package org.sonatype.nexus.apachehttpclient;

import com.google.common.base.Preconditions;
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import com.google.common.collect.Sets;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.concurrent.TimeUnit;
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import org.apache.http.HttpHost;
import org.apache.http.HttpVersion;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.Credentials;
import org.apache.http.auth.NTCredentials;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.protocol.ResponseContentEncoding;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.client.StandardHttpRequestRetryHandler;
import org.apache.http.params.HttpParams;
import org.apache.http.params.SyncBasicHttpParams;
import org.apache.http.protocol.BasicHttpProcessor;
import org.sonatype.nexus.jsecurity.realms.TargetPrivilegeDescriptor;
import org.sonatype.nexus.logging.AbstractLoggingComponent;
import org.sonatype.nexus.proxy.repository.ClientSSLRemoteAuthenticationSettings;
import org.sonatype.nexus.proxy.repository.NtlmRemoteAuthenticationSettings;
import org.sonatype.nexus.proxy.repository.RemoteAuthenticationSettings;
import org.sonatype.nexus.proxy.repository.RemoteProxySettings;
import org.sonatype.nexus.proxy.repository.UsernamePasswordRemoteAuthenticationSettings;
import org.sonatype.nexus.proxy.storage.remote.RemoteStorageContext;
import org.sonatype.nexus.proxy.utils.UserAgentBuilder;
import org.sonatype.nexus.util.SystemPropertiesHelper;

@Singleton
@Named
/* loaded from: input_file:org/sonatype/nexus/apachehttpclient/Hc4ProviderBase.class */
public class Hc4ProviderBase extends AbstractLoggingComponent {
    private static final String KEEP_ALIVE_MAX_DURATION_KEY = "nexus.apacheHttpClient4x.keepAliveMaxDuration";
    private static final long KEEP_ALIVE_MAX_DURATION_DEFAULT = TimeUnit.SECONDS.toMillis(30);
    private final UserAgentBuilder userAgentBuilder;

    /* loaded from: input_file:org/sonatype/nexus/apachehttpclient/Hc4ProviderBase$DefaultHttpClientImpl.class */
    private static class DefaultHttpClientImpl extends InstrumentedHttpClient {
        private DefaultHttpClientImpl(ClientConnectionManager clientConnectionManager, HttpParams httpParams) {
            super(clientConnectionManager, httpParams);
        }

        @Override // org.apache.http.impl.client.DefaultHttpClient, org.apache.http.impl.client.AbstractHttpClient
        protected BasicHttpProcessor createHttpProcessor() {
            BasicHttpProcessor createHttpProcessor = super.createHttpProcessor();
            createHttpProcessor.addResponseInterceptor(new ResponseContentEncoding());
            return createHttpProcessor;
        }
    }

    @Inject
    public Hc4ProviderBase(UserAgentBuilder userAgentBuilder) {
        this.userAgentBuilder = (UserAgentBuilder) Preconditions.checkNotNull(userAgentBuilder);
    }

    public DefaultHttpClient createHttpClient(RemoteStorageContext remoteStorageContext, ClientConnectionManager clientConnectionManager) {
        DefaultHttpClientImpl defaultHttpClientImpl = new DefaultHttpClientImpl(clientConnectionManager, createHttpParams(remoteStorageContext));
        configureAuthentication(defaultHttpClientImpl, remoteStorageContext.getRemoteAuthenticationSettings(), null);
        configureProxy(defaultHttpClientImpl, remoteStorageContext.getRemoteProxySettings());
        defaultHttpClientImpl.setHttpRequestRetryHandler(new StandardHttpRequestRetryHandler(remoteStorageContext.getRemoteConnectionSettings() != null ? remoteStorageContext.getRemoteConnectionSettings().getRetrievalRetryCount() : 0, false));
        defaultHttpClientImpl.setKeepAliveStrategy(new NexusConnectionKeepAliveStrategy(getKeepAliveMaxDuration()));
        return defaultHttpClientImpl;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public HttpParams createHttpParams(RemoteStorageContext remoteStorageContext) {
        SyncBasicHttpParams syncBasicHttpParams = new SyncBasicHttpParams();
        syncBasicHttpParams.setParameter("http.protocol.version", HttpVersion.HTTP_1_1);
        syncBasicHttpParams.setBooleanParameter("http.protocol.expect-continue", false);
        syncBasicHttpParams.setBooleanParameter("http.connection.stalecheck", false);
        syncBasicHttpParams.setIntParameter("http.socket.buffer-size", 8192);
        syncBasicHttpParams.setIntParameter("http.connection.timeout", getConnectionTimeout(remoteStorageContext));
        syncBasicHttpParams.setIntParameter("http.socket.timeout", getSoTimeout(remoteStorageContext));
        syncBasicHttpParams.setParameter("http.useragent", this.userAgentBuilder.formatUserAgentString(remoteStorageContext));
        return syncBasicHttpParams;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public long getKeepAliveMaxDuration() {
        return SystemPropertiesHelper.getLong(KEEP_ALIVE_MAX_DURATION_KEY, KEEP_ALIVE_MAX_DURATION_DEFAULT);
    }

