package org.toilelibre.libe.curl;

import java.io.File;
import java.io.IOException;
import java.net.InetAddress;
import java.net.URI;
import java.net.UnknownHostException;
import java.security.GeneralSecurityException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.List;
import java.util.function.BiFunction;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import java.util.stream.IntStream;
import org.apache.commons.cli.CommandLine;
import org.apache.http.HttpHost;
import org.apache.http.HttpRequest;
import org.apache.http.HttpResponse;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.NTCredentials;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.HttpClient;
import org.apache.http.conn.HttpClientConnectionManager;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.SystemDefaultCredentialsProvider;
import org.apache.http.ssl.SSLContextBuilder;
import org.toilelibre.libe.curl.CertFormat;
import org.toilelibre.libe.curl.Curl;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/toilelibre/libe/curl/HttpClientProvider.class */
public final class HttpClientProvider {
    HttpClientProvider() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static HttpClient prepareHttpClient(CommandLine commandLine, List<BiFunction<HttpRequest, Supplier<HttpResponse>, HttpResponse>> list, HttpClientConnectionManager httpClientConnectionManager) throws Curl.CurlException {
        HttpClientBuilder create = HttpClientBuilder.create();
        if (httpClientConnectionManager != null) {
            create.setConnectionManager(httpClientConnectionManager);
        }
        try {
            HttpClientBuilder handleAuthMethod = handleAuthMethod(commandLine, create, InetAddress.getLocalHost().getHostName());
            if (!commandLine.hasOption(Arguments.FOLLOW_REDIRECTS.getOpt())) {
                handleAuthMethod.disableRedirectHandling();
            }
            handleSSLParams(commandLine, httpClientConnectionManager, handleAuthMethod);
            InterceptorsBinder.handleInterceptors(commandLine, handleAuthMethod, list);
            return handleAuthMethod.build();
        } catch (UnknownHostException e) {
            throw new RuntimeException(e);
        }
    }

    private static void addClientCredentials(SSLContextBuilder sSLContextBuilder, CertFormat certFormat, String str, String str2, CertFormat certFormat2, String str3, String str4) throws Curl.CurlException {
        File file;
        if (str == null) {
            file = null;
        } else {
            try {
                file = getFile(str);
            } catch (IOException | GeneralSecurityException e) {
                throw new Curl.CurlException(e);
            }
        }
        sSLContextBuilder.loadKeyMaterial(generateKeyStore(certFormat, file, getFile(str2), certFormat2, getFile(str3), str4 == null ? null : str4.toCharArray()), str4 == null ? null : str4.toCharArray());
    }

    private static KeyStore generateKeyStore(CertFormat certFormat, File file, File file2, CertFormat certFormat2, File file3, char[] cArr) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, Curl.CurlException {
        List list = (List) (file == null ? Collections.emptyList() : certFormat.generateCredentialsFromFileAndPassword(CertFormat.Kind.CERTIFICATE, IOUtils.toByteArray(file), cArr)).stream().filter(certificate -> {
            return (certificate instanceof X509Certificate) && ((X509Certificate) certificate).getBasicConstraints() != -1;
        }).collect(Collectors.toList());
        List generateCredentialsFromFileAndPassword = certFormat.generateCredentialsFromFileAndPassword(CertFormat.Kind.CERTIFICATE, IOUtils.toByteArray(file2), cArr);
        List generateCredentialsFromFileAndPassword2 = certFormat2.generateCredentialsFromFileAndPassword(CertFormat.Kind.PRIVATE_KEY, IOUtils.toByteArray(file3), cArr);
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null);
        Certificate[] certificateArr = (Certificate[]) generateCredentialsFromFileAndPassword.toArray(new Certificate[0]);
        IntStream.range(0, generateCredentialsFromFileAndPassword.size()).forEach(i -> {
            setCertificateEntry(keyStore, generateCredentialsFromFileAndPassword, i);
        });
        IntStream.range(0, list.size()).forEach(i2 -> {
            setCaCertificateEntry(keyStore, generateCredentialsFromFileAndPassword, i2);
        });
        IntStream.range(0, generateCredentialsFromFileAndPassword2.size()).forEach(i3 -> {
            setPrivateKeyEntry(keyStore, generateCredentialsFromFileAndPassword2, cArr, certificateArr, i3);
        });
        return keyStore;
    }

    private static File getFile(String str) {
        File file = new File(str);
        return file.exists() ? file : new File(System.getProperty("user.dir") + File.separator + str);
    }

