package org.sonarsource.sonarlint.core.http;

import java.net.ProxySelector;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.time.Duration;
import java.util.Objects;
import java.util.Optional;
import java.util.concurrent.TimeUnit;
import java.util.function.Predicate;
import javax.annotation.Nullable;
import javax.annotation.PreDestroy;
import nl.altindag.ssl.SSLFactory;
import nl.altindag.ssl.model.TrustManagerParameters;
import org.apache.hc.client5.http.auth.CredentialsProvider;
import org.apache.hc.client5.http.config.ConnectionConfig;
import org.apache.hc.client5.http.config.RequestConfig;
import org.apache.hc.client5.http.config.TlsConfig;
import org.apache.hc.client5.http.impl.async.CloseableHttpAsyncClient;
import org.apache.hc.client5.http.impl.async.HttpAsyncClients;
import org.apache.hc.client5.http.impl.auth.BasicCredentialsProvider;
import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManager;
import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManagerBuilder;
import org.apache.hc.client5.http.impl.routing.SystemDefaultRoutePlanner;
import org.apache.hc.client5.http.ssl.DefaultClientTlsStrategy;
import org.apache.hc.core5.http2.HttpVersionPolicy;
import org.apache.hc.core5.io.CloseMode;
import org.apache.hc.core5.util.Timeout;
import org.sonarsource.sonarlint.core.analysis.container.analysis.filesystem.SonarLintInputProject;

/* loaded from: input_file:WEB-INF/lib/sonarlint-core-9.1.1.74346.jar:org/sonarsource/sonarlint/core/http/HttpClientProvider.class */
public class HttpClientProvider {
    private final CloseableHttpAsyncClient sharedClient;

    public static HttpClientProvider forTesting() {
        return new HttpClientProvider("SonarLint tests", null, null, ProxySelector.getDefault(), new BasicCredentialsProvider());
    }

    public HttpClientProvider(String str, @Nullable Path path, @Nullable Predicate<TrustManagerParameters> predicate, ProxySelector proxySelector, CredentialsProvider credentialsProvider) {
        SSLFactory.Builder withSystemTrustMaterial = SSLFactory.builder().withDefaultTrustMaterial().withSystemTrustMaterial();
        Optional ofNullable = Optional.ofNullable(path);
        configureKeyStore(withSystemTrustMaterial, ofNullable);
        configureTrustStore(predicate, withSystemTrustMaterial, ofNullable);
        ConnectionConfig.Builder custom = ConnectionConfig.custom();
        Optional<Timeout> timeoutFromSystemProp = getTimeoutFromSystemProp("sonarlint.http.connectTimeout");
        Objects.requireNonNull(custom);
        timeoutFromSystemProp.ifPresent(custom::setConnectTimeout);
        Optional<Timeout> timeoutFromSystemProp2 = getTimeoutFromSystemProp("sonarlint.http.socketTimeout");
        Objects.requireNonNull(custom);
        timeoutFromSystemProp2.ifPresent(custom::setSocketTimeout);
        PoolingAsyncClientConnectionManager build = PoolingAsyncClientConnectionManagerBuilder.create().setTlsStrategy(new DefaultClientTlsStrategy(withSystemTrustMaterial.build().getSslContext())).setDefaultTlsConfig(TlsConfig.custom().setVersionPolicy(HttpVersionPolicy.FORCE_HTTP_1).build()).setDefaultConnectionConfig(custom.build()).build();
        RequestConfig.Builder custom2 = RequestConfig.custom();
        Optional<Timeout> timeoutFromSystemProp3 = getTimeoutFromSystemProp("sonarlint.http.connectionRequestTimeout");
        Objects.requireNonNull(custom2);
        timeoutFromSystemProp3.ifPresent(custom2::setConnectionRequestTimeout);
        Optional<Timeout> timeoutFromSystemProp4 = getTimeoutFromSystemProp("sonarlint.http.responseTimeout");
        Objects.requireNonNull(custom2);
        timeoutFromSystemProp4.ifPresent(custom2::setResponseTimeout);
        this.sharedClient = HttpAsyncClients.custom().setConnectionManager(build).addResponseInterceptorFirst(new RedirectInterceptor()).setUserAgent(str).setRoutePlanner(new SystemDefaultRoutePlanner(proxySelector)).setDefaultCredentialsProvider(credentialsProvider).setDefaultRequestConfig(custom2.build()).build();
        this.sharedClient.start();
    }

    private static void configureTrustStore(@Nullable Predicate<TrustManagerParameters> predicate, SSLFactory.Builder builder, Optional<Path> optional) {
        Path path;
        if (predicate == null || (path = (Path) Optional.ofNullable(System.getProperty("sonarlint.ssl.trustStorePath")).map(str -> {
            return Paths.get(str, new String[0]);
        }).orElse((Path) optional.map(path2 -> {
            return path2.resolve("ssl/truststore.p12");
        }).orElse(null))) == null) {
            return;
        }
        builder.withInflatableTrustMaterial(path, System.getProperty("sonarlint.ssl.trustStorePassword", SonarLintInputProject.SONARLINT_FAKE_PROJECT_KEY).toCharArray(), System.getProperty("sonarlint.ssl.trustStoreType", "PKCS12"), predicate);
    }

    private static void configureKeyStore(SSLFactory.Builder builder, Optional<Path> optional) {
        Path path = (Path) Optional.ofNullable(System.getProperty("sonarlint.ssl.keyStorePath")).map(str -> {
            return Paths.get(str, new String[0]);
        }).orElse((Path) optional.map(path2 -> {
            return path2.resolve("ssl/keystore.p12");
        }).orElse(null));
        if (path == null || !Files.exists(path, new LinkOption[0])) {
            return;
        }
        builder.withIdentityMaterial(path, System.getProperty("sonarlint.ssl.keyStorePassword", SonarLintInputProject.SONARLINT_FAKE_PROJECT_KEY).toCharArray(), System.getProperty("sonarlint.ssl.keyStoreType", "PKCS12"));
    }

    private static Optional<Timeout> getTimeoutFromSystemProp(String str) {
        return Optional.ofNullable(System.getProperty(str)).map(str2 -> {
            try {
                return Duration.ofMinutes(Integer.parseInt(str2));
            } catch (NumberFormatException e) {
                return Duration.parse(str2);
            }
        }).map(duration -> {
            return Timeout.of(duration.toMillis(), TimeUnit.MILLISECONDS);
        });
    }

    public HttpClient getHttpClient() {
        return new ApacheHttpClientAdapter(this.sharedClient, null, null);
    }

    public HttpClient getHttpClientWithPreemptiveAuth(String str, @Nullable String str2) {
        return new ApacheHttpClientAdapter(this.sharedClient, str, str2);
    }

    @PreDestroy
    public void close() {
        this.sharedClient.close(CloseMode.IMMEDIATE);
    }
}
