package net.nemerosa.ontrack.client;

import java.net.MalformedURLException;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Objects;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpHost;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.auth.BasicScheme;
import org.apache.http.impl.client.BasicAuthCache;
import org.apache.http.impl.client.BasicCookieStore;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/nemerosa/ontrack/client/OTHttpClientBuilder.class */
public class OTHttpClientBuilder {
    private static final Logger logger = LoggerFactory.getLogger(OTHttpClient.class);
    private final URL url;
    private final boolean disableSsl;
    private final HttpHost host;
    private String username;
    private String password;
    private OTHttpClientLogger clientLogger;
    private int timeoutSeconds;

    public static OTHttpClientBuilder create(String str, boolean z) {
        return new OTHttpClientBuilder(str, z);
    }

    protected OTHttpClientBuilder(String str, boolean z) {
        Logger logger2 = logger;
        Objects.requireNonNull(logger2);
        this.clientLogger = logger2::debug;
        this.timeoutSeconds = 300;
        try {
            this.url = new URL(str);
            this.disableSsl = z;
            this.host = new HttpHost(this.url.getHost(), this.url.getPort(), this.url.getProtocol());
        } catch (MalformedURLException e) {
            throw new ClientURLException(str, e);
        }
    }

    public OTHttpClientBuilder withLogger(OTHttpClientLogger oTHttpClientLogger) {
        this.clientLogger = oTHttpClientLogger;
        return this;
    }

    public OTHttpClientBuilder withCredentials(String str, String str2) {
        this.username = str;
        this.password = str2;
        return this;
    }

    public OTHttpClientBuilder withTimeoutSeconds(int i) {
        this.timeoutSeconds = i;
        return this;
    }

    public OTHttpClient build() {
        SSLConnectionSocketFactory socketFactory;
        HttpClientContext create = HttpClientContext.create();
        if (StringUtils.isNotBlank(this.username) && StringUtils.isNotBlank(this.password)) {
            BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
            basicCredentialsProvider.setCredentials(new AuthScope(this.host), new UsernamePasswordCredentials(this.username, this.password));
            BasicAuthCache basicAuthCache = new BasicAuthCache();
            basicAuthCache.put(this.host, new BasicScheme());
            create.setCredentialsProvider(basicCredentialsProvider);
            create.setAuthCache(basicAuthCache);
        }
        create.setCookieStore(new BasicCookieStore());
        if (this.disableSsl) {
            logger.warn("Disabling SSL checks!");
            try {
                X509TrustManager x509TrustManager = new X509TrustManager() { // from class: net.nemerosa.ontrack.client.OTHttpClientBuilder.1
                    @Override // javax.net.ssl.X509TrustManager
                    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                    }

                    @Override // javax.net.ssl.X509TrustManager
                    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                    }

                    @Override // javax.net.ssl.X509TrustManager
                    public X509Certificate[] getAcceptedIssuers() {
                        return null;
                    }
                };
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(new KeyManager[0], new TrustManager[]{x509TrustManager}, new SecureRandom());
                socketFactory = new SSLConnectionSocketFactory(sSLContext, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
            } catch (KeyManagementException | NoSuchAlgorithmException e) {
                throw new OTHttpClientSSLSetupException(e);
            }
        } else {
            socketFactory = SSLConnectionSocketFactory.getSocketFactory();
        }
        Registry build = RegistryBuilder.create().register("http", PlainConnectionSocketFactory.getSocketFactory()).register("https", socketFactory).build();
        RequestConfig.Builder custom = RequestConfig.custom();
        custom.setConnectTimeout(this.timeoutSeconds * 1000);
        custom.setConnectionRequestTimeout(this.timeoutSeconds * 1000);
        custom.setSocketTimeout(this.timeoutSeconds * 1000);
        return new OTHttpClientImpl(this.url, this.host, () -> {
            return HttpClientBuilder.create().setDefaultRequestConfig(custom.build()).setConnectionManager(new PoolingHttpClientConnectionManager(build)).build();
        }, create, this.clientLogger);
    }
}
