package eu.europa.esig.dss.service.http.commons;

import eu.europa.esig.dss.model.DSSDocument;
import eu.europa.esig.dss.service.http.proxy.ProxyConfig;
import eu.europa.esig.dss.service.http.proxy.ProxyProperties;
import eu.europa.esig.dss.spi.DSSUtils;
import eu.europa.esig.dss.spi.client.http.DataLoader;
import eu.europa.esig.dss.spi.client.http.Protocol;
import eu.europa.esig.dss.spi.exception.DSSDataLoaderMultipleException;
import eu.europa.esig.dss.spi.exception.DSSExternalResourceException;
import eu.europa.esig.dss.utils.Utils;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.util.Collection;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.StringTokenizer;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.InitialDirContext;
import javax.net.ssl.HostnameVerifier;
import org.apache.hc.client5.http.HttpRequestRetryStrategy;
import org.apache.hc.client5.http.auth.AuthScope;
import org.apache.hc.client5.http.auth.Credentials;
import org.apache.hc.client5.http.auth.UsernamePasswordCredentials;
import org.apache.hc.client5.http.classic.methods.HttpGet;
import org.apache.hc.client5.http.classic.methods.HttpPost;
import org.apache.hc.client5.http.classic.methods.HttpUriRequest;
import org.apache.hc.client5.http.classic.methods.HttpUriRequestBase;
import org.apache.hc.client5.http.config.ConnectionConfig;
import org.apache.hc.client5.http.config.RequestConfig;
import org.apache.hc.client5.http.impl.auth.BasicCredentialsProvider;
import org.apache.hc.client5.http.impl.auth.BasicScheme;
import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
import org.apache.hc.client5.http.impl.classic.HttpClientBuilder;
import org.apache.hc.client5.http.impl.classic.HttpClients;
import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager;
import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
import org.apache.hc.client5.http.impl.routing.DefaultProxyRoutePlanner;
import org.apache.hc.client5.http.io.HttpClientConnectionManager;
import org.apache.hc.client5.http.protocol.HttpClientContext;
import org.apache.hc.client5.http.ssl.DefaultHostnameVerifier;
import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory;
import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactoryBuilder;
import org.apache.hc.core5.http.ContentType;
import org.apache.hc.core5.http.HttpException;
import org.apache.hc.core5.http.HttpHost;
import org.apache.hc.core5.http.io.HttpClientResponseHandler;
import org.apache.hc.core5.http.io.SocketConfig;
import org.apache.hc.core5.http.io.entity.BufferedHttpEntity;
import org.apache.hc.core5.http.io.entity.InputStreamEntity;
import org.apache.hc.core5.http.protocol.HttpContext;
import org.apache.hc.core5.ssl.SSLContextBuilder;
import org.apache.hc.core5.ssl.TrustStrategy;
import org.apache.hc.core5.util.TimeValue;
import org.apache.hc.core5.util.Timeout;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/europa/esig/dss/service/http/commons/CommonsDataLoader.class */
public class CommonsDataLoader implements DataLoader {
    private static final long serialVersionUID = -805432648564425522L;
    private static final int CONNECTIONS_MAX_TOTAL = 20;
    private static final int CONNECTIONS_MAX_PER_ROUTE = 2;
    private static final String CONTENT_TYPE = "Content-Type";
    protected String contentType;
    private ProxyConfig proxyConfig;
    private Timeout timeoutConnection;
    private Timeout timeoutConnectionRequest;
    private Timeout timeoutResponse;
    private Timeout timeoutSocket;
    private TimeValue connectionKeepAlive;
    private int connectionsMaxTotal;
    private int connectionsMaxPerRoute;
    private TimeValue connectionTimeToLive;
    private boolean redirectsEnabled;
    private boolean useSystemProperties;
    private Map<HostConnection, UserCredentials> authenticationMap;
    private String sslProtocol;
    private DSSDocument sslKeystore;
    private String sslKeystoreType;
    private char[] sslKeystorePassword;
    private boolean loadKeyStoreAsTrustMaterial;
    private DSSDocument sslTruststore;
    private String sslTruststoreType;
    private char[] sslTruststorePassword;
    private transient TrustStrategy trustStrategy;
    private String[] supportedSSLProtocols;
    private String[] supportedSSLCipherSuites;
    private transient HostnameVerifier hostnameVerifier;
    private transient HttpRequestRetryStrategy retryStrategy;
    private boolean preemptiveAuthentication;
    private transient HttpClientResponseHandler<byte[]> httpClientResponseHandler;
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) CommonsDataLoader.class);
    private static final Timeout TIMEOUT_CONNECTION = toTimeoutMilliseconds(60000);
    private static final Timeout TIMEOUT_SOCKET = toTimeoutMilliseconds(60000);
    private static final TimeValue CONNECTION_TIME_TO_LIVE = toTimeValueMilliseconds(60000);

