package io.fabric8.kubernetes.clnt.v4_1.utils;

import io.fabric8.kubernetes.clnt.v4_1.Config;
import io.fabric8.kubernetes.clnt.v4_1.KubernetesClientException;
import io.fabric8.kubernetes.clnt.v4_1.internal.SSLUtils;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.MalformedURLException;
import java.net.Proxy;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.util.Arrays;
import java.util.concurrent.TimeUnit;
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import okhttp3.Authenticator;
import okhttp3.ConnectionSpec;
import okhttp3.Credentials;
import okhttp3.Dispatcher;
import okhttp3.Interceptor;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;
import okhttp3.Route;
import okhttp3.logging.HttpLoggingInterceptor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/fabric8/kubernetes/clnt/v4_1/utils/HttpClientUtils.class */
public class HttpClientUtils {
    private static Pattern VALID_IPV4_PATTERN;
    public static final String ipv4Pattern = "(http:\\/\\/|https:\\/\\/)?(([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\.){3}([01]?\\d\\d?|2[0-4]\\d|25[0-5])(\\/[0-9]\\d|1[0-9]\\d|2[0-9]\\d|3[0-2]\\d)?";
    private static final Logger logger = LoggerFactory.getLogger(HttpClientUtils.class);

    public static OkHttpClient createHttpClient(final Config config) {
        try {
            OkHttpClient.Builder builder = new OkHttpClient.Builder();
            builder.followRedirects(true);
            builder.followSslRedirects(true);
            if (config.isTrustCerts() || config.isDisableHostnameVerification()) {
                builder.hostnameVerifier(new HostnameVerifier() { // from class: io.fabric8.kubernetes.clnt.v4_1.utils.HttpClientUtils.1
                    @Override // javax.net.ssl.HostnameVerifier
                    public boolean verify(String str, SSLSession sSLSession) {
                        return true;
                    }
                });
            }
            TrustManager[] trustManagers = SSLUtils.trustManagers(config);
            KeyManager[] keyManagers = SSLUtils.keyManagers(config);
            if (keyManagers == null && trustManagers == null && !config.isTrustCerts()) {
                SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
                sSLContext.init(keyManagers, trustManagers, null);
                builder.sslSocketFactory(sSLContext.getSocketFactory(), (X509TrustManager) trustManagers[0]);
            } else {
                X509TrustManager x509TrustManager = null;
                if (trustManagers != null && trustManagers.length == 1) {
                    x509TrustManager = (X509TrustManager) trustManagers[0];
                }
                try {
                    builder.sslSocketFactory(SSLUtils.sslContext(keyManagers, trustManagers, config.isTrustCerts()).getSocketFactory(), x509TrustManager);
                } catch (GeneralSecurityException e) {
                    throw new AssertionError();
                }
            }
            builder.addInterceptor(new Interceptor() { // from class: io.fabric8.kubernetes.clnt.v4_1.utils.HttpClientUtils.2
                public Response intercept(Interceptor.Chain chain) throws IOException {
                    return (Utils.isNotNullOrEmpty(Config.this.getUsername()) && Utils.isNotNullOrEmpty(Config.this.getPassword())) ? chain.proceed(chain.request().newBuilder().addHeader("Authorization", Credentials.basic(Config.this.getUsername(), Config.this.getPassword())).build()) : Utils.isNotNullOrEmpty(Config.this.getOauthToken()) ? chain.proceed(chain.request().newBuilder().addHeader("Authorization", "Bearer " + Config.this.getOauthToken()).build()) : chain.proceed(chain.request());
                }
            }).addInterceptor(new ImpersonatorInterceptor(config)).addInterceptor(new BackwardsCompatibilityInterceptor());
            if (LoggerFactory.getLogger(HttpLoggingInterceptor.class).isTraceEnabled()) {
                HttpLoggingInterceptor httpLoggingInterceptor = new HttpLoggingInterceptor();
                httpLoggingInterceptor.setLevel(HttpLoggingInterceptor.Level.BODY);
                builder.addNetworkInterceptor(httpLoggingInterceptor);
            }
            if (config.getConnectionTimeout() > 0) {
