package com.dy.pipIrrSell.config;

import com.dy.pipIrrGlobal.cert.WxCertUtil;
import com.dy.pipIrrSell.wechatpay.PayInfo;
import okhttp3.OkHttpClient;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.io.ResourceLoader;
import org.springframework.http.client.ClientHttpRequestFactory;
import org.springframework.http.client.OkHttp3ClientHttpRequestFactory;

import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import java.io.InputStream;
import java.security.KeyStore;

/**
 * @author ZhuBaoMin
 * @date 2024-03-06 11:44
 * @LastEditTime 2024-03-06 11:44
 * @Description
 */

@Configuration
public class RestTemplateWechatCertConfig {

    String mchid = PayInfo.mchid;
    @Autowired
    private ResourceLoader resourceLoader;

    @Bean
    @ConfigurationProperties(prefix = "org.liurb.core.rest-template.config.connection")
    public ClientHttpRequestFactory wechatHttpRequestFactory() throws Exception {

        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        InputStream in = WxCertUtil.getCert_p12InputStream(resourceLoader);
        keyStore.load(in, mchid.toCharArray());

        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, mchid.toCharArray());

        SSLContext context = SSLContext.getInstance("TLS");
        context.init(keyManagerFactory.getKeyManagers(), null, null);

        OkHttpClient okHttpClient = new OkHttpClient.Builder()
                .sslSocketFactory(context.getSocketFactory(), getDefaultX509TrustManager())
                .build();

        return new OkHttp3ClientHttpRequestFactory(okHttpClient);
    }

    private static X509TrustManager getDefaultX509TrustManager() throws Exception {
        TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        factory.init((KeyStore) null);
        return (X509TrustManager) factory.getTrustManagers()[0];
    }
}