    public CommonsDataLoader() {
        this.timeoutConnection = TIMEOUT_CONNECTION;
        this.timeoutConnectionRequest = TIMEOUT_CONNECTION;
        this.timeoutResponse = TIMEOUT_CONNECTION;
        this.timeoutSocket = TIMEOUT_SOCKET;
        this.connectionKeepAlive = CONNECTION_TIME_TO_LIVE;
        this.connectionsMaxTotal = 20;
        this.connectionsMaxPerRoute = 2;
        this.connectionTimeToLive = CONNECTION_TIME_TO_LIVE;
        this.redirectsEnabled = true;
        this.useSystemProperties = false;
        this.sslKeystoreType = KeyStore.getDefaultType();
        this.sslKeystorePassword = new char[0];
        this.loadKeyStoreAsTrustMaterial = false;
        this.sslTruststoreType = KeyStore.getDefaultType();
        this.sslTruststorePassword = new char[0];
        this.hostnameVerifier = new DefaultHostnameVerifier();
        this.httpClientResponseHandler = new CommonsHttpClientResponseHandler();
    }

    public CommonsDataLoader(String str) {
        this.timeoutConnection = TIMEOUT_CONNECTION;
        this.timeoutConnectionRequest = TIMEOUT_CONNECTION;
        this.timeoutResponse = TIMEOUT_CONNECTION;
        this.timeoutSocket = TIMEOUT_SOCKET;
        this.connectionKeepAlive = CONNECTION_TIME_TO_LIVE;
        this.connectionsMaxTotal = 20;
        this.connectionsMaxPerRoute = 2;
        this.connectionTimeToLive = CONNECTION_TIME_TO_LIVE;
        this.redirectsEnabled = true;
        this.useSystemProperties = false;
        this.sslKeystoreType = KeyStore.getDefaultType();
        this.sslKeystorePassword = new char[0];
        this.loadKeyStoreAsTrustMaterial = false;
        this.sslTruststoreType = KeyStore.getDefaultType();
        this.sslTruststorePassword = new char[0];
        this.hostnameVerifier = new DefaultHostnameVerifier();
        this.httpClientResponseHandler = new CommonsHttpClientResponseHandler();
        this.contentType = str;
    }

    public int getTimeoutConnection() {
        return this.timeoutConnection.toMillisecondsIntBound();
    }

    public void setTimeoutConnection(int i) {
        this.timeoutConnection = toTimeoutMilliseconds(i);
    }

    public int getTimeoutConnectionRequest() {
        return this.timeoutConnectionRequest.toMillisecondsIntBound();
    }

    public void setTimeoutConnectionRequest(int i) {
        this.timeoutConnectionRequest = toTimeoutMilliseconds(i);
    }

    public int getTimeoutResponse() {
        return this.timeoutResponse.toMillisecondsIntBound();
    }

    public void setTimeoutResponse(int i) {
        this.timeoutResponse = toTimeoutMilliseconds(i);
    }

    public int getTimeoutSocket() {
        return this.timeoutSocket.toMillisecondsIntBound();
    }

    public void setTimeoutSocket(int i) {
        this.timeoutSocket = toTimeoutMilliseconds(i);
    }

    public int getConnectionKeepAlive() {
        return this.connectionKeepAlive.toMillisecondsIntBound();
    }

    public void setConnectionKeepAlive(int i) {
        this.connectionKeepAlive = toTimeValueMilliseconds(i);
    }

    public int getConnectionsMaxTotal() {
        return this.connectionsMaxTotal;
    }