    private static HttpClientBuilder handleAuthMethod(CommandLine commandLine, HttpClientBuilder httpClientBuilder, String str) {
        if (commandLine.getOptionValue(Arguments.AUTH.getOpt()) == null) {
            return httpClientBuilder;
        }
        String[] split = commandLine.getOptionValue(Arguments.AUTH.getOpt()).split("(?<!\\\\):");
        if (!commandLine.hasOption(Arguments.NTLM.getOpt())) {
            BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
            basicCredentialsProvider.setCredentials(new AuthScope(HttpHost.create(URI.create(commandLine.getArgs()[0]).getHost())), new UsernamePasswordCredentials(split[0], split.length > 1 ? split[1] : null));
            return httpClientBuilder.setDefaultCredentialsProvider(basicCredentialsProvider);
        }
        String[] split2 = split[0].split("\\\\");
        SystemDefaultCredentialsProvider systemDefaultCredentialsProvider = new SystemDefaultCredentialsProvider();
        systemDefaultCredentialsProvider.setCredentials(AuthScope.ANY, new NTCredentials(split2[1], split[1], str, split2[0]));
        return httpClientBuilder.setDefaultCredentialsProvider(systemDefaultCredentialsProvider);
    }

    private static void handleSSLParams(CommandLine commandLine, HttpClientConnectionManager httpClientConnectionManager, HttpClientBuilder httpClientBuilder) throws Curl.CurlException {
        SSLContextBuilder sSLContextBuilder = new SSLContextBuilder();
        sSLContextBuilder.useProtocol(protocolFromCommandLine(commandLine));
        if (commandLine.hasOption(Arguments.TRUST_INSECURE.getOpt())) {
            sayTrustInsecure(sSLContextBuilder);
        }
        CertFormat valueOf = commandLine.hasOption(Arguments.CERT_TYPE.getOpt()) ? CertFormat.valueOf(commandLine.getOptionValue(Arguments.CERT_TYPE.getOpt()).toUpperCase()) : CertFormat.PEM;
        CertFormat valueOf2 = commandLine.hasOption(Arguments.KEY.getOpt()) ? commandLine.hasOption(Arguments.KEY_TYPE.getOpt()) ? CertFormat.valueOf(commandLine.getOptionValue(Arguments.KEY_TYPE.getOpt()).toUpperCase()) : CertFormat.PEM : valueOf;
        if (commandLine.hasOption(Arguments.CERT.getOpt())) {
            String optionValue = commandLine.getOptionValue(Arguments.CERT.getOpt());
            int lastIndexOf = (optionValue.matches("^[A-Za-z]:\\\\") && optionValue.lastIndexOf(58) == 1) ? -1 : optionValue.lastIndexOf(58);
            String substring = lastIndexOf == -1 ? optionValue : optionValue.substring(0, lastIndexOf);
            addClientCredentials(sSLContextBuilder, valueOf, commandLine.getOptionValue(Arguments.CA_CERT.getOpt()), substring, valueOf2, commandLine.getOptionValue(Arguments.KEY.getOpt()) == null ? substring : commandLine.getOptionValue(Arguments.KEY.getOpt()), lastIndexOf == -1 ? "" : optionValue.substring(lastIndexOf + 1));
        }
        try {
            httpClientBuilder.setSSLSocketFactory(new SSLConnectionSocketFactory(sSLContextBuilder.build(), commandLine.hasOption(Arguments.TRUST_INSECURE.getOpt()) ? NoopHostnameVerifier.INSTANCE : SSLConnectionSocketFactory.getDefaultHostnameVerifier()));
        } catch (KeyManagementException | NoSuchAlgorithmException e) {
            throw new Curl.CurlException(e);
        }
    }

    private static String protocolFromCommandLine(CommandLine commandLine) {
        return commandLine.hasOption(Arguments.TLS_V1.getOpt()) ? "TLSv1" : commandLine.hasOption(Arguments.TLS_V10.getOpt()) ? "TLSv1.0" : commandLine.hasOption(Arguments.TLS_V11.getOpt()) ? "TLSv1.1" : commandLine.hasOption(Arguments.TLS_V12.getOpt()) ? "TLSv1.2" : commandLine.hasOption(Arguments.SSL_V2.getOpt()) ? "SSLv2" : commandLine.hasOption(Arguments.SSL_V3.getOpt()) ? "SSLv3" : "TLS";
    }

    private static void sayTrustInsecure(SSLContextBuilder sSLContextBuilder) throws Curl.CurlException {
        try {
            sSLContextBuilder.loadTrustMaterial((KeyStore) null, new TrustSelfSignedStrategy());
        } catch (KeyStoreException | NoSuchAlgorithmException e) {
            throw new Curl.CurlException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void setCaCertificateEntry(KeyStore keyStore, List<Certificate> list, int i) {
        try {
            keyStore.setCertificateEntry("ca-cert-alias-" + i, list.get(i));
        } catch (KeyStoreException e) {
            throw new Curl.CurlException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void setCertificateEntry(KeyStore keyStore, List<Certificate> list, int i) {
        try {
            keyStore.setCertificateEntry("cert-alias-" + i, list.get(i));
        } catch (KeyStoreException e) {
            throw new Curl.CurlException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void setPrivateKeyEntry(KeyStore keyStore, List<PrivateKey> list, char[] cArr, Certificate[] certificateArr, int i) {
        try {
            keyStore.setKeyEntry("key-alias-" + i, list.get(i), cArr, certificateArr);
        } catch (KeyStoreException e) {
            throw new Curl.CurlException(e);
        }
    }
}
