package cn.jsbintask.wxpay.http;

import cn.jsbintask.wxpay.WxPayException;
import cn.jsbintask.wxpay.config.WxPayEnv;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.time.Duration;
import java.util.Arrays;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.OkHttpClient;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cn/jsbintask/wxpay/http/OkHttpManager.class */
public class OkHttpManager {
    private static final Logger log = LoggerFactory.getLogger(OkHttpManager.class);
    private OkHttpClient client;
    private OkHttpClient sslClient;

    public OkHttpManager(WxPayEnv wxPayEnv) {
        try {
            init(wxPayEnv);
        } catch (Exception e) {
            throw new WxPayException(String.format("初始OkHttpClient失败：[%s]%s.", e.getClass().getName(), e.getMessage()));
        }
    }

    private void init(WxPayEnv wxPayEnv) throws Exception {
        this.client = new OkHttpClient.Builder().callTimeout(Duration.ofMillis(wxPayEnv.getHttpConfig().getCallTimeout())).connectTimeout(Duration.ofMillis(wxPayEnv.getHttpConfig().getConnectTimeout())).readTimeout(Duration.ofMillis(wxPayEnv.getHttpConfig().getReadTimeout())).build();
        char[] charArray = wxPayEnv.getMchId().toCharArray();
        InputStream cer = wxPayEnv.getCer();
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(cer, charArray);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, charArray);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
            throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
        }
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagers, new SecureRandom());
        this.sslClient = new OkHttpClient.Builder().callTimeout(Duration.ofMillis(wxPayEnv.getHttpConfig().getCallTimeout())).connectTimeout(Duration.ofMillis(wxPayEnv.getHttpConfig().getConnectTimeout())).readTimeout(Duration.ofMillis(wxPayEnv.getHttpConfig().getReadTimeout())).sslSocketFactory(sSLContext.getSocketFactory(), (X509TrustManager) trustManagers[0]).build();
    }

    public OkHttpClient select(boolean z) {
        return z ? this.sslClient : this.client;
    }

    public void destory() {
        this.client.connectionPool().evictAll();
        this.client.dispatcher().executorService().shutdown();
    }
}