    public void setConnectionsMaxTotal(int i) {
        this.connectionsMaxTotal = i;
    }

    public int getConnectionsMaxPerRoute() {
        return this.connectionsMaxPerRoute;
    }

    public void setConnectionsMaxPerRoute(int i) {
        this.connectionsMaxPerRoute = i;
    }

    public int getConnectionTimeToLive() {
        return this.connectionTimeToLive.toMillisecondsIntBound();
    }

    public void setConnectionTimeToLive(int i) {
        this.connectionTimeToLive = toTimeValueMilliseconds(i);
    }

    public boolean isRedirectsEnabled() {
        return this.redirectsEnabled;
    }

    public void setRedirectsEnabled(boolean z) {
        this.redirectsEnabled = z;
    }

    public boolean isUseSystemProperties() {
        return this.useSystemProperties;
    }

    public void setUseSystemProperties(boolean z) {
        this.useSystemProperties = z;
    }

    public String getContentType() {
        return this.contentType;
    }

    @Override // eu.europa.esig.dss.spi.client.http.DataLoader
    public void setContentType(String str) {
        this.contentType = str;
    }

    public ProxyConfig getProxyConfig() {
        return this.proxyConfig;
    }

    public void setProxyConfig(ProxyConfig proxyConfig) {
        this.proxyConfig = proxyConfig;
    }

    public void setSslProtocol(String str) {
        this.sslProtocol = str;
    }

    public void setSslKeystore(DSSDocument dSSDocument) {
        this.sslKeystore = dSSDocument;
    }

    public void setKeyStoreAsTrustMaterial(boolean z) {
        this.loadKeyStoreAsTrustMaterial = z;
    }

    public void setSslKeystoreType(String str) {
        this.sslKeystoreType = str;
    }

    public void setSslKeystorePassword(char[] cArr) {
        this.sslKeystorePassword = cArr;
    }

    public void setSslTruststore(DSSDocument dSSDocument) {
        this.sslTruststore = dSSDocument;
    }

    public void setSslTruststorePassword(char[] cArr) {
        this.sslTruststorePassword = cArr;
    }

    public void setSslTruststoreType(String str) {
        this.sslTruststoreType = str;
    }

    public Map<HostConnection, UserCredentials> getAuthenticationMap() {
        if (this.authenticationMap == null) {
            this.authenticationMap = new HashMap();
        }
        return this.authenticationMap;
    }

    public void setAuthenticationMap(Map<HostConnection, UserCredentials> map) {
        this.authenticationMap = map;
    }

    public CommonsDataLoader addAuthentication(HostConnection hostConnection, UserCredentials userCredentials) {
        getAuthenticationMap().put(hostConnection, userCredentials);
        return this;
    }

    public void setPreemptiveAuthentication(boolean z) {
        this.preemptiveAuthentication = z;
    }

    public CommonsDataLoader addAuthentication(String str, int i, String str2, String str3, char[] cArr) {
        return addAuthentication(new HostConnection(str, i, str2), new UserCredentials(str3, cArr));
    }

    public void setRetryStrategy(HttpRequestRetryStrategy httpRequestRetryStrategy) {
        this.retryStrategy = httpRequestRetryStrategy;
    }

    public String[] getSupportedSSLProtocols() {
        return this.supportedSSLProtocols;
    }

    public void setSupportedSSLProtocols(String[] strArr) {
        this.supportedSSLProtocols = strArr;
    }

    public String[] getSupportedSSLCipherSuites() {
        return this.supportedSSLCipherSuites;
    }

    public void setSupportedSSLCipherSuites(String[] strArr) {
        this.supportedSSLCipherSuites = strArr;
    }

    public HostnameVerifier getHostnameVerifier() {
        return this.hostnameVerifier;
    }

    public void setHostnameVerifier(HostnameVerifier hostnameVerifier) {
        this.hostnameVerifier = hostnameVerifier;
    }

    public TrustStrategy getTrustStrategy() {
        return this.trustStrategy;
    }

    public void setTrustStrategy(TrustStrategy trustStrategy) {
        this.trustStrategy = trustStrategy;
    }

    public HttpClientResponseHandler<byte[]> getHttpClientResponseHandler() {
        return this.httpClientResponseHandler;
    }

    public void setHttpClientResponseHandler(HttpClientResponseHandler<byte[]> httpClientResponseHandler) {
        Objects.requireNonNull(httpClientResponseHandler, "HttpClientResponseHandler cannot be null!");
        this.httpClientResponseHandler = httpClientResponseHandler;
    }

