package com.azure.resourcemanager.appservice.implementation;

import com.azure.core.management.Region;
import com.azure.core.util.logging.ClientLogger;
import com.azure.resourcemanager.appservice.AppServiceManager;
import com.azure.resourcemanager.appservice.implementation.WebAppBaseImpl;
import com.azure.resourcemanager.appservice.models.AppServiceCertificate;
import com.azure.resourcemanager.appservice.models.AppServiceCertificateOrder;
import com.azure.resourcemanager.appservice.models.HostnameSslBinding;
import com.azure.resourcemanager.appservice.models.HostnameSslState;
import com.azure.resourcemanager.appservice.models.SslState;
import com.azure.resourcemanager.appservice.models.WebAppBase;
import com.azure.resourcemanager.keyvault.models.Vault;
import com.azure.resourcemanager.resources.fluentcore.model.implementation.IndexableWrapperImpl;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import reactor.core.publisher.Mono;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:WEB-INF/lib/azure-resourcemanager-appservice-2.16.0.jar:com/azure/resourcemanager/appservice/implementation/HostnameSslBindingImpl.class */
public class HostnameSslBindingImpl<FluentT extends WebAppBase, FluentImplT extends WebAppBaseImpl<FluentT, FluentImplT>> extends IndexableWrapperImpl<HostnameSslState> implements HostnameSslBinding, HostnameSslBinding.Definition<WebAppBase.DefinitionStages.WithCreate<FluentT>>, HostnameSslBinding.UpdateDefinition<WebAppBase.Update<FluentT>> {
    private final ClientLogger logger;
    private Mono<AppServiceCertificate> newCertificate;
    private AppServiceCertificateOrder.DefinitionStages.WithKeyVault certificateInDefinition;
    private final FluentImplT parent;

    /* JADX INFO: Access modifiers changed from: package-private */
    public HostnameSslBindingImpl(HostnameSslState hostnameSslState, FluentImplT fluentimplt) {
        super(hostnameSslState);
        this.logger = new ClientLogger(getClass());
        this.parent = fluentimplt;
    }

    @Override // com.azure.resourcemanager.resources.fluentcore.arm.models.HasName
    public String name() {
        return innerModel().name();
    }

    @Override // com.azure.resourcemanager.appservice.models.HostnameSslBinding
    public SslState sslState() {
        return innerModel().sslState();
    }

    @Override // com.azure.resourcemanager.appservice.models.HostnameSslBinding
    public String virtualIp() {
        return innerModel().virtualIp();
    }

    @Override // com.azure.resourcemanager.appservice.models.HostnameSslBinding
    public String thumbprint() {
        return innerModel().thumbprint();
    }

    @Override // com.azure.resourcemanager.resources.fluentcore.model.Attachable.InDefinition
    /* renamed from: attach */
    public FluentImplT attach2() {
        this.parent.withNewHostNameSslBinding(this);
        return this.parent;
    }

    @Override // com.azure.resourcemanager.appservice.models.HostnameSslBinding.UpdateDefinitionStages.WithCertificate
    public HostnameSslBindingImpl<FluentT, FluentImplT> withPfxCertificateToUpload(File file, String str) {
        this.newCertificate = parent2().manager().certificates().define2(getCertificateUniqueName(getCertificateThumbprint(file.getPath(), str), parent2().region())).withRegion2(parent2().region()).withExistingResourceGroup2(parent2().resourceGroupName()).withPfxFile(file).withPfxPassword(str).createAsync();
        return this;
    }

    @Override // com.azure.resourcemanager.appservice.models.HostnameSslBinding.UpdateDefinitionStages.WithCertificate
    public HostnameSslBindingImpl<FluentT, FluentImplT> withExistingCertificate(String str) {
        this.newCertificate = parent2().manager().certificates().listByResourceGroupAsync(parent2().resourceGroupName()).collectList().map(list -> {
            Iterator it = list.iterator();
            while (it.hasNext()) {
                AppServiceCertificate appServiceCertificate = (AppServiceCertificate) it.next();
                if (appServiceCertificate.name().equals(str) || appServiceCertificate.thumbprint().equalsIgnoreCase(str)) {
                    return appServiceCertificate;
                }
            }
            return null;
        }).map(appServiceCertificate -> {
            if (appServiceCertificate != null) {
                withCertificateThumbprint(str);
            }
            return appServiceCertificate;
        });
        return this;
    }

