package com.datastax.bdp.cassandra.auth;

import com.datastax.bdp.cassandra.auth.LdapConnectionProvider;
import com.datastax.bdp.config.LdapConfig;
import com.datastax.bdp.util.DseUtil;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.security.KeyStore;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedTrustManager;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.api.ldap.model.exception.LdapOperationException;
import org.apache.directory.ldap.client.api.LdapConnection;
import org.apache.directory.ldap.client.api.LdapConnectionConfig;
import org.apache.directory.ldap.client.api.LdapConnectionPool;
import org.apache.directory.ldap.client.api.LdapConnectionWrapper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/datastax/bdp/cassandra/auth/LdapConnectionProviderImpl.class */
public class LdapConnectionProviderImpl implements LdapConnectionProvider.Poolable {
    private static final Logger logger = LoggerFactory.getLogger(LdapConnectionProviderImpl.class);
    private final LdapConnectionPool connectionPool;

    /* loaded from: input_file:com/datastax/bdp/cassandra/auth/LdapConnectionProviderImpl$LdapConnectionFromPool.class */
    private static class LdapConnectionFromPool extends LdapConnectionWrapper implements InvocationHandler {
        private final LdapConnectionPool pool;
        private volatile boolean invalidateAfterRelease;

        protected LdapConnectionFromPool(LdapConnection ldapConnection, LdapConnectionPool ldapConnectionPool) {
            super(ldapConnection);
            this.pool = ldapConnectionPool;
        }

        @Override // org.apache.directory.ldap.client.api.LdapConnectionWrapper, org.apache.directory.ldap.client.api.LdapConnection, java.io.Closeable, java.lang.AutoCloseable
        public void close() throws IOException {
            try {
                if (this.invalidateAfterRelease) {
                    this.pool.invalidateObject(wrapped());
                } else {
                    this.pool.releaseConnection(wrapped());
                }
            } catch (Exception e) {
                throw new IOException("Failed to return LDAP connection to pool", e);
            }
        }

        @Override // java.lang.reflect.InvocationHandler
        public Object invoke(Object obj, Method method, Object[] objArr) throws Throwable {
            try {
                return method.invoke(this, objArr);
            } catch (InvocationTargetException e) {
                if (!DseUtil.isCausedBy(e, LdapOperationException.class)) {
                    this.invalidateAfterRelease = true;
                }
                throw e.getTargetException();
            }
        }
    }

    public LdapConnectionProviderImpl(LdapConnectionPool ldapConnectionPool) {
        this.connectionPool = ldapConnectionPool;
    }

    public static LdapConnectionProviderImpl fromConnectionConfig(LdapConfig.ConnectionConfig connectionConfig) {
        logger.trace("Initializing LDAP connection pool with the following configuration: {}", connectionConfig);
        return new LdapConnectionProviderImpl(createLdapConnectionPool(connectionConfig.pool, createLdapConnectionConfig(connectionConfig)));
    }

    @Override // com.datastax.bdp.cassandra.auth.LdapConnectionProvider
    public LdapConnection getConnection() throws LdapException {
        return (LdapConnection) Proxy.newProxyInstance(LdapConnectionProviderImpl.class.getClassLoader(), new Class[]{LdapConnection.class}, new LdapConnectionFromPool(this.connectionPool.getConnection(), this.connectionPool));
    }