    @Override // eu.europa.esig.dss.spi.client.http.DataLoader
    public byte[] get(String str) {
        if (Protocol.isFileUrl(str)) {
            return fileGet(str);
        }
        if (Protocol.isHttpUrl(str)) {
            return httpGet(str);
        }
        if (Protocol.isFtpUrl(str)) {
            return ftpGet(str);
        }
        if (Protocol.isLdapUrl(str)) {
            return ldapGet(str);
        }
        LOG.warn("DSS framework only supports FILE, HTTP, HTTPS, FTP and LDAP Urls.");
        return httpGet(str);
    }

    @Override // eu.europa.esig.dss.spi.client.http.DataLoader
    public DataLoader.DataAndUrl get(List<String> list) {
        byte[] bArr;
        if (Utils.isCollectionEmpty(list)) {
            throw new DSSExternalResourceException("Cannot process the GET call. List of URLs is empty!");
        }
        HashMap hashMap = new HashMap();
        for (String str : list) {
            LOG.debug("Processing a GET call to URL [{}]...", str);
            try {
                bArr = get(str);
            } catch (Exception e) {
                LOG.warn("Cannot obtain data using '{}' : {}", str, e.getMessage());
                hashMap.put(str, e);
            }
            if (!Utils.isArrayEmpty(bArr)) {
                return new DataLoader.DataAndUrl(str, bArr);
            }
            LOG.debug("The retrieved content from URL [{}] is empty. Continue with other URLs...", str);
        }
        throw new DSSDataLoaderMultipleException(hashMap);
    }

    protected byte[] ldapGet(String str) {
        String encode = LdapURLUtils.encode(str);
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", encode);
        try {
            StringTokenizer stringTokenizer = new StringTokenizer(Utils.substringAfter(encode, "?"), "?");
            String nextToken = stringTokenizer.hasMoreTokens() ? stringTokenizer.nextToken() : null;
            if (Utils.isStringEmpty(nextToken)) {
                nextToken = "certificateRevocationList;binary";
            }
            Attributes attributes = new InitialDirContext(hashtable).getAttributes("", new String[]{nextToken});
            if (attributes == null || attributes.size() < 1) {
                throw new DSSExternalResourceException(String.format("Cannot download binaries from: [%s], no attributes with name: [%s] returned", encode, nextToken));
            }
            byte[] bArr = (byte[]) ((Attribute) attributes.getAll().next()).get();
            if (Utils.isArrayNotEmpty(bArr)) {
                return bArr;
            }
            throw new DSSExternalResourceException(String.format("The retrieved ldap content from url [%s] is empty", encode));
        } catch (DSSExternalResourceException e) {
            throw e;
        } catch (Exception e2) {
            throw new DSSExternalResourceException(String.format("Cannot get data from URL [%s]. Reason : [%s]", encode, e2.getMessage()), e2);
        }
    }

    protected byte[] ftpGet(String str) {
        try {
            InputStream openStream = getURL(str).openStream();
            try {
                byte[] byteArray = DSSUtils.toByteArray(openStream);
                if (openStream != null) {
                    openStream.close();
                }
                return byteArray;
            } finally {
            }
        } catch (IOException e) {
            throw new DSSExternalResourceException(String.format("Unable to retrieve file from URL %s. Reason : [%s]", str, e.getMessage()), e);
        }
    }

    protected byte[] fileGet(String str) {
        return ftpGet(str);
    }

    private URL getURL(String str) {
        try {
            return new URL(str);
        } catch (MalformedURLException e) {
            throw new DSSExternalResourceException("Unable to create URL instance", e);
        }
    }

    protected byte[] httpGet(String str) {
        HttpGet httpGet = null;
        CloseableHttpClient closeableHttpClient = null;
        try {
            try {
                httpGet = getHttpRequest(str);
                closeableHttpClient = getHttpClient(str);
                byte[] execute = execute(closeableHttpClient, httpGet);
                closeQuietly(httpGet, closeableHttpClient);
                return execute;
            } catch (IOException | URISyntaxException e) {
                throw new DSSExternalResourceException(String.format("Unable to process GET call for url [%s]. Reason : [%s]", str, DSSUtils.getExceptionMessage(e)), e);
            }
        } catch (Throwable th) {
            closeQuietly(httpGet, closeableHttpClient);
            throw th;
        }
    }

