package org.jenkinsci.plugins.oic;

import com.nimbusds.oauth2.sdk.http.HTTPRequest;
import hudson.ProxyConfiguration;
import java.net.Proxy;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import jenkins.model.Jenkins;
import jenkins.security.FIPS140;
import org.jenkinsci.plugins.oic.ssl.IgnoringHostNameVerifier;
import org.jenkinsci.plugins.oic.ssl.TLSUtils;
import org.pac4j.oidc.config.OidcConfiguration;

/* loaded from: input_file:org/jenkinsci/plugins/oic/CustomOidcConfiguration.class */
class CustomOidcConfiguration extends OidcConfiguration {
    private final boolean disableTLS;

    /* JADX INFO: Access modifiers changed from: package-private */
    public CustomOidcConfiguration(boolean z) {
        this.disableTLS = z;
        if (FIPS140.useCompliantAlgorithms() && z) {
            throw new IllegalStateException("Cannot disable TLS validation in FIPS-140 mode");
        }
    }

    public void configureHttpRequest(HTTPRequest hTTPRequest) {
        ProxyConfiguration proxy;
        Proxy proxy2 = null;
        Jenkins instanceOrNull = Jenkins.getInstanceOrNull();
        if (instanceOrNull != null && (proxy = instanceOrNull.getProxy()) != null) {
            proxy2 = proxy.createProxy(hTTPRequest.getURL().getHost());
        }
        hTTPRequest.setProxy(proxy2);
        if (this.disableTLS) {
            hTTPRequest.setHostnameVerifier(IgnoringHostNameVerifier.INSTANCE);
            try {
                hTTPRequest.setSSLSocketFactory(TLSUtils.createAnythingGoesSSLSocketFactory());
            } catch (KeyManagementException | NoSuchAlgorithmException e) {
                throw new IllegalStateException("could not configure the SSLFactory, this should not be possible", e);
            }
        }
        super.configureHttpRequest(hTTPRequest);
    }
}
