package io.apiman.gateway.platforms.servlet.connectors;

import com.squareup.okhttp.CertificatePinner;
import com.squareup.okhttp.ConnectionPool;
import com.squareup.okhttp.ConnectionSpec;
import com.squareup.okhttp.OkHttpClient;
import com.squareup.okhttp.Protocol;
import com.squareup.okhttp.internal.Internal;
import com.squareup.okhttp.internal.Network;
import com.squareup.okhttp.internal.Util;
import com.squareup.okhttp.internal.http.AuthenticatorAdapter;
import io.apiman.common.config.options.HttpConnectorOptions;
import io.apiman.common.config.options.TLSOptions;
import io.apiman.gateway.engine.IApiConnection;
import io.apiman.gateway.engine.IApiConnectionResponse;
import io.apiman.gateway.engine.IApiConnector;
import io.apiman.gateway.engine.IConnectorConfig;
import io.apiman.gateway.engine.IConnectorFactory;
import io.apiman.gateway.engine.async.IAsyncResultHandler;
import io.apiman.gateway.engine.auth.RequiredAuthType;
import io.apiman.gateway.engine.beans.Api;
import io.apiman.gateway.engine.beans.ApiRequest;
import io.apiman.gateway.engine.beans.exceptions.ConnectorException;
import io.apiman.gateway.platforms.servlet.connectors.ssl.SSLSessionStrategy;
import io.apiman.gateway.platforms.servlet.connectors.ssl.SSLSessionStrategyFactory;
import java.net.CookieHandler;
import java.net.ProxySelector;
import java.util.List;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import javax.net.SocketFactory;

/* loaded from: input_file:io/apiman/gateway/platforms/servlet/connectors/HttpConnectorFactory.class */
public class HttpConnectorFactory implements IConnectorFactory {
    private static final List<ConnectionSpec> DEFAULT_CONNECTION_SPECS = Util.immutableList(new ConnectionSpec[]{ConnectionSpec.MODERN_TLS, ConnectionSpec.COMPATIBLE_TLS, ConnectionSpec.CLEARTEXT});
    private OkHttpClient okClient = createHttpClient();
    private SSLSessionStrategy standardSslStrategy;
    private SSLSessionStrategy mutualAuthSslStrategy;
    private TLSOptions tlsOptions;
    private HttpConnectorOptions connectorOptions;

    public HttpConnectorFactory(Map<String, String> map) {
        this.tlsOptions = new TLSOptions(map);
        this.connectorOptions = new HttpConnectorOptions(map);
    }

    private OkHttpClient createHttpClient() {
        OkHttpClient okHttpClient = new OkHttpClient();
        okHttpClient.setReadTimeout(this.connectorOptions.getReadTimeout(), TimeUnit.SECONDS);
        okHttpClient.setWriteTimeout(this.connectorOptions.getWriteTimeout(), TimeUnit.SECONDS);
        okHttpClient.setConnectTimeout(this.connectorOptions.getConnectTimeout(), TimeUnit.SECONDS);
        okHttpClient.setFollowRedirects(this.connectorOptions.isFollowRedirects());
        okHttpClient.setFollowSslRedirects(this.connectorOptions.isFollowRedirects());
        okHttpClient.setProxySelector(ProxySelector.getDefault());
        okHttpClient.setCookieHandler(CookieHandler.getDefault());
        okHttpClient.setCertificatePinner(CertificatePinner.DEFAULT);
        okHttpClient.setAuthenticator(AuthenticatorAdapter.INSTANCE);
        okHttpClient.setConnectionPool(ConnectionPool.getDefault());
        okHttpClient.setProtocols(Util.immutableList(new Protocol[]{Protocol.HTTP_1_1}));
        okHttpClient.setConnectionSpecs(DEFAULT_CONNECTION_SPECS);
        okHttpClient.setSocketFactory(SocketFactory.getDefault());
        Internal.instance.setNetwork(okHttpClient, Network.DEFAULT);
        return okHttpClient;
    }

    public IApiConnector createConnector(ApiRequest apiRequest, final Api api, final RequiredAuthType requiredAuthType, final boolean z, final IConnectorConfig iConnectorConfig) {
        return new IApiConnector() { // from class: io.apiman.gateway.platforms.servlet.connectors.HttpConnectorFactory.1
            public IApiConnection connect(ApiRequest apiRequest2, IAsyncResultHandler<IApiConnectionResponse> iAsyncResultHandler) throws ConnectorException {
                return new HttpApiConnection(HttpConnectorFactory.this.okClient, apiRequest2, api, requiredAuthType, HttpConnectorFactory.this.getSslStrategy(requiredAuthType), z, iConnectorConfig, iAsyncResultHandler);
            }
        };
    }

    protected SSLSessionStrategy getSslStrategy(RequiredAuthType requiredAuthType) {
        try {
            if (requiredAuthType == RequiredAuthType.MTLS) {
                if (this.mutualAuthSslStrategy == null) {
                    this.mutualAuthSslStrategy = SSLSessionStrategyFactory.buildMutual(this.tlsOptions);
                }
                return this.mutualAuthSslStrategy;
            }
            if (this.standardSslStrategy == null) {
                if (this.tlsOptions.isDevMode()) {
                    this.standardSslStrategy = SSLSessionStrategyFactory.buildUnsafe();
                } else {
                    this.standardSslStrategy = SSLSessionStrategyFactory.buildStandard(this.tlsOptions);
                }
            }
            return this.standardSslStrategy;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public IConnectorConfig createConnectorConfig(ApiRequest apiRequest, Api api) {
        return new ConnectorConfigImpl();
    }
}