    @Override // eu.europa.esig.dss.spi.client.http.DataLoader
    public byte[] post(String str, byte[] bArr) {
        LOG.debug("Fetching data via POST from url {}", str);
        HttpUriRequestBase httpUriRequestBase = null;
        CloseableHttpClient closeableHttpClient = null;
        try {
            try {
                httpUriRequestBase = new HttpPost(URI.create(Utils.trim(str)));
                httpUriRequestBase.setEntity(new BufferedHttpEntity(new InputStreamEntity(new ByteArrayInputStream(bArr), bArr.length, toContentType(this.contentType))));
                closeableHttpClient = getHttpClient(str);
                byte[] execute = execute(closeableHttpClient, httpUriRequestBase);
                closeQuietly(httpUriRequestBase, closeableHttpClient);
                return execute;
            } catch (IOException e) {
                throw new DSSExternalResourceException(String.format("Unable to process POST call for url [%s]. Reason : [%s]", str, e.getMessage()), e);
            }
        } catch (Throwable th) {
            closeQuietly(httpUriRequestBase, closeableHttpClient);
            throw th;
        }
    }

    protected byte[] execute(CloseableHttpClient closeableHttpClient, HttpUriRequest httpUriRequest) throws IOException {
        HttpHost httpHost = getHttpHost(httpUriRequest);
        return (byte[]) closeableHttpClient.execute(httpHost, httpUriRequest, getHttpContext(httpHost), getHttpClientResponseHandler());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public HttpHost getHttpHost(HttpUriRequest httpUriRequest) {
        try {
            URI uri = httpUriRequest.getUri();
            return new HttpHost(uri.getScheme(), uri.getHost(), uri.getPort());
        } catch (URISyntaxException e) {
            throw new DSSExternalResourceException(String.format("Invalid URI : %s", e.getMessage()), e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public HttpContext getHttpContext(HttpHost httpHost) {
        return configurePreemptiveAuthentication(HttpClientContext.create(), httpHost);
    }

    protected HttpClientContext configurePreemptiveAuthentication(HttpClientContext httpClientContext, HttpHost httpHost) {
        if (this.preemptiveAuthentication && Utils.isMapNotEmpty(getAuthenticationMap())) {
            Credentials credentials = getCredentialsProvider().getCredentials(new AuthScope(httpHost), httpClientContext);
            BasicScheme basicScheme = new BasicScheme();
            basicScheme.initPreemptive(credentials);
            httpClientContext.resetAuthExchange(httpHost, basicScheme);
        }
        return httpClientContext;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void closeQuietly(HttpUriRequestBase httpUriRequestBase, CloseableHttpClient closeableHttpClient) {
        if (httpUriRequestBase != null) {
            try {
                httpUriRequestBase.cancel();
            } finally {
                Utils.closeQuietly(closeableHttpClient);
            }
        }
    }

    private HttpClientConnectionManager getConnectionManager() {
        PoolingHttpClientConnectionManagerBuilder maxConnPerRoute = PoolingHttpClientConnectionManagerBuilder.create().setSSLSocketFactory(getConnectionSocketFactoryHttps()).setDefaultSocketConfig(getSocketConfig()).setMaxConnTotal(getConnectionsMaxTotal()).setMaxConnPerRoute(getConnectionsMaxPerRoute());
        ConnectionConfig.Builder timeToLive = ConnectionConfig.custom().setConnectTimeout(this.timeoutConnection).setTimeToLive(this.connectionTimeToLive);
        PoolingHttpClientConnectionManager build = maxConnPerRoute.build();
        build.setDefaultConnectionConfig(timeToLive.build());
        LOG.debug("PoolingHttpClientConnectionManager: max total: {}", Integer.valueOf(build.getMaxTotal()));
        LOG.debug("PoolingHttpClientConnectionManager: max per route: {}", Integer.valueOf(build.getDefaultMaxPerRoute()));
        return build;
    }

