package com.dbeaver.db.keyspaces.model;

import com.datastax.oss.driver.api.core.ConsistencyLevel;
import com.datastax.oss.driver.api.core.CqlSessionBuilder;
import com.dbeaver.db.cassandra.model.CasDataSource;
import com.dbeaver.db.cassandra.model.CasExecutionContext;
import com.dbeaver.model.security.StaticTLSUtils;
import com.dbeaver.net.auth.aws.AuthModelAWSCredentials;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.UnknownHostException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.jkiss.code.NotNull;
import org.jkiss.dbeaver.DBException;
import org.jkiss.dbeaver.model.DBPDataSourceContainer;
import org.jkiss.dbeaver.model.app.DBACertificateStorage;
import org.jkiss.dbeaver.model.connection.DBPConnectionConfiguration;
import org.jkiss.dbeaver.model.runtime.DBRProgressMonitor;
import org.jkiss.dbeaver.runtime.DBWorkbench;
import org.jkiss.utils.CommonUtils;

/* loaded from: input_file:com/dbeaver/db/keyspaces/model/AWSKeyspacesDataSource.class */
public class AWSKeyspacesDataSource extends CasDataSource {
    private static final String AWS_KEYSPACES_TLS_CERT_URL = "https://certs.secureserver.net/repository/sf-class2-root.crt";
    private static final String AWS_LOCAL_CONFIG_FOLDER = ".aws";
    private AuthModelAWSCredentials authCredentials;

    public AWSKeyspacesDataSource(DBRProgressMonitor dBRProgressMonitor, @NotNull DBPDataSourceContainer dBPDataSourceContainer) throws DBException {
        super(dBRProgressMonitor, dBPDataSourceContainer);
    }

    protected ConsistencyLevel getDefaultConsistencyLevel() {
        return ConsistencyLevel.LOCAL_QUORUM;
    }

    protected void configureEndpoint(DBPConnectionConfiguration dBPConnectionConfiguration, CqlSessionBuilder cqlSessionBuilder) throws DBException {
        String hostName = dBPConnectionConfiguration.getHostName();
        if (CommonUtils.isEmpty(hostName)) {
            return;
        }
        try {
            cqlSessionBuilder.addContactPoint(new InetSocketAddress(InetAddress.getByName("cassandra." + hostName + ".amazonaws.com"), 9142));
            cqlSessionBuilder.withLocalDatacenter(hostName);
        } catch (UnknownHostException e) {
            throw new DBException("Error resolving keyspaces", e);
        }
    }

    public boolean supportsPermissions() {
        return false;
    }

    protected void configureAuth(DBRProgressMonitor dBRProgressMonitor, CqlSessionBuilder cqlSessionBuilder, DBPConnectionConfiguration dBPConnectionConfiguration) throws DBException {
        cqlSessionBuilder.withAuthProvider(new SigV4AuthProvider(this.authCredentials.getAuthCredentialsProvider(dBRProgressMonitor, dBPConnectionConfiguration), dBPConnectionConfiguration.getHostName()));
    }

    protected void configureSSL(DBRProgressMonitor dBRProgressMonitor, CqlSessionBuilder cqlSessionBuilder) throws DBException {
        Path staticCertFile = StaticTLSUtils.getStaticCertFile(dBRProgressMonitor, AWSKeyspacesDataSource.class, AWS_LOCAL_CONFIG_FOLDER, AWS_KEYSPACES_TLS_CERT_URL);
        if (staticCertFile != null) {
            try {
                SSLContext sSLContext = SSLContext.getInstance("SSL");
                DBACertificateStorage certificateStorage = DBWorkbench.getPlatform().getCertificateStorage();
                certificateStorage.addCertificate(getContainer(), "ssl", Files.readAllBytes(staticCertFile), (byte[]) null, (byte[]) null);
                KeyStore keyStore = certificateStorage.getKeyStore(getContainer(), "ssl");
                char[] keyStorePassword = certificateStorage.getKeyStorePassword(getContainer(), "ssl");
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
                keyManagerFactory.init(keyStore, keyStorePassword);
                keyManagerFactory.getKeyManagers();
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX");
                trustManagerFactory.init(keyStore);
                trustManagerFactory.getTrustManagers();
                sSLContext.init(null, null, new SecureRandom());
                configureSslWithOptions(cqlSessionBuilder, sSLContext);
            } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException unused) {
                throw new DBException("Error configuring Keyspaces trust store");
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setAuthCredentials(AuthModelAWSCredentials authModelAWSCredentials) {
        this.authCredentials = authModelAWSCredentials;
    }

    @NotNull
    protected CasExecutionContext createExecutionContext(String str, String str2) {
        return super.createExecutionContext(str, str2);
    }
}
