package io.onfhir.config;

import akka.http.scaladsl.ConnectionContext$;
import akka.http.scaladsl.HttpsConnectionContext;
import io.onfhir.api.package$;
import java.io.File;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import scala.MatchError;
import scala.None$;
import scala.Predef$;
import scala.Predef$any2stringadd$;
import scala.Some;
import scala.reflect.ScalaSignature;

/* compiled from: SSLConfig.scala */
@ScalaSignature(bytes = "\u0006\u0001A3q!\u0001\u0002\u0011\u0002\u0007\u0005\u0011BA\u0005T'2\u001buN\u001c4jO*\u00111\u0001B\u0001\u0007G>tg-[4\u000b\u0005\u00151\u0011AB8oM\"L'OC\u0001\b\u0003\tIwn\u0001\u0001\u0014\u0005\u0001Q\u0001CA\u0006\u000f\u001b\u0005a!\"A\u0007\u0002\u000bM\u001c\u0017\r\\1\n\u0005=a!AB!osJ+g\rC\u0003\u0012\u0001\u0011\u0005!#\u0001\u0004%S:LG\u000f\n\u000b\u0002'A\u00111\u0002F\u0005\u0003+1\u0011A!\u00168ji\"9q\u0003\u0001b\u0001\n\u000bA\u0012!\u0006#F\r\u0006+F\nV0L\u000bf\u001bFk\u0014*F?B\u000bE\u000bS\u000b\u00023A\u0011!$\t\b\u00037}\u0001\"\u0001\b\u0007\u000e\u0003uQ!A\b\u0005\u0002\rq\u0012xn\u001c;?\u0013\t\u0001C\"\u0001\u0004Qe\u0016$WMZ\u0005\u0003E\r\u0012aa\u0015;sS:<'B\u0001\u0011\r\u0011\u001d)\u0003A1A\u0005\u0006\u0019\n\u0011\u0004R#G\u0003VcEkX&F3N#vJU#`!\u0006\u001b6kV(S\tV\tqeD\u0001)C\u0005I\u0013a\u00044iSJl#/\u001a9pg&$xN]=\t\u000f-\u0002!\u0019!C\u00031\u0005AC)\u0012$B+2#v\f\u0015*P)\u0016\u001bE+\u0012#`%\u0016\u001bv*\u0016*D\u000b~kU\tV!E\u0003R\u000bu\fU!U\u0011\"9Q\u0006\u0001b\u0001\n\u000bq\u0013!\u000b#F\r\u0006+F\nV0Q%>#Vi\u0011+F\t~\u0013ViU(V%\u000e+uLS,L'~3\u0015\nT#`\u001d\u0006kU)F\u00010\u001f\u0005\u0001\u0014%A\u0019\u0002!\u0019D\u0017N]\u0017tKJ4XM\u001d\u0018ko.\u001c\bbB\u001a\u0001\u0005\u0004%)\u0001N\u0001C\t\u00163\u0015)\u0016'U?B\u0013v\nV#D)\u0016#uLU#T\u001fV\u00136)R0E3:\u000bU*S\"`%\u0016;\u0015j\u0015+S\u0003RKuJT0N\u000bR\u000bE)\u0011+B?\u001aKE*R0O\u00036+U#A\u001b\u0010\u0003Y\n\u0013aN\u00010aJ|G/Z2uK\u0012l#/Z:pkJ\u001cW-L:feZ,'/L7fi\u0006$\u0017\r^1.Ift\u0017-\\5d])\u001cxN\u001c\u0005\ts\u0001A)\u0019!C\u0001u\u0005)\u0001\u000e\u001e;qgV\t1\b\u0005\u0002=\u00076\tQH\u0003\u0002?\u007f\u0005A1oY1mC\u0012\u001cHN\u0003\u0002A\u0003\u0006!\u0001\u000e\u001e;q\u0015\u0005\u0011\u0015\u0001B1lW\u0006L!\u0001R\u001f\u0003-!#H\u000f]:D_:tWm\u0019;j_:\u001cuN\u001c;fqRDQA\u0012\u0001\u0005\u0002\u001d\u000b1bZ3u\u0017\u0016L8\u000f^8sKR\t\u0001\n\u0005\u0002J\u001d6\t!J\u0003\u0002L\u0019\u0006A1/Z2ve&$\u0018PC\u0001N\u0003\u0011Q\u0017M^1\n\u0005=S%\u0001C&fsN#xN]3")
/* loaded from: input_file:io/onfhir/config/SSLConfig.class */
public interface SSLConfig {
    void io$onfhir$config$SSLConfig$_setter_$DEFAULT_KEYSTORE_PATH_$eq(String str);

