package com.aliyun.oss.common.comm;

import com.aliyun.oss.ClientConfiguration;
import com.aliyun.oss.ClientErrorCode;
import com.aliyun.oss.ClientException;
import com.aliyun.oss.OSSErrorCode;
import com.aliyun.oss.OSSException;
import com.aliyun.oss.common.comm.ServiceClient;
import com.aliyun.oss.common.utils.ExceptionFactory;
import com.aliyun.oss.common.utils.HttpHeaders;
import com.aliyun.oss.common.utils.HttpUtil;
import com.aliyun.oss.common.utils.IOUtils;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Method;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.codec.binary.Base64;
import org.apache.http.Header;
import org.apache.http.HttpHost;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.NTCredentials;
import org.apache.http.client.AuthCache;
import org.apache.http.client.CredentialsProvider;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.config.SocketConfig;
import org.apache.http.conn.HttpClientConnectionManager;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.DefaultHostnameVerifier;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.auth.BasicScheme;
import org.apache.http.impl.client.BasicAuthCache;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;

/* loaded from: input_file:com/aliyun/oss/common/comm/DefaultServiceClient.class */
public class DefaultServiceClient extends ServiceClient {
    protected static HttpRequestFactory httpRequestFactory;
    private static Method setNormalizeUriMethod;
    protected CloseableHttpClient httpClient;
    protected HttpClientConnectionManager connectionManager;
    protected RequestConfig requestConfig;
    protected CredentialsProvider credentialsProvider;
    protected HttpHost proxyHttpHost;
    protected AuthCache authCache;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/aliyun/oss/common/comm/DefaultServiceClient$CompositeX509TrustManager.class */
    public class CompositeX509TrustManager implements X509TrustManager {
        private final List<X509TrustManager> trustManagers;
        private boolean verifySSL = true;

        public boolean isVerifySSL() {
            return this.verifySSL;
        }

        public void setVerifySSL(boolean z) {
            this.verifySSL = z;
        }

        public CompositeX509TrustManager(List<X509TrustManager> list) {
            this.trustManagers = list;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            if (this.verifySSL) {
                Iterator<X509TrustManager> it = this.trustManagers.iterator();
                while (it.hasNext()) {
                    try {
                        it.next().checkServerTrusted(x509CertificateArr, str);
                        return;
                    } catch (CertificateException e) {
                    }
                }
                throw new CertificateException("None of the TrustManagers trust this certificate chain");
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            ArrayList arrayList = new ArrayList();
            Iterator<X509TrustManager> it = this.trustManagers.iterator();
            while (it.hasNext()) {
                X509Certificate[] acceptedIssuers = it.next().getAcceptedIssuers();
                if (acceptedIssuers != null && acceptedIssuers.length > 0) {
                    arrayList.addAll(Arrays.asList(acceptedIssuers));
                }
            }
            return (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
        }
    }

    /* loaded from: input_file:com/aliyun/oss/common/comm/DefaultServiceClient$DefaultRetryStrategy.class */
    private static class DefaultRetryStrategy extends RetryStrategy {
        private DefaultRetryStrategy() {
        }

        @Override // com.aliyun.oss.common.comm.RetryStrategy
        public boolean shouldRetry(Exception exc, RequestMessage requestMessage, ResponseMessage responseMessage, int i) {
            if (exc instanceof ClientException) {
                String errorCode = ((ClientException) exc).getErrorCode();
                if (errorCode.equals(ClientErrorCode.CONNECTION_TIMEOUT) || errorCode.equals(ClientErrorCode.SOCKET_TIMEOUT) || errorCode.equals(ClientErrorCode.CONNECTION_REFUSED) || errorCode.equals(ClientErrorCode.UNKNOWN_HOST) || errorCode.equals(ClientErrorCode.SOCKET_EXCEPTION)) {
                    return true;
                }
                if (errorCode.equals(ClientErrorCode.NONREPEATABLE_REQUEST)) {
                    return false;
                }
            }
            if (((exc instanceof OSSException) && ((OSSException) exc).getErrorCode().equals(OSSErrorCode.INVALID_RESPONSE)) || responseMessage == null) {
                return false;
            }
            int statusCode = responseMessage.getStatusCode();
            return statusCode == 500 || statusCode == 502 || statusCode == 503;
        }
    }

