package eu.unicore.util.httpclient;

import eu.unicore.security.canl.SSLContextCreator;
import eu.unicore.util.Log;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import javax.net.ssl.SSLContext;
import org.apache.http.HttpException;
import org.apache.http.HttpHost;
import org.apache.http.HttpRequest;
import org.apache.http.HttpRequestInterceptor;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.Credentials;
import org.apache.http.auth.NTCredentials;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.AuthCache;
import org.apache.http.client.HttpClient;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.impl.auth.BasicScheme;
import org.apache.http.impl.auth.NTLMSchemeFactory;
import org.apache.http.impl.client.BasicAuthCache;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.params.HttpParams;
import org.apache.http.protocol.HttpContext;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:eu/unicore/util/httpclient/HttpUtils.class */
public class HttpUtils {
    public static final String USER_AGENT = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)";
    private static final Logger logger = Log.getLogger(Log.CLIENT, HttpUtils.class);
    private static final ConnectionCloseInterceptor CONN_CLOSE_INTERCEPTOR = new ConnectionCloseInterceptor();
    static String[] protocols = {"TLSv1", "TLSv1.1", "TLSv1.2"};

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:eu/unicore/util/httpclient/HttpUtils$ConnectionCloseInterceptor.class */
    public static class ConnectionCloseInterceptor implements HttpRequestInterceptor {
        private ConnectionCloseInterceptor() {
        }

        @Override // org.apache.http.HttpRequestInterceptor
        public void process(HttpRequest httpRequest, HttpContext httpContext) throws HttpException, IOException {
            httpRequest.setHeader("Connection", "close");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:eu/unicore/util/httpclient/HttpUtils$ProxyPreemptiveAuthnInterceptor.class */
    public static class ProxyPreemptiveAuthnInterceptor implements HttpRequestInterceptor {
        private HttpHost host;
        private boolean ntlm;

        public ProxyPreemptiveAuthnInterceptor(HttpHost httpHost, boolean z) {
            this.host = httpHost;
            this.ntlm = z;
        }

        @Override // org.apache.http.HttpRequestInterceptor
        public void process(HttpRequest httpRequest, HttpContext httpContext) throws HttpException, IOException {
            BasicAuthCache basicAuthCache = (AuthCache) httpContext.getAttribute("http.auth.auth-cache");
            if (basicAuthCache == null) {
                basicAuthCache = new BasicAuthCache();
                httpContext.setAttribute("http.auth.auth-cache", basicAuthCache);
            }
            if (basicAuthCache.get(this.host) == null) {
                basicAuthCache.put(this.host, this.ntlm ? new NTLMSchemeFactory().newInstance((HttpParams) null) : new BasicScheme());
            }
        }
    }

    private HttpUtils() {
    }

    public static synchronized HttpClient createClient(String str, IClientConfiguration iClientConfiguration) {
        HttpClientBuilder createClientBuilder = createClientBuilder(iClientConfiguration.getHttpClientProperties(), iClientConfiguration.isSslEnabled() ? getSSLConnectionManager(iClientConfiguration) : new PoolingHttpClientConnectionManager());
        configureProxy(createClientBuilder, str, iClientConfiguration.getHttpClientProperties());
        return createClientBuilder.build();
    }

    public static synchronized HttpClient createClient(HttpClientProperties httpClientProperties) {
        return createClientBuilder(httpClientProperties, new PoolingHttpClientConnectionManager()).build();
    }

    private static synchronized HttpClientBuilder createClientBuilder(HttpClientProperties httpClientProperties, PoolingHttpClientConnectionManager poolingHttpClientConnectionManager) {
        boolean booleanValue = httpClientProperties.getBooleanValue(HttpClientProperties.CONNECTION_CLOSE).booleanValue();
        boolean booleanValue2 = httpClientProperties.getBooleanValue(HttpClientProperties.ALLOW_CIRCULAR_REDIRECTS).booleanValue();
        int intValue = httpClientProperties.getIntValue(HttpClientProperties.HTTP_MAX_REDIRECTS).intValue();
        boolean z = intValue > 0;
        poolingHttpClientConnectionManager.setDefaultMaxPerRoute(httpClientProperties.getIntValue(HttpClientProperties.MAX_HOST_CONNECTIONS).intValue());
        poolingHttpClientConnectionManager.setMaxTotal(httpClientProperties.getIntValue(HttpClientProperties.MAX_TOTAL_CONNECTIONS).intValue());
        HttpClientBuilder create = HttpClientBuilder.create();
        create.setConnectionManager(poolingHttpClientConnectionManager);
        create.setRedirectStrategy(new VeryLaxRedirectStrategy());
        RequestConfig.Builder custom = RequestConfig.custom();
        setConnectionTimeout(custom, httpClientProperties.getIntValue(HttpClientProperties.SO_TIMEOUT).intValue(), httpClientProperties.getIntValue(HttpClientProperties.CONNECT_TIMEOUT).intValue());
        create.setDefaultRequestConfig(custom.setCircularRedirectsAllowed(booleanValue2).setMaxRedirects(intValue).setRedirectsEnabled(z).build());
        create.setUserAgent(USER_AGENT);
        if (booleanValue) {
            create.addInterceptorFirst(CONN_CLOSE_INTERCEPTOR);
        }
        return create;
    }

    public static PoolingHttpClientConnectionManager getSSLConnectionManager(IClientConfiguration iClientConfiguration) {
        return new PoolingHttpClientConnectionManager(RegistryBuilder.create().register("http", new PlainConnectionSocketFactory()).register("https", new CustomSSLConnectionSocketFactory(createSSLContext(iClientConfiguration), new EmptyHostnameVerifier(), iClientConfiguration.getHttpClientProperties().getIntValue(HttpClientProperties.CONNECT_TIMEOUT).intValue())).build());
    }

    public static void configureProxy(HttpClientBuilder httpClientBuilder, String str, HttpClientProperties httpClientProperties) {
        String property;
        if (isNonProxyHost(str, httpClientProperties)) {
            return;
        }
        String value = httpClientProperties.getValue(HttpClientProperties.HTTP_PROXY_HOST);
        if (value == null) {
            value = System.getProperty(HttpClientProperties.HTTP_PROXY_HOST);
        }
        if (value == null || value.trim().length() <= 0) {
            return;
        }
        Integer intValue = httpClientProperties.getIntValue(HttpClientProperties.HTTP_PROXY_PORT);
        if (intValue == null && (property = System.getProperty(HttpClientProperties.HTTP_PROXY_PORT)) != null) {
            intValue = Integer.valueOf(Integer.parseInt(property));
        }
        if (intValue == null) {
            intValue = 80;
        }
        HttpHost httpHost = new HttpHost(value, intValue.intValue());
        httpClientBuilder.setProxy(httpHost);
        String value2 = httpClientProperties.getValue(HttpClientProperties.HTTP_PROXY_USER);
        String value3 = httpClientProperties.getValue(HttpClientProperties.HTTP_PROXY_PASS);
        if (value2 == null || value3 == null) {
            return;
        }
        Credentials credentials = getCredentials(value2, value3);
        boolean z = credentials instanceof NTCredentials;
        BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
        basicCredentialsProvider.setCredentials(new AuthScope(value, intValue.intValue()), credentials);
        httpClientBuilder.setDefaultCredentialsProvider(basicCredentialsProvider);
        httpClientBuilder.addInterceptorLast(new ProxyPreemptiveAuthnInterceptor(httpHost, z));
    }

    private static boolean isNonProxyHost(String str, HttpClientProperties httpClientProperties) {
        String value = httpClientProperties.getValue(HttpClientProperties.HTTP_NON_PROXY_HOSTS);
        if (value == null) {
            return false;
        }
        try {
            String host = new URI(str).getHost();
            for (String str2 : value.split(" ")) {
                if (host.contains(str2)) {
                    return true;
                }
            }
            return false;
        } catch (URISyntaxException e) {
            logger.error("Can't resolve URI from " + str, e);
            return false;
        }
    }

    private static Credentials getCredentials(String str, String str2) {
        int indexOf = str.indexOf(92);
        return (indexOf <= 0 || str.length() <= indexOf + 1) ? new UsernamePasswordCredentials(str, str2) : new NTCredentials(str.substring(0, indexOf), str2, "localhost", str.substring(indexOf + 1));
    }

    private static void setConnectionTimeout(RequestConfig.Builder builder, int i, int i2) {
        builder.setSocketTimeout(i);
        builder.setConnectTimeout(i2);
        builder.setConnectionRequestTimeout(i2);
    }

    public static void setConnectionTimeout(HttpRequestBase httpRequestBase, int i, int i2) {
        RequestConfig config = httpRequestBase.getConfig();
        RequestConfig.Builder copy = config != null ? RequestConfig.copy(config) : RequestConfig.custom();
        setConnectionTimeout(copy, i, i2);
        httpRequestBase.setConfig(copy.build());
    }

    private static SSLContext createSSLContext(IPlainClientConfiguration iPlainClientConfiguration) {
        try {
            SSLContext createSSLContext = SSLContextCreator.createSSLContext(iPlainClientConfiguration.doSSLAuthn() ? iPlainClientConfiguration.getCredential() : null, iPlainClientConfiguration.getValidator(), CustomSSLConnectionSocketFactory.TLS, "HTTP Client", logger, iPlainClientConfiguration.getServerHostnameCheckingMode());
            createSSLContext.getSupportedSSLParameters().setProtocols(protocols);
            return createSSLContext;
        } catch (Exception e) {
            logger.fatal(e.getMessage(), e);
            throw new RuntimeException(e);
        }
    }
}