    void io$onfhir$config$SSLConfig$_setter_$DEFAULT_PROTECTED_RESOURCE_METADATA_PATH_$eq(String str);

    String DEFAULT_KEYSTORE_PATH();

    default String DEFAULT_KEYSTORE_PASSWORD() {
        return "fhir-repository";
    }

    String DEFAULT_PROTECTED_RESOURCE_METADATA_PATH();

    default String DEFAULT_PROTECTED_RESOURCE_JWKS_FILE_NAME() {
        return "fhir-server.jwks";
    }

    default String DEFAULT_PROTECTED_RESOURCE_DYNAMIC_REGISTRATION_METADATA_FILE_NAME() {
        return "protected-resource-server-metadata-dynamic.json";
    }

    default HttpsConnectionContext https() {
        KeyStore keystore = getKeystore();
        String str = (String) OnfhirConfig$.MODULE$.sslKeystorePasword().getOrElse(() -> {
            return "fhir-repository";
        });
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        keyManagerFactory.init(keystore, str.toCharArray());
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
        trustManagerFactory.init(keystore);
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new SecureRandom());
        return ConnectionContext$.MODULE$.https(sSLContext, ConnectionContext$.MODULE$.https$default$2(), ConnectionContext$.MODULE$.https$default$3(), ConnectionContext$.MODULE$.https$default$4(), ConnectionContext$.MODULE$.https$default$5(), ConnectionContext$.MODULE$.https$default$6());
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v20, types: [java.io.InputStream] */
    default KeyStore getKeystore() {
        FileInputStream fileInputStream;
        Some sslKeystorePath = OnfhirConfig$.MODULE$.sslKeystorePath();
        if (None$.MODULE$.equals(sslKeystorePath)) {
            fileInputStream = getClass().getResourceAsStream(DEFAULT_KEYSTORE_PATH());
        } else {
            if (!(sslKeystorePath instanceof Some)) {
                throw new MatchError(sslKeystorePath);
            }
            fileInputStream = new FileInputStream(new File((String) sslKeystorePath.value()));
        }
        KeyStore keyStore = KeyStore.getInstance("jks");
        keyStore.load(fileInputStream, ((String) OnfhirConfig$.MODULE$.sslKeystorePasword().getOrElse(() -> {
            return "fhir-repository";
        })).toCharArray());
        return keyStore;
    }

    static void $init$(SSLConfig sSLConfig) {
        sSLConfig.io$onfhir$config$SSLConfig$_setter_$DEFAULT_KEYSTORE_PATH_$eq(Predef$any2stringadd$.MODULE$.$plus$extension(Predef$.MODULE$.any2stringadd(package$.MODULE$.DEFAULT_ROOT_FOLDER()), "/keystore.jks"));
        sSLConfig.io$onfhir$config$SSLConfig$_setter_$DEFAULT_PROTECTED_RESOURCE_METADATA_PATH_$eq(Predef$any2stringadd$.MODULE$.$plus$extension(Predef$.MODULE$.any2stringadd(package$.MODULE$.DEFAULT_ROOT_FOLDER()), "/protected-resource-server-metadata.json"));
    }
}
