package net.shibboleth.oidc.metadata.impl;

import com.google.common.base.Strings;
import com.google.common.net.MediaType;
import java.io.IOException;
import java.net.URISyntaxException;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.function.Function;
import java.util.stream.Collectors;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.shared.annotation.constraint.NonnullAfterInit;
import net.shibboleth.shared.annotation.constraint.NotLive;
import net.shibboleth.shared.annotation.constraint.Unmodifiable;
import net.shibboleth.shared.collection.LazySet;
import net.shibboleth.shared.component.AbstractIdentifiableInitializableComponent;
import net.shibboleth.shared.component.ComponentInitializationException;
import net.shibboleth.shared.logic.Constraint;
import net.shibboleth.shared.primitive.LoggerFactory;
import net.shibboleth.shared.primitive.StringSupport;
import net.shibboleth.shared.resolver.CriteriaSet;
import org.apache.hc.client5.http.classic.HttpClient;
import org.apache.hc.client5.http.classic.methods.HttpGet;
import org.apache.hc.client5.http.protocol.HttpClientContext;
import org.apache.hc.core5.http.ClassicHttpRequest;
import org.apache.hc.core5.http.io.HttpClientResponseHandler;
import org.opensaml.security.httpclient.HttpClientSecurityParameters;
import org.opensaml.security.httpclient.HttpClientSecuritySupport;
import org.slf4j.Logger;
import org.slf4j.MDC;

/* loaded from: input_file:net/shibboleth/oidc/metadata/impl/AbstractDynamicHTTPFetchingStrategy.class */
public abstract class AbstractDynamicHTTPFetchingStrategy<MetadataType> extends AbstractIdentifiableInitializableComponent implements Function<CriteriaSet, MetadataType> {
    public static final String MDC_ATTRIB_CURRENT_REQUEST_URI;
    private static final String[] DEFAULT_CONTENT_TYPES;

    @Nonnull
    private final Logger log = LoggerFactory.getLogger(AbstractDynamicHTTPFetchingStrategy.class);

    @Nonnull
    private final HttpClient httpClient;

    @NonnullAfterInit
    private List<String> supportedContentTypes;

    @NonnullAfterInit
    private String supportedContentTypesValue;

    @NonnullAfterInit
    private Set<MediaType> supportedMediaTypes;

    @Nullable
    private HttpClientSecurityParameters httpClientSecurityParameters;

    @Nonnull
    private final HttpClientResponseHandler<MetadataType> responseHandler;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractDynamicHTTPFetchingStrategy(@Nonnull HttpClient httpClient, @Nonnull HttpClientResponseHandler<MetadataType> httpClientResponseHandler) {
        this.responseHandler = (HttpClientResponseHandler) Constraint.isNotNull(httpClientResponseHandler, "Response handler can not be null");
        this.httpClient = (HttpClient) Constraint.isNotNull(httpClient, "HTTP Client can not be null");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void doInitialize() throws ComponentInitializationException {
        super.doInitialize();
        if (getSupportedContentTypes() == null) {
            setSupportedContentTypes(Arrays.asList(DEFAULT_CONTENT_TYPES));
        }
        List<String> supportedContentTypes = getSupportedContentTypes();
        if (!$assertionsDisabled && supportedContentTypes == null) {
            throw new AssertionError();
        }
        if (getSupportedContentTypes().isEmpty()) {
            this.supportedMediaTypes = Collections.emptySet();
        } else {
            this.supportedContentTypesValue = StringSupport.listToStringValue(supportedContentTypes, ", ");
            this.supportedMediaTypes = new LazySet();
            Iterator<String> it = getSupportedContentTypes().iterator();
            while (it.hasNext()) {
                this.supportedMediaTypes.add(MediaType.parse(it.next()));
            }
        }
        this.log.debug("{} Supported content types are: {}", getId(), getSupportedContentTypes());
    }

    public void setHttpClientSecurityParameters(@Nullable HttpClientSecurityParameters httpClientSecurityParameters) {
        ifInitializedThrowUnmodifiabledComponentException();
        ifDestroyedThrowDestroyedComponentException();
        this.httpClientSecurityParameters = httpClientSecurityParameters;
    }

