package org.modelio.vbasic.net;

import java.io.IOException;
import java.io.UncheckedIOException;
import java.net.URI;
import java.security.Principal;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import org.apache.http.Consts;
import org.apache.http.Header;
import org.apache.http.HttpHost;
import org.apache.http.HttpRequest;
import org.apache.http.auth.AuthSchemeProvider;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.AuthenticationException;
import org.apache.http.auth.BasicUserPrincipal;
import org.apache.http.auth.Credentials;
import org.apache.http.auth.InvalidCredentialsException;
import org.apache.http.auth.MalformedChallengeException;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.CredentialsProvider;
import org.apache.http.client.RedirectStrategy;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.config.Lookup;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.ssl.DefaultHostnameVerifier;
import org.apache.http.impl.auth.BasicSchemeFactory;
import org.apache.http.impl.auth.DigestSchemeFactory;
import org.apache.http.impl.auth.KerberosSchemeFactory;
import org.apache.http.impl.auth.NTLMSchemeFactory;
import org.apache.http.impl.auth.RFC2617Scheme;
import org.apache.http.impl.auth.SPNegoSchemeFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.DefaultHttpRequestRetryHandler;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.message.BufferedHeader;
import org.apache.http.protocol.BasicHttpContext;
import org.apache.http.protocol.HttpContext;
import org.apache.http.util.Args;
import org.apache.http.util.CharArrayBuffer;
import org.modelio.vbasic.auth.IAuthData;
import org.modelio.vbasic.auth.OidcAuthData;
import org.modelio.vbasic.files.FileUtils;
import org.modelio.vbasic.log.Log;

/* loaded from: input_file:org/modelio/vbasic/net/ApacheHttpClients.class */
public class ApacheHttpClients {
    public static final List<String> DEFAULT_SCHEME_PRIORITY = Collections.unmodifiableList(Arrays.asList(BearerAuthScheme.SCHEME_NAME, "Negotiate", "Kerberos", "NTLM", "CredSSP", "Digest", "Basic"));
    public static final Lookup<AuthSchemeProvider> DEFAULT_AUTH_SCHEME_REGISTRY = initAuthSchemeRegistry();
    public static final RequestConfig DEFAULT_REQUEST_CONFIG = RequestConfig.copy(RequestConfig.DEFAULT).setTargetPreferredAuthSchemes(DEFAULT_SCHEME_PRIORITY).build();
    private static final CloseableHttpClient defaultClient = initDefaultHttpClient();

    /* loaded from: input_file:org/modelio/vbasic/net/ApacheHttpClients$BearerAuthScheme.class */
    public static class BearerAuthScheme extends RFC2617Scheme {
        private static final long serialVersionUID = -1931571557597830536L;
        private boolean complete;
        public static String SCHEME_NAME = "Bearer";

        public BearerAuthScheme() {
            super(Consts.ASCII);
        }

        @Override // org.apache.http.auth.AuthScheme
        public String getSchemeName() {
            return SCHEME_NAME;
        }

        @Override // org.apache.http.impl.auth.AuthSchemeBase, org.apache.http.auth.AuthScheme
        public void processChallenge(Header header) throws MalformedChallengeException {
            super.processChallenge(header);
            this.complete = true;
        }

        @Override // org.apache.http.auth.AuthScheme
        public boolean isComplete() {
            return this.complete;
        }

        @Override // org.apache.http.auth.AuthScheme
        public boolean isConnectionBased() {
            return false;
        }

        @Override // org.apache.http.auth.AuthScheme
        @Deprecated
        public Header authenticate(Credentials credentials, HttpRequest httpRequest) throws AuthenticationException {
            return authenticate(credentials, httpRequest, new BasicHttpContext());
        }

        public Header authenticate(Credentials credentials, HttpRequest httpRequest, HttpContext httpContext) throws InvalidCredentialsException, AuthenticationException {
            Args.notNull(credentials, "Credentials");
            Args.notNull(httpRequest, "HTTP request");
            try {
                String password = credentials.getPassword();
                if (password == null) {
                    throw new InvalidCredentialsException("credentials.getPassword() returned null");
                }
                CharArrayBuffer charArrayBuffer = new CharArrayBuffer(64);
                if (isProxy()) {
                    charArrayBuffer.append("Proxy-Authorization");
                } else {
                    charArrayBuffer.append("Authorization");
                }
                charArrayBuffer.append(": Bearer ");
                charArrayBuffer.append(password);
                return new BufferedHeader(charArrayBuffer);
            } catch (UncheckedIOException e) {
                throw new AuthenticationException(FileUtils.getLocalizedMessage(e.getCause()), e);
            }
        }

        public String toString() {
            return SCHEME_NAME + " [complete=" + this.complete + "]";
        }

        public static AuthSchemeProvider factory() {
            return httpContext -> {
                return new BearerAuthScheme();
            };
        }
    }

