package com.cx.restclient.httpClient;

import com.cx.restclient.common.CxPARAM;
import com.cx.restclient.common.ErrorMessage;
import com.cx.restclient.common.UrlUtils;
import com.cx.restclient.dto.TokenLoginResponse;
import com.cx.restclient.exception.CxClientException;
import com.cx.restclient.exception.CxHTTPClientException;
import com.cx.restclient.exception.CxTokenExpiredException;
import com.cx.restclient.httpClient.utils.HttpClientHelper;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpEntity;
import org.apache.http.HttpHost;
import org.apache.http.HttpResponse;
import org.apache.http.auth.AuthSchemeProvider;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.HttpClient;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpEntityEnclosingRequestBase;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPatch;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpPut;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.client.utils.HttpClientUtils;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustAllStrategy;
import org.apache.http.entity.ContentType;
import org.apache.http.impl.NoConnectionReuseStrategy;
import org.apache.http.impl.auth.BasicSchemeFactory;
import org.apache.http.impl.auth.DigestSchemeFactory;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.client.ProxyAuthenticationStrategy;
import org.apache.http.impl.conn.DefaultProxyRoutePlanner;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.ssl.SSLContexts;
import org.slf4j.Logger;

/* loaded from: input_file:com/cx/restclient/httpClient/CxHttpClient.class */
public class CxHttpClient {
    private static String HTTP_HOST = System.getProperty("http.proxyHost");
    private static String HTTP_PORT = System.getProperty("http.proxyPort");
    private static String HTTP_USERNAME = System.getProperty("http.proxyUser");
    private static String HTTP_PASSWORD = System.getProperty("http.proxyPassword");
    private static String HTTPS_HOST = System.getProperty("https.proxyHost");
    private static String HTTPS_PORT = System.getProperty("https.proxyPort");
    private static String HTTPS_USERNAME = System.getProperty("https.proxyUser");
    private static String HTTPS_PASSWORD = System.getProperty("https.proxyPassword");
    private static HttpClient apacheClient;
    private Logger logi;
    private TokenLoginResponse token;
    private String rootUri;
    private final String username;
    private final String password;
    private String cxOrigin;

    public CxHttpClient(String str, String str2, String str3, String str4, boolean z, Logger logger, String str5, int i, String str6, String str7) throws MalformedURLException, CxClientException {
        this.logi = logger;
        this.username = str2;
        this.password = str3;
        this.rootUri = UrlUtils.parseURLToString(str, "CxRestAPI/");
        this.cxOrigin = str4;
        HttpClientBuilder custom = HttpClients.custom();
        custom.setDefaultRequestConfig(RequestConfig.custom().setCookieSpec("standard").build());
        setSSLTls(custom, "TLSv1.2", logger);
        if (z) {
            try {
                custom.setSSLSocketFactory(getSSLSF());
                custom.setConnectionManager(getHttpConnManager(true));
            } catch (CxClientException e) {
                logger.warn("Failed to disable certificate verification: " + e.getMessage());
            }
        } else {
            custom.setConnectionManager(getHttpConnManager(false));
        }
        custom.setConnectionManagerShared(true);
        if (str5 != null) {
            setCustomProxy(custom, str5, i, str6, str7, logger);
        } else {
            setProxy(custom, logger);
        }
        custom.setConnectionReuseStrategy(new NoConnectionReuseStrategy());
        custom.setDefaultAuthSchemeRegistry(getAuthSchemeProviderRegistry());
        custom.useSystemProperties();
        apacheClient = custom.build();
    }

    public CxHttpClient(String str, String str2, String str3, String str4, boolean z, Logger logger) throws MalformedURLException, CxClientException {
        this(str, str2, str3, str4, z, logger, null, 0, null, null);
    }

    private static void setCustomProxy(HttpClientBuilder httpClientBuilder, String str, int i, String str2, String str3, Logger logger) {
        HttpHost httpHost = null;
        if (!StringUtils.isEmpty(str)) {
            httpHost = new HttpHost(str, i, "http");
            if (!StringUtils.isEmpty(str2) && !StringUtils.isEmpty(str3)) {
                BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
                basicCredentialsProvider.setCredentials(new AuthScope(httpHost), new UsernamePasswordCredentials(str2, str3));
                httpClientBuilder.setDefaultCredentialsProvider(basicCredentialsProvider);
            }
        }
        if (httpHost != null) {
            logger.info("Setting proxy for Checkmarx http client");
            httpClientBuilder.setProxy(httpHost);
            httpClientBuilder.setRoutePlanner(new DefaultProxyRoutePlanner(httpHost));
            httpClientBuilder.setProxyAuthenticationStrategy(new ProxyAuthenticationStrategy());
        }
    }

