package org.owasp.dependencycheck.utils;

import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import java.io.IOException;
import java.net.Authenticator;
import java.net.HttpURLConnection;
import java.net.InetSocketAddress;
import java.net.PasswordAuthentication;
import java.net.Proxy;
import java.net.URL;
import java.net.URLConnection;
import java.nio.charset.StandardCharsets;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;
import javax.net.ssl.HttpsURLConnection;
import org.apache.commons.lang3.StringUtils;
import org.owasp.dependencycheck.utils.Settings;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.sonatype.ossindex.service.client.transport.ProxyConfiguration;

/* loaded from: input_file:WEB-INF/lib/dependency-check-utils-5.3.2.jar:org/owasp/dependencycheck/utils/URLConnectionFactory.class */
public final class URLConnectionFactory {
    private static final Logger LOGGER = LoggerFactory.getLogger(URLConnectionFactory.class);
    private final Settings settings;

    public URLConnectionFactory(Settings settings) {
        this.settings = settings;
    }

    @SuppressFBWarnings(justification = "yes, there is a redundant null check in the catch - to suppress warnings we are leaving the null check", value = {"RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE"})
    public HttpURLConnection createHttpURLConnection(URL url) throws URLConnectionFailureException {
        HttpURLConnection httpURLConnection = null;
        final String string = this.settings.getString(Settings.KEYS.PROXY_SERVER);
        if (string != null) {
            try {
                if (!matchNonProxy(url)) {
                    InetSocketAddress inetSocketAddress = new InetSocketAddress(string, this.settings.getInt(Settings.KEYS.PROXY_PORT));
                    final String string2 = this.settings.getString(Settings.KEYS.PROXY_USERNAME);
                    final String string3 = this.settings.getString(Settings.KEYS.PROXY_PASSWORD);
                    if (string2 != null && string3 != null) {
                        Authenticator.setDefault(new Authenticator() { // from class: org.owasp.dependencycheck.utils.URLConnectionFactory.1
                            @Override // java.net.Authenticator
                            public PasswordAuthentication getPasswordAuthentication() {
                                if (!string.equals(getRequestingHost()) && !getRequestorType().equals(Authenticator.RequestorType.PROXY)) {
                                    return super.getPasswordAuthentication();
                                }
                                URLConnectionFactory.LOGGER.debug("Using the configured proxy username and password");
                                if (URLConnectionFactory.this.settings.getBoolean(Settings.KEYS.PROXY_DISABLE_SCHEMAS, true)) {
                                    System.setProperty("jdk.http.auth.tunneling.disabledSchemes", "");
                                }
                                return new PasswordAuthentication(string2, string3.toCharArray());
                            }
                        });
                    }
                    httpURLConnection = (HttpURLConnection) url.openConnection(new Proxy(Proxy.Type.HTTP, inetSocketAddress));
                    httpURLConnection.setConnectTimeout(this.settings.getInt(Settings.KEYS.CONNECTION_TIMEOUT, 10000));
                    httpURLConnection.setInstanceFollowRedirects(true);
                    configureTLS(url, httpURLConnection);
                    addAuthenticationIfPresent(httpURLConnection);
                    return httpURLConnection;
                }
            } catch (IOException e) {
                if (httpURLConnection != null) {
                    try {
                        httpURLConnection.disconnect();
                    } catch (Throwable th) {
                        throw th;
                    }
                }
                throw new URLConnectionFailureException("Error getting connection.", e);
            }
        }
        httpURLConnection = (HttpURLConnection) url.openConnection();
        httpURLConnection.setConnectTimeout(this.settings.getInt(Settings.KEYS.CONNECTION_TIMEOUT, 10000));
        httpURLConnection.setInstanceFollowRedirects(true);
        configureTLS(url, httpURLConnection);
        addAuthenticationIfPresent(httpURLConnection);
        return httpURLConnection;
    }

    private void addAuthenticationIfPresent(HttpURLConnection httpURLConnection) {
        String userInfo = httpURLConnection.getURL().getUserInfo();
        if (userInfo != null) {
            String str = "Basic " + Base64.getEncoder().encodeToString(userInfo.getBytes(StandardCharsets.UTF_8));
            if (LOGGER.isDebugEnabled()) {
                LOGGER.debug("Adding user info as basic authorization");
            }
            httpURLConnection.addRequestProperty("Authorization", str);
        }
    }

    private boolean matchNonProxy(URL url) {
        String host = url.getHost();
        String string = this.settings.getString(Settings.KEYS.PROXY_NON_PROXY_HOSTS);
        if (null == string) {
            return false;
        }
        for (String str : string.split("(,)|(;)|(\\|)")) {
            if (null != str && str.contains("*")) {
                int indexOf = str.indexOf(42);
                String substring = str.substring(0, indexOf);
                String substring2 = str.substring(indexOf + 1);
                if (!StringUtils.isEmpty(substring) && host.startsWith(substring) && StringUtils.isEmpty(substring2)) {
                    return true;
                }
                if (StringUtils.isEmpty(substring) && !StringUtils.isEmpty(substring2) && host.endsWith(substring2)) {
                    return true;
                }
                if (!StringUtils.isEmpty(substring) && host.startsWith(substring) && !StringUtils.isEmpty(substring2) && host.endsWith(substring2)) {
                    return true;
                }
            } else if (host.equals(str)) {
                return true;
            }
        }
        return false;
    }

    public HttpURLConnection createHttpURLConnection(URL url, boolean z) throws URLConnectionFailureException {
        if (z) {
            return createHttpURLConnection(url);
        }
        try {
            HttpURLConnection httpURLConnection = (HttpURLConnection) url.openConnection();
            httpURLConnection.setConnectTimeout(this.settings.getInt(Settings.KEYS.CONNECTION_TIMEOUT, 10000));
            httpURLConnection.setInstanceFollowRedirects(true);
            configureTLS(url, httpURLConnection);
            addAuthenticationIfPresent(httpURLConnection);
            return httpURLConnection;
        } catch (IOException e) {
            throw new URLConnectionFailureException("Error getting connection.", e);
        }
    }

    private void configureTLS(URL url, URLConnection uRLConnection) {
        if (ProxyConfiguration.HTTPS.equals(url.getProtocol())) {
            try {
                ((HttpsURLConnection) uRLConnection).setSSLSocketFactory(new SSLSocketFactoryEx(this.settings));
            } catch (KeyManagementException e) {
                LOGGER.debug("Key management exception in SSLSocketFactoryEx", e);
            } catch (NoSuchAlgorithmException e2) {
                LOGGER.debug("Unsupported algorithm in SSLSocketFactoryEx", e2);
            }
        }
    }
}
