package org.ldaptive.provider.unboundid;

import com.unboundid.ldap.sdk.LDAPConnectionOptions;
import java.security.GeneralSecurityException;
import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import org.ldaptive.ConnectionConfig;
import org.ldaptive.LdapURL;
import org.ldaptive.provider.Provider;
import org.ldaptive.provider.ProviderConnectionFactory;
import org.ldaptive.ssl.DefaultHostnameVerifier;
import org.ldaptive.ssl.DefaultSSLContextInitializer;
import org.ldaptive.ssl.HostnameVerifyingTrustManager;
import org.ldaptive.ssl.SSLContextInitializer;
import org.ldaptive.ssl.TLSSocketFactory;

/* loaded from: input_file:org/ldaptive/provider/unboundid/UnboundIDProvider.class */
public class UnboundIDProvider implements Provider<UnboundIDProviderConfig> {
    private UnboundIDProviderConfig config = new UnboundIDProviderConfig();

    public ProviderConnectionFactory<UnboundIDProviderConfig> getConnectionFactory(ConnectionConfig connectionConfig) {
        SocketFactory socketFactory = this.config.getSocketFactory();
        SSLContext sSLContext = null;
        if (connectionConfig.getUseStartTLS()) {
            sSLContext = getHostnameVerifierSSLContext(connectionConfig);
        } else if (connectionConfig.getUseSSL() && socketFactory == null) {
            socketFactory = getHostnameVerifierSocketFactory(connectionConfig);
        }
        if (connectionConfig.getSslConfig() != null && connectionConfig.getSslConfig().getEnabledCipherSuites() != null) {
            throw new UnsupportedOperationException("UnboundID provider does not support the cipher suites property");
        }
        if (connectionConfig.getSslConfig() != null && connectionConfig.getSslConfig().getEnabledProtocols() != null) {
            throw new UnsupportedOperationException("UnboundID provider does not support the protocols property");
        }
        LDAPConnectionOptions connectionOptions = this.config.getConnectionOptions();
        if (connectionOptions == null) {
            connectionOptions = getDefaultLDAPConnectionOptions(connectionConfig);
        }
        return connectionConfig.getUseStartTLS() ? new UnboundIDStartTLSConnectionFactory(connectionConfig.getLdapUrl(), this.config, socketFactory, sSLContext, connectionOptions) : new UnboundIDConnectionFactory(connectionConfig.getLdapUrl(), this.config, socketFactory, connectionOptions);
    }

    protected SSLContext getHostnameVerifierSSLContext(ConnectionConfig connectionConfig) {
        SSLContextInitializer defaultSSLContextInitializer;
        if (connectionConfig.getSslConfig() == null || connectionConfig.getSslConfig().getCredentialConfig() == null) {
            defaultSSLContextInitializer = new DefaultSSLContextInitializer();
        } else {
            try {
                defaultSSLContextInitializer = connectionConfig.getSslConfig().getCredentialConfig().createSSLContextInitializer();
            } catch (GeneralSecurityException e) {
                throw new IllegalArgumentException(e);
            }
        }
        if (connectionConfig.getSslConfig() == null || connectionConfig.getSslConfig().getTrustManagers() == null) {
            defaultSSLContextInitializer.setTrustManagers(new TrustManager[]{new HostnameVerifyingTrustManager(new DefaultHostnameVerifier(), new LdapURL(connectionConfig.getLdapUrl()).getEntriesAsString())});
        } else {
            defaultSSLContextInitializer.setTrustManagers(connectionConfig.getSslConfig().getTrustManagers());
        }
        try {
            return defaultSSLContextInitializer.initSSLContext("TLS");
        } catch (GeneralSecurityException e2) {
            throw new IllegalArgumentException(e2);
        }
    }

    protected SocketFactory getHostnameVerifierSocketFactory(ConnectionConfig connectionConfig) {
        return TLSSocketFactory.getHostnameVerifierFactory(connectionConfig.getSslConfig(), new LdapURL(connectionConfig.getLdapUrl()).getEntriesAsString());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public LDAPConnectionOptions getDefaultLDAPConnectionOptions(ConnectionConfig connectionConfig) {
        LDAPConnectionOptions lDAPConnectionOptions = new LDAPConnectionOptions();
        lDAPConnectionOptions.setConnectTimeoutMillis(connectionConfig.getConnectTimeout() > 0 ? (int) connectionConfig.getConnectTimeout() : 0);
        lDAPConnectionOptions.setResponseTimeoutMillis(connectionConfig.getResponseTimeout());
        return lDAPConnectionOptions;
    }

    /* renamed from: getProviderConfig, reason: merged with bridge method [inline-methods] */
    public UnboundIDProviderConfig m4getProviderConfig() {
        return this.config;
    }

    public void setProviderConfig(UnboundIDProviderConfig unboundIDProviderConfig) {
        this.config = unboundIDProviderConfig;
    }

    /* renamed from: newInstance, reason: merged with bridge method [inline-methods] */
    public UnboundIDProvider m3newInstance() {
        return new UnboundIDProvider();
    }
}
