package org.mule.extension.redis.internal.connection.provider;

import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSocketFactory;
import org.apache.commons.pool2.impl.GenericObjectPoolConfig;
import org.mule.extension.redis.api.connection.provider.EndpointIdentificationAlgorithm;
import org.mule.extension.redis.internal.connection.ExecutableRedisConnection;
import org.mule.extension.redis.internal.error.exceptions.InvalidTLSConfigurationException;
import org.mule.runtime.api.lifecycle.InitialisationException;
import org.mule.runtime.api.meta.ExpressionSupport;
import org.mule.runtime.api.scheduler.Scheduler;
import org.mule.runtime.api.serialization.ObjectSerializer;
import org.mule.runtime.api.tls.TlsContextFactory;
import org.mule.runtime.core.api.lifecycle.LifecycleUtils;
import org.mule.runtime.extension.api.annotation.Expression;
import org.mule.runtime.extension.api.annotation.param.Optional;
import org.mule.runtime.extension.api.annotation.param.Parameter;
import org.mule.runtime.extension.api.annotation.param.display.DisplayName;
import org.mule.runtime.extension.api.annotation.param.display.Placement;
import org.mule.runtime.extension.api.annotation.param.display.Summary;

/* loaded from: input_file:org/mule/extension/redis/internal/connection/provider/RedisSSLConnectionProvider.class */
public abstract class RedisSSLConnectionProvider<C extends ExecutableRedisConnection> extends RedisConnectionProvider<C> {

    @Optional
    @Parameter
    @Placement(tab = "Security", order = 1)
    @DisplayName("TLS Configuration")
    @Expression(ExpressionSupport.NOT_SUPPORTED)
    private TlsContextFactory tlsContext;

    @Optional(defaultValue = "DISABLED")
    @Parameter
    @Summary("The endpoint identification algorithm used by clients to validate server host name.")
    @Placement(tab = "Security", order = 2)
    @DisplayName("Endpoint identification algorithm")
    @Expression(ExpressionSupport.NOT_SUPPORTED)
    private EndpointIdentificationAlgorithm endpointIdentificationAlgorithm;
    private SSLSocketFactory sslSocketFactory;
    private SSLParameters sslParameters;

    public void initialise() throws InitialisationException {
        LifecycleUtils.initialiseIfNeeded(this.tlsContext);
    }

    @Override // org.mule.extension.redis.internal.connection.provider.RedisConnectionProvider
    protected C connect(Scheduler scheduler, ObjectSerializer objectSerializer, GenericObjectPoolConfig genericObjectPoolConfig) {
        boolean z = this.tlsContext != null;
        if (z) {
            try {
                SSLContext createSslContext = this.tlsContext.createSslContext();
                this.sslParameters = createSslContext.getDefaultSSLParameters();
                this.sslParameters.setEndpointIdentificationAlgorithm(this.endpointIdentificationAlgorithm.name().toLowerCase().replace("disabled", ""));
                this.sslParameters.setCipherSuites(this.tlsContext.getEnabledCipherSuites());
                this.sslParameters.setProtocols(this.tlsContext.getEnabledProtocols());
                this.sslSocketFactory = createSslContext.getSocketFactory();
            } catch (KeyManagementException | NoSuchAlgorithmException e) {
                throw new InvalidTLSConfigurationException(e);
            }
        }
        return connect(scheduler, objectSerializer, genericObjectPoolConfig, z, this.sslParameters, this.sslSocketFactory);
    }

    protected abstract C connect(Scheduler scheduler, ObjectSerializer objectSerializer, GenericObjectPoolConfig genericObjectPoolConfig, boolean z, SSLParameters sSLParameters, SSLSocketFactory sSLSocketFactory);
}
