package io.r2dbc.mssql;

import io.netty.handler.codec.http.websocketx.WebSocketServerHandshaker;
import io.netty.handler.ssl.IdentityCipherSuiteFilter;
import io.netty.handler.ssl.OpenSsl;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.SslProvider;
import io.r2dbc.mssql.client.ClientConfiguration;
import io.r2dbc.mssql.client.ssl.ExpectedHostnameX509TrustManager;
import io.r2dbc.mssql.client.ssl.SslConfiguration;
import io.r2dbc.mssql.client.ssl.TrustAllTrustManager;
import io.r2dbc.mssql.codec.DefaultCodecs;
import io.r2dbc.mssql.message.tds.Redirect;
import io.r2dbc.mssql.util.Assert;
import io.r2dbc.mssql.util.StringUtils;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.time.Duration;
import java.util.Arrays;
import java.util.Optional;
import java.util.UUID;
import java.util.function.Function;
import java.util.function.Predicate;
import javax.net.ssl.SSLException;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import reactor.netty.resources.ConnectionProvider;
import reactor.util.annotation.Nullable;

/* loaded from: input_file:io/r2dbc/mssql/MssqlConnectionConfiguration.class */
public final class MssqlConnectionConfiguration {
    public static final int DEFAULT_PORT = 1433;
    public static final Duration DEFAULT_CONNECT_TIMEOUT = Duration.ofSeconds(30);

    @Nullable
    private final String applicationName;

    @Nullable
    private final UUID connectionId;
    private final Duration connectTimeout;
    private final String database;
    private final String host;
    private final String hostNameInCertificate;
    private final CharSequence password;
    private final Predicate<String> preferCursoredExecution;

    @Nullable
    private final Duration lockWaitTimeout;
    private final int port;
    private final boolean sendStringParametersAsUnicode;
    private final boolean ssl;
    private final Function<SslContextBuilder, SslContextBuilder> sslContextBuilderCustomizer;

    @Nullable
    private final Function<SslContextBuilder, SslContextBuilder> sslTunnelSslContextBuilderCustomizer;
    private final boolean tcpKeepAlive;
    private final boolean tcpNoDelay;
    private final boolean trustServerCertificate;

    @Nullable
    private final File trustStore;

    @Nullable
    private final String trustStoreType;

    @Nullable
    private final char[] trustStorePassword;
    private final String username;

    /* loaded from: input_file:io/r2dbc/mssql/MssqlConnectionConfiguration$Builder.class */
    public static final class Builder {

        @Nullable
        private String applicationName;
        private UUID connectionId;
        private Duration connectTimeout;
        private String database;
        private String host;
        private String hostNameInCertificate;

        @Nullable
        private Duration lockWaitTimeout;
        private Predicate<String> preferCursoredExecution;
        private CharSequence password;
        private int port;
        private boolean sendStringParametersAsUnicode;
        private boolean ssl;
        private boolean trustServerCertificate;
        private Function<SslContextBuilder, SslContextBuilder> sslContextBuilderCustomizer;

        @Nullable
        private Function<SslContextBuilder, SslContextBuilder> sslTunnelSslContextBuilderCustomizer;
        private String username;
        private boolean tcpKeepAlive;
        private boolean tcpNoDelay;

        @Nullable
        private File trustStore;

        @Nullable
        private String trustStoreType;

        @Nullable
        private char[] trustStorePassword;

        private Builder() {
            this.connectionId = UUID.randomUUID();
            this.connectTimeout = MssqlConnectionConfiguration.DEFAULT_CONNECT_TIMEOUT;
            this.preferCursoredExecution = str -> {
                return false;
            };
            this.port = MssqlConnectionConfiguration.DEFAULT_PORT;
            this.sendStringParametersAsUnicode = true;
            this.sslContextBuilderCustomizer = Function.identity();
            this.tcpKeepAlive = false;
            this.tcpNoDelay = true;
        }

        public Builder applicationName(String str) {
            this.applicationName = (String) Assert.requireNonNull(str, "applicationName must not be null");
            return this;
        }

        public Builder connectionId(UUID uuid) {
            this.connectionId = (UUID) Assert.requireNonNull(uuid, "connectionId must not be null");
            return this;
        }