    private SocketConfig getSocketConfig() {
        SocketConfig.Builder custom = SocketConfig.custom();
        custom.setSoTimeout(this.timeoutSocket);
        return custom.build();
    }

    private SSLConnectionSocketFactory getConnectionSocketFactoryHttps() {
        try {
            SSLContextBuilder create = SSLContextBuilder.create();
            create.setProtocol(this.sslProtocol);
            TrustStrategy trustStrategy = getTrustStrategy();
            if (trustStrategy != null) {
                LOG.debug("Set the TrustStrategy");
                create.loadTrustMaterial((KeyStore) null, trustStrategy);
            }
            KeyStore sSLTrustStore = getSSLTrustStore();
            if (sSLTrustStore != null) {
                LOG.debug("Set the SSL trust store as trust materials");
                create.loadTrustMaterial(sSLTrustStore, trustStrategy);
            }
            KeyStore sSLKeyStore = getSSLKeyStore();
            if (sSLKeyStore != null) {
                LOG.debug("Set the SSL keystore as key materials");
                create.loadKeyMaterial(sSLKeyStore, this.sslKeystorePassword);
                if (this.loadKeyStoreAsTrustMaterial) {
                    LOG.debug("Set the SSL keystore as trust materials");
                    create.loadTrustMaterial(sSLKeyStore, trustStrategy);
                }
            }
            return new SSLConnectionSocketFactoryBuilder().setSslContext(create.build()).setTlsVersions(getSupportedSSLProtocols()).setCiphers(getSupportedSSLCipherSuites()).setHostnameVerifier(getHostnameVerifier()).build();
        } catch (Exception e) {
            throw new IllegalArgumentException("Unable to configure the SSLContext/SSLConnectionSocketFactory", e);
        }
    }

    protected KeyStore getSSLKeyStore() throws IOException, GeneralSecurityException {
        return loadKeyStore(this.sslKeystore, this.sslKeystoreType, this.sslKeystorePassword);
    }

    protected KeyStore getSSLTrustStore() throws IOException, GeneralSecurityException {
        return loadKeyStore(this.sslTruststore, this.sslTruststoreType, this.sslTruststorePassword);
    }

    private KeyStore loadKeyStore(DSSDocument dSSDocument, String str, char[] cArr) throws IOException, GeneralSecurityException {
        if (dSSDocument == null) {
            return null;
        }
        InputStream openStream = dSSDocument.openStream();
        try {
            KeyStore keyStore = KeyStore.getInstance(str);
            keyStore.load(openStream, cArr);
            if (openStream != null) {
                openStream.close();
            }
            return keyStore;
        } catch (Throwable th) {
            if (openStream != null) {
                try {
                    openStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public synchronized HttpGet getHttpRequest(String str) throws URISyntaxException {
        HttpGet httpGet = new HttpGet(new URI(Utils.trim(str)));
        if (this.contentType != null) {
            httpGet.setHeader("Content-Type", this.contentType);
        }
        return httpGet;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public synchronized HttpClientBuilder getHttpClientBuilder(String str) {
        HttpClientBuilder custom = HttpClients.custom();
        if (this.useSystemProperties) {
            custom.useSystemProperties();
        }
        HttpClientBuilder configCredentials = configCredentials(custom, str);
        configCredentials.setConnectionManager(getConnectionManager()).setDefaultRequestConfig(RequestConfig.custom().setConnectionRequestTimeout(this.timeoutConnectionRequest).setResponseTimeout(this.timeoutResponse).setConnectionKeepAlive(this.connectionKeepAlive).setRedirectsEnabled(this.redirectsEnabled).build()).setRetryStrategy(this.retryStrategy);
        return configCredentials;
    }

    protected synchronized CloseableHttpClient getHttpClient(String str) {
        return getHttpClientBuilder(str).build();
    }

