package io.github.springboot.httpclient.core.cm;

import io.github.springboot.httpclient.core.config.HttpClientConfigurationHelper;
import io.github.springboot.httpclient.core.config.model.Authentication;
import io.github.springboot.httpclient.core.config.model.HostConfiguration;
import io.github.springboot.httpclient.core.config.model.ProxyConfiguration;
import io.github.springboot.httpclient.core.constants.ConfigurationConstants;
import io.github.springboot.httpclient.core.constants.HttpClientConstants;
import io.github.springboot.httpclient.core.internal.ConfigurableHostnameVerifier;
import io.github.springboot.httpclient.core.ssl.ConfigurablePrivateKeyStrategy;
import io.github.springboot.httpclient.core.ssl.ConfigurableTrustSslStrategy;
import io.github.springboot.httpclient.core.utils.HostUtils;
import io.github.springboot.httpclient.core.utils.HttpClientUtils;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.URISyntaxException;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Paths;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Iterator;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.reflect.FieldUtils;
import org.apache.http.HttpHost;
import org.apache.http.config.ConnectionConfig;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.config.SocketConfig;
import org.apache.http.conn.DnsResolver;
import org.apache.http.conn.HttpClientConnectionOperator;
import org.apache.http.conn.HttpConnectionFactory;
import org.apache.http.conn.SchemePortResolver;
import org.apache.http.conn.routing.HttpRoute;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.conn.DefaultHttpClientConnectionOperator;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.ssl.SSLContexts;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.scheduling.TaskScheduler;
import org.springframework.scheduling.annotation.EnableScheduling;
import org.springframework.scheduling.annotation.Scheduled;
import org.springframework.scheduling.concurrent.ConcurrentTaskScheduler;

@EnableScheduling
@Configuration
/* loaded from: input_file:io/github/springboot/httpclient/core/cm/ConnectionManagerConfig.class */
public class ConnectionManagerConfig {
    private static final Logger log = LoggerFactory.getLogger(ConnectionManagerConfig.class);
    private static final String DEFAULT_JRE_TRUSTSTORE_FILE_JDK8 = System.getProperty("java.home") + "/jre/lib/security/cacerts";
    private static final String DEFAULT_JRE_TRUSTSTORE_FILE_JDK11 = System.getProperty("java.home") + "/lib/security/cacerts";

    @Autowired
    protected HttpClientConfigurationHelper configHelper;

    /* loaded from: input_file:io/github/springboot/httpclient/core/cm/ConnectionManagerConfig$HttpClientConnectionManagerCustomizerSupport.class */
    public static class HttpClientConnectionManagerCustomizerSupport {
        public HttpClientConnectionManagerCustomizerSupport(ObjectProvider<HttpClientConnectionManagerCustomizer> objectProvider, PoolingHttpClientConnectionManager poolingHttpClientConnectionManager) {
            objectProvider.orderedStream().forEach(httpClientConnectionManagerCustomizer -> {
                httpClientConnectionManagerCustomizer.customize(poolingHttpClientConnectionManager);
            });
        }
    }

    @Bean
    public HostnameVerifier getHostnameVerifier() {
        return new ConfigurableHostnameVerifier(this.configHelper);
    }

    @Bean
    public Registry<ConnectionSocketFactory> connectionSocketFactoryRegistry() {
        return RegistryBuilder.create().register("http", PlainConnectionSocketFactory.getSocketFactory()).register(HostUtils.HTTPS, new SSLConnectionSocketFactory(getSslContext(), getHostnameVerifier())).build();
    }

    @ConditionalOnMissingBean({HttpClientConnectionOperator.class})
    @Bean
    public HttpClientConnectionOperator defaultHttpClientConnectionOperator(Registry<ConnectionSocketFactory> registry) {
        return new DefaultHttpClientConnectionOperator(registry, (SchemePortResolver) null, (DnsResolver) null);
    }

    @ConditionalOnMissingBean({PoolingHttpClientConnectionManager.class})
    @Bean
    public PoolingHttpClientConnectionManager connectionManager(HttpClientConnectionOperator httpClientConnectionOperator) {
        return new PoolingHttpClientConnectionManager(httpClientConnectionOperator, (HttpConnectionFactory) null, -1L, TimeUnit.MILLISECONDS);
    }