        public Builder connectTimeout(Duration duration) {
            Assert.requireNonNull(duration, "connect timeout must not be null");
            Assert.isTrue(!duration.isNegative(), "connect timeout must not be negative");
            this.connectTimeout = duration;
            return this;
        }

        public Builder database(@Nullable String str) {
            this.database = str;
            return this;
        }

        public Builder enableSsl() {
            this.ssl = true;
            return this;
        }

        public Builder enableSslTunnel() {
            return enableSslTunnel(Function.identity());
        }

        public Builder enableSslTunnel(Function<SslContextBuilder, SslContextBuilder> function) {
            this.sslTunnelSslContextBuilderCustomizer = (Function) Assert.requireNonNull(function, "sslTunnelSslContextBuilderCustomizer must not be null");
            return this;
        }

        public Builder host(String str) {
            this.host = (String) Assert.requireNonNull(str, "host must not be null");
            return this;
        }

        public Builder hostNameInCertificate(String str) {
            this.hostNameInCertificate = (String) Assert.requireNonNull(str, "hostNameInCertificate must not be null");
            return this;
        }

        public Builder lockWaitTimeout(Duration duration) {
            Assert.requireNonNull(duration, "lock wait timeout must not be null");
            this.lockWaitTimeout = duration;
            return this;
        }

        public Builder password(CharSequence charSequence) {
            this.password = (CharSequence) Assert.requireNonNull(charSequence, "password must not be null");
            return this;
        }

        public Builder preferCursoredExecution(boolean z) {
            return preferCursoredExecution(str -> {
                return z;
            });
        }

        public Builder preferCursoredExecution(Predicate<String> predicate) {
            this.preferCursoredExecution = (Predicate) Assert.requireNonNull(predicate, "Predicate must not be null");
            return this;
        }

        public Builder port(int i) {
            this.port = i;
            return this;
        }

        public Builder sendStringParametersAsUnicode(boolean z) {
            this.sendStringParametersAsUnicode = z;
            return this;
        }

        public Builder sslContextBuilderCustomizer(Function<SslContextBuilder, SslContextBuilder> function) {
            this.sslContextBuilderCustomizer = (Function) Assert.requireNonNull(function, "sslContextBuilderCustomizer must not be null");
            return this;
        }

        public Builder tcpKeepAlive(boolean z) {
            this.tcpKeepAlive = z;
            return this;
        }

        public Builder tcpNoDelay(boolean z) {
            this.tcpNoDelay = z;
            return this;
        }

        public Builder trustServerCertificate() {
            return trustServerCertificate(true);
        }

        public Builder trustServerCertificate(boolean z) {
            this.trustServerCertificate = z;
            return this;
        }

        public Builder trustStoreType(String str) {
            this.trustStoreType = (String) Assert.requireNonNull(str, "trustStoreType must not be null");
            return this;
        }

        public Builder trustStore(String str) {
            return trustStore(new File((String) Assert.requireNonNull(str, "trustStore must not be null")));
        }

        public Builder trustStore(File file) {
            this.trustStore = (File) Assert.requireNonNull(file, "trustStore must not be null");
            return this;
        }

        public Builder trustStorePassword(char[] cArr) {
            this.trustStorePassword = (char[]) Assert.requireNonNull(Arrays.copyOf(cArr, cArr.length), "trustStorePassword must not be null");
            return this;
        }

        public Builder username(String str) {
            this.username = (String) Assert.requireNonNull(str, "username must not be null");
            return this;
        }

        public MssqlConnectionConfiguration build() {
            if (this.hostNameInCertificate == null) {
                this.hostNameInCertificate = this.host;
            }
            return new MssqlConnectionConfiguration(this.applicationName, this.connectionId, this.connectTimeout, this.database, this.host, this.hostNameInCertificate, this.lockWaitTimeout, this.password, this.preferCursoredExecution, this.port, this.sendStringParametersAsUnicode, this.ssl, this.sslContextBuilderCustomizer, this.sslTunnelSslContextBuilderCustomizer, this.tcpKeepAlive, this.tcpNoDelay, this.trustServerCertificate, this.trustStore, this.trustStoreType, this.trustStorePassword, this.username);
        }
    }

    /* loaded from: input_file:io/r2dbc/mssql/MssqlConnectionConfiguration$DefaultClientConfiguration.class */
    static class DefaultClientConfiguration implements ClientConfiguration {
        private final Duration connectTimeout;
        private final String host;
        private final String hostNameInCertificate;
        private final int port;
        private final boolean ssl;
        private final Function<SslContextBuilder, SslContextBuilder> sslContextBuilderCustomizer;

