package com.marklogic.client.ext;

import com.marklogic.client.DatabaseClient;
import com.marklogic.client.DatabaseClientFactory;
import com.marklogic.client.ext.ssl.SslConfig;
import com.marklogic.client.ext.ssl.SslUtil;
import javax.net.ssl.SSLContext;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:com/marklogic/client/ext/DefaultConfiguredDatabaseClientFactory.class */
public class DefaultConfiguredDatabaseClientFactory implements ConfiguredDatabaseClientFactory {
    @Override // com.marklogic.client.ext.ConfiguredDatabaseClientFactory
    public DatabaseClient newDatabaseClient(DatabaseClientConfig databaseClientConfig) {
        DatabaseClientFactory.BasicAuthContext basicAuthContext;
        SecurityContextType securityContextType = databaseClientConfig.getSecurityContextType();
        DatabaseClient.ConnectionType connectionType = databaseClientConfig.getConnectionType();
        if (SecurityContextType.BASIC.equals(securityContextType)) {
            basicAuthContext = new DatabaseClientFactory.BasicAuthContext(databaseClientConfig.getUsername(), databaseClientConfig.getPassword());
        } else if (SecurityContextType.CERTIFICATE.equals(securityContextType)) {
            basicAuthContext = buildCertificateAuthContent(databaseClientConfig);
        } else if (SecurityContextType.DIGEST.equals(securityContextType)) {
            basicAuthContext = new DatabaseClientFactory.DigestAuthContext(databaseClientConfig.getUsername(), databaseClientConfig.getPassword());
        } else if (SecurityContextType.KERBEROS.equals(securityContextType)) {
            basicAuthContext = new DatabaseClientFactory.KerberosAuthContext(databaseClientConfig.getExternalName());
        } else {
            if (!SecurityContextType.NONE.equals(securityContextType)) {
                throw new IllegalArgumentException("Unsupported SecurityContextType: " + securityContextType);
            }
            basicAuthContext = null;
        }
        if (basicAuthContext != null) {
            SslConfig determineSslConfig = determineSslConfig(databaseClientConfig);
            if (determineSslConfig != null) {
                basicAuthContext = basicAuthContext.withSSLContext(determineSslConfig.getSslContext(), determineSslConfig.getTrustManager());
            }
            DatabaseClientFactory.SSLHostnameVerifier sslHostnameVerifier = databaseClientConfig.getSslHostnameVerifier();
            if (sslHostnameVerifier != null) {
                basicAuthContext = basicAuthContext.withSSLHostnameVerifier(sslHostnameVerifier);
            }
        }
        String host = databaseClientConfig.getHost();
        int port = databaseClientConfig.getPort();
        String database = databaseClientConfig.getDatabase();
        return connectionType == null ? basicAuthContext == null ? database == null ? DatabaseClientFactory.newClient(host, port) : DatabaseClientFactory.newClient(host, port, database) : database == null ? DatabaseClientFactory.newClient(host, port, basicAuthContext) : DatabaseClientFactory.newClient(host, port, database, basicAuthContext) : basicAuthContext == null ? database == null ? DatabaseClientFactory.newClient(host, port, (DatabaseClientFactory.SecurityContext) null, connectionType) : DatabaseClientFactory.newClient(host, port, database, (DatabaseClientFactory.SecurityContext) null, connectionType) : database == null ? DatabaseClientFactory.newClient(host, port, basicAuthContext, connectionType) : DatabaseClientFactory.newClient(host, port, database, basicAuthContext, connectionType);
    }

    protected DatabaseClientFactory.SecurityContext buildCertificateAuthContent(DatabaseClientConfig databaseClientConfig) {
        X509TrustManager trustManager = databaseClientConfig.getTrustManager();
        String certFile = databaseClientConfig.getCertFile();
        if (certFile != null) {
            try {
                return databaseClientConfig.getCertPassword() != null ? new DatabaseClientFactory.CertificateAuthContext(certFile, databaseClientConfig.getCertPassword(), trustManager) : new DatabaseClientFactory.CertificateAuthContext(certFile, trustManager);
            } catch (Exception e) {
                throw new RuntimeException("Unable to build CertificateAuthContext: " + e.getMessage(), e);
            }
        }
        SslConfig determineSslConfig = determineSslConfig(databaseClientConfig);
        DatabaseClientFactory.SSLHostnameVerifier sslHostnameVerifier = databaseClientConfig.getSslHostnameVerifier();
        return sslHostnameVerifier != null ? new DatabaseClientFactory.CertificateAuthContext(determineSslConfig.getSslContext(), sslHostnameVerifier, determineSslConfig.getTrustManager()) : new DatabaseClientFactory.CertificateAuthContext(determineSslConfig.getSslContext(), determineSslConfig.getTrustManager());
    }

    protected SslConfig determineSslConfig(DatabaseClientConfig databaseClientConfig) {
        SSLContext sslContext = databaseClientConfig.getSslContext();
        X509TrustManager trustManager = databaseClientConfig.getTrustManager();
        if (sslContext != null && trustManager != null) {
            return new SslConfig(sslContext, trustManager);
        }
        String sslProtocol = databaseClientConfig.getSslProtocol();
        if (sslProtocol == null || sslProtocol.trim().length() <= 0) {
            return null;
        }
        return SslUtil.configureUsingTrustManagerFactory(sslProtocol, databaseClientConfig.getTrustManagementAlgorithm());
    }
}