    public DefaultServiceClient(ClientConfiguration clientConfiguration) {
        super(clientConfiguration);
        this.connectionManager = createHttpClientConnectionManager();
        this.httpClient = createHttpClient(this.connectionManager);
        RequestConfig.Builder custom = RequestConfig.custom();
        custom.setConnectTimeout(clientConfiguration.getConnectionTimeout());
        custom.setSocketTimeout(clientConfiguration.getSocketTimeout());
        custom.setConnectionRequestTimeout(clientConfiguration.getConnectionRequestTimeout());
        custom.setRedirectsEnabled(clientConfiguration.isRedirectEnable());
        String proxyHost = clientConfiguration.getProxyHost();
        int proxyPort = clientConfiguration.getProxyPort();
        if (proxyHost != null && proxyPort > 0) {
            this.proxyHttpHost = new HttpHost(proxyHost, proxyPort);
            custom.setProxy(this.proxyHttpHost);
            String proxyUsername = clientConfiguration.getProxyUsername();
            String proxyPassword = clientConfiguration.getProxyPassword();
            String proxyDomain = clientConfiguration.getProxyDomain();
            String proxyWorkstation = clientConfiguration.getProxyWorkstation();
            if (proxyUsername != null && proxyPassword != null) {
                this.credentialsProvider = new BasicCredentialsProvider();
                this.credentialsProvider.setCredentials(new AuthScope(proxyHost, proxyPort), new NTCredentials(proxyUsername, proxyPassword, proxyWorkstation, proxyDomain));
                this.authCache = new BasicAuthCache();
                this.authCache.put(this.proxyHttpHost, new BasicScheme());
            }
        }
        if (setNormalizeUriMethod != null) {
            try {
                setNormalizeUriMethod.invoke(custom, false);
            } catch (Exception e) {
            }
        }
        this.requestConfig = custom.build();
    }

    @Override // com.aliyun.oss.common.comm.ServiceClient
    public ResponseMessage sendRequestCore(ServiceClient.Request request, ExecutionContext executionContext) throws IOException {
        HttpRequestBase createHttpRequest = httpRequestFactory.createHttpRequest(request, executionContext);
        setProxyAuthorizationIfNeed(createHttpRequest);
        HttpClientContext createHttpContext = createHttpContext();
        createHttpContext.setRequestConfig(this.requestConfig);
        try {
            return buildResponse(request, this.httpClient.execute(createHttpRequest, createHttpContext));
        } catch (IOException e) {
            createHttpRequest.abort();
            throw ExceptionFactory.createNetworkException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static ResponseMessage buildResponse(ServiceClient.Request request, CloseableHttpResponse closeableHttpResponse) throws IOException {
        if (!$assertionsDisabled && closeableHttpResponse == null) {
            throw new AssertionError();
        }
        ResponseMessage responseMessage = new ResponseMessage(request);
        responseMessage.setUrl(request.getUri());
        responseMessage.setHttpResponse(closeableHttpResponse);
        if (closeableHttpResponse.getStatusLine() != null) {
            responseMessage.setStatusCode(closeableHttpResponse.getStatusLine().getStatusCode());
        }
        if (closeableHttpResponse.getEntity() != null) {
            if (responseMessage.isSuccessful()) {
                responseMessage.setContent(closeableHttpResponse.getEntity().getContent());
            } else {
                readAndSetErrorResponse(closeableHttpResponse.getEntity().getContent(), responseMessage);
            }
        }
        for (Header header : closeableHttpResponse.getAllHeaders()) {
            if (HttpHeaders.CONTENT_LENGTH.equalsIgnoreCase(header.getName())) {
                responseMessage.setContentLength(Long.parseLong(header.getValue()));
            }
            responseMessage.addHeader(header.getName(), header.getValue());
        }
        HttpUtil.convertHeaderCharsetFromIso88591(responseMessage.getHeaders());
        return responseMessage;
    }

    private static void readAndSetErrorResponse(InputStream inputStream, ResponseMessage responseMessage) throws IOException {
        byte[] readStreamAsByteArray = IOUtils.readStreamAsByteArray(inputStream);
        responseMessage.setErrorResponseAsString(new String(readStreamAsByteArray));
        responseMessage.setContent(new ByteArrayInputStream(readStreamAsByteArray));
    }