    @Bean
    public HttpClientConnectionManagerCustomizerSupport httpClientConnectionManagerCustomizerSupport(ObjectProvider<HttpClientConnectionManagerCustomizer> objectProvider, PoolingHttpClientConnectionManager poolingHttpClientConnectionManager) {
        return new HttpClientConnectionManagerCustomizerSupport(objectProvider, poolingHttpClientConnectionManager);
    }

    @Bean
    public HttpClientConnectionManagerCustomizer defaultHttpClientConnectionManagerCustomizerSupport() {
        return poolingHttpClientConnectionManager -> {
            Integer num = (Integer) this.configHelper.getGlobalConfiguration(ConfigurationConstants.MAX_ACTIVE_CONNECTIONS);
            if (num == null) {
                num = 20;
            }
            poolingHttpClientConnectionManager.setDefaultMaxPerRoute(num.intValue());
            poolingHttpClientConnectionManager.setMaxTotal(num.intValue() * Math.max(10, this.configHelper.getAllConfigurations().getHosts().size()));
            for (HostConfiguration hostConfiguration : this.configHelper.getAllConfigurations().getHosts().values()) {
                HttpRoute httpRoute = getHttpRoute(hostConfiguration.getBaseUrl());
                if (httpRoute != null) {
                    Integer num2 = (Integer) this.configHelper.getConfiguration(hostConfiguration.getBaseUrl(), ConfigurationConstants.MAX_ACTIVE_CONNECTIONS);
                    if (num2 != null) {
                        poolingHttpClientConnectionManager.setMaxPerRoute(httpRoute, num2.intValue());
                    }
                    poolingHttpClientConnectionManager.setConnectionConfig(httpRoute.getTargetHost(), ConnectionConfig.custom().setBufferSize(((Integer) this.configHelper.getConfiguration(hostConfiguration.getBaseUrl(), ConfigurationConstants.BUFFER_SIZE)).intValue()).build());
                }
            }
            Integer num3 = (Integer) this.configHelper.getGlobalConfiguration(ConfigurationConstants.LINGER_TIMEOUT);
            Integer num4 = (Integer) this.configHelper.getGlobalConfiguration(ConfigurationConstants.SOCKET_TIMEOUT);
            poolingHttpClientConnectionManager.setDefaultSocketConfig(SocketConfig.custom().setSoTimeout(num4 != null ? num4.intValue() : HttpClientConstants.DEFAULT_SOCKET_TIMEOUT).setSoLinger(num3 != null ? num3.intValue() : -1).build());
        };
    }

    protected SSLContext getSslContext() {
        SSLContext createSystemDefault = SSLContexts.createSystemDefault();
        try {
            X509TrustManager x509TrustManager = (X509TrustManager) FieldUtils.readField(FieldUtils.readField(createSystemDefault, "contextSpi", true), "trustManager", true);
            SSLContextBuilder custom = SSLContexts.custom();
            KeyStore store = getStore(System.getProperty(HttpClientConstants.TRUSTSTORE, getDefaultTrustStorePath()), System.getProperty(HttpClientConstants.TRUSTSTORE_PASSWORD, (String) this.configHelper.getGlobalConfiguration(ConfigurationConstants.TRUST_STORE_PASSWORD)), System.getProperty(HttpClientConstants.TRUSTSTORE_TYPE, (String) this.configHelper.getGlobalConfiguration(ConfigurationConstants.TRUST_STORE_TYPE)));
            if (store != null) {
                custom.loadTrustMaterial(store, new ConfigurableTrustSslStrategy(x509TrustManager, this.configHelper));
            }
            Iterator<Map.Entry<String, HostConfiguration>> it = this.configHelper.getAllConfigurations().getHosts().entrySet().iterator();
            while (it.hasNext()) {
                Authentication authentication = it.next().getValue().getAuthentication();
                if (authentication != null && authentication.getAuthType().equals(Authentication.AUTH_TYPE_CERT)) {
                    String property = (StringUtils.isBlank(authentication.getAuthKeyStore()) || authentication.getAuthKeyStore().equals(Authentication.SYSTEM_DEFAULT)) ? System.getProperty(HttpClientConstants.KEYSTORE) : authentication.getAuthKeyStore();
                    String authKeyStorePassword = StringUtils.isNotBlank(authentication.getAuthKeyStorePassword()) ? authentication.getAuthKeyStorePassword() : System.getProperty(HttpClientConstants.KEYSTORE_PASSWORD);
                    custom.loadKeyMaterial(getStore(property, authKeyStorePassword, StringUtils.isNotBlank(authentication.getAuthKeyStoreType()) ? authentication.getAuthKeyStoreType() : System.getProperty(HttpClientConstants.KEYSTORE_TYPE)), authKeyStorePassword.toCharArray(), new ConfigurablePrivateKeyStrategy(this.configHelper));
                }
            }
            return custom.build();
        } catch (IllegalAccessException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException e) {
            log.warn("Erreur to load trustStore or keyStore", e);
            return createSystemDefault;
        } catch (UnrecoverableKeyException e2) {
            log.warn("Erreur to load keyStore file, UnrecoverableKeyException", e2);
            return createSystemDefault;
        } catch (CertificateException e3) {
            log.warn("Erreur to load Certificate", e3);
            return createSystemDefault;
        }
    }

