package org.keycloak.adapters;

import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.AccessController;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import org.apache.http.HttpHost;
import org.apache.http.conn.scheme.HostNameResolver;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.TrustStrategy;
import org.apache.http.conn.ssl.X509HostnameVerifier;
import org.apache.http.protocol.HttpContext;
import org.keycloak.common.util.Environment;

/* loaded from: input_file:WEB-INF/lib/keycloak-adapter-core-11.0.0-alfresco-001.jar:org/keycloak/adapters/SniSSLSocketFactory.class */
public class SniSSLSocketFactory extends SSLSocketFactory {
    private static final Logger LOG = Logger.getLogger(SniSSLSocketFactory.class.getName());
    private static final AtomicBoolean skipSNIApplication = new AtomicBoolean(false);

    public SniSSLSocketFactory(String str, KeyStore keyStore, String str2, KeyStore keyStore2, SecureRandom secureRandom, HostNameResolver hostNameResolver) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(str, keyStore, str2, keyStore2, secureRandom, hostNameResolver);
    }

    public SniSSLSocketFactory(String str, KeyStore keyStore, String str2, KeyStore keyStore2, SecureRandom secureRandom, TrustStrategy trustStrategy, X509HostnameVerifier x509HostnameVerifier) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(str, keyStore, str2, keyStore2, secureRandom, trustStrategy, x509HostnameVerifier);
    }

    public SniSSLSocketFactory(String str, KeyStore keyStore, String str2, KeyStore keyStore2, SecureRandom secureRandom, X509HostnameVerifier x509HostnameVerifier) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(str, keyStore, str2, keyStore2, secureRandom, x509HostnameVerifier);
    }

    public SniSSLSocketFactory(KeyStore keyStore, String str, KeyStore keyStore2) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(keyStore, str, keyStore2);
    }

    public SniSSLSocketFactory(KeyStore keyStore, String str) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(keyStore, str);
    }

    public SniSSLSocketFactory(KeyStore keyStore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(keyStore);
    }

    public SniSSLSocketFactory(TrustStrategy trustStrategy, X509HostnameVerifier x509HostnameVerifier) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(trustStrategy, x509HostnameVerifier);
    }

    public SniSSLSocketFactory(TrustStrategy trustStrategy) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        super(trustStrategy);
    }

    public SniSSLSocketFactory(SSLContext sSLContext) {
        super(sSLContext);
    }

    public SniSSLSocketFactory(SSLContext sSLContext, HostNameResolver hostNameResolver) {
        super(sSLContext, hostNameResolver);
    }

    public SniSSLSocketFactory(SSLContext sSLContext, X509HostnameVerifier x509HostnameVerifier) {
        super(sSLContext, x509HostnameVerifier);
    }

    public SniSSLSocketFactory(SSLContext sSLContext, String[] strArr, String[] strArr2, X509HostnameVerifier x509HostnameVerifier) {
        super(sSLContext, strArr, strArr2, x509HostnameVerifier);
    }

    public SniSSLSocketFactory(javax.net.ssl.SSLSocketFactory sSLSocketFactory, X509HostnameVerifier x509HostnameVerifier) {
        super(sSLSocketFactory, x509HostnameVerifier);
    }

    public SniSSLSocketFactory(javax.net.ssl.SSLSocketFactory sSLSocketFactory, String[] strArr, String[] strArr2, X509HostnameVerifier x509HostnameVerifier) {
        super(sSLSocketFactory, strArr, strArr2, x509HostnameVerifier);
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.socket.ConnectionSocketFactory
    public Socket connectSocket(int i, Socket socket, HttpHost httpHost, InetSocketAddress inetSocketAddress, InetSocketAddress inetSocketAddress2, HttpContext httpContext) throws IOException {
        return super.connectSocket(i, applySNI(socket, httpHost.getHostName()), httpHost, inetSocketAddress, inetSocketAddress2, httpContext);
    }

    @Override // org.apache.http.conn.ssl.SSLSocketFactory, org.apache.http.conn.socket.LayeredConnectionSocketFactory
    public Socket createLayeredSocket(Socket socket, String str, int i, HttpContext httpContext) throws IOException {
        return super.createLayeredSocket(applySNI(socket, str), str, i, httpContext);
    }

    private Socket applySNI(final Socket socket, String str) {
        if (skipSNIApplication.get()) {
            LOG.log(Level.FINE, "Skipping application of SNI because JDK is missing setHost() method.");
            return socket;
        }
        if (socket instanceof SSLSocket) {
            try {
                ((Method) AccessController.doPrivileged(new PrivilegedExceptionAction<Method>() { // from class: org.keycloak.adapters.SniSSLSocketFactory.1
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedExceptionAction
                    public Method run() throws NoSuchMethodException {
                        return socket.getClass().getMethod("setHost", String.class);
                    }
                })).invoke(socket, str);
                LOG.log(Level.FINE, "Applied SNI to socket for host {0}", str);
            } catch (IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
                LOG.log(Level.WARNING, "Failed to apply SNI to SSLSocket", e);
            } catch (PrivilegedActionException e2) {
                if (e2.getCause() instanceof NoSuchMethodException) {
                    LOG.log(Environment.IS_IBM_JAVA ? Level.FINE : Level.WARNING, "Failed to apply SNI to SSLSocket", (Throwable) e2);
                    skipSNIApplication.set(true);
                } else {
                    LOG.log(Level.WARNING, "Failed to apply SNI to SSLSocket", (Throwable) e2);
                }
            }
        }
        return socket;
    }
}
