package id.onyx.obdp.server.ldap.service.ads;

import id.onyx.obdp.server.ldap.domain.OBDPLdapConfiguration;
import id.onyx.obdp.server.ldap.service.AmbariLdapException;
import id.onyx.obdp.server.ldap.service.LdapConnectionConfigService;
import jakarta.inject.Inject;
import jakarta.inject.Singleton;
import java.io.FileInputStream;
import java.security.KeyStore;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.directory.api.util.Strings;
import org.apache.directory.ldap.client.api.LdapConnectionConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Singleton
/* loaded from: input_file:id/onyx/obdp/server/ldap/service/ads/DefaultLdapConnectionConfigService.class */
public class DefaultLdapConnectionConfigService implements LdapConnectionConfigService {
    private static final Logger LOG = LoggerFactory.getLogger(DefaultLdapConnectionConfigService.class);

    @Inject
    public DefaultLdapConnectionConfigService() {
    }

    @Override // id.onyx.obdp.server.ldap.service.LdapConnectionConfigService
    public LdapConnectionConfig createLdapConnectionConfig(OBDPLdapConfiguration oBDPLdapConfiguration) throws AmbariLdapException {
        LOG.debug("Assembling ldap connection config based on: {}", oBDPLdapConfiguration);
        LdapConnectionConfig ldapConnectionConfig = new LdapConnectionConfig();
        ldapConnectionConfig.setLdapHost(oBDPLdapConfiguration.serverHost());
        ldapConnectionConfig.setLdapPort(oBDPLdapConfiguration.serverPort());
        ldapConnectionConfig.setName(oBDPLdapConfiguration.bindDn());
        ldapConnectionConfig.setCredentials(oBDPLdapConfiguration.bindPassword());
        ldapConnectionConfig.setUseSsl(oBDPLdapConfiguration.useSSL());
        if ("custom".equals(oBDPLdapConfiguration.trustStore())) {
            LOG.info("Using custom trust manager configuration");
            ldapConnectionConfig.setTrustManagers(trustManagers(oBDPLdapConfiguration));
        }
        return ldapConnectionConfig;
    }

    private TrustManager[] trustManagers(OBDPLdapConfiguration oBDPLdapConfiguration) throws AmbariLdapException {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore(oBDPLdapConfiguration));
            return trustManagerFactory.getTrustManagers();
        } catch (Exception e) {
            LOG.error("Failed to initialize trust managers", e);
            throw new AmbariLdapException(e);
        }
    }

    private KeyStore keyStore(OBDPLdapConfiguration oBDPLdapConfiguration) throws AmbariLdapException {
        if (Strings.isEmpty(oBDPLdapConfiguration.trustStoreType())) {
            throw new AmbariLdapException("Key Store Type must be specified");
        }
        if (Strings.isEmpty(oBDPLdapConfiguration.trustStorePath())) {
            throw new AmbariLdapException("Key Store Path must be specified");
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(oBDPLdapConfiguration.trustStoreType());
            keyStore.load(new FileInputStream(oBDPLdapConfiguration.trustStorePath()), oBDPLdapConfiguration.trustStorePassword().toCharArray());
            return keyStore;
        } catch (Exception e) {
            LOG.error("Failed to create keystore", e);
            throw new AmbariLdapException(e);
        }
    }
}