        @Nullable
        private final Function<SslContextBuilder, SslContextBuilder> sslTunnelSslContextBuilderCustomizer;
        private final boolean tcpKeepAlive;
        private final boolean tcpNoDelay;
        private final boolean trustServerCertificate;

        @Nullable
        private final File trustStore;

        @Nullable
        private final String trustStoreType;

        @Nullable
        private final char[] trustStorePassword;

        DefaultClientConfiguration(Duration duration, String str, String str2, int i, boolean z, Function<SslContextBuilder, SslContextBuilder> function, @Nullable Function<SslContextBuilder, SslContextBuilder> function2, boolean z2, boolean z3, boolean z4, @Nullable File file, @Nullable String str3, @Nullable char[] cArr) {
            this.connectTimeout = duration;
            this.host = str;
            this.hostNameInCertificate = str2;
            this.port = i;
            this.ssl = z;
            this.sslContextBuilderCustomizer = function;
            this.sslTunnelSslContextBuilderCustomizer = function2;
            this.tcpKeepAlive = z2;
            this.tcpNoDelay = z3;
            this.trustServerCertificate = z4;
            this.trustStore = file;
            this.trustStoreType = str3;
            this.trustStorePassword = cArr;
        }

        @Override // io.r2dbc.mssql.client.ClientConfiguration
        public String getHost() {
            return this.host;
        }

        @Override // io.r2dbc.mssql.client.ClientConfiguration
        public int getPort() {
            return this.port;
        }

        @Override // io.r2dbc.mssql.client.ClientConfiguration
        public Duration getConnectTimeout() {
            return this.connectTimeout;
        }

        @Override // io.r2dbc.mssql.client.ClientConfiguration
        public boolean isTcpKeepAlive() {
            return this.tcpKeepAlive;
        }

        @Override // io.r2dbc.mssql.client.ClientConfiguration
        public boolean isTcpNoDelay() {
            return this.tcpNoDelay;
        }

        @Override // io.r2dbc.mssql.client.ClientConfiguration
        public ConnectionProvider getConnectionProvider() {
            return ConnectionProvider.newConnection();
        }

        @Override // io.r2dbc.mssql.client.ssl.SslConfiguration
        public boolean isSslEnabled() {
            return this.ssl;
        }

        @Override // io.r2dbc.mssql.client.ssl.SslConfiguration
        public SslContext getSslContext() throws GeneralSecurityException {
            SslContextBuilder access$200 = MssqlConnectionConfiguration.access$200();
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(loadCustomTrustStore());
            access$200.trustManager((!isSslEnabled() || this.trustServerCertificate) ? TrustAllTrustManager.INSTANCE : new ExpectedHostnameX509TrustManager((X509TrustManager) trustManagerFactory.getTrustManagers()[0], this.hostNameInCertificate));
            try {
                return this.sslContextBuilderCustomizer.apply(access$200).build();
            } catch (SSLException e) {
                throw new GeneralSecurityException(e);
            }
        }

        @Nullable
        KeyStore loadCustomTrustStore() throws GeneralSecurityException {
            if (this.trustStore == null) {
                return null;
            }
            KeyStore keyStore = KeyStore.getInstance(this.trustStoreType == null ? KeyStore.getDefaultType() : this.trustStoreType);
            try {
                FileInputStream fileInputStream = new FileInputStream(this.trustStore);
                Throwable th = null;
                try {
                    keyStore.load(fileInputStream, this.trustStorePassword);
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                    return keyStore;
                } finally {
                }
            } catch (IOException e) {
                throw new GeneralSecurityException(String.format("Could not load custom trust store from %s", this.trustStore), e);
            }
        }

        @Override // io.r2dbc.mssql.client.ClientConfiguration
        public SslConfiguration getSslTunnelConfiguration() {
            return this.sslTunnelSslContextBuilderCustomizer == null ? super.getSslTunnelConfiguration() : new SslConfiguration() { // from class: io.r2dbc.mssql.MssqlConnectionConfiguration.DefaultClientConfiguration.1
                @Override // io.r2dbc.mssql.client.ssl.SslConfiguration
                public boolean isSslEnabled() {
                    return true;
                }