    private static LdapConnectionPool createLdapConnectionPool(LdapConfig.ConnectionConfig.ConnectionPoolConfig connectionPoolConfig, LdapConnectionConfig ldapConnectionConfig) {
        LdapConnectionPool ldapConnectionPool = new LdapConnectionPool(connectionPoolConfig.connectionFactory.provider.apply(ldapConnectionConfig));
        ldapConnectionPool.setMaxActive(connectionPoolConfig.maxActive);
        ldapConnectionPool.setMaxIdle(connectionPoolConfig.maxIdle);
        ldapConnectionPool.setMinIdle(connectionPoolConfig.minIdle);
        ldapConnectionPool.setWhenExhaustedAction(connectionPoolConfig.whenExhaustedAction.actionCode);
        ldapConnectionPool.setMaxWait(connectionPoolConfig.maxWait.toMillis());
        ldapConnectionPool.setTestOnBorrow(connectionPoolConfig.testOnBorrow);
        ldapConnectionPool.setTestOnReturn(connectionPoolConfig.testOnReturn);
        ldapConnectionPool.setTestWhileIdle(connectionPoolConfig.testWhileIdle);
        ldapConnectionPool.setTimeBetweenEvictionRunsMillis(connectionPoolConfig.timeBetweenEvictionRuns.toMillis());
        ldapConnectionPool.setNumTestsPerEvictionRun(connectionPoolConfig.numTestsPerEvictionRun);
        ldapConnectionPool.setMinEvictableIdleTimeMillis(connectionPoolConfig.minEvictableIdleTime.toMillis());
        ldapConnectionPool.setSoftMinEvictableIdleTimeMillis(connectionPoolConfig.softMinEvictableIdleTime.toMillis());
        return ldapConnectionPool;
    }

    private static LdapConnectionConfig createLdapConnectionConfig(LdapConfig.ConnectionConfig connectionConfig) {
        TrustManager[] trustManagers;
        LdapConnectionConfig ldapConnectionConfig = new LdapConnectionConfig();
        ldapConnectionConfig.setLdapHost(connectionConfig.host);
        ldapConnectionConfig.setLdapPort(connectionConfig.port);
        ldapConnectionConfig.setUseSsl(connectionConfig.useSsl);
        ldapConnectionConfig.setUseTls(connectionConfig.useTls);
        if ((connectionConfig.useSsl || connectionConfig.useTls) && connectionConfig.truststorePath != null) {
            try {
                InputStream newInputStream = Files.newInputStream(connectionConfig.truststorePath, new OpenOption[0]);
                Throwable th = null;
                try {
                    KeyStore keyStore = KeyStore.getInstance(connectionConfig.truststoreType);
                    keyStore.load(newInputStream, connectionConfig.truststorePassword != null ? connectionConfig.truststorePassword.toCharArray() : null);
                    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                    trustManagerFactory.init(keyStore);
                    if (connectionConfig.hostnameVerification) {
                        X509ExtendedTrustManager x509ExtendedTrustManager = null;
                        TrustManager[] trustManagers2 = trustManagerFactory.getTrustManagers();
                        int length = trustManagers2.length;
                        int i = 0;
                        while (true) {
                            if (i >= length) {
                                break;
                            }
                            TrustManager trustManager = trustManagers2[i];
                            if (trustManager instanceof X509ExtendedTrustManager) {
                                x509ExtendedTrustManager = (X509ExtendedTrustManager) trustManager;
                                break;
                            }
                            i++;
                        }
                        trustManagers = new TrustManager[]{new DseHostnameVerificationTrustManager(x509ExtendedTrustManager, connectionConfig.host)};
                    } else {
                        trustManagers = trustManagerFactory.getTrustManagers();
                    }
                    ldapConnectionConfig.setTrustManagers(trustManagers);
                    if (newInputStream != null) {
                        if (0 != 0) {
                            try {
                                newInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            newInputStream.close();
                        }
                    }
                } finally {
                }
            } catch (Exception e) {
                throw new AssertionError("Failed to initialize trust manager in LdapConnectionConfig", e);
            }
        }
        ldapConnectionConfig.setTimeout(connectionConfig.timeout.toMillis());
        if (connectionConfig.searchDN != null) {
            ldapConnectionConfig.setName(connectionConfig.searchDN);
            ldapConnectionConfig.setCredentials(connectionConfig.searchPassword);
        }
        return ldapConnectionConfig;
    }

    @Override // com.datastax.bdp.cassandra.auth.LdapConnectionProvider.Poolable
    public long getConnectionPoolActive() {
        return this.connectionPool.getNumActive();
    }

    @Override // com.datastax.bdp.cassandra.auth.LdapConnectionProvider.Poolable
    public long getConnectionPoolIdle() {
        return this.connectionPool.getNumIdle();
    }

    @Override // java.lang.AutoCloseable
    public void close() throws Exception {
        this.connectionPool.close();
    }
}
