package net.shibboleth.idp.profile.spring.relyingparty.metadata.impl;

import javax.xml.namespace.QName;
import net.shibboleth.ext.spring.util.SpringSupport;
import net.shibboleth.idp.profile.spring.relyingparty.metadata.AbstractMetadataProviderParser;
import net.shibboleth.idp.profile.spring.relyingparty.metadata.FileCachingHttpClientFactoryBean;
import net.shibboleth.idp.profile.spring.relyingparty.metadata.HttpClientFactoryBean;
import net.shibboleth.idp.profile.spring.relyingparty.metadata.InMemoryCachingHttpClientFactoryBean;
import net.shibboleth.idp.profile.spring.relyingparty.metadata.TLSSocketFactoryFactoryBean;
import net.shibboleth.idp.profile.spring.resource.impl.SVNResourceParser;
import net.shibboleth.utilities.java.support.primitive.StringSupport;
import net.shibboleth.utilities.java.support.xml.ElementSupport;
import net.shibboleth.utilities.java.support.xml.XMLConstants;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.beans.factory.parsing.BeanDefinitionParsingException;
import org.springframework.beans.factory.parsing.Location;
import org.springframework.beans.factory.parsing.Problem;
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
import org.springframework.beans.factory.xml.ParserContext;
import org.w3c.dom.Element;

/* loaded from: input_file:BOOT-INF/lib/idp-profile-spring-3.3.2.jar:net/shibboleth/idp/profile/spring/relyingparty/metadata/impl/AbstractDynamicHTTPMetadataProviderParser.class */
public abstract class AbstractDynamicHTTPMetadataProviderParser extends AbstractDynamicMetadataProviderParser {
    private static final String BASIC_AUTH_USER = "basicAuthUser";
    private static final String BASIC_AUTH_PASSWORD = "basicAuthPassword";
    private static final String DEFAULT_CACHING = "memory";
    private static final String DEFAULT_CONNECTION_REQUEST_TIMEOUT = "PT5S";
    private static final String DEFAULT_CONNECTION_TIMEOUT = "PT5S";
    private static final String DEFAULT_SOCKET_TIMEOUT = "PT5S";
    private final Logger log = LoggerFactory.getLogger((Class<?>) AbstractDynamicHTTPMetadataProviderParser.class);
    public static final QName TLS_TRUST_ENGINE_ELEMENT_NAME = new QName(AbstractMetadataProviderParser.METADATA_NAMESPACE, "TLSTrustEngine");
    private static final Integer DEFAULT_MAX_CONNECTIONS_TOTAL = 100;
    private static final Integer DEFAULT_MAX_CONNECTIONS_PER_ROUTE = 100;

