeppolLoadingException {
        return (CertificateValidator) mode.initiate("security.validator.class", CertificateValidator.class);
    }

    @Singleton
    @Provides
    @Named("certificate")
    protected RequestConfig getRequestConfig() {
        return RequestConfig.custom().setConnectTimeout(10000).setConnectionRequestTimeout(10000).build();
    }

    @Singleton
    @Provides
    @Named("truststore-ap")
    protected KeyStore getTruststoreAp(Mode mode) {
        try {
            InputStream resourceAsStream = getClass().getResourceAsStream(mode.getString("security.truststore.ap"));
            Throwable th = null;
            try {
                try {
                    KeyStore keyStore = KeyStore.getInstance("JKS");
                    keyStore.load(resourceAsStream, mode.getString("security.truststore.password").toCharArray());
                    if (resourceAsStream != null) {
                        if (0 != 0) {
                            try {
                                resourceAsStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            resourceAsStream.close();
                        }
                    }
                    return keyStore;
                } finally {
                }
            } finally {
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new OxalisLoadingException("Unable to load truststore for AP.", e);
        }
    }

    @Singleton
    @Provides
    @Named("truststore-smp")
    protected KeyStore getTruststoreSmp(Mode mode) {
        try {
            InputStream resourceAsStream = getClass().getResourceAsStream(mode.getString("security.truststore.smp"));
            Throwable th = null;
            try {
                try {
                    KeyStore keyStore = KeyStore.getInstance("JKS");
                    keyStore.load(resourceAsStream, mode.getString("security.truststore.password").toCharArray());
                    if (resourceAsStream != null) {
                        if (0 != 0) {
                            try {
                                resourceAsStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            resourceAsStream.close();
                        }
                    }
                    return keyStore;
                } finally {
                }
            } finally {
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new OxalisLoadingException("Unable to load truststore for SMP.", e);
        }
    }
}
