package com.yahoo.jdisc.http.ssl.impl;

import com.yahoo.component.AbstractComponent;
import com.yahoo.component.annotation.Inject;
import com.yahoo.jdisc.http.ConnectorConfig;
import com.yahoo.jdisc.http.SslProvider;
import com.yahoo.security.tls.ConfigFileBasedTlsContext;
import com.yahoo.security.tls.PeerAuthentication;
import com.yahoo.security.tls.TlsContext;
import com.yahoo.security.tls.TransportSecurityUtils;
import java.nio.file.Path;

/* loaded from: input_file:com/yahoo/jdisc/http/ssl/impl/DefaultSslContextFactoryProvider.class */
public class DefaultSslContextFactoryProvider extends AbstractComponent implements SslProvider {
    private final SslProvider instance;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/yahoo/jdisc/http/ssl/impl/DefaultSslContextFactoryProvider$StaticTlsContextBasedProvider.class */
    public static class StaticTlsContextBasedProvider extends TlsContextBasedProvider {
        final TlsContext tlsContext;

        StaticTlsContextBasedProvider(TlsContext tlsContext) {
            this.tlsContext = tlsContext;
        }

        @Override // com.yahoo.jdisc.http.ssl.impl.TlsContextBasedProvider
        protected TlsContext getTlsContext(String str, int i) {
            return this.tlsContext;
        }

        public void deconstruct() {
            this.tlsContext.close();
        }
    }

    /* loaded from: input_file:com/yahoo/jdisc/http/ssl/impl/DefaultSslContextFactoryProvider$ThrowingSslContextFactoryProvider.class */
    private static class ThrowingSslContextFactoryProvider implements SslProvider {
        private ThrowingSslContextFactoryProvider() {
        }

        @Override // com.yahoo.jdisc.http.SslProvider
        public void configureSsl(SslProvider.ConnectorSsl connectorSsl, String str, int i) {
            throw new UnsupportedOperationException();
        }
    }

    @Inject
    public DefaultSslContextFactoryProvider(ConnectorConfig connectorConfig) {
        this.instance = (SslProvider) TransportSecurityUtils.getConfigFile().map(path -> {
            return createTlsContextBasedProvider(connectorConfig, path);
        }).orElseGet(ThrowingSslContextFactoryProvider::new);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static SslProvider createTlsContextBasedProvider(ConnectorConfig connectorConfig, Path path) {
        return new StaticTlsContextBasedProvider(new ConfigFileBasedTlsContext(path, TransportSecurityUtils.getInsecureAuthorizationMode(), getPeerAuthenticationMode(connectorConfig)));
    }

    private static PeerAuthentication getPeerAuthenticationMode(ConnectorConfig connectorConfig) {
        return connectorConfig.tlsClientAuthEnforcer().enable() ? PeerAuthentication.WANT : PeerAuthentication.NEED;
    }

    @Override // com.yahoo.jdisc.http.SslProvider
    public void configureSsl(SslProvider.ConnectorSsl connectorSsl, String str, int i) {
        this.instance.configureSsl(connectorSsl, str, i);
    }

    public void deconstruct() {
        this.instance.close();
    }
}