    @Override // com.azure.resourcemanager.appservice.models.HostnameSslBinding.UpdateDefinitionStages.WithCertificate
    public HostnameSslBindingImpl<FluentT, FluentImplT> withNewStandardSslCertificateOrder(String str) {
        this.certificateInDefinition = parent2().manager().certificateOrders().define2(str).withExistingResourceGroup2(parent2().resourceGroupName()).withHostName(name()).withStandardSku().withWebAppVerification(parent2());
        return this;
    }

    @Override // com.azure.resourcemanager.appservice.models.HostnameSslBinding.UpdateDefinitionStages.WithCertificate
    public HostnameSslBindingImpl<FluentT, FluentImplT> withExistingAppServiceCertificateOrder(AppServiceCertificateOrder appServiceCertificateOrder) {
        this.newCertificate = parent2().manager().certificates().define2(getCertificateUniqueName(appServiceCertificateOrder.signedCertificate().thumbprint(), parent2().region())).withRegion2(parent2().region()).withExistingResourceGroup2(parent2().resourceGroupName()).withExistingCertificateOrder(appServiceCertificateOrder).createAsync();
        return this;
    }

    private HostnameSslBindingImpl<FluentT, FluentImplT> withCertificateThumbprint(String str) {
        innerModel().withThumbprint(str);
        return this;
    }

    @Override // com.azure.resourcemanager.appservice.models.HostnameSslBinding.UpdateDefinitionStages.WithSslType
    public HostnameSslBindingImpl<FluentT, FluentImplT> withSniBasedSsl() {
        innerModel().withSslState(SslState.SNI_ENABLED);
        return this;
    }

    @Override // com.azure.resourcemanager.appservice.models.HostnameSslBinding.UpdateDefinitionStages.WithSslType
    public HostnameSslBindingImpl<FluentT, FluentImplT> withIpBasedSsl() {
        innerModel().withSslState(SslState.IP_BASED_ENABLED);
        return this;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Mono<AppServiceCertificate> newCertificate() {
        return this.newCertificate.doOnNext(appServiceCertificate -> {
            if (appServiceCertificate != null) {
                withCertificateThumbprint(appServiceCertificate.thumbprint());
            }
        });
    }

    @Override // com.azure.resourcemanager.resources.fluentcore.arm.models.HasParent
    /* renamed from: parent */
    public WebAppBase parent2() {
        return this.parent;
    }

    @Override // com.azure.resourcemanager.appservice.models.HostnameSslBinding.UpdateDefinitionStages.WithHostname
    public HostnameSslBindingImpl<FluentT, FluentImplT> forHostname(String str) {
        innerModel().withName(str);
        return this;
    }

    @Override // com.azure.resourcemanager.appservice.models.HostnameSslBinding.UpdateDefinitionStages.WithKeyVault
    public HostnameSslBindingImpl<FluentT, FluentImplT> withExistingKeyVault(Vault vault) {
        Mono<AppServiceCertificateOrder> createAsync = this.certificateInDefinition.withExistingKeyVault(vault).createAsync();
        AppServiceManager manager = parent2().manager();
        this.newCertificate = createAsync.flatMap(appServiceCertificateOrder -> {
            return manager.certificates().define2(appServiceCertificateOrder.name()).withRegion2(parent2().regionName()).withExistingResourceGroup2(parent2().resourceGroupName()).withExistingCertificateOrder(appServiceCertificateOrder).createAsync();
        });
        return this;
    }

    @Override // com.azure.resourcemanager.appservice.models.HostnameSslBinding.UpdateDefinitionStages.WithKeyVault
    public HostnameSslBindingImpl<FluentT, FluentImplT> withNewKeyVault(String str) {
        Mono<AppServiceCertificateOrder> createAsync = this.certificateInDefinition.withNewKeyVault(str, parent2().region()).createAsync();
        AppServiceManager manager = parent2().manager();
        this.newCertificate = createAsync.flatMap(appServiceCertificateOrder -> {
            return manager.certificates().define2(appServiceCertificateOrder.name()).withRegion2(parent2().regionName()).withExistingResourceGroup2(parent2().resourceGroupName()).withExistingCertificateOrder(appServiceCertificateOrder).createAsync();
        });
        return this;
    }

    private String getCertificateThumbprint(String str, String str2) {
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(fileInputStream, str2.toCharArray());
            X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(keyStore.aliases().nextElement());
            fileInputStream.close();
            return Utils.base16Encode(MessageDigest.getInstance("SHA-1").digest(x509Certificate.getEncoded()));
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw this.logger.logExceptionAsError(new RuntimeException(e));
        }
    }

    private String getCertificateUniqueName(String str, Region region) {
        return String.format("%s##%s#", str, region.label());
    }
}
