package org.sonatype.nexus.apachehttpclient;

import com.google.common.base.Preconditions;
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import com.google.common.collect.Sets;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.concurrent.TimeUnit;
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;
import org.apache.http.HttpException;
import org.apache.http.HttpHost;
import org.apache.http.HttpRequest;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.Credentials;
import org.apache.http.auth.NTCredentials;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.protocol.ResponseContentEncoding;
import org.apache.http.conn.HttpClientConnectionManager;
import org.apache.http.impl.client.StandardHttpRequestRetryHandler;
import org.apache.http.impl.conn.DefaultSchemePortResolver;
import org.apache.http.message.BasicHeader;
import org.apache.http.protocol.HttpContext;
import org.apache.http.protocol.HttpProcessor;
import org.apache.http.protocol.HttpRequestExecutor;
import org.sonatype.nexus.apachehttpclient.Hc4Provider;
import org.sonatype.nexus.proxy.repository.ClientSSLRemoteAuthenticationSettings;
import org.sonatype.nexus.proxy.repository.NtlmRemoteAuthenticationSettings;
import org.sonatype.nexus.proxy.repository.RemoteAuthenticationSettings;
import org.sonatype.nexus.proxy.repository.RemoteProxySettings;
import org.sonatype.nexus.proxy.repository.UsernamePasswordRemoteAuthenticationSettings;
import org.sonatype.nexus.proxy.storage.remote.RemoteStorageContext;
import org.sonatype.nexus.proxy.utils.UserAgentBuilder;
import org.sonatype.nexus.util.SystemPropertiesHelper;
import org.sonatype.sisu.goodies.common.ComponentSupport;

/* loaded from: input_file:WEB-INF/lib/nexus-core-2.14.20-02.jar:org/sonatype/nexus/apachehttpclient/Hc4ProviderBase.class */
public class Hc4ProviderBase extends ComponentSupport {
    private static final String KEEP_ALIVE_MAX_DURATION_KEY = "nexus.apacheHttpClient4x.keepAliveMaxDuration";
    private static final long KEEP_ALIVE_MAX_DURATION_DEFAULT = TimeUnit.SECONDS.toMillis(30);
    private final UserAgentBuilder userAgentBuilder;

    public Hc4ProviderBase(UserAgentBuilder userAgentBuilder) {
        this.userAgentBuilder = (UserAgentBuilder) Preconditions.checkNotNull(userAgentBuilder);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Hc4Provider.Builder prepareHttpClient(RemoteStorageContext remoteStorageContext, HttpClientConnectionManager httpClientConnectionManager) {
        Hc4Provider.Builder builder = new Hc4Provider.Builder();
        builder.getHttpClientBuilder().setConnectionManager(httpClientConnectionManager);
        builder.getHttpClientBuilder().addInterceptorFirst(new ResponseContentEncoding());
        applyConfig(builder, remoteStorageContext);
        applyAuthenticationConfig(builder, remoteStorageContext.getRemoteAuthenticationSettings(), null);
        applyProxyConfig(builder, remoteStorageContext.getRemoteProxySettings());
        builder.getHttpClientBuilder().setRetryHandler(new StandardHttpRequestRetryHandler(remoteStorageContext.getRemoteConnectionSettings() != null ? remoteStorageContext.getRemoteConnectionSettings().getRetrievalRetryCount() : 0, false));
        builder.getHttpClientBuilder().setKeepAliveStrategy(new NexusConnectionKeepAliveStrategy(getKeepAliveMaxDuration()));
        return builder;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void applyConfig(Hc4Provider.Builder builder, RemoteStorageContext remoteStorageContext) {
        builder.getSocketConfigBuilder().setSoTimeout(getSoTimeout(remoteStorageContext));
        builder.getConnectionConfigBuilder().setBufferSize(8192);
        builder.getRequestConfigBuilder().setCookieSpec("ignoreCookies");
        builder.getRequestConfigBuilder().setExpectContinueEnabled(false);
        builder.getRequestConfigBuilder().setStaleConnectionCheckEnabled(false);
        builder.getRequestConfigBuilder().setConnectTimeout(getConnectionTimeout(remoteStorageContext));
        builder.getRequestConfigBuilder().setSocketTimeout(getSoTimeout(remoteStorageContext));
        final String formatUserAgentString = this.userAgentBuilder.formatUserAgentString(remoteStorageContext);
        builder.getHttpClientBuilder().setUserAgent(formatUserAgentString);
        builder.getHttpClientBuilder().setRequestExecutor(new HttpRequestExecutor() { // from class: org.sonatype.nexus.apachehttpclient.Hc4ProviderBase.1
            @Override // org.apache.http.protocol.HttpRequestExecutor
            public void preProcess(HttpRequest httpRequest, HttpProcessor httpProcessor, HttpContext httpContext) throws HttpException, IOException {
                if (!httpRequest.containsHeader("User-Agent")) {
                    httpRequest.addHeader(new BasicHeader("User-Agent", formatUserAgentString));
                }
                super.preProcess(httpRequest, httpProcessor, httpContext);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public long getKeepAliveMaxDuration() {
        return SystemPropertiesHelper.getLong(KEEP_ALIVE_MAX_DURATION_KEY, KEEP_ALIVE_MAX_DURATION_DEFAULT);
    }

    protected int getConnectionTimeout(RemoteStorageContext remoteStorageContext) {
        if (remoteStorageContext.getRemoteConnectionSettings() != null) {
            return remoteStorageContext.getRemoteConnectionSettings().getConnectionTimeout();
        }
        return 1000;
    }