    private String getDefaultTrustStorePath() {
        String property = System.getProperty(HttpClientConstants.TRUSTSTORE);
        if (property == null) {
            property = DEFAULT_JRE_TRUSTSTORE_FILE_JDK8;
            if (!Files.exists(Paths.get(property, new String[0]), new LinkOption[0])) {
                property = DEFAULT_JRE_TRUSTSTORE_FILE_JDK11;
            }
        }
        return property;
    }

    protected HttpRoute getHttpRoute(String str) {
        HttpRoute httpRoute;
        try {
            HttpHost httpHost = HttpClientUtils.getHttpHost(str);
            ProxyConfiguration proxyConfiguration = this.configHelper.getProxyConfiguration(str);
            if (proxyConfiguration != null) {
                httpRoute = new HttpRoute(httpHost, null, new HttpHost(proxyConfiguration.getHost(), proxyConfiguration.getPort().intValue()), httpHost.getPort() == 443);
            } else {
                httpRoute = new HttpRoute(httpHost);
            }
            return httpRoute;
        } catch (URISyntaxException e) {
            log.warn("Invalide hostname in base url, note that regexp are supported only in path", e);
            return null;
        }
    }

    @Bean({"legacyTaskScheduler"})
    public TaskScheduler taskScheduler() {
        return new ConcurrentTaskScheduler();
    }

    @Bean({"legacyIdleConnectionMonitor"})
    public Runnable idleConnectionMonitor(final PoolingHttpClientConnectionManager poolingHttpClientConnectionManager) {
        return new Runnable() { // from class: io.github.springboot.httpclient.core.cm.ConnectionManagerConfig.1
            @Override // java.lang.Runnable
            @Scheduled(fixedDelay = 10000)
            public void run() {
                try {
                    if (poolingHttpClientConnectionManager != null) {
                        ConnectionManagerConfig.log.trace("run IdleConnectionMonitor - Closing expired and idle connections...");
                        poolingHttpClientConnectionManager.closeExpiredConnections();
                        poolingHttpClientConnectionManager.closeIdleConnections(((Long) ConnectionManagerConfig.this.configHelper.getGlobalConfiguration(ConfigurationConstants.POOL_IDLE_TIMEOUT)).longValue(), TimeUnit.SECONDS);
                    } else {
                        ConnectionManagerConfig.log.trace("run IdleConnectionMonitor - Http Client Connection manager is not initialised");
                    }
                } catch (Exception e) {
                    ConnectionManagerConfig.log.error("run IdleConnectionMonitor - Exception occurred. msg={}, e={}", e.getMessage(), e);
                }
            }
        };
    }

    public static KeyStore getStore(String str, String str2, String str3) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, CertificateException {
        KeyStore keyStore = null;
        if (StringUtils.isNotBlank(str) && str2 != null) {
            if (StringUtils.isBlank(str3)) {
                str3 = HttpClientConstants.KEYSTORE_DEFAULT_TYPE;
            }
            keyStore = KeyStore.getInstance(str3);
            try {
                FileInputStream fileInputStream = new FileInputStream(str);
                Throwable th = null;
                try {
                    keyStore.load(fileInputStream, str2.toCharArray());
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                } finally {
                }
            } catch (IOException e) {
                log.info("Unable to load store={} of type={} with pass {}", new Object[]{str, str3, str2, e});
            }
        }
        return keyStore;
    }
}
