package org.artifactory.util;

import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.Arrays;
import java.util.Collections;
import javax.annotation.Nullable;
import org.apache.commons.lang.StringUtils;
import org.apache.http.HttpHost;
import org.apache.http.HttpRequestInterceptor;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.Credentials;
import org.apache.http.auth.NTCredentials;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.impl.auth.BasicSchemeFactory;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.artifactory.api.context.ContextHelper;
import org.artifactory.common.ArtifactoryHome;
import org.artifactory.common.ConstantValues;
import org.artifactory.common.crypto.CryptoHelper;
import org.artifactory.descriptor.repo.ProxyDescriptor;
import org.artifactory.mbean.MBeanRegistrationService;
import org.artifactory.repo.http.IdleConnectionMonitorService;
import org.artifactory.repo.http.mbean.HTTPConnectionPool;
import org.artifactory.util.bearer.RepoSpecificBearerSchemeFactory;
import org.jfrog.client.http.CloseableHttpClientDecorator;
import org.jfrog.client.http.CloseableObserver;
import org.jfrog.client.http.HttpBuilderBase;
import org.jfrog.client.http.auth.PreemptiveAuthInterceptor;
import org.jfrog.client.http.auth.ProxyPreemptiveAuthInterceptor;
import org.jfrog.client.http.model.ProxyConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/artifactory/util/HttpClientConfigurator.class */
public class HttpClientConfigurator extends HttpBuilderBase<HttpClientConfigurator> {
    private static final Logger log = LoggerFactory.getLogger(HttpClientConfigurator.class);
    private String repoKey;
    private String jmxName;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.artifactory.util.HttpClientConfigurator$1, reason: invalid class name */
    /* loaded from: input_file:org/artifactory/util/HttpClientConfigurator$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$jfrog$client$http$HttpBuilderBase$JFrogAuthScheme = new int[HttpBuilderBase.JFrogAuthScheme.values().length];

        static {
            try {
                $SwitchMap$org$jfrog$client$http$HttpBuilderBase$JFrogAuthScheme[HttpBuilderBase.JFrogAuthScheme.BASIC.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$jfrog$client$http$HttpBuilderBase$JFrogAuthScheme[HttpBuilderBase.JFrogAuthScheme.BEARER.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    public HttpClientConfigurator() {
        userAgent(HttpUtils.getArtifactoryUserAgent());
        handleGzipResponse(ConstantValues.httpAcceptEncodingGzip.getBoolean());
        connectionPoolTTL(ConstantValues.httpConnectionPoolTimeToLive.getInt());
        this.config.setMaxRedirects(20);
        this.config.setCircularRedirectsAllowed(true);
        this.maxConnectionsTotal = ConstantValues.httpClientMaxTotalConnections.getInt();
        this.maxConnectionsPerRoute = ConstantValues.httpClientMaxConnectionsPerRoute.getInt();
    }

    public CloseableHttpClient build(boolean z) {
        CloseableHttpClientDecorator build = super.build(z);
        CloseableObserver closeableObserver = (IdleConnectionMonitorService) ContextHelper.get().beanForType(IdleConnectionMonitorService.class);
        closeableObserver.add(build.getId(), build.getClientConnectionManager());
        build.registerCloseableObserver(closeableObserver);
        if (StringUtils.isNotBlank(this.jmxName)) {
            try {
                ((MBeanRegistrationService) ContextHelper.get().beanForType(MBeanRegistrationService.class)).register((MBeanRegistrationService) new HTTPConnectionPool(build.getClientConnectionManager()), "HTTPConnectionPool", this.jmxName);
            } catch (Exception e) {
                String str = "Failed register HTTPConnectionPool mbean for " + this.jmxName + ": " + e.getMessage();
                log.error(str);
                log.debug(str, e);
            }
        }
        return build;
    }

    @Deprecated
    public HttpClientConfigurator soTimeout(int i) {
        return (HttpClientConfigurator) socketTimeout(i);
    }

    public CloseableHttpClient getClient() {
        return build();
    }

    public HttpClientConfigurator registerMBean(String str) {
        this.jmxName = str;
        return this;
    }

    protected PoolingHttpClientConnectionManager configConnectionManager() {
        additionalConfigByAuthScheme();
        return super.configConnectionManager();
    }

    public boolean isCookieSupportEnabled() {
        return this.cookieSupportEnabled || ConstantValues.enableCookieManagement.getBoolean();
    }

    public HttpClientConfigurator handleGzipResponse(boolean z) {
        if (!z) {
            disableGzipResponse();
        }
        return this;
    }