                @Override // io.r2dbc.mssql.client.ssl.SslConfiguration
                public SslContext getSslContext() throws GeneralSecurityException {
                    try {
                        return ((SslContextBuilder) DefaultClientConfiguration.this.sslTunnelSslContextBuilderCustomizer.apply(MssqlConnectionConfiguration.access$200())).build();
                    } catch (SSLException e) {
                        throw new GeneralSecurityException(e);
                    }
                }
            };
        }
    }

    private MssqlConnectionConfiguration(@Nullable String str, @Nullable UUID uuid, Duration duration, @Nullable String str2, String str3, String str4, @Nullable Duration duration2, CharSequence charSequence, Predicate<String> predicate, int i, boolean z, boolean z2, Function<SslContextBuilder, SslContextBuilder> function, @Nullable Function<SslContextBuilder, SslContextBuilder> function2, boolean z3, boolean z4, boolean z5, @Nullable File file, @Nullable String str5, @Nullable char[] cArr, String str6) {
        this.applicationName = str;
        this.connectionId = uuid;
        this.connectTimeout = (Duration) Assert.requireNonNull(duration, "connect timeout must not be null");
        this.database = str2;
        this.host = (String) Assert.requireNonNull(str3, "host must not be null");
        this.hostNameInCertificate = (String) Assert.requireNonNull(str4, "hostNameInCertificate must not be null");
        this.lockWaitTimeout = duration2;
        this.password = (CharSequence) Assert.requireNonNull(charSequence, "password must not be null");
        this.preferCursoredExecution = (Predicate) Assert.requireNonNull(predicate, "preferCursoredExecution must not be null");
        this.port = i;
        this.sendStringParametersAsUnicode = z;
        this.ssl = z2;
        this.sslContextBuilderCustomizer = function;
        this.sslTunnelSslContextBuilderCustomizer = function2;
        this.tcpKeepAlive = z3;
        this.tcpNoDelay = z4;
        this.trustServerCertificate = z5;
        this.trustStore = file;
        this.trustStoreType = str5;
        this.trustStorePassword = cArr;
        this.username = (String) Assert.requireNonNull(str6, "username must not be null");
    }

    public static Builder builder() {
        return new Builder();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public MssqlConnectionConfiguration withRedirect(Redirect redirect) {
        String serverName = redirect.getServerName();
        String str = this.hostNameInCertificate;
        if (this.hostNameInCertificate.startsWith(WebSocketServerHandshaker.SUB_PROTOCOL_WILDCARD) && serverName.indexOf(46) != -1 && serverName.endsWith(str.substring(1))) {
            str = String.format("*%s", serverName.substring(serverName.indexOf(46)));
        }
        return new MssqlConnectionConfiguration(this.applicationName, this.connectionId, this.connectTimeout, this.database, serverName, str, this.lockWaitTimeout, this.password, this.preferCursoredExecution, redirect.getPort(), this.sendStringParametersAsUnicode, this.ssl, this.sslContextBuilderCustomizer, this.sslTunnelSslContextBuilderCustomizer, this.tcpKeepAlive, this.tcpNoDelay, this.trustServerCertificate, this.trustStore, this.trustStoreType, this.trustStorePassword, this.username);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ClientConfiguration toClientConfiguration() {
        return new DefaultClientConfiguration(this.connectTimeout, this.host, this.hostNameInCertificate, this.port, this.ssl, this.sslContextBuilderCustomizer, this.sslTunnelSslContextBuilderCustomizer, this.tcpKeepAlive, this.tcpNoDelay, this.trustServerCertificate, this.trustStore, this.trustStoreType, this.trustStorePassword);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ConnectionOptions toConnectionOptions() {
        return new ConnectionOptions(this.preferCursoredExecution, new DefaultCodecs(), new IndefinitePreparedStatementCache(), this.sendStringParametersAsUnicode);
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(getClass().getSimpleName());
        stringBuffer.append(" [applicationName=\"").append(this.applicationName).append('\"');
        stringBuffer.append(", connectionId=").append(this.connectionId);
        stringBuffer.append(", connectTimeout=\"").append(this.connectTimeout).append('\"');
        stringBuffer.append(", database=\"").append(this.database).append('\"');
        stringBuffer.append(", host=\"").append(this.host).append('\"');
        stringBuffer.append(", hostNameInCertificate=\"").append(this.hostNameInCertificate).append('\"');
        stringBuffer.append(", lockWaitTimeout=\"").append(this.lockWaitTimeout).append('\"');
        stringBuffer.append(", password=\"").append(repeat(this.password.length(), WebSocketServerHandshaker.SUB_PROTOCOL_WILDCARD)).append('\"');
        stringBuffer.append(", preferCursoredExecution=\"").append(this.preferCursoredExecution).append('\"');
        stringBuffer.append(", port=").append(this.port);
        stringBuffer.append(", sendStringParametersAsUnicode=").append(this.sendStringParametersAsUnicode);
        stringBuffer.append(", ssl=").append(this.ssl);
        stringBuffer.append(", sslContextBuilderCustomizer=").append(this.sslContextBuilderCustomizer);
        stringBuffer.append(", sslTunnelSslContextBuilderCustomizer=").append(this.sslTunnelSslContextBuilderCustomizer);
        stringBuffer.append(", tcpKeepAlive=\"").append(this.tcpKeepAlive).append("\"");
        stringBuffer.append(", tcpNoDelay=\"").append(this.tcpNoDelay).append("\"");
        stringBuffer.append(", trustServerCertificate=").append(this.trustServerCertificate);
        stringBuffer.append(", trustStore=\"").append(this.trustStore).append("\"");
        stringBuffer.append(", trustStorePassword=\"").append(repeat(this.trustStorePassword == null ? 0 : this.trustStorePassword.length, WebSocketServerHandshaker.SUB_PROTOCOL_WILDCARD)).append('\"');
        stringBuffer.append(", trustStoreType=\"").append(this.trustStoreType).append("\"");
        stringBuffer.append(", username=\"").append(this.username).append('\"');
        stringBuffer.append(']');
        return stringBuffer.toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Nullable
    public String getApplicationName() {
        return this.applicationName;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Nullable
    public UUID getConnectionId() {
        return this.connectionId;
    }