                builder.connectTimeout(config.getConnectionTimeout(), TimeUnit.MILLISECONDS);
            }
            if (config.getRequestTimeout() > 0) {
                builder.readTimeout(config.getRequestTimeout(), TimeUnit.MILLISECONDS);
            }
            if (config.getWebsocketPingInterval() > 0) {
                builder.pingInterval(config.getWebsocketPingInterval(), TimeUnit.MILLISECONDS);
            }
            if (config.getMaxConcurrentRequestsPerHost() > 0) {
                Dispatcher dispatcher = new Dispatcher();
                dispatcher.setMaxRequests(config.getMaxConcurrentRequests());
                dispatcher.setMaxRequestsPerHost(config.getMaxConcurrentRequestsPerHost());
                builder.dispatcher(dispatcher);
            }
            if (config.getMasterUrl().toLowerCase().startsWith(Config.HTTP_PROTOCOL_PREFIX) || config.getMasterUrl().startsWith(Config.HTTPS_PROTOCOL_PREFIX)) {
                try {
                    URL proxyUrl = getProxyUrl(config);
                    if (proxyUrl != null) {
                        builder.proxy(new Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxyUrl.getHost(), proxyUrl.getPort())));
                        if (config.getProxyUsername() != null) {
                            builder.proxyAuthenticator(new Authenticator() { // from class: io.fabric8.kubernetes.clnt.v4_1.utils.HttpClientUtils.3
                                public Request authenticate(Route route, Response response) throws IOException {
                                    return response.request().newBuilder().header("Proxy-Authorization", Credentials.basic(Config.this.getProxyUsername(), Config.this.getProxyPassword())).build();
                                }
                            });
                        }
                    }
                } catch (MalformedURLException e2) {
                    throw new KubernetesClientException("Invalid proxy server configuration", e2);
                }
            }
            if (config.getUserAgent() != null && !config.getUserAgent().isEmpty()) {
                builder.addNetworkInterceptor(new Interceptor() { // from class: io.fabric8.kubernetes.clnt.v4_1.utils.HttpClientUtils.4
                    public Response intercept(Interceptor.Chain chain) throws IOException {
                        return chain.proceed(chain.request().newBuilder().header("User-Agent", Config.this.getUserAgent()).build());
                    }
                });
            }
            if (config.getTlsVersions() != null && config.getTlsVersions().length > 0) {
                builder.connectionSpecs(Arrays.asList(new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).tlsVersions(config.getTlsVersions()).build(), ConnectionSpec.CLEARTEXT));
            }
            return builder.build();
        } catch (Exception e3) {
            throw KubernetesClientException.launderThrowable(e3);
        }
    }

    private static URL getProxyUrl(Config config) throws MalformedURLException {
        URL url = new URL(config.getMasterUrl());
        String host = url.getHost();
        if (config.getNoProxy() != null) {
            for (String str : config.getNoProxy()) {
                if (isIpAddress(str)) {
                    if (new IpAddressMatcher(str).matches(host)) {
                        return null;
                    }
                } else if (host.contains(str)) {
                    return null;
                }
            }
        }
        String httpsProxy = config.getHttpsProxy();
        if (url.getProtocol().equals("http")) {
            httpsProxy = config.getHttpProxy();
        }
        if (httpsProxy != null) {
            return new URL(httpsProxy);
        }
        return null;
    }

    private static boolean isIpAddress(String str) {
        return VALID_IPV4_PATTERN.matcher(str).matches();
    }

    static {
        VALID_IPV4_PATTERN = null;
        try {
            VALID_IPV4_PATTERN = Pattern.compile(ipv4Pattern, 2);
        } catch (PatternSyntaxException e) {
            throw KubernetesClientException.launderThrowable("Unable to compile ipv4address pattern.", e);
        }
    }
}