    public HttpClientConfigurator enableTokenAuthentication(boolean z, String str, @Nullable HttpRequestInterceptor httpRequestInterceptor) {
        if (z) {
            if (this.defaultHost == null || StringUtils.isBlank(this.defaultHost.getHostName())) {
                throw new IllegalStateException("Cannot configure authentication when host is not set.");
            }
            this.repoKey = str;
            this.config.setTargetPreferredAuthSchemes(Collections.singletonList("Bearer"));
            this.builder.setDefaultAuthSchemeRegistry(RegistryBuilder.create().register("Bearer", new RepoSpecificBearerSchemeFactory(str)).build());
            if (httpRequestInterceptor != null) {
                addRequestInterceptor(httpRequestInterceptor);
            }
            this.chosenAuthScheme = HttpBuilderBase.JFrogAuthScheme.BEARER;
        }
        return this;
    }

    public HttpClientConfigurator proxy(@Nullable ProxyDescriptor proxyDescriptor) {
        if (proxyDescriptor != null) {
            ProxyConfig proxyConfig = proxyDescriptor.toProxyConfig();
            if (StringUtils.isNotBlank(proxyConfig.getPassword())) {
                proxyConfig.setPassword(CryptoHelper.decryptIfNeeded(ArtifactoryHome.get(), proxyConfig.getPassword()));
            }
            proxy(proxyConfig);
        }
        return this;
    }

    public static void configureProxy(ProxyDescriptor proxyDescriptor, HttpClientBuilder httpClientBuilder, RequestConfig.Builder builder, BasicCredentialsProvider basicCredentialsProvider) {
        builder.setProxy(new HttpHost(proxyDescriptor.getHost(), proxyDescriptor.getPort()));
        if (StringUtils.isNotBlank(proxyDescriptor.getUsername())) {
            Credentials credentials = null;
            if (proxyDescriptor.getDomain() == null) {
                credentials = new UsernamePasswordCredentials(proxyDescriptor.getUsername(), CryptoHelper.decryptIfNeeded(ArtifactoryHome.get(), proxyDescriptor.getPassword()));
                builder.setProxyPreferredAuthSchemes(Arrays.asList("Digest", "Basic", "NTLM"));
                httpClientBuilder.addInterceptorFirst(new ProxyPreemptiveAuthInterceptor());
            } else {
                try {
                    credentials = new NTCredentials(proxyDescriptor.getUsername(), CryptoHelper.decryptIfNeeded(ArtifactoryHome.get(), proxyDescriptor.getPassword()), StringUtils.isBlank(proxyDescriptor.getNtHost()) ? InetAddress.getLocalHost().getHostName() : proxyDescriptor.getNtHost(), proxyDescriptor.getDomain());
                } catch (UnknownHostException e) {
                    log.error("Failed to determine required local hostname for NTLM credentials.", e);
                }
            }
            if (credentials != null) {
                basicCredentialsProvider.setCredentials(new AuthScope(proxyDescriptor.getHost(), proxyDescriptor.getPort(), AuthScope.ANY_REALM), credentials);
                if (proxyDescriptor.getRedirectedToHostsList() != null) {
                    for (String str : proxyDescriptor.getRedirectedToHostsList()) {
                        basicCredentialsProvider.setCredentials(new AuthScope(str, -1, AuthScope.ANY_REALM), credentials);
                    }
                }
            }
        }
    }

    public RequestConfig.Builder getConfig() {
        return this.config;
    }

    protected void additionalConfigByAuthScheme() {
        switch (AnonymousClass1.$SwitchMap$org$jfrog$client$http$HttpBuilderBase$JFrogAuthScheme[this.chosenAuthScheme.ordinal()]) {
            case 1:
                this.builder.addInterceptorFirst(new PreemptiveAuthInterceptor());
                return;
            case 2:
                if (shouldConfigureBearerDummyCredentials()) {
                    this.credsProvider.setCredentials(new AuthScope(this.defaultHost.getHostName(), -1, AuthScope.ANY_REALM), new UsernamePasswordCredentials("dummy", "dummy"));
                    return;
                } else {
                    this.config.setTargetPreferredAuthSchemes(Arrays.asList("Bearer", "Basic"));
                    this.builder.setDefaultAuthSchemeRegistry(RegistryBuilder.create().register("Bearer", new RepoSpecificBearerSchemeFactory(this.repoKey)).register("Basic", new BasicSchemeFactory()).build());
                    return;
                }
            default:
                return;
        }
    }

    private boolean shouldConfigureBearerDummyCredentials() {
        boolean z = false;
        Credentials credentials = this.credsProvider.getCredentials(new AuthScope(this.defaultHost.getHostName(), -1, AuthScope.ANY_REALM));
        Credentials credentials2 = this.credsProvider.getCredentials(new AuthScope(AuthScope.ANY_HOST, -1, AuthScope.ANY_REALM));
        Credentials credentials3 = null;
        if (StringUtils.isNotBlank(this.proxyHost)) {
            credentials3 = this.credsProvider.getCredentials(new AuthScope(this.proxyHost, -1, AuthScope.ANY_REALM));
        }
        if (this.allowAnyHostAuth && credentials2 != null && (credentials3 == null || !credentials3.getUserPrincipal().equals(credentials2.getUserPrincipal()))) {
            z = true;
        } else if (credentials == null) {
            z = true;
        }
        return z;
    }
}
