package com.tc.util.io;

import com.tc.exception.TCRuntimeException;
import com.tc.net.core.SecurityInfo;
import com.tc.security.PwProvider;
import com.tc.security.TCAuthenticationException;
import com.tc.statistics.retrieval.actions.SRAMessages;
import com.tc.util.Assert;
import java.io.IOException;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.net.URLConnection;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import sun.misc.BASE64Encoder;

/* loaded from: input_file:L1/terracotta-l1-ee-3.7.8.jar:com/tc/util/io/ServerURL.class */
public class ServerURL {
    private final URL theURL;
    private final int timeout;
    private final SecurityInfo securityInfo;

    public ServerURL(String str, int i, String str2, SecurityInfo securityInfo) throws MalformedURLException {
        this(str, i, str2, -1, securityInfo);
    }

    public ServerURL(String str, int i, String str2, int i2, SecurityInfo securityInfo) throws MalformedURLException {
        this.timeout = i2;
        this.securityInfo = securityInfo;
        this.theURL = new URL(securityInfo.isSecure() ? "https" : "http", str, i, str2);
    }

    public InputStream openStream() throws IOException {
        return openStream(null);
    }

    public InputStream openStream(PwProvider pwProvider) throws IOException {
        URLConnection openConnection;
        if (this.securityInfo.isSecure()) {
            Assert.assertNotNull("Secured URL '" + this.theURL + "', yet PwProvider instance", pwProvider);
        }
        String str = null;
        if (this.securityInfo.isSecure()) {
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) this.theURL.openConnection();
            if (this.securityInfo.getUsername() != null) {
                str = "tc://" + this.securityInfo.getUsername() + "@" + this.theURL.getHost() + SRAMessages.ELEMENT_NAME_DELIMITER + this.theURL.getPort();
                try {
                    char[] passwordFor = pwProvider.getPasswordFor(new URI(str));
                    Assert.assertNotNull("No password for " + this.theURL + " found!", passwordFor);
                    httpsURLConnection.addRequestProperty("Authorization", "Basic " + new BASE64Encoder().encode((this.securityInfo.getUsername() + SRAMessages.ELEMENT_NAME_DELIMITER + new String(passwordFor)).getBytes()));
                } catch (URISyntaxException e) {
                    throw new TCRuntimeException("Couldn't create URI to connect to " + str, e);
                }
            }
            if (Boolean.getBoolean("tc.ssl.disableHostnameVerifier")) {
                httpsURLConnection.setHostnameVerifier(new HostnameVerifier() { // from class: com.tc.util.io.ServerURL.1
                    @Override // javax.net.ssl.HostnameVerifier
                    public boolean verify(String str2, SSLSession sSLSession) {
                        return true;
                    }
                });
            }
            TrustManager[] trustManagerArr = null;
            if (Boolean.getBoolean("tc.ssl.trustAllCerts")) {
                trustManagerArr = new TrustManager[]{new X509TrustManager() { // from class: com.tc.util.io.ServerURL.2
                    @Override // javax.net.ssl.X509TrustManager
                    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str2) {
                    }

                    @Override // javax.net.ssl.X509TrustManager
                    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str2) {
                    }

                    @Override // javax.net.ssl.X509TrustManager
                    public X509Certificate[] getAcceptedIssuers() {
                        return null;
                    }
                }};
            }
            try {
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(null, trustManagerArr, null);
                httpsURLConnection.setSSLSocketFactory(sSLContext.getSocketFactory());
                openConnection = httpsURLConnection;
            } catch (Exception e2) {
                throw new RuntimeException("unable to create SSL connection from " + this.theURL, e2);
            }
        } else {
            openConnection = this.theURL.openConnection();
        }
        if (this.timeout > -1) {
            openConnection.setConnectTimeout(this.timeout);
            openConnection.setReadTimeout(this.timeout);
        }
        try {
            return openConnection.getInputStream();
        } catch (IOException e3) {
            if ((openConnection instanceof HttpURLConnection) && ((HttpURLConnection) openConnection).getResponseCode() == 401) {
                throw new TCAuthenticationException("Invalid credentials connecting to " + (str != null ? str : openConnection.getURL()), e3);
            }
            throw e3;
        }
    }

    public String toString() {
        return this.theURL.toString();
    }
}