    private HttpClientBuilder configCredentials(HttpClientBuilder httpClientBuilder, String str) {
        BasicCredentialsProvider credentialsProvider = getCredentialsProvider();
        httpClientBuilder.setDefaultCredentialsProvider(credentialsProvider);
        return configureProxy(httpClientBuilder, credentialsProvider, str);
    }

    protected BasicCredentialsProvider getCredentialsProvider() {
        BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
        for (Map.Entry<HostConnection, UserCredentials> entry : getAuthenticationMap().entrySet()) {
            HostConnection key = entry.getKey();
            UserCredentials value = entry.getValue();
            basicCredentialsProvider.setCredentials(new AuthScope(key.getProtocol(), key.getHost(), key.getPort(), key.getRealm(), key.getScheme()), new UsernamePasswordCredentials(value.getUsername(), value.getPassword()));
        }
        return basicCredentialsProvider;
    }

    private HttpClientBuilder configureProxy(HttpClientBuilder httpClientBuilder, BasicCredentialsProvider basicCredentialsProvider, String str) {
        ProxyProperties httpProperties;
        if (this.proxyConfig == null) {
            return httpClientBuilder;
        }
        String protocol = getURL(str).getProtocol();
        boolean z = Protocol.isHttps(protocol) && this.proxyConfig.getHttpsProperties() != null;
        boolean z2 = Protocol.isHttp(protocol) && this.proxyConfig.getHttpProperties() != null;
        if (z) {
            LOG.debug("Use proxy https parameters");
            httpProperties = this.proxyConfig.getHttpsProperties();
        } else {
            if (!z2) {
                return httpClientBuilder;
            }
            LOG.debug("Use proxy http parameters");
            httpProperties = this.proxyConfig.getHttpProperties();
        }
        String scheme = httpProperties.getScheme();
        String host = httpProperties.getHost();
        int port = httpProperties.getPort();
        String user = httpProperties.getUser();
        char[] password = httpProperties.getPassword();
        final Collection<String> excludedHosts = httpProperties.getExcludedHosts();
        if (Utils.isStringNotEmpty(user) && Utils.isArrayNotEmpty(password)) {
            basicCredentialsProvider.setCredentials(new AuthScope(host, port), new UsernamePasswordCredentials(user, password));
        }
        LOG.debug("proxy host/port: {}:{}", host, Integer.valueOf(port));
        HttpHost httpHost = new HttpHost(scheme, host, port);
        if (Utils.isCollectionNotEmpty(excludedHosts)) {
            httpClientBuilder.setRoutePlanner(new DefaultProxyRoutePlanner(httpHost) { // from class: eu.europa.esig.dss.service.http.commons.CommonsDataLoader.1
                /* JADX INFO: Access modifiers changed from: protected */
                @Override // org.apache.hc.client5.http.impl.routing.DefaultProxyRoutePlanner, org.apache.hc.client5.http.impl.routing.DefaultRoutePlanner
                public HttpHost determineProxy(HttpHost httpHost2, HttpContext httpContext) throws HttpException {
                    String lowerCase = httpHost2 != null ? httpHost2.getHostName().toLowerCase() : null;
                    if (lowerCase != null) {
                        Iterator it = excludedHosts.iterator();
                        while (it.hasNext()) {
                            String lowerCase2 = ((String) it.next()).toLowerCase();
                            if (lowerCase.equals(lowerCase2) || lowerCase2.equals("*")) {
                                return null;
                            }
                            if (lowerCase2.startsWith("*.") && lowerCase.endsWith(lowerCase2.substring(1).toLowerCase())) {
                                return null;
                            }
                        }
                    }
                    return super.determineProxy(httpHost2, httpContext);
                }
            });
        }
        return httpClientBuilder.setProxy(httpHost);
    }

    private static Timeout toTimeoutMilliseconds(int i) {
        if (i >= 0) {
            return Timeout.ofMilliseconds(i);
        }
        LOG.info("A negative timeout has been provided. Use system default.");
        return null;
    }

    private static TimeValue toTimeValueMilliseconds(int i) {
        return TimeValue.ofMilliseconds(i);
    }

    private static ContentType toContentType(String str) {
        if (Utils.isStringNotBlank(str)) {
            return ContentType.create(str);
        }
        return null;
    }
}
