package com.hypersocket.http;

import com.hypersocket.certificates.CertificateVerificationException;
import com.hypersocket.config.SystemConfigurationService;
import com.hypersocket.properties.ResourceUtils;
import com.hypersocket.utils.HttpUtils;
import com.hypersocket.utils.HttpUtilsHolder;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetSocketAddress;
import java.net.Proxy;
import java.net.ProxySelector;
import java.net.SocketAddress;
import java.net.URI;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Stack;
import java.util.stream.Collectors;
import javax.annotation.PostConstruct;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpHost;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.entity.ContentType;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.BasicCookieStore;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.client.ProxyAuthenticationStrategy;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.impl.conn.SystemDefaultRoutePlanner;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.ssl.TrustStrategy;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/hypersocket/http/HttpUtilsImpl.class */
public class HttpUtilsImpl implements HttpUtils, HostnameVerifier, TrustStrategy {
    static Logger log = LoggerFactory.getLogger(HttpUtilsImpl.class);
    static BasicCookieStore cookieStore;

    @Autowired
    private SystemConfigurationService systemConfigurationService;
    private ThreadLocal<Stack<HostnameVerifier>> verifier = new ThreadLocal<>();

    /* loaded from: input_file:com/hypersocket/http/HttpUtilsImpl$ContentInputStream.class */
    class ContentInputStream extends InputStream {
        CloseableHttpClient client;
        InputStream wrapped;

        ContentInputStream(CloseableHttpClient closeableHttpClient, InputStream inputStream) {
            this.client = closeableHttpClient;
            this.wrapped = inputStream;
        }

        @Override // java.io.InputStream
        public int read() throws IOException {
            int read = this.wrapped.read();
            if (read == -1) {
                this.client.close();
            }
            return read;
        }

        @Override // java.io.InputStream
        public int read(byte[] bArr, int i, int i2) throws IOException {
            int read = this.wrapped.read(bArr, i, i2);
            if (read == -1) {
                this.client.close();
            }
            return read;
        }
    }

    @PostConstruct
    private void postConstruct() {
        HttpUtilsHolder.setInstance(this);
    }

    public void setVerifier(HostnameVerifier hostnameVerifier) {
        Stack<HostnameVerifier> stack = this.verifier.get();
        if (hostnameVerifier == null && (stack == null || stack.isEmpty())) {
            throw new IllegalStateException("Cannot unset a verifier if none has been set.");
        }
        if (hostnameVerifier == null) {
            stack.pop();
            if (stack.isEmpty()) {
                this.verifier.remove();
                return;
            }
            return;
        }
        if (stack == null) {
            stack = new Stack<>();
            this.verifier.set(stack);
        }
        stack.push(hostnameVerifier);
    }

    public CloseableHttpClient createHttpClient(boolean z) throws IOException {
        return createHttpClient(z, 30000);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v22, types: [javax.net.ssl.HostnameVerifier] */
    protected CloseableHttpClient createHttpClient(boolean z, int i) throws IOException {
        Registry build;
        if (log.isDebugEnabled()) {
            log.debug("Creating a new client");
        }
        try {
            if (z) {
                SSLContextBuilder sSLContextBuilder = new SSLContextBuilder();
                sSLContextBuilder.loadTrustMaterial((KeyStore) null, new TrustSelfSignedStrategy());
                build = RegistryBuilder.create().register("http", new PlainConnectionSocketFactory()).register("https", new SSLConnectionSocketFactory(sSLContextBuilder.build(), SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)).build();
            } else {
                Stack<HostnameVerifier> stack = this.verifier.get();
                HttpUtilsImpl httpUtilsImpl = (stack == null || stack.isEmpty()) ? this : stack.get(stack.size() - 1);
                SSLContextBuilder sSLContextBuilder2 = new SSLContextBuilder();
                sSLContextBuilder2.loadTrustMaterial((KeyStore) null, this);
                build = RegistryBuilder.create().register("http", new PlainConnectionSocketFactory()).register("https", new SSLConnectionSocketFactory(sSLContextBuilder2.build(), httpUtilsImpl)).build();
            }
            PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager(build);
            RequestConfig build2 = RequestConfig.custom().setConnectionRequestTimeout(i).setSocketTimeout(i).setConnectTimeout(i).build();
            HttpClientBuilder useSystemProperties = HttpClients.custom().useSystemProperties();
            if (this.systemConfigurationService.getBooleanValue("proxy.enabled").booleanValue()) {
                final String value = this.systemConfigurationService.getValue("proxy.host");
                final int intValue = this.systemConfigurationService.getIntValue("proxy.port").intValue();
                useSystemProperties.setProxy(new HttpHost(value, intValue));
                useSystemProperties.setRoutePlanner(new SystemDefaultRoutePlanner(new ProxySelector() { // from class: com.hypersocket.http.HttpUtilsImpl.1
                    @Override // java.net.ProxySelector
                    public List<Proxy> select(URI uri) {
                        return Collections.singletonList(HttpUtilsImpl.this.checkProxyBypass(uri.getHost()) ? Proxy.NO_PROXY : new Proxy(Proxy.Type.HTTP, new InetSocketAddress(value, intValue)));
                    }