    private static void setProxy(HttpClientBuilder httpClientBuilder, Logger logger) {
        HttpHost httpHost = null;
        BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
        if (!StringUtils.isEmpty(HTTPS_HOST) && !StringUtils.isEmpty(HTTPS_PORT)) {
            httpHost = new HttpHost(HTTPS_HOST, Integer.parseInt(HTTPS_PORT), "https");
            if (!StringUtils.isEmpty(HTTPS_USERNAME) && !StringUtils.isEmpty(HTTPS_PASSWORD)) {
                basicCredentialsProvider.setCredentials(new AuthScope(HTTPS_HOST, Integer.parseInt(HTTPS_PORT)), new UsernamePasswordCredentials(HTTPS_USERNAME, HTTPS_PASSWORD));
                httpClientBuilder.setDefaultCredentialsProvider(basicCredentialsProvider);
            }
        } else if (!StringUtils.isEmpty(HTTP_HOST) && !StringUtils.isEmpty(HTTP_PORT)) {
            httpHost = new HttpHost(HTTP_HOST, Integer.parseInt(HTTP_PORT), "http");
            if (!StringUtils.isEmpty(HTTP_USERNAME) && !StringUtils.isEmpty(HTTP_PASSWORD)) {
                basicCredentialsProvider.setCredentials(new AuthScope(HTTP_HOST, Integer.parseInt(HTTP_PORT)), new UsernamePasswordCredentials(HTTP_USERNAME, HTTP_PASSWORD));
                httpClientBuilder.setDefaultCredentialsProvider(basicCredentialsProvider);
            }
        }
        if (httpHost != null) {
            logger.info("Setting proxy for Checkmarx http client");
            httpClientBuilder.setRoutePlanner(new DefaultProxyRoutePlanner(httpHost));
            httpClientBuilder.setProxy(httpHost);
            httpClientBuilder.setProxyAuthenticationStrategy(new ProxyAuthenticationStrategy());
        }
    }

    private static SSLConnectionSocketFactory getSSLSF() throws CxClientException {
        try {
            return new SSLConnectionSocketFactory(SSLContexts.custom().loadTrustMaterial((KeyStore) null, new TrustAllStrategy()).build(), NoopHostnameVerifier.INSTANCE);
        } catch (KeyManagementException | KeyStoreException | NoSuchAlgorithmException e) {
            throw new CxClientException("Fail to set trust all certificate, 'SSLConnectionSocketFactory'", e);
        }
    }

    private static PoolingHttpClientConnectionManager getHttpConnManager(boolean z) throws CxClientException {
        PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager(RegistryBuilder.create().register("https", z ? getSSLSF() : new SSLConnectionSocketFactory(SSLContexts.createDefault())).register("http", new PlainConnectionSocketFactory()).build());
        poolingHttpClientConnectionManager.setMaxTotal(50);
        poolingHttpClientConnectionManager.setDefaultMaxPerRoute(5);
        return poolingHttpClientConnectionManager;
    }

    private static Registry<AuthSchemeProvider> getAuthSchemeProviderRegistry() {
        return RegistryBuilder.create().register("Digest", new DigestSchemeFactory()).register("Basic", new BasicSchemeFactory()).build();
    }

    public void login() throws IOException, CxClientException {
        UrlEncodedFormEntity generateUrlEncodedFormEntity = generateUrlEncodedFormEntity(" cxarm_api");
        HttpPost httpPost = new HttpPost(this.rootUri + CxPARAM.AUTHENTICATION);
        try {
            this.token = (TokenLoginResponse) request(httpPost, ContentType.APPLICATION_FORM_URLENCODED.toString(), generateUrlEncodedFormEntity, TokenLoginResponse.class, 200, "authenticate", false, false);
        } catch (CxClientException e) {
            if (!e.getMessage().contains("invalid_scope")) {
                throw e;
            }
            this.token = (TokenLoginResponse) request(httpPost, ContentType.APPLICATION_FORM_URLENCODED.toString(), generateUrlEncodedFormEntity(""), TokenLoginResponse.class, 200, "authenticate", false, false);
        }
    }

    private UrlEncodedFormEntity generateUrlEncodedFormEntity(String str) throws UnsupportedEncodingException {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new BasicNameValuePair("username", this.username));
        arrayList.add(new BasicNameValuePair("password", this.password));
        arrayList.add(new BasicNameValuePair("grant_type", "password"));
        arrayList.add(new BasicNameValuePair("scope", "sast_rest_api" + str));
        arrayList.add(new BasicNameValuePair("client_id", "resource_owner_client"));
        arrayList.add(new BasicNameValuePair("client_secret", "014DF517-39D1-4453-B7B3-9930C563627C"));
        return new UrlEncodedFormEntity(arrayList, "utf-8");
    }

    public <T> T getRequest(String str, String str2, Class<T> cls, int i, String str3, boolean z) throws IOException, CxClientException {
        return (T) getRequest(this.rootUri, str, com.cx.restclient.httpClient.utils.ContentType.CONTENT_TYPE_APPLICATION_JSON, str2, cls, i, str3, z);
    }

    public <T> T getRequest(String str, String str2, String str3, String str4, Class<T> cls, int i, String str5, boolean z) throws IOException, CxClientException {
        HttpGet httpGet = new HttpGet(str + str2);
        httpGet.addHeader("Accept", str3);
        return (T) request(httpGet, str4, null, cls, i, "get " + str5, z, true);
    }

    public <T> T postRequest(String str, String str2, HttpEntity httpEntity, Class<T> cls, int i, String str3) throws IOException, CxