package org.springframework.credhub.configuration;

import java.security.GeneralSecurityException;
import javax.net.ssl.SSLContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hc.client5.http.config.ConnectionConfig;
import org.apache.hc.client5.http.config.RequestConfig;
import org.apache.hc.client5.http.impl.classic.HttpClientBuilder;
import org.apache.hc.client5.http.impl.classic.HttpClients;
import org.apache.hc.client5.http.impl.io.BasicHttpClientConnectionManager;
import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory;
import org.apache.hc.core5.http.io.SocketConfig;
import org.apache.hc.core5.util.Timeout;
import org.springframework.credhub.support.ClientOptions;
import org.springframework.http.client.ClientHttpRequestFactory;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.http.client.SimpleClientHttpRequestFactory;
import org.springframework.util.Assert;
import org.springframework.util.ClassUtils;

/* loaded from: input_file:org/springframework/credhub/configuration/ClientHttpRequestFactoryFactory.class */
public final class ClientHttpRequestFactoryFactory {
    private static final Log logger = LogFactory.getLog(ClientHttpRequestFactoryFactory.class);
    private static final SslCertificateUtils sslCertificateUtils = new SslCertificateUtils();
    private static final boolean HTTP_COMPONENTS_PRESENT = ClassUtils.isPresent("org.apache.hc.client5.http.impl.classic.HttpClients", ClientHttpRequestFactoryFactory.class.getClassLoader());

    /* loaded from: input_file:org/springframework/credhub/configuration/ClientHttpRequestFactoryFactory$HttpComponents.class */
    static class HttpComponents {
        HttpComponents() {
        }

        static ClientHttpRequestFactory usingHttpComponents(ClientOptions clientOptions) throws GeneralSecurityException {
            SocketConfig.Builder custom = SocketConfig.custom();
            if (clientOptions.getReadTimeout() != null) {
                custom.setSoTimeout(Timeout.ofMilliseconds(clientOptions.getReadTimeoutMillis().intValue()));
            }
            SocketConfig build = custom.build();
            HttpClientBuilder custom2 = HttpClients.custom();
            if (ClientHttpRequestFactoryFactory.usingCustomCerts(clientOptions)) {
                custom2.setConnectionManager(PoolingHttpClientConnectionManagerBuilder.create().setSSLSocketFactory(new SSLConnectionSocketFactory(ClientHttpRequestFactoryFactory.sslCertificateUtils.getSSLContext(clientOptions.getCaCertFiles()))).setDefaultSocketConfig(build).build());
            } else {
                custom2.setConnectionManager(PoolingHttpClientConnectionManagerBuilder.create().useSystemProperties().setSSLSocketFactory(new SSLConnectionSocketFactory(SSLContext.getDefault())).setDefaultSocketConfig(build).build());
            }
            RequestConfig.Builder authenticationEnabled = RequestConfig.custom().setAuthenticationEnabled(true);
            if (clientOptions.getConnectionTimeout() != null) {
                BasicHttpClientConnectionManager basicHttpClientConnectionManager = new BasicHttpClientConnectionManager();
                basicHttpClientConnectionManager.setConnectionConfig(ConnectionConfig.custom().setConnectTimeout(Timeout.ofMilliseconds(clientOptions.getConnectionTimeout().toMillis())).build());
                custom2.setConnectionManager(basicHttpClientConnectionManager);
            }
            custom2.setDefaultRequestConfig(authenticationEnabled.build());
            return new HttpComponentsClientHttpRequestFactory(custom2.build());
        }
    }

    /* loaded from: input_file:org/springframework/credhub/configuration/ClientHttpRequestFactoryFactory$HttpURLConnection.class */
    static class HttpURLConnection {
        HttpURLConnection() {
        }

        static ClientHttpRequestFactory usingJdk(ClientOptions clientOptions) {
            if (ClientHttpRequestFactoryFactory.usingCustomCerts(clientOptions)) {
                ClientHttpRequestFactoryFactory.logger.warn("Trust material will not be configured when using java.net.HttpUrlConnection. Use an alternate HTTP Client (Apache HttpComponents HttpClient) when configuring CA certificates.");
            }
            SimpleClientHttpRequestFactory simpleClientHttpRequestFactory = new SimpleClientHttpRequestFactory();
            if (clientOptions.getConnectionTimeout() != null) {
                simpleClientHttpRequestFactory.setConnectTimeout(clientOptions.getConnectionTimeoutMillis().intValue());
            }
            if (clientOptions.getReadTimeout() != null) {
                simpleClientHttpRequestFactory.setReadTimeout(clientOptions.getReadTimeoutMillis().intValue());
            }
            return simpleClientHttpRequestFactory;
        }
    }

    private ClientHttpRequestFactoryFactory() {
    }

    public static ClientHttpRequestFactory create(ClientOptions clientOptions) {
        Assert.notNull(clientOptions, "ClientOptions must not be null");
        try {
            if (HTTP_COMPONENTS_PRESENT) {
                logger.info("Using Apache HttpComponents HttpClient for HTTP connections");
                return HttpComponents.usingHttpComponents(clientOptions);
            }
        } catch (GeneralSecurityException e) {
            logger.warn("Error configuring HTTP connections", e);
        }
        logger.info("Defaulting to java.net.HttpUrlConnection for HTTP connections");
        return HttpURLConnection.usingJdk(clientOptions);
    }

    private static boolean usingCustomCerts(ClientOptions clientOptions) {
        return clientOptions.getCaCertFiles() != null;
    }
}