    Duration getConnectTimeout() {
        return this.connectTimeout;
    }

    Optional<String> getDatabase() {
        return Optional.ofNullable(this.database);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getHost() {
        return this.host;
    }

    String getHostNameInCertificate() {
        return this.hostNameInCertificate;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Nullable
    public Duration getLockWaitTimeout() {
        return this.lockWaitTimeout;
    }

    CharSequence getPassword() {
        return this.password;
    }

    Predicate<String> getPreferCursoredExecution() {
        return this.preferCursoredExecution;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int getPort() {
        return this.port;
    }

    boolean isSendStringParametersAsUnicode() {
        return this.sendStringParametersAsUnicode;
    }

    boolean useSsl() {
        return this.ssl;
    }

    boolean isTcpKeepAlive() {
        return this.tcpKeepAlive;
    }

    boolean isTcpNoDelay() {
        return this.tcpNoDelay;
    }

    String getUsername() {
        return this.username;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public LoginConfiguration getLoginConfiguration() {
        return new LoginConfiguration(getApplicationName(), this.connectionId, getDatabase().orElse(""), lookupHostName(), getPassword(), getHost(), useSsl(), getUsername());
    }

    private static String repeat(int i, String str) {
        StringBuilder sb = new StringBuilder();
        for (int i2 = 0; i2 < i; i2++) {
            sb.append(str);
        }
        return sb.toString();
    }

    private static String lookupHostName() {
        try {
            InetAddress localHost = InetAddress.getLocalHost();
            if (localHost == null) {
                return "";
            }
            String hostName = localHost.getHostName();
            if (StringUtils.hasText(hostName)) {
                return hostName;
            }
            String hostAddress = localHost.getHostAddress();
            return StringUtils.hasText(hostAddress) ? hostAddress : "";
        } catch (UnknownHostException e) {
            return "";
        }
    }

    private static SslContextBuilder createSslContextBuilder() {
        SslContextBuilder forClient = SslContextBuilder.forClient();
        forClient.sslProvider(OpenSsl.isAvailable() ? SslProvider.OPENSSL : SslProvider.JDK).ciphers(null, IdentityCipherSuiteFilter.INSTANCE).applicationProtocolConfig(null);
        return forClient;
    }

    static /* synthetic */ SslContextBuilder access$200() {
        return createSslContextBuilder();
    }
}
