package org.apereo.cas.authentication;

import java.security.KeyStore;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.ssl.SSLContexts;
import org.jooq.lambda.Unchecked;

/* loaded from: input_file:org/apereo/cas/authentication/CasSSLContext.class */
public interface CasSSLContext {
    static CasSSLContext system() {
        return new CasSSLContext() { // from class: org.apereo.cas.authentication.CasSSLContext.1
            @Override // org.apereo.cas.authentication.CasSSLContext
            public SSLContext getSslContext() {
                return SSLContexts.createSystemDefault();
            }

            @Override // org.apereo.cas.authentication.CasSSLContext
            public TrustManager[] getTrustManagers() {
                return (TrustManager[]) Unchecked.supplier(() -> {
                    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                    trustManagerFactory.init((KeyStore) null);
                    return trustManagerFactory.getTrustManagers();
                }).get();
            }

            @Override // org.apereo.cas.authentication.CasSSLContext
            public KeyManager[] getKeyManagers() {
                return (KeyManager[]) Unchecked.supplier(() -> {
                    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                    keyManagerFactory.init(null, null);
                    return keyManagerFactory.getKeyManagers();
                }).get();
            }
        };
    }

    static CasSSLContext disabled() {
        return new CasSSLContext() { // from class: org.apereo.cas.authentication.CasSSLContext.2
            @Override // org.apereo.cas.authentication.CasSSLContext
            public SSLContext getSslContext() {
                SSLContext sSLContext = SSLContext.getInstance("SSL");
                sSLContext.init(getKeyManagers(), getTrustManagers(), null);
                return sSLContext;
            }

            @Override // org.apereo.cas.authentication.CasSSLContext
            public TrustManager[] getTrustManagers() {
                return new TrustManager[]{getDisabledTrustedManager()};
            }

            @Override // org.apereo.cas.authentication.CasSSLContext
            public KeyManager[] getKeyManagers() {
                return new KeyManager[0];
            }

            private X509TrustManager getDisabledTrustedManager() {
                return new X509TrustManager() { // from class: org.apereo.cas.authentication.CasSSLContext.2.1
                    @Override // javax.net.ssl.X509TrustManager
                    public X509Certificate[] getAcceptedIssuers() {
                        return null;
                    }

                    @Override // javax.net.ssl.X509TrustManager
                    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                    }

                    @Override // javax.net.ssl.X509TrustManager
                    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                    }
                };
            }
        };
    }

    SSLContext getSslContext();

    TrustManager[] getTrustManagers();

    KeyManager[] getKeyManagers();
}