    protected int getSoTimeout(RemoteStorageContext remoteStorageContext) {
        return getConnectionTimeout(remoteStorageContext);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean reuseConnectionsNeeded(RemoteStorageContext remoteStorageContext) {
        if (remoteStorageContext == null) {
            return false;
        }
        if (remoteStorageContext.getRemoteAuthenticationSettings() instanceof NtlmRemoteAuthenticationSettings) {
            return true;
        }
        if (remoteStorageContext.getRemoteProxySettings() == null) {
            return false;
        }
        if (remoteStorageContext.getRemoteProxySettings().getHttpProxySettings() == null || !(remoteStorageContext.getRemoteProxySettings().getHttpProxySettings().getProxyAuthentication() instanceof NtlmRemoteAuthenticationSettings)) {
            return remoteStorageContext.getRemoteProxySettings().getHttpsProxySettings() != null && (remoteStorageContext.getRemoteProxySettings().getHttpsProxySettings().getProxyAuthentication() instanceof NtlmRemoteAuthenticationSettings);
        }
        return true;
    }

    protected void applyAuthenticationConfig(Hc4Provider.Builder builder, RemoteAuthenticationSettings remoteAuthenticationSettings, HttpHost httpHost) {
        if (remoteAuthenticationSettings != null) {
            String str = httpHost != null ? httpHost.toHostString() + " proxy" : "target";
            ArrayList newArrayListWithExpectedSize = Lists.newArrayListWithExpectedSize(3);
            newArrayListWithExpectedSize.add("Digest");
            newArrayListWithExpectedSize.add("Basic");
            Credentials credentials = null;
            if (remoteAuthenticationSettings instanceof ClientSSLRemoteAuthenticationSettings) {
                throw new IllegalArgumentException("SSL client authentication not yet supported!");
            }
            if (remoteAuthenticationSettings instanceof NtlmRemoteAuthenticationSettings) {
                NtlmRemoteAuthenticationSettings ntlmRemoteAuthenticationSettings = (NtlmRemoteAuthenticationSettings) remoteAuthenticationSettings;
                newArrayListWithExpectedSize.add(0, "NTLM");
                this.log.debug("{} authentication setup for NTLM domain '{}'", str, ntlmRemoteAuthenticationSettings.getNtlmDomain());
                credentials = new NTCredentials(ntlmRemoteAuthenticationSettings.getUsername(), ntlmRemoteAuthenticationSettings.getPassword(), ntlmRemoteAuthenticationSettings.getNtlmHost(), ntlmRemoteAuthenticationSettings.getNtlmDomain());
            } else if (remoteAuthenticationSettings instanceof UsernamePasswordRemoteAuthenticationSettings) {
                UsernamePasswordRemoteAuthenticationSettings usernamePasswordRemoteAuthenticationSettings = (UsernamePasswordRemoteAuthenticationSettings) remoteAuthenticationSettings;
                this.log.debug("{} authentication setup for remote storage with username '{}'", str, usernamePasswordRemoteAuthenticationSettings.getUsername());
                credentials = new UsernamePasswordCredentials(usernamePasswordRemoteAuthenticationSettings.getUsername(), usernamePasswordRemoteAuthenticationSettings.getPassword());
            }
            if (credentials != null) {
                if (httpHost != null) {
                    builder.setCredentials(new AuthScope(httpHost), credentials);
                    builder.getRequestConfigBuilder().setProxyPreferredAuthSchemes(newArrayListWithExpectedSize);
                } else {
                    builder.setCredentials(AuthScope.ANY, credentials);
                    builder.getRequestConfigBuilder().setTargetPreferredAuthSchemes(newArrayListWithExpectedSize);
                }
            }
        }
    }

    protected void applyProxyConfig(Hc4Provider.Builder builder, RemoteProxySettings remoteProxySettings) {
        if (remoteProxySettings == null || remoteProxySettings.getHttpProxySettings() == null || !remoteProxySettings.getHttpProxySettings().isEnabled()) {
            return;
        }
        HashMap newHashMap = Maps.newHashMap();
        HttpHost httpHost = new HttpHost(remoteProxySettings.getHttpProxySettings().getHostname(), remoteProxySettings.getHttpProxySettings().getPort());
        applyAuthenticationConfig(builder, remoteProxySettings.getHttpProxySettings().getProxyAuthentication(), httpHost);
        this.log.debug("http proxy setup with host '{}'", remoteProxySettings.getHttpProxySettings().getHostname());
        newHashMap.put("http", httpHost);
        newHashMap.put("https", httpHost);
        if (remoteProxySettings.getHttpsProxySettings() != null && remoteProxySettings.getHttpsProxySettings().isEnabled()) {
            HttpHost httpHost2 = new HttpHost(remoteProxySettings.getHttpsProxySettings().getHostname(), remoteProxySettings.getHttpsProxySettings().getPort());
            applyAuthenticationConfig(builder, remoteProxySettings.getHttpsProxySettings().getProxyAuthentication(), httpHost2);
            this.log.debug("https proxy setup with host '{}'", remoteProxySettings.getHttpsProxySettings().getHostname());
            newHashMap.put("https", httpHost2);
        }
        HashSet newHashSet = Sets.newHashSet();
        if (remoteProxySettings.getNonProxyHosts() != null && !remoteProxySettings.getNonProxyHosts().isEmpty()) {
            for (String str : remoteProxySettings.getNonProxyHosts()) {
                try {
                    newHashSet.add(Pattern.compile(str, 2));
                } catch (PatternSyntaxException e) {
                    this.log.warn("Invalid non proxy host regex: {}", str, e);
                }
            }
        }
        builder.getHttpClientBuilder().setRoutePlanner(new NexusHttpRoutePlanner(newHashMap, newHashSet, DefaultSchemePortResolver.INSTANCE));
    }
}