    @Unmodifiable
    @NotLive
    @NonnullAfterInit
    public List<String> getSupportedContentTypes() {
        return this.supportedContentTypes;
    }

    public void setSupportedContentTypes(@Nullable List<String> list) {
        ifInitializedThrowUnmodifiabledComponentException();
        ifDestroyedThrowDestroyedComponentException();
        if (list == null) {
            this.supportedContentTypes = Collections.emptyList();
        } else {
            this.supportedContentTypes = (List) StringSupport.normalizeStringCollection(list).stream().filter(str -> {
                return str != null;
            }).map((v0) -> {
                return v0.toLowerCase();
            }).collect(Collectors.toUnmodifiableList());
        }
    }

    @Override // java.util.function.Function
    @Nullable
    public MetadataType apply(@Nullable CriteriaSet criteriaSet) {
        this.log.debug("{} fetching metadata based on criteria: {}", getId(), criteriaSet);
        ClassicHttpRequest buildHttpRequest = buildHttpRequest(criteriaSet);
        if (buildHttpRequest == null) {
            this.log.debug("Could not build request based on input criteria, unable to query");
            return null;
        }
        HttpClientContext buildHttpClientContext = buildHttpClientContext(buildHttpRequest);
        try {
            try {
                MDC.put(MDC_ATTRIB_CURRENT_REQUEST_URI, buildHttpRequest.getUri().toString());
                MetadataType metadatatype = (MetadataType) this.httpClient.execute(buildHttpRequest, buildHttpClientContext, this.responseHandler);
                HttpClientSecuritySupport.checkTLSCredentialEvaluated(buildHttpClientContext, buildHttpRequest.getUri().getScheme());
                MDC.remove(MDC_ATTRIB_CURRENT_REQUEST_URI);
                return metadatatype;
            } catch (IOException | IllegalArgumentException | URISyntaxException e) {
                this.log.warn("Unable to fetch metadata from remote HTTP source", e);
                MDC.remove(MDC_ATTRIB_CURRENT_REQUEST_URI);
                return null;
            }
        } catch (Throwable th) {
            MDC.remove(MDC_ATTRIB_CURRENT_REQUEST_URI);
            throw th;
        }
    }

    @Nonnull
    private HttpClientContext buildHttpClientContext(@Nonnull ClassicHttpRequest classicHttpRequest) {
        HttpClientContext create = HttpClientContext.create();
        if (!$assertionsDisabled && create == null) {
            throw new AssertionError();
        }
        HttpClientSecuritySupport.marshalSecurityParameters(create, this.httpClientSecurityParameters, true);
        HttpClientSecuritySupport.addDefaultTLSTrustEngineCriteria(create, classicHttpRequest);
        return create;
    }

    @Nullable
    private ClassicHttpRequest buildHttpRequest(@Nullable CriteriaSet criteriaSet) {
        String buildRequestURL = buildRequestURL(criteriaSet);
        this.log.debug("Built request URL of: {}", buildRequestURL);
        if (buildRequestURL == null) {
            this.log.debug("Could not construct request URL from input criteria, unable to query");
            return null;
        }
        HttpGet httpGet = new HttpGet(buildRequestURL);
        if (!Strings.isNullOrEmpty(this.supportedContentTypesValue)) {
            httpGet.addHeader("Accept", this.supportedContentTypesValue);
        }
        return httpGet;
    }

    @Nullable
    protected abstract String buildRequestURL(@Nullable CriteriaSet criteriaSet);

    static {
        $assertionsDisabled = !AbstractDynamicHTTPFetchingStrategy.class.desiredAssertionStatus();
        MDC_ATTRIB_CURRENT_REQUEST_URI = AbstractDynamicHTTPFetchingStrategy.class.getName() + ".currentRequestURI";
        DEFAULT_CONTENT_TYPES = new String[]{"application/json", "application/samlmetadata+xml", "application/xml", "text/xml"};
    }
}
