package org.apache.cxf.transport.https;

import java.io.IOException;
import java.lang.reflect.Constructor;
import java.lang.reflect.Method;
import java.net.HttpURLConnection;
import java.net.Proxy;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.util.logging.Handler;
import java.util.logging.Logger;
import javax.imageio.IIOException;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.common.util.ReflectionInvokationHandler;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.transport.http.HTTPConduit;
import org.apache.cxf.transport.http.HttpURLConnectionFactory;
import org.apache.cxf.transport.http.HttpURLConnectionInfo;

/* loaded from: input_file:WEB-INF/lib/cxf-rt-transports-http-2.2.5.jar:org/apache/cxf/transport/https/HttpsURLConnectionFactory.class */
public final class HttpsURLConnectionFactory implements HttpURLConnectionFactory {
    public static final String HTTPS_URL_PROTOCOL_ID = "https";
    private static final long serialVersionUID = 1;
    private static final Logger LOG;
    private static boolean weblogicWarned;
    HTTPConduit conduit;
    TLSClientParameters tlsClientParameters;
    SSLSocketFactory socketFactory;
    static final /* synthetic */ boolean $assertionsDisabled;

    public HttpsURLConnectionFactory(TLSClientParameters tLSClientParameters) {
        this.tlsClientParameters = tLSClientParameters;
        if (!$assertionsDisabled && this.tlsClientParameters == null) {
            throw new AssertionError();
        }
    }

    @Override // org.apache.cxf.transport.http.HttpURLConnectionFactory
    public HttpURLConnection createConnection(Proxy proxy, URL url) throws IOException {
        if (!url.getProtocol().equals(HTTPS_URL_PROTOCOL_ID)) {
            throw new IOException("Illegal Protocol " + url.getProtocol() + " for HTTPS URLConnection Factory.");
        }
        HttpURLConnection httpURLConnection = (HttpURLConnection) (proxy != null ? url.openConnection(proxy) : url.openConnection());
        if (this.tlsClientParameters != null) {
            Object obj = null;
            try {
                decorateWithTLS(httpURLConnection);
                if (0 != 0) {
                    if (obj instanceof IOException) {
                        throw ((IOException) null);
                    }
                    throw new IIOException("Error while initializing secure socket", (Throwable) null);
                }
            } catch (Exception e) {
                if (e != null) {
                    if (e instanceof IOException) {
                        throw ((IOException) e);
                    }
                    throw new IIOException("Error while initializing secure socket", e);
                }
            } catch (Throwable th) {
                if (0 == 0) {
                    throw th;
                }
                if (obj instanceof IOException) {
                    throw ((IOException) null);
                }
                throw new IIOException("Error while initializing secure socket", (Throwable) null);
            }
        }
        return httpURLConnection;
    }

    protected synchronized void decorateWithTLS(HttpURLConnection httpURLConnection) throws NoSuchAlgorithmException, NoSuchProviderException, KeyManagementException {
        SSLSocketFactory sSLSocketFactory;
        if (this.socketFactory == null && (sSLSocketFactory = this.tlsClientParameters.getSSLSocketFactory()) != null) {
            this.socketFactory = sSLSocketFactory;
        }
        if (this.socketFactory == null) {
            String jsseProvider = this.tlsClientParameters.getJsseProvider();
            String secureSocketProtocol = this.tlsClientParameters.getSecureSocketProtocol() != null ? this.tlsClientParameters.getSecureSocketProtocol() : "TLS";
            SSLContext sSLContext = jsseProvider == null ? SSLContext.getInstance(secureSocketProtocol) : SSLContext.getInstance(secureSocketProtocol, jsseProvider);
            sSLContext.init(this.tlsClientParameters.getKeyManagers(), this.tlsClientParameters.getTrustManagers(), this.tlsClientParameters.getSecureRandom());
            this.socketFactory = new SSLSocketFactoryWrapper(sSLContext.getSocketFactory(), SSLUtils.getCiphersuites(this.tlsClientParameters.getCipherSuites(), SSLUtils.getSupportedCipherSuites(sSLContext), this.tlsClientParameters.getCipherSuitesFilter(), LOG, false), this.tlsClientParameters.getSecureSocketProtocol());
        }
        CertificateHostnameVerifier certificateHostnameVerifier = this.tlsClientParameters.isDisableCNCheck() ? CertificateHostnameVerifier.ALLOW_ALL : CertificateHostnameVerifier.DEFAULT;
        if (httpURLConnection instanceof HttpsURLConnection) {
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) httpURLConnection;
            httpsURLConnection.setHostnameVerifier(certificateHostnameVerifier);
            httpsURLConnection.setSSLSocketFactory(this.socketFactory);
            return;
        }
        try {
            Method method = httpURLConnection.getClass().getMethod("getHostnameVerifier", new Class[0]);
            httpURLConnection.getClass().getMethod("setHostnameVerifier", method.getReturnType()).invoke(httpURLConnection, java.lang.reflect.Proxy.newProxyInstance(getClass().getClassLoader(), new Class[]{method.getReturnType()}, new ReflectionInvokationHandler(certificateHostnameVerifier) { // from class: org.apache.cxf.transport.https.HttpsURLConnectionFactory.1
                @Override // org.apache.cxf.common.util.ReflectionInvokationHandler, java.lang.reflect.InvocationHandler
                public Object invoke(Object obj, Method method2, Object[] objArr) throws Throwable {
                    try {
                        return super.invoke(obj, method2, objArr);
                    } catch (Exception e) {
                        return true;
                    }
                }
            }));
        } catch (Exception e) {
        }
        try {
            Method method2 = httpURLConnection.getClass().getMethod("getSSLSocketFactory", new Class[0]);
            Method method3 = httpURLConnection.getClass().getMethod("setSSLSocketFactory", method2.getReturnType());
            if (method2.getReturnType().isInstance(this.socketFactory)) {
                method3.invoke(httpURLConnection, this.socketFactory);
            } else {
                Constructor<?> declaredConstructor = method2.getReturnType().getDeclaredConstructor(SSLSocketFactory.class);
                declaredConstructor.setAccessible(true);
                method3.invoke(httpURLConnection, declaredConstructor.newInstance(this.socketFactory));
            }
        } catch (Exception e2) {
            if (!httpURLConnection.getClass().getName().contains("weblogic")) {
                throw new IllegalArgumentException("Error decorating connection class " + httpURLConnection.getClass().getName(), e2);
            }
            if (weblogicWarned) {
                return;
            }
            weblogicWarned = true;
            LOG.warning("Could not configure SSLSocketFactory on Weblogic.   Use the Weblogic control panel to configure the SSL settings.");
        }
    }

    protected void addLogHandler(Handler handler) {
        LOG.addHandler(handler);
    }

    @Override // org.apache.cxf.transport.http.HttpURLConnectionFactory
    public HttpURLConnectionInfo getConnectionInfo(HttpURLConnection httpURLConnection) throws IOException {
        return new HttpsURLConnectionInfo(httpURLConnection);
    }

    @Override // org.apache.cxf.transport.http.HttpURLConnectionFactory
    public String getProtocol() {
        return HTTPS_URL_PROTOCOL_ID;
    }

    static {
        $assertionsDisabled = !HttpsURLConnectionFactory.class.desiredAssertionStatus();
        LOG = LogUtils.getL7dLogger(HttpsURLConnectionFactory.class);
    }
}
