package org.wso2.carbon.identity.oauth2.util;

import java.io.FileInputStream;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import javax.net.ssl.SSLContext;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.HttpHost;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.HttpClient;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.DefaultProxyRoutePlanner;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.device.constants.Constants;
import org.wso2.carbon.utils.CarbonUtils;

/* loaded from: input_file:org/wso2/carbon/identity/oauth2/util/HttpClientUtil.class */
public class HttpClientUtil {
    private static final Log log = LogFactory.getLog(HttpClientUtil.class);
    public static final String HOST_NAME_VERIFIER = "httpclient.hostnameVerifier";
    public static final String STRICT = "Strict";
    public static final String ALLOW_ALL = "AllowAll";

    public static HttpClient getHttpClient(URL url) throws MalformedURLException {
        return getHttpClient(url.getPort(), url.getProtocol());
    }

    public static HttpClient getHttpClient(int i, String str) {
        String property = IdentityUtil.getProperty(Constants.PROXY_ENABLE);
        String property2 = IdentityUtil.getProperty(Constants.PROXY_HOST);
        String property3 = IdentityUtil.getProperty(Constants.PROXY_PORT);
        String property4 = IdentityUtil.getProperty(Constants.PROXY_USERNAME);
        String property5 = IdentityUtil.getProperty(Constants.PROXY_PASSWORD);
        PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = null;
        try {
            poolingHttpClientConnectionManager = getPoolingHttpClientConnectionManager(str);
        } catch (IdentityOAuth2Exception e) {
            log.error("Error while getting http client connection manager. ", e);
        }
        HttpClientBuilder defaultRequestConfig = HttpClients.custom().setConnectionManager(poolingHttpClientConnectionManager).setDefaultRequestConfig(RequestConfig.custom().build());
        if (Boolean.parseBoolean(property)) {
            defaultRequestConfig = defaultRequestConfig.setRoutePlanner(new DefaultProxyRoutePlanner(new HttpHost(property2, Integer.parseInt(property3), str)));
            if (!StringUtils.isBlank(property4) && !StringUtils.isBlank(property5)) {
                BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
                basicCredentialsProvider.setCredentials(new AuthScope(property2, Integer.parseInt(property3)), new UsernamePasswordCredentials(property4, property5));
                defaultRequestConfig = defaultRequestConfig.setDefaultCredentialsProvider(basicCredentialsProvider);
            }
        }
        return defaultRequestConfig.build();
    }

    private static PoolingHttpClientConnectionManager getPoolingHttpClientConnectionManager(String str) throws IdentityOAuth2Exception {
        PoolingHttpClientConnectionManager poolingHttpClientConnectionManager;
        if (Constants.PROTOCOL_HTTPS.equals(str)) {
            poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager(RegistryBuilder.create().register(Constants.PROTOCOL_HTTPS, createSocketFactory()).build());
        } else {
            poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager();
        }
        return poolingHttpClientConnectionManager;
    }

    private static SSLConnectionSocketFactory createSocketFactory() throws IdentityOAuth2Exception {
        String firstProperty = CarbonUtils.getServerConfiguration().getFirstProperty(Constants.TRUSTSTORE_LOCATION);
        String firstProperty2 = CarbonUtils.getServerConfiguration().getFirstProperty(Constants.TRUSTSTORE_PASSWORD);
        try {
            KeyStore keyStore = KeyStore.getInstance(Constants.TRUSTSTORE_TYPE);
            keyStore.load(new FileInputStream(firstProperty), firstProperty2.toCharArray());
            SSLContext build = SSLContexts.custom().loadTrustMaterial(keyStore).build();
            String property = System.getProperty(HOST_NAME_VERIFIER);
            return new SSLConnectionSocketFactory(build, ALLOW_ALL.equalsIgnoreCase(property) ? SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER : STRICT.equalsIgnoreCase(property) ? SSLSocketFactory.STRICT_HOSTNAME_VERIFIER : SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
        } catch (IOException e) {
            throw new IdentityOAuth2Exception("Key Store not found in " + firstProperty, e);
        } catch (KeyManagementException e2) {
            throw new IdentityOAuth2Exception("Failed to load key from " + firstProperty, e2);
        } catch (KeyStoreException e3) {
            throw new IdentityOAuth2Exception("Failed to read from Key Store. ", e3);
        } catch (NoSuchAlgorithmException e4) {
            throw new IdentityOAuth2Exception("Failed to load Key Store from " + firstProperty, e4);
        } catch (CertificateException e5) {
            throw new IdentityOAuth2Exception("Failed to read Certificate. ", e5);
        }
    }
}
