package org.apereo.cas.config;

import javax.net.ssl.HostnameVerifier;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.conn.ssl.DefaultHostnameVerifier;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.ssl.SSLContexts;
import org.apereo.cas.authentication.FileTrustStoreSslSocketFactory;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.core.authentication.HttpClientProperties;
import org.apereo.cas.util.http.HttpClient;
import org.apereo.cas.util.http.SimpleHttpClient;
import org.apereo.cas.util.http.SimpleHttpClientFactoryBean;
import org.springframework.beans.factory.FactoryBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.AutoConfigureBefore;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;

@EnableConfigurationProperties({CasConfigurationProperties.class})
@AutoConfigureBefore({CasCoreAuthenticationConfiguration.class})
@Configuration("casCoreHttpConfiguration")
@Order(Integer.MIN_VALUE)
/* loaded from: input_file:WEB-INF/lib/cas-server-core-authentication-5.1.0-RC3.jar:org/apereo/cas/config/CasCoreHttpConfiguration.class */
public class CasCoreHttpConfiguration {

    @Autowired
    private CasConfigurationProperties casProperties;

    @ConditionalOnMissingBean(name = {"trustStoreSslSocketFactory"})
    @Bean
    public SSLConnectionSocketFactory trustStoreSslSocketFactory() {
        HttpClientProperties.Truststore truststore = this.casProperties.getHttpClient().getTruststore();
        return (truststore.getFile() != null && truststore.getFile().exists() && StringUtils.isNotBlank(truststore.getPsw())) ? new FileTrustStoreSslSocketFactory(truststore.getFile(), truststore.getPsw()) : new SSLConnectionSocketFactory(SSLContexts.createSystemDefault());
    }

    @ConditionalOnMissingBean(name = {"httpClient"})
    @Bean
    public FactoryBean<SimpleHttpClient> httpClient() {
        SimpleHttpClientFactoryBean.DefaultHttpClient defaultHttpClient = new SimpleHttpClientFactoryBean.DefaultHttpClient();
        defaultHttpClient.setConnectionTimeout(this.casProperties.getHttpClient().getConnectionTimeout());
        defaultHttpClient.setReadTimeout(Long.valueOf(this.casProperties.getHttpClient().getReadTimeout()).intValue());
        return defaultHttpClient;
    }

    @ConditionalOnMissingBean(name = {"noRedirectHttpClient"})
    @Bean
    public HttpClient noRedirectHttpClient() throws Exception {
        return getHttpClient(false);
    }

    @ConditionalOnMissingBean(name = {"supportsTrustStoreSslSocketFactoryHttpClient"})
    @Bean
    public HttpClient supportsTrustStoreSslSocketFactoryHttpClient() throws Exception {
        return getHttpClient(true);
    }

    @ConditionalOnMissingBean(name = {"hostnameVerifier"})
    @Bean
    public HostnameVerifier hostnameVerifier() {
        return this.casProperties.getHttpClient().getHostNameVerifier().equalsIgnoreCase("none") ? NoopHostnameVerifier.INSTANCE : new DefaultHostnameVerifier();
    }

    private HttpClient getHttpClient(boolean z) throws Exception {
        SimpleHttpClientFactoryBean.DefaultHttpClient defaultHttpClient = new SimpleHttpClientFactoryBean.DefaultHttpClient();
        defaultHttpClient.setConnectionTimeout(this.casProperties.getHttpClient().getConnectionTimeout());
        defaultHttpClient.setReadTimeout(Long.valueOf(this.casProperties.getHttpClient().getReadTimeout()).intValue());
        defaultHttpClient.setRedirectsEnabled(z);
        defaultHttpClient.setCircularRedirectsAllowed(z);
        defaultHttpClient.setSslSocketFactory(trustStoreSslSocketFactory());
        defaultHttpClient.setHostnameVerifier(hostnameVerifier());
        return defaultHttpClient.getObject2();
    }
}