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.shibboleth.idp.profile.spring.relyingparty.metadata.impl.AbstractDynamicMetadataProviderParser, net.shibboleth.idp.profile.spring.relyingparty.metadata.AbstractMetadataProviderParser
    public void doNativeParse(Element element, ParserContext parserContext, BeanDefinitionBuilder beanDefinitionBuilder) {
        Object parseTLSTrustEngine;
        super.doNativeParse(element, parserContext, beanDefinitionBuilder);
        if (element.hasAttributeNS(null, "tlsTrustEngineRef")) {
            parseTLSTrustEngine = StringSupport.trimOrNull(element.getAttributeNS(null, "tlsTrustEngineRef"));
            beanDefinitionBuilder.addPropertyReference("tLSTrustEngine", (String) parseTLSTrustEngine);
        } else {
            parseTLSTrustEngine = parseTLSTrustEngine(element, parserContext);
            if (parseTLSTrustEngine != null) {
                beanDefinitionBuilder.addPropertyValue("tLSTrustEngine", parseTLSTrustEngine);
            }
        }
        String str = null;
        if (element.hasAttributeNS(null, "httpClientSecurityParametersRef")) {
            str = StringSupport.trimOrNull(element.getAttributeNS(null, "httpClientSecurityParametersRef"));
            beanDefinitionBuilder.addPropertyReference("httpClientSecurityParameters", str);
        }
        if (element.hasAttributeNS(null, "httpClientRef")) {
            beanDefinitionBuilder.addConstructorArgReference(StringSupport.trimOrNull(element.getAttributeNS(null, "httpClientRef")));
            if (element.hasAttributeNS(null, "requestTimeout") || element.hasAttributeNS(null, SVNResourceParser.CTX_TIMEOUT_ATTRIB_NAME) || element.hasAttributeNS(null, "connectionRequestTimeout") || element.hasAttributeNS(null, "socketTimeout") || element.hasAttributeNS(null, "maxConnectionsTotal") || element.hasAttributeNS(null, "maxConnectionsPerRoute") || element.hasAttributeNS(null, "disregardSslCertificate") || element.hasAttributeNS(null, "disregardTLSCertificate") || element.hasAttributeNS(null, "proxyHost") || element.hasAttributeNS(null, "proxyPort") || element.hasAttributeNS(null, "proxyUser") || element.hasAttributeNS(null, SVNResourceParser.PROXY_PASSWORD_ATTRIB_NAME)) {
                this.log.warn("httpClientRef overrides settings for requestTimeout, connectionTimeout, connectionRequestTimeout, socketTimeout, maxConnectionsTotal, maxConnectionsPerRoute, disregardSslCertificate, disregardTLSCertificate, proxyHost, proxyPort, proxyUser and proxyPassword");
            }
        } else {
            beanDefinitionBuilder.addConstructorArgValue(buildHttpClient(element, parserContext, parseTLSTrustEngine, str));
        }
        if (element.hasAttributeNS(null, "credentialsProviderRef")) {
            beanDefinitionBuilder.addPropertyReference("credentialsProvider", StringSupport.trimOrNull(element.getAttributeNS(null, "credentialsProviderRef")));
            if (element.hasAttributeNS(null, BASIC_AUTH_USER) || element.hasAttributeNS(null, BASIC_AUTH_PASSWORD)) {
                this.log.warn("credentialsProviderRef overrides settings for basicAuthUser and basicAuthPassword");
            }
        } else if (element.hasAttributeNS(null, BASIC_AUTH_USER) || element.hasAttributeNS(null, BASIC_AUTH_PASSWORD)) {
            beanDefinitionBuilder.addPropertyValue("basicCredentials", buildBasicCredentials(element));
        }
        if (element.hasAttributeNS(null, "supportedContentTypes")) {
            beanDefinitionBuilder.addPropertyValue("supportedContentTypes", StringSupport.stringToList(StringSupport.trimOrNull(element.getAttributeNS(null, "supportedContentTypes")), XMLConstants.LIST_DELIMITERS));
        }
    }