    @Override // com.aliyun.oss.common.comm.ServiceClient
    protected RetryStrategy getDefaultRetryStrategy() {
        return new DefaultRetryStrategy();
    }

    protected CloseableHttpClient createHttpClient(HttpClientConnectionManager httpClientConnectionManager) {
        return HttpClients.custom().setConnectionManager(httpClientConnectionManager).setUserAgent(this.config.getUserAgent()).disableContentCompression().disableAutomaticRetries().build();
    }

    protected HttpClientConnectionManager createHttpClientConnectionManager() {
        try {
            ArrayList<TrustManager> arrayList = new ArrayList();
            X509TrustManager[] x509TrustManagers = this.config.getX509TrustManagers();
            if (null != x509TrustManagers) {
                arrayList.addAll(Arrays.asList(x509TrustManagers));
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            arrayList.addAll(Arrays.asList(trustManagerFactory.getTrustManagers()));
            ArrayList arrayList2 = new ArrayList();
            for (TrustManager trustManager : arrayList) {
                if (trustManager instanceof X509TrustManager) {
                    arrayList2.add((X509TrustManager) trustManager);
                }
            }
            CompositeX509TrustManager compositeX509TrustManager = new CompositeX509TrustManager(arrayList2);
            compositeX509TrustManager.setVerifySSL(this.config.isVerifySSLEnable());
            KeyManager[] keyManagers = this.config.getKeyManagers() != null ? this.config.getKeyManagers() : null;
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(keyManagers, new TrustManager[]{compositeX509TrustManager}, this.config.getSecureRandom());
            PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager(RegistryBuilder.create().register(Protocol.HTTP.toString(), PlainConnectionSocketFactory.getSocketFactory()).register(Protocol.HTTPS.toString(), new SSLConnectionSocketFactory(sSLContext, !this.config.isVerifySSLEnable() ? new NoopHostnameVerifier() : this.config.getHostnameVerifier() != null ? this.config.getHostnameVerifier() : new DefaultHostnameVerifier())).build());
            poolingHttpClientConnectionManager.setDefaultMaxPerRoute(this.config.getMaxConnections());
            poolingHttpClientConnectionManager.setMaxTotal(this.config.getMaxConnections());
            poolingHttpClientConnectionManager.setValidateAfterInactivity(this.config.getValidateAfterInactivity());
            poolingHttpClientConnectionManager.setDefaultSocketConfig(SocketConfig.custom().setSoTimeout(this.config.getSocketTimeout()).setTcpNoDelay(true).build());
            if (this.config.isUseReaper()) {
                IdleConnectionReaper.setIdleConnectionTime(this.config.getIdleConnectionTime());
                IdleConnectionReaper.registerConnectionManager(poolingHttpClientConnectionManager);
            }
            return poolingHttpClientConnectionManager;
        } catch (Exception e) {
            throw new ClientException(e.getMessage());
        }
    }

    protected HttpClientContext createHttpContext() {
        HttpClientContext create = HttpClientContext.create();
        create.setRequestConfig(this.requestConfig);
        if (this.credentialsProvider != null) {
            create.setCredentialsProvider(this.credentialsProvider);
            create.setAuthCache(this.authCache);
        }
        return create;
    }

    private void setProxyAuthorizationIfNeed(HttpRequestBase httpRequestBase) {
        if (this.credentialsProvider != null) {
            httpRequestBase.addHeader("Proxy-Authorization", "Basic " + new String(Base64.encodeBase64((this.config.getProxyUsername() + ":" + this.config.getProxyPassword()).getBytes())));
        }
    }

    @Override // com.aliyun.oss.common.comm.ServiceClient
    public void shutdown() {
        IdleConnectionReaper.removeConnectionManager(this.connectionManager);
        this.connectionManager.shutdown();
    }

    @Override // com.aliyun.oss.common.comm.ServiceClient
    public String getConnectionPoolStats() {
        return (this.connectionManager == null || !(this.connectionManager instanceof PoolingHttpClientConnectionManager)) ? "" : this.connectionManager.getTotalStats().toString();
    }

    private static Method getClassMethd(Class<?> cls, String str) {
        try {
            for (Method method : cls.getDeclaredMethods()) {
                if (method.getName().equals(str)) {
                    return method;
                }
            }
            return null;
        } catch (Exception e) {
            return null;
        }
    }

    static {
        $assertionsDisabled = !DefaultServiceClient.class.desiredAssertionStatus();
        httpRequestFactory = new HttpRequestFactory();
        setNormalizeUriMethod = null;
        try {
            setNormalizeUriMethod = getClassMethd(Class.forName("org.apache.http.client.config.RequestConfig$Builder"), "setNormalizeUri");
        } catch (Exception e) {
        }
    }
}