                    @Override // java.net.ProxySelector
                    public void connectFailed(URI uri, SocketAddress socketAddress, IOException iOException) {
                        HttpUtilsImpl.log.error(String.format("Http proxy route planner failed for %s on %s.", uri, socketAddress), iOException);
                    }
                }));
                String property = System.getProperty("http.proxyUsername", this.systemConfigurationService.getValue("proxy.username"));
                if (StringUtils.isNotBlank(property)) {
                    useSystemProperties.setProxyAuthenticationStrategy(new ProxyAuthenticationStrategy());
                    UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials(property, System.getProperty("http.proxyPassword", this.systemConfigurationService.getValue("proxy.password")));
                    BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
                    if (StringUtils.isNotBlank(value)) {
                        basicCredentialsProvider.setCredentials(new AuthScope(value, this.systemConfigurationService.getIntValue("proxy.port").intValue()), usernamePasswordCredentials);
                    }
                    useSystemProperties.setDefaultCredentialsProvider(basicCredentialsProvider);
                }
            }
            return useSystemProperties.setConnectionManager(poolingHttpClientConnectionManager).setDefaultRequestConfig(build2).setDefaultCookieStore(cookieStore).build();
        } catch (Exception e) {
            throw new IOException(e.getMessage(), e);
        }
    }

    public String doHttpPost(String str, Map<String, String> map, boolean z) throws IOException {
        return doHttpPost(str, map, z, null);
    }

    public String doHttpPost(String str, Map<String, String> map, boolean z, Map<String, String> map2) throws IOException {
        return doHttpPost(str, map, z, map2, 200);
    }

    public String doHttpPost(String str, boolean z, Map<String, String> map, String str2, String str3, int... iArr) throws IOException {
        CloseableHttpClient createHttpClient = createHttpClient(z);
        try {
            try {
                HttpPost httpPost = new HttpPost(str);
                if (map != null) {
                    for (Map.Entry<String, String> entry : map.entrySet()) {
                        httpPost.addHeader(entry.getKey(), entry.getValue());
                    }
                }
                httpPost.setEntity(new StringEntity(str2, ContentType.parse(str3)));
                CloseableHttpResponse execute = createHttpClient.execute(httpPost);
                for (int i : iArr) {
                    if (i == execute.getStatusLine().getStatusCode()) {
                        return EntityUtils.toString(execute.getEntity());
                    }
                }
                throw new IOException("Received " + execute.getStatusLine().toString());
            } finally {
                try {
                    createHttpClient.close();
                } catch (IOException e) {
                }
            }
        } catch (InternalError e2) {
            throw new IOException("Unexpected HTTP error.", e2.getCause());
        }
    }

    public String doHttpPost(String str, Map<String, String> map, boolean z, Map<String, String> map2, int... iArr) throws IOException {
        CloseableHttpClient createHttpClient = createHttpClient(z);
        try {
            try {
                HttpPost httpPost = new HttpPost(str);
                ArrayList arrayList = new ArrayList();
                for (String str2 : map.keySet()) {
                    arrayList.add(new BasicNameValuePair(str2, map.get(str2)));
                }
                if (map2 != null) {
                    for (Map.Entry<String, String> entry : map2.entrySet()) {
                        httpPost.addHeader(entry.getKey(), entry.getValue());
                    }
                }
                httpPost.setEntity(new UrlEncodedFormEntity(arrayList));
                CloseableHttpResponse execute = createHttpClient.execute(httpPost);
                for (int i : iArr) {
                    if (i == execute.getStatusLine().getStatusCode()) {
                        return EntityUtils.toString(execute.getEntity());
                    }
                }
                throw new IOException("Received " + execute.getStatusLine().toString());
            } catch (InternalError e) {
                throw new IOException("Unexpected HTTP error.", e.getCause());
            }
        } finally {
            try {
                createHttpClient.close();
            } catch (IOException e2) {
            }
        }
    }

    public InputStream doHttpGet(String str, boolean z) throws IOException {
        CloseableHttpClient createHttpClient = createHttpClient(z);
        try {
            return new ContentInputStream(createHttpClient, createHttpClient.execute(new HttpGet(str)).getEntity().getContent());
        } catch (InternalError e) {
            throw new IOException("Unexpected HTTP error.", e.getCause());
        }
    }