    @Deprecated
    /* loaded from: input_file:org/modelio/vbasic/net/ApacheHttpClients$HostNameVerifier.class */
    private static class HostNameVerifier implements HostnameVerifier {
        private final DefaultHostnameVerifier delegate = new DefaultHostnameVerifier();

        private HostNameVerifier() {
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            try {
                this.delegate.verify(str, (X509Certificate) sSLSession.getPeerCertificates()[0]);
                return true;
            } catch (SSLException e) {
                try {
                    handleSslFailure(str, e, sSLSession);
                    return true;
                } catch (IOException e2) {
                    return false;
                }
            }
        }

        private void handleSslFailure(String str, SSLException sSLException, SSLSession sSLSession) throws SSLPeerUnverifiedException, SSLException {
            X509Certificate[] x509CertificateArr = (X509Certificate[]) sSLSession.getPeerCertificates();
            try {
                SslManager.getInstance().getTrustManager().checkServerTrusted(x509CertificateArr, str);
                Log.trace("Ignoring SSL exception because user trusts '" + str + "':");
                Log.trace(sSLException);
            } catch (CertificateException e) {
                sSLException.addSuppressed(new InvalidCertificateException(x509CertificateArr, e));
                Log.trace(sSLException);
                throw sSLException;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/modelio/vbasic/net/ApacheHttpClients$OidcCredentials.class */
    public static class OidcCredentials implements Credentials {
        private final OidcAuthData authData;

        public OidcCredentials(OidcAuthData oidcAuthData) {
            this.authData = oidcAuthData;
        }

        @Override // org.apache.http.auth.Credentials
        public Principal getUserPrincipal() {
            return new BasicUserPrincipal(this.authData.getUserId());
        }

        @Override // org.apache.http.auth.Credentials
        public String getPassword() throws UncheckedIOException {
            try {
                return this.authData.getToken();
            } catch (IOException e) {
                throw new UncheckedIOException(FileUtils.getLocalizedMessage(e), e);
            }
        }
    }

    /* loaded from: input_file:org/modelio/vbasic/net/ApacheHttpClients$RetryHandler.class */
    public static class RetryHandler extends DefaultHttpRequestRetryHandler {
        @Override // org.apache.http.impl.client.DefaultHttpRequestRetryHandler, org.apache.http.client.HttpRequestRetryHandler
        public boolean retryRequest(IOException iOException, int i, HttpContext httpContext) {
            if (!(iOException instanceof SSLException)) {
                return super.retryRequest(iOException, i, httpContext);
            }
            return SslManager.getInstance().fixUntrustedServer((SSLException) iOException, URI.create(HttpClientContext.adapt(httpContext).getTargetHost().toURI()));
        }
    }

    private static void configProxyCredentials(Properties properties, String str, CredentialsProvider credentialsProvider) {
        String str2 = String.valueOf(str) + ".proxyHost";
        String str3 = String.valueOf(str) + ".proxyUser";
        if (properties.containsKey(str2) && properties.containsKey(str3)) {
            String str4 = String.valueOf(str) + ".proxyPort";
            String str5 = String.valueOf(str) + ".proxyPassword";
            String property = properties.getProperty(str2);
            String property2 = properties.getProperty(str3);
            String property3 = properties.getProperty(str5);
            String property4 = properties.getProperty(str4);
            int i = -1;
            if (property4 != null) {
                try {
                    i = Integer.parseInt(property4);
                } catch (RuntimeException e) {
                    Log.warning(e);
                }
            }
            credentialsProvider.setCredentials(new AuthScope(property, i), new UsernamePasswordCredentials(property2, property3));
        }
    }

    public static HttpClientBuilder createClientBuilder() {
        return HttpClientBuilder.create().useSystemProperties().setSSLContext(SslManager.getInstance().getSslContext()).setRedirectStrategy((RedirectStrategy) null).setRetryHandler(new RetryHandler()).setDefaultRequestConfig(DEFAULT_REQUEST_CONFIG).setDefaultAuthSchemeRegistry(DEFAULT_AUTH_SCHEME_REGISTRY);
    }

    private static Registry<AuthSchemeProvider> initAuthSchemeRegistry() {
        return RegistryBuilder.create().register("Basic", new BasicSchemeFactory()).register("Digest", new DigestSchemeFactory()).register("NTLM", new NTLMSchemeFactory()).register("Negotiate", new SPNegoSchemeFactory()).register("Kerberos", new KerberosSchemeFactory()).register(BearerAuthScheme.SCHEME_NAME, BearerAuthScheme.factory()).build();
    }

    public static CloseableHttpClient getDefaultClient() {
        return defaultClient;
    }

    private static CloseableHttpClient initDefaultHttpClient() {
        return createClientBuilder().build();
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Code restructure failed: missing block: B:6:0x004c, code lost:
    
        if (r0.equals(org.modelio.vbasic.auth.NoneAuthData.AUTH_NONE_SCHEME_ID) == false) goto L23;
     */
    /* JADX WARN: Failed to find 'out' block for switch in B:4:0x0023. Please report as an issue. */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static org.apache.http.client.protocol.HttpClientContext createHttpContext(java.net.URI r7, org.modelio.vbasic.auth.IAuthData r8, org.apache.http.client.config.RequestConfig.Builder r9) throws org.modelio.vbasic.net.UriAuthenticationException {
        /*
            Method dump skipped, instructions count: 306
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.modelio.vbasic.net.ApacheHttpClients.createHttpContext(java.net.URI, org.modelio.vbasic.auth.IAuthData, org.apache.http.client.config.RequestConfig$Builder):org.apache.http.client.protocol.HttpClientContext");
    }

    private static void configProxy(CredentialsProvider credentialsProvider, IAuthData iAuthData, RequestConfig.Builder builder) {
        Map<String, String> data;
        if (iAuthData != null && builder != null && (data = iAuthData.getData()) != null && data.containsKey("http.proxyHost")) {
            builder.setProxy(new HttpHost(data.get("http.proxyHost"), Integer.parseInt(data.getOrDefault("http.proxyPort", "-1"))));
            Properties properties = new Properties();
            properties.putAll(data);
            configProxyCredentials(properties, "http", credentialsProvider);
        }
        configProxyCredentials(System.getProperties(), "http", credentialsProvider);
        configProxyCredentials(System.getProperties(), "https", credentialsProvider);
    }
}
