package org.nuxeo.ecm.core.redis;

import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSocketFactory;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.ssl.TrustStrategy;
import org.nuxeo.common.xmap.annotation.XNode;
import org.nuxeo.common.xmap.annotation.XObject;
import redis.clients.jedis.Jedis;
import redis.clients.jedis.JedisPool;
import redis.clients.jedis.JedisPoolConfig;

@XObject("server")
/* loaded from: input_file:org/nuxeo/ecm/core/redis/RedisServerDescriptor.class */
public class RedisServerDescriptor extends RedisPoolDescriptor {

    @XNode("host")
    public String host;

    @XNode("ssl")
    public boolean ssl;

    @XNode("trustStorePath")
    public String trustStorePath;

    @XNode("trustStorePassword")
    public String trustStorePassword;

    @XNode("trustStoreType")
    public String trustStoreType;

    @XNode("keyStorePath")
    public String keyStorePath;

    @XNode("keyStorePassword")
    public String keyStorePassword;

    @XNode("keyStoreType")
    public String keyStoreType;

    @XNode("port")
    public int port = 6379;

    @XNode("failoverTimeout")
    public int failoverTimeout = 300;

    @Override // org.nuxeo.ecm.core.redis.RedisPoolDescriptor
    public RedisExecutor newExecutor() {
        boolean z;
        SSLSocketFactory socketFactory;
        SSLContext sSLContext = getSSLContext();
        if (sSLContext == null) {
            z = this.ssl;
            socketFactory = null;
        } else {
            z = true;
            socketFactory = sSLContext.getSocketFactory();
        }
        Jedis jedis = new Jedis(this.host, this.port, z, socketFactory, (SSLParameters) null, (HostnameVerifier) null);
        try {
            if (StringUtils.isNotBlank(this.password)) {
                jedis.auth(this.password);
            }
            if (!"PONG".equals(jedis.ping())) {
                throw new RuntimeException("Cannot connect to Redis host: " + this.host + ":" + this.port);
            }
            jedis.close();
            JedisPoolConfig jedisPoolConfig = new JedisPoolConfig();
            jedisPoolConfig.setMaxTotal(this.maxTotal);
            jedisPoolConfig.setMaxIdle(this.maxIdle);
            return new RedisFailoverExecutor(this.failoverTimeout, new RedisPoolExecutor(new JedisPool(jedisPoolConfig, this.host, this.port, this.timeout, (String) StringUtils.defaultIfBlank(this.password, (CharSequence) null), this.database)));
        } catch (Throwable th) {
            try {
                jedis.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    protected SSLContext getSSLContext() {
        try {
            KeyStore loadKeyStore = loadKeyStore(this.trustStorePath, this.trustStorePassword, this.trustStoreType);
            KeyStore loadKeyStore2 = loadKeyStore(this.keyStorePath, this.keyStorePassword, this.keyStoreType);
            if (loadKeyStore == null && loadKeyStore2 == null) {
                return null;
            }
            SSLContextBuilder custom = SSLContexts.custom();
            if (loadKeyStore != null) {
                custom.loadTrustMaterial(loadKeyStore, (TrustStrategy) null);
            }
            if (loadKeyStore2 != null) {
                custom.loadKeyMaterial(loadKeyStore2, (char[]) null);
            }
            return custom.build();
        } catch (IOException | GeneralSecurityException e) {
            throw new RuntimeException("Cannot setup SSL context", e);
        }
    }

    protected KeyStore loadKeyStore(String str, String str2, String str3) throws GeneralSecurityException, IOException {
        if (StringUtils.isBlank(str)) {
            return null;
        }
        KeyStore keyStore = KeyStore.getInstance((String) StringUtils.defaultIfBlank(str3, KeyStore.getDefaultType()));
        char[] charArray = StringUtils.isBlank(str2) ? null : str2.toCharArray();
        InputStream newInputStream = Files.newInputStream(Paths.get(str, new String[0]), new OpenOption[0]);
        try {
            keyStore.load(newInputStream, charArray);
            if (newInputStream != null) {
                newInputStream.close();
            }
            return keyStore;
        } catch (Throwable th) {
            if (newInputStream != null) {
                try {
                    newInputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }
}