    public InputStream doHttpGetInputStream(String str, boolean z, Map<String, String> map) throws IOException {
        CloseableHttpClient createHttpClient = createHttpClient(z);
        HttpGet httpGet = new HttpGet(str);
        if (map != null) {
            for (String str2 : map.keySet()) {
                httpGet.setHeader(str2, map.get(str2));
            }
        }
        try {
            return new ContentInputStream(createHttpClient, createHttpClient.execute(httpGet).getEntity().getContent());
        } catch (InternalError e) {
            throw new IOException("Unexpected HTTP error.", e.getCause());
        }
    }

    public CloseableHttpResponse doHttpGet(String str, boolean z, Map<String, String> map) throws IOException {
        CloseableHttpClient createHttpClient = createHttpClient(z);
        HttpGet httpGet = new HttpGet(str);
        if (map != null) {
            for (String str2 : map.keySet()) {
                httpGet.setHeader(str2, map.get(str2));
            }
        }
        try {
            return createHttpClient.execute(httpGet);
        } catch (InternalError e) {
            throw new IOException("Unexpected HTTP error.", e.getCause());
        }
    }

    public boolean isTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        return (this.systemConfigurationService.getBooleanValue("ssl.strict").booleanValue() && x509CertificateArr.length == 1) ? false : true;
    }

    @Override // javax.net.ssl.HostnameVerifier
    public boolean verify(String str, SSLSession sSLSession) {
        if ("true".equals(System.getProperty("hypersocket.alwaysTrustAllHosts"))) {
            return true;
        }
        X509KnownHost x509KnownHost = new X509KnownHost(str, sSLSession);
        boolean z = false;
        boolean z2 = false;
        String value = this.systemConfigurationService.getValue("security.knownHosts");
        if (StringUtils.isNotBlank(value)) {
            Iterator<String> it = ResourceUtils.explodeCollectionValues(value).iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                X509KnownHost x509KnownHost2 = new X509KnownHost(it.next());
                if (x509KnownHost.matches(x509KnownHost2)) {
                    z = true;
                    break;
                }
                if (x509KnownHost.hostMatches(x509KnownHost2)) {
                    z2 = true;
                }
            }
        }
        if (z2) {
            throw new CertificateVerificationException(CertificateVerificationException.Type.SIGNATURE_CHANGED, str, sSLSession);
        }
        if (z || !this.systemConfigurationService.getBooleanValue("ssl.strict").booleanValue()) {
            return true;
        }
        String subject = x509KnownHost.getSubject();
        try {
            boolean z3 = false;
            Iterator it2 = new LdapName(subject).getRdns().iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                Rdn rdn = (Rdn) it2.next();
                if (rdn.getType().equalsIgnoreCase("cn")) {
                    if (((String) rdn.getValue()).equals(str)) {
                        log.error(String.format("Certificate hostname %s does not match %s.", rdn.getValue(), str));
                        throw new CertificateVerificationException(CertificateVerificationException.Type.SIGNATURE_INVALID, str, sSLSession);
                    }
                    z3 = true;
                }
            }
            if (z3) {
                return true;
            }
            log.error(String.format("Certificate subject %s contains no Common Name.", subject, str));
            throw new CertificateVerificationException(CertificateVerificationException.Type.SIGNATURE_INVALID, str, sSLSession);
        } catch (InvalidNameException e) {
            log.error(String.format("Certificate subjecct %s is invalid.", subject, str));
            throw new CertificateVerificationException(CertificateVerificationException.Type.SIGNATURE_INVALID, str, sSLSession);
        }
    }

    protected boolean checkProxyBypass(String str) {
        for (String str2 : this.systemConfigurationService.getValues("proxy.bypass")) {
            if (str.equalsIgnoreCase(str2)) {
                return true;
            }
            if (str2.contains(".*") && str.matches("^" + str2 + "$")) {
                return true;
            }
        }
        return false;
    }

    public String doHttpGetContent(String str, boolean z, Map<String, String> map, int... iArr) throws IOException {
        CloseableHttpResponse doHttpGet = doHttpGet(str, z, map);
        try {
            if ((iArr.length != 0 || doHttpGet.getStatusLine().getStatusCode() == 200) && ((List) Arrays.stream(iArr).boxed().collect(Collectors.toList())).contains(Integer.valueOf(doHttpGet.getStatusLine().getStatusCode()))) {
                return EntityUtils.toString(doHttpGet.getEntity());
            }
            throw new IOException("Received " + doHttpGet.getStatusLine().toString());
        } finally {
            try {
                doHttpGet.close();
            } catch (IOException e) {
            }
        }
    }

    public CloseableHttpResponse execute(HttpUriRequest httpUriRequest, boolean z) throws IOException {
        return createHttpClient(z).execute(httpUriRequest);
    }
}
