package com.atlassian.asap.core.keys.publickey;

import com.atlassian.asap.api.exception.CannotRetrieveKeyException;
import com.atlassian.asap.core.exception.PublicKeyNotFoundException;
import com.atlassian.asap.core.exception.PublicKeyRetrievalException;
import com.atlassian.asap.core.keys.KeyProvider;
import com.atlassian.asap.core.keys.PemReader;
import com.atlassian.asap.core.validator.ValidatedKeyId;
import com.google.common.base.Preconditions;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.URI;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.PublicKey;
import java.util.Objects;
import java.util.Optional;
import java.util.concurrent.TimeUnit;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.HttpClientUtils;
import org.apache.http.entity.ContentType;
import org.apache.http.impl.client.DefaultRedirectStrategy;
import org.apache.http.impl.client.cache.CacheConfig;
import org.apache.http.impl.client.cache.CachingHttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/asap/core/keys/publickey/HttpPublicKeyProvider.class */
public class HttpPublicKeyProvider implements KeyProvider<PublicKey> {
    static final int DEFAULT_MAX_CONNECTIONS = 20;
    static final String PEM_MIME_TYPE = "application/x-pem-file";
    static final String ACCEPT_HEADER_VALUE = "application/x-pem-file";
    private static final Logger logger = LoggerFactory.getLogger(HttpPublicKeyProvider.class);
    private final HttpClient httpClient;
    private final PemReader pemReader;
    private final URI baseUrl;

    public HttpPublicKeyProvider(URI uri, HttpClient httpClient, PemReader pemReader) {
        Objects.requireNonNull(uri, "Base URL cannot be null");
        Preconditions.checkArgument(uri.isAbsolute(), "Base URL must be absolute");
        Preconditions.checkArgument("https".equals(uri.getScheme()), "Base URL must have https scheme");
        Preconditions.checkArgument(StringUtils.endsWith(uri.toString(), "/"), "Base URL does not end with trailing slash: " + uri);
        this.baseUrl = uri;
        this.httpClient = (HttpClient) Objects.requireNonNull(httpClient);
        this.pemReader = (PemReader) Objects.requireNonNull(pemReader);
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // com.atlassian.asap.core.keys.KeyProvider
    public PublicKey getKey(ValidatedKeyId validatedKeyId) throws CannotRetrieveKeyException {
        URI resolve = this.baseUrl.resolve(validatedKeyId.getKeyId());
        HttpGet httpGet = new HttpGet(resolve);
        httpGet.setHeader("Accept", "application/x-pem-file");
        logger.debug("Fetching public key {}", resolve);
        try {
            try {
                HttpResponse execute = this.httpClient.execute(httpGet);
                int statusCode = execute.getStatusLine().getStatusCode();
                switch (statusCode) {
                    case 200:
                        HttpEntity entity = execute.getEntity();
                        if (entity == null) {
                            logger.error("Unexpected empty HTTP response when trying to retrieve public key URL {}", resolve);
                            throw new PublicKeyRetrievalException("Unexpected empty response");
                        }
                        InputStreamReader inputStreamReader = new InputStreamReader(entity.getContent(), (Charset) Optional.ofNullable(ContentType.getOrDefault(entity).getCharset()).orElse(StandardCharsets.US_ASCII));
                        Throwable th = null;
                        try {
                            String mimeType = ContentType.get(entity).getMimeType();
                            if (!mimeType.equals("application/x-pem-file")) {
                                logger.error("Rejecting public key due to Content type {} when retrieving {}. Public Keys must have Content type of {}.", new Object[]{mimeType, resolve, "application/x-pem-file"});
                                throw new PublicKeyRetrievalException("Unexpected public key MIME type");
                            }
                            PublicKey readPublicKey = this.pemReader.readPublicKey(inputStreamReader);
                            if (inputStreamReader != null) {
                                if (0 != 0) {
                                    try {
                                        inputStreamReader.close();
                                    } catch (Throwable th2) {
                                        th.addSuppressed(th2);
                                    }
                                } else {
                                    inputStreamReader.close();
                                }
                            }
                            HttpClientUtils.closeQuietly(execute);
                            return readPublicKey;
                        } catch (Throwable th3) {
                            if (inputStreamReader != null) {
                                if (0 != 0) {
                                    try {
                                        inputStreamReader.close();
                                    } catch (Throwable th4) {
                                        th.addSuppressed(th4);
                                    }
                                } else {
                                    inputStreamReader.close();
                                }
                            }
                            throw th3;
                        }
                    case 404:
                        logger.debug("Public key URL {} returned 404 NOT FOUND", resolve);
                        throw new PublicKeyNotFoundException("Encountered 404 NOT FOUND for public key: " + resolve);
                    default:
                        logger.error("Unexpected HTTP status code {} when trying to retrieve public key URL {}", Integer.valueOf(statusCode), resolve);
                        throw new PublicKeyRetrievalException("Unexpected status code");
                }
            } catch (IOException e) {
                logger.error("A problem occurred when trying to retrieve public key from URL {}", resolve, e);
                throw new PublicKeyRetrievalException("Error reading public key from HTTPS key repository");
            }
        } catch (Throwable th5) {
            HttpClientUtils.closeQuietly((HttpResponse) null);
            throw th5;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static HttpClient defaultHttpClient() {
        PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager();
        poolingHttpClientConnectionManager.setDefaultMaxPerRoute(DEFAULT_MAX_CONNECTIONS);
        poolingHttpClientConnectionManager.setMaxTotal(DEFAULT_MAX_CONNECTIONS);
        RequestConfig.Builder custom = RequestConfig.custom();
        custom.setConnectTimeout((int) TimeUnit.SECONDS.toMillis(5L));
        custom.setSocketTimeout((int) TimeUnit.SECONDS.toMillis(10L));
        return CachingHttpClients.custom().setCacheConfig(CacheConfig.custom().setMaxCacheEntries(128).setMaxObjectSize(2048L).setHeuristicCachingEnabled(false).setSharedCache(false).setAsynchronousWorkersMax(2).build()).setDefaultRequestConfig(custom.build()).setConnectionManager(poolingHttpClientConnectionManager).useSystemProperties().setRedirectStrategy(DefaultRedirectStrategy.INSTANCE).build();
    }
}