    private BeanDefinition buildHttpClient(Element element, ParserContext parserContext, Object obj, String str) {
        BeanDefinitionBuilder genericBeanDefinition;
        String str2 = DEFAULT_CACHING;
        if (element.hasAttributeNS(null, "httpCaching")) {
            str2 = StringSupport.trimOrNull(element.getAttributeNS(null, "httpCaching"));
        }
        String str3 = str2;
        boolean z = -1;
        switch (str3.hashCode()) {
            case -1077756671:
                if (str3.equals(DEFAULT_CACHING)) {
                    z = 2;
                    break;
                }
                break;
            case 3143036:
                if (str3.equals("file")) {
                    z = true;
                    break;
                }
                break;
            case 3387192:
                if (str3.equals("none")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                genericBeanDefinition = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) HttpClientFactoryBean.class);
                break;
            case true:
                genericBeanDefinition = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) FileCachingHttpClientFactoryBean.class);
                if (element.hasAttributeNS(null, "httpCacheDirectory")) {
                    genericBeanDefinition.addPropertyValue("cacheDirectory", StringSupport.trimOrNull(element.getAttributeNS(null, "httpCacheDirectory")));
                }
                if (element.hasAttributeNS(null, "httpMaxCacheEntries")) {
                    genericBeanDefinition.addPropertyValue("maxCacheEntries", StringSupport.trimOrNull(element.getAttributeNS(null, "httpMaxCacheEntries")));
                }
                if (element.hasAttributeNS(null, "httpMaxCacheEntrySize")) {
                    genericBeanDefinition.addPropertyValue("maxCacheEntrySize", StringSupport.trimOrNull(element.getAttributeNS(null, "httpMaxCacheEntrySize")));
                    break;
                }
                break;
            case true:
                genericBeanDefinition = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) InMemoryCachingHttpClientFactoryBean.class);
                if (element.hasAttributeNS(null, "httpMaxCacheEntries")) {
                    genericBeanDefinition.addPropertyValue("maxCacheEntries", StringSupport.trimOrNull(element.getAttributeNS(null, "httpMaxCacheEntries")));
                }
                if (element.hasAttributeNS(null, "httpMaxCacheEntrySize")) {
                    genericBeanDefinition.addPropertyValue("maxCacheEntrySize", StringSupport.trimOrNull(element.getAttributeNS(null, "httpMaxCacheEntrySize")));
                    break;
                }
                break;
            default:
                throw new BeanDefinitionParsingException(new Problem(String.format("Caching value '%s' is unsupported", str2), new Location(parserContext.getReaderContext().getResource())));
        }
        genericBeanDefinition.setLazyInit(true);
        if (element.hasAttributeNS(null, "requestTimeout") || element.hasAttributeNS(null, SVNResourceParser.CTX_TIMEOUT_ATTRIB_NAME)) {
            if (element.hasAttributeNS(null, "requestTimeout")) {
                genericBeanDefinition.addPropertyValue(SVNResourceParser.CTX_TIMEOUT_ATTRIB_NAME, StringSupport.trimOrNull(element.getAttributeNS(null, "requestTimeout")));
            }
            if (element.hasAttributeNS(null, SVNResourceParser.CTX_TIMEOUT_ATTRIB_NAME)) {
                genericBeanDefinition.addPropertyValue(SVNResourceParser.CTX_TIMEOUT_ATTRIB_NAME, StringSupport.trimOrNull(element.getAttributeNS(null, SVNResourceParser.CTX_TIMEOUT_ATTRIB_NAME)));
            }
        } else {
            genericBeanDefinition.addPropertyValue(SVNResourceParser.CTX_TIMEOUT_ATTRIB_NAME, "PT5S");
        }
        if (element.hasAttributeNS(null, "connectionRequestTimeout")) {
            genericBeanDefinition.addPropertyValue("connectionRequestTimeout", StringSupport.trimOrNull(element.getAttributeNS(null, "connectionRequestTimeout")));
        } else {
            genericBeanDefinition.addPropertyValue("connectionRequestTimeout", "PT5S");
        }
        if (element.hasAttributeNS(null, "socketTimeout")) {
            genericBeanDefinition.addPropertyValue("socketTimeout", StringSupport.trimOrNull(element.getAttributeNS(null, "socketTimeout")));
        } else {
            genericBeanDefinition.addPropertyValue("socketTimeout", "PT5S");
        }
        if (element.hasAttributeNS(null, "maxConnectionsTotal")) {
            genericBeanDefinition.addPropertyValue("maxConnectionsTotal", StringSupport.trimOrNull(element.getAttributeNS(null, "maxConnectionsTotal")));
        } else {
            genericBeanDefinition.addPropertyValue("maxConnectionsTotal", DEFAULT_MAX_CONNECTIONS_TOTAL);
        }
        if (element.hasAttributeNS(null, "maxConnectionsPerRoute")) {
            genericBeanDefinition.addPropertyValue("maxConnectionsPerRoute", StringSupport.trimOrNull(element.getAttributeNS(null, "maxConnectionsPerRoute")));
        } else {
            genericBeanDefinition.addPropertyValue("maxConnectionsPerRoute", DEFAULT_MAX_CONNECTIONS_PER_ROUTE);
        }
        genericBeanDefinition.addPropertyValue("tLSSocketFactory", buildTLSSocketFactory(element, parserContext, obj, str));
        if (element.hasAttributeNS(null, "proxyHost")) {
            genericBeanDefinition.addPropertyValue("connectionProxyHost", StringSupport.trimOrNull(element.getAttributeNS(null, "proxyHost")));
        }
        if (element.hasAttributeNS(null, "proxyPort")) {
            genericBeanDefinition.addPropertyValue("connectionProxyPort", StringSupport.trimOrNull(element.getAttributeNS(null, "proxyPort")));
        }
        if (element.hasAttributeNS(null, "proxyUser")) {
            genericBeanDefinition.addPropertyValue("connectionProxyUsername", StringSupport.trimOrNull(element.getAttributeNS(null, "proxyUser")));
        }
        if (element.hasAttributeNS(null, SVNResourceParser.PROXY_PASSWORD_ATTRIB_NAME)) {
            genericBeanDefinition.addPropertyValue("connectionProxyPassword", element.getAttributeNS(null, SVNResourceParser.PROXY_PASSWORD_ATTRIB_NAME));
        }
        return genericBeanDefinition.getBeanDefinition();
    }