    protected int getConnectionTimeout(RemoteStorageContext remoteStorageContext) {
        if (remoteStorageContext.getRemoteConnectionSettings() != null) {
            return remoteStorageContext.getRemoteConnectionSettings().getConnectionTimeout();
        }
        return 1000;
    }

    protected int getSoTimeout(RemoteStorageContext remoteStorageContext) {
        return getConnectionTimeout(remoteStorageContext);
    }

    protected void configureAuthentication(DefaultHttpClient defaultHttpClient, RemoteAuthenticationSettings remoteAuthenticationSettings, HttpHost httpHost) {
        if (remoteAuthenticationSettings != null) {
            String str = TargetPrivilegeDescriptor.TYPE;
            if (httpHost != null) {
                str = httpHost.toHostString() + " proxy";
            }
            ArrayList newArrayListWithExpectedSize = Lists.newArrayListWithExpectedSize(3);
            newArrayListWithExpectedSize.add("Digest");
            newArrayListWithExpectedSize.add("Basic");
            Credentials credentials = null;
            if (remoteAuthenticationSettings instanceof ClientSSLRemoteAuthenticationSettings) {
                throw new IllegalArgumentException("SSL client authentication not yet supported!");
            }
            if (remoteAuthenticationSettings instanceof NtlmRemoteAuthenticationSettings) {
                NtlmRemoteAuthenticationSettings ntlmRemoteAuthenticationSettings = (NtlmRemoteAuthenticationSettings) remoteAuthenticationSettings;
                newArrayListWithExpectedSize.add(0, "NTLM");
                getLogger().debug("{} authentication setup for NTLM domain '{}'", str, ntlmRemoteAuthenticationSettings.getNtlmDomain());
                credentials = new NTCredentials(ntlmRemoteAuthenticationSettings.getUsername(), ntlmRemoteAuthenticationSettings.getPassword(), ntlmRemoteAuthenticationSettings.getNtlmHost(), ntlmRemoteAuthenticationSettings.getNtlmDomain());
            } else if (remoteAuthenticationSettings instanceof UsernamePasswordRemoteAuthenticationSettings) {
                UsernamePasswordRemoteAuthenticationSettings usernamePasswordRemoteAuthenticationSettings = (UsernamePasswordRemoteAuthenticationSettings) remoteAuthenticationSettings;
                getLogger().debug("{} authentication setup for remote storage with username '{}'", str, usernamePasswordRemoteAuthenticationSettings.getUsername());
                credentials = new UsernamePasswordCredentials(usernamePasswordRemoteAuthenticationSettings.getUsername(), usernamePasswordRemoteAuthenticationSettings.getPassword());
            }
            if (credentials != null) {
                if (httpHost != null) {
                    defaultHttpClient.getCredentialsProvider().setCredentials(new AuthScope(httpHost), credentials);
                    defaultHttpClient.getParams().setParameter("http.auth.proxy-scheme-pref", newArrayListWithExpectedSize);
                } else {
                    defaultHttpClient.getCredentialsProvider().setCredentials(AuthScope.ANY, credentials);
                    defaultHttpClient.getParams().setParameter("http.auth.target-scheme-pref", newArrayListWithExpectedSize);
                }
            }
        }
    }

    protected void configureProxy(DefaultHttpClient defaultHttpClient, RemoteProxySettings remoteProxySettings) {
        if (remoteProxySettings == null || remoteProxySettings.getHttpProxySettings() == null || !remoteProxySettings.getHttpProxySettings().isEnabled()) {
            return;
        }
        HashMap newHashMap = Maps.newHashMap();
        HttpHost httpHost = new HttpHost(remoteProxySettings.getHttpProxySettings().getHostname(), remoteProxySettings.getHttpProxySettings().getPort());
        configureAuthentication(defaultHttpClient, remoteProxySettings.getHttpProxySettings().getProxyAuthentication(), httpHost);
        getLogger().debug("http proxy setup with host '{}'", remoteProxySettings.getHttpProxySettings().getHostname());
        newHashMap.put("http", httpHost);
        newHashMap.put("https", httpHost);
        if (remoteProxySettings.getHttpsProxySettings() != null && remoteProxySettings.getHttpsProxySettings().isEnabled()) {
            HttpHost httpHost2 = new HttpHost(remoteProxySettings.getHttpsProxySettings().getHostname(), remoteProxySettings.getHttpsProxySettings().getPort());
            configureAuthentication(defaultHttpClient, remoteProxySettings.getHttpsProxySettings().getProxyAuthentication(), httpHost2);
            getLogger().debug("https proxy setup with host '{}'", remoteProxySettings.getHttpsProxySettings().getHostname());
            newHashMap.put("https", httpHost2);
        }
        HashSet newHashSet = Sets.newHashSet();
        if (remoteProxySettings.getNonProxyHosts() != null && !remoteProxySettings.getNonProxyHosts().isEmpty()) {
            for (String str : remoteProxySettings.getNonProxyHosts()) {
                try {
                    newHashSet.add(Pattern.compile(str, 2));
                } catch (PatternSyntaxException e) {
                    getLogger().warn("Invalid non proxy host regex: {}", str, e);
                }
            }
        }
        defaultHttpClient.setRoutePlanner(new NexusHttpRoutePlanner(newHashMap, defaultHttpClient.getConnectionManager().getSchemeRegistry(), newHashSet));
    }
}
