package org.sonarqube.ws.client;

import com.google.common.base.Strings;
import com.google.common.net.HttpHeaders;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.Proxy;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Arrays;
import java.util.concurrent.TimeUnit;
import javax.annotation.Nullable;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.ConnectionSpec;
import okhttp3.Credentials;
import okhttp3.Interceptor;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;

/* loaded from: input_file:META-INF/lib/sonar-ws-7.3.jar:org/sonarqube/ws/client/OkHttpClientBuilder.class */
public class OkHttpClientBuilder {
    private static final String NONE = "NONE";
    private static final String P11KEYSTORE = "PKCS11";
    private static final String PROXY_AUTHORIZATION = "Proxy-Authorization";
    private String userAgent;
    private Proxy proxy;
    private String credentials;
    private String proxyLogin;
    private String proxyPassword;
    private long connectTimeoutMs = -1;
    private long readTimeoutMs = -1;
    private SSLSocketFactory sslSocketFactory = null;
    private X509TrustManager sslTrustManager = null;

    public OkHttpClientBuilder setUserAgent(@Nullable String str) {
        this.userAgent = str;
        return this;
    }

    public OkHttpClientBuilder setSSLSocketFactory(@Nullable SSLSocketFactory sSLSocketFactory) {
        this.sslSocketFactory = sSLSocketFactory;
        return this;
    }

    public OkHttpClientBuilder setTrustManager(@Nullable X509TrustManager x509TrustManager) {
        this.sslTrustManager = x509TrustManager;
        return this;
    }

    public OkHttpClientBuilder setProxy(@Nullable Proxy proxy) {
        this.proxy = proxy;
        return this;
    }

    public OkHttpClientBuilder setProxyLogin(@Nullable String str) {
        this.proxyLogin = str;
        return this;
    }

    public OkHttpClientBuilder setProxyPassword(@Nullable String str) {
        this.proxyPassword = str;
        return this;
    }

    public OkHttpClientBuilder setConnectTimeoutMs(long j) {
        if (j < 0) {
            throw new IllegalArgumentException("Connect timeout must be positive. Got " + j);
        }
        this.connectTimeoutMs = j;
        return this;
    }

    public void setCredentials(String str) {
        this.credentials = str;
    }

    public OkHttpClientBuilder setReadTimeoutMs(long j) {
        if (j < 0) {
            throw new IllegalArgumentException("Read timeout must be positive. Got " + j);
        }
        this.readTimeoutMs = j;
        return this;
    }

    public OkHttpClient build() {
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        builder.proxy(this.proxy);
        if (this.connectTimeoutMs >= 0) {
            builder.connectTimeout(this.connectTimeoutMs, TimeUnit.MILLISECONDS);
        }
        if (this.readTimeoutMs >= 0) {
            builder.readTimeout(this.readTimeoutMs, TimeUnit.MILLISECONDS);
        }
        builder.addNetworkInterceptor(this::addHeaders);
        if (this.proxyLogin != null) {
            builder.proxyAuthenticator((route, response) -> {
                if (response.request().header("Proxy-Authorization") != null || 407 != response.code()) {
                    return null;
                }
                return response.request().newBuilder().header("Proxy-Authorization", Credentials.basic(this.proxyLogin, Strings.nullToEmpty(this.proxyPassword), StandardCharsets.UTF_8)).build();
            });
        }
        builder.connectionSpecs(Arrays.asList(new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).allEnabledTlsVersions().allEnabledCipherSuites().supportsTlsExtensions(true).build(), ConnectionSpec.CLEARTEXT));
        X509TrustManager systemDefaultTrustManager = this.sslTrustManager != null ? this.sslTrustManager : systemDefaultTrustManager();
        builder.sslSocketFactory(this.sslSocketFactory != null ? this.sslSocketFactory : systemDefaultSslSocketFactory(systemDefaultTrustManager), systemDefaultTrustManager);
        return builder.build();
    }

    private Response addHeaders(Interceptor.Chain chain) throws IOException {
        Request.Builder newBuilder = chain.request().newBuilder();
        if (this.userAgent != null) {
            newBuilder.header(HttpHeaders.USER_AGENT, this.userAgent);
        }
        if (this.credentials != null) {
            newBuilder.header(HttpHeaders.AUTHORIZATION, this.credentials);
        }
        return chain.proceed(newBuilder.build());
    }

    private static X509TrustManager systemDefaultTrustManager() {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager)) {
                return (X509TrustManager) trustManagers[0];
            }
            throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
        } catch (GeneralSecurityException e) {
            throw new AssertionError(e);
        }
    }

    private static SSLSocketFactory systemDefaultSslSocketFactory(X509TrustManager x509TrustManager) {
        try {
            KeyManager[] defaultKeyManager = getDefaultKeyManager();
            try {
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(defaultKeyManager, new TrustManager[]{x509TrustManager}, null);
                return sSLContext.getSocketFactory();
            } catch (GeneralSecurityException e) {
                throw new AssertionError(e);
            }
        } catch (Exception e2) {
            throw new IllegalStateException("Unable to get default key manager", e2);
        }
    }

    private static void logDebug(String str) {
        if ("all".equals(System.getProperty("javax.net.debug"))) {
            System.out.println(str);
        }
    }

    private static synchronized KeyManager[] getDefaultKeyManager() throws KeyStoreException, NoSuchProviderException, IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException {
        String property = System.getProperty("javax.net.ssl.keyStore", "");
        String property2 = System.getProperty("javax.net.ssl.keyStoreType", KeyStore.getDefaultType());
        String property3 = System.getProperty("javax.net.ssl.keyStoreProvider", "");
        logDebug("keyStore is : " + property);
        logDebug("keyStore type is : " + property2);
        logDebug("keyStore provider is : " + property3);
        if (P11KEYSTORE.equals(property2) && !NONE.equals(property)) {
            throw new IllegalArgumentException("if keyStoreType is PKCS11, then keyStore must be NONE");
        }
        KeyStore keyStore = null;
        String property4 = System.getProperty("javax.net.ssl.keyStorePassword", "");
        char[] charArray = property4.isEmpty() ? null : property4.toCharArray();
        if (!property2.isEmpty()) {
            logDebug("init keystore");
            keyStore = property3.isEmpty() ? KeyStore.getInstance(property2) : KeyStore.getInstance(property2, property3);
            if (property.isEmpty() || NONE.equals(property)) {
                keyStore.load(null, charArray);
            } else {
                FileInputStream fileInputStream = new FileInputStream(property);
                Throwable th = null;
                try {
                    try {
                        keyStore.load(fileInputStream, charArray);
                        if (fileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileInputStream.close();
                            }
                        }
                    } finally {
                    }
                } catch (Throwable th3) {
                    if (fileInputStream != null) {
                        if (th != null) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                    throw th3;
                }
            }
        }
        logDebug("init keymanager of type " + KeyManagerFactory.getDefaultAlgorithm());
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        if (P11KEYSTORE.equals(property2)) {
            keyManagerFactory.init(keyStore, null);
        } else {
            keyManagerFactory.init(keyStore, charArray);
        }
        return keyManagerFactory.getKeyManagers();
    }
}