    private BeanDefinition buildTLSSocketFactory(Element element, ParserContext parserContext, Object obj, String str) {
        BeanDefinitionBuilder genericBeanDefinition = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) TLSSocketFactoryFactoryBean.class);
        if (obj != null) {
            if (obj instanceof String) {
                genericBeanDefinition.addPropertyReference("tLSTrustEngine", (String) obj);
            } else {
                genericBeanDefinition.addPropertyValue("tLSTrustEngine", obj);
            }
        }
        if (element.hasAttributeNS(null, "disregardTLSCertificate")) {
            genericBeanDefinition.addPropertyValue("connectionDisregardTLSCertificate", StringSupport.trimOrNull(element.getAttributeNS(null, "disregardTLSCertificate")));
        } else if (element.hasAttributeNS(null, "disregardSslCertificate")) {
            this.log.warn("disregardSslCertificate is deprecated, please switch to disregardTLSCertificate");
            genericBeanDefinition.addPropertyValue("connectionDisregardTLSCertificate", StringSupport.trimOrNull(element.getAttributeNS(null, "disregardSslCertificate")));
        }
        if (str != null) {
            genericBeanDefinition.addPropertyReference("httpClientSecurityParameters", str);
        }
        return genericBeanDefinition.getBeanDefinition();
    }

    private BeanDefinition buildBasicCredentials(Element element) {
        BeanDefinitionBuilder genericBeanDefinition = BeanDefinitionBuilder.genericBeanDefinition((Class<?>) UsernamePasswordCredentials.class);
        genericBeanDefinition.setLazyInit(true);
        genericBeanDefinition.addConstructorArgValue(StringSupport.trimOrNull(element.getAttributeNS(null, BASIC_AUTH_USER)));
        genericBeanDefinition.addConstructorArgValue(StringSupport.trimOrNull(element.getAttributeNS(null, BASIC_AUTH_PASSWORD)));
        return genericBeanDefinition.getBeanDefinition();
    }

    private BeanDefinition parseTLSTrustEngine(Element element, ParserContext parserContext) {
        Element firstChildElement = ElementSupport.getFirstChildElement(element, TLS_TRUST_ENGINE_ELEMENT_NAME);
        if (firstChildElement == null) {
            return null;
        }
        Element firstChildElement2 = ElementSupport.getFirstChildElement(firstChildElement, AbstractMetadataProviderParser.TRUST_ENGINE_ELEMENT_NAME);
        if (firstChildElement2 != null) {
            return SpringSupport.parseCustomElement(firstChildElement2, parserContext);
        }
        this.log.warn("{}:, Element {} did not contain a {} child element", parserContext.getReaderContext().getResource().getDescription(), TLS_TRUST_ENGINE_ELEMENT_NAME, AbstractMetadataProviderParser.TRUST_ENGINE_ELEMENT_NAME);
        return null;
    }
}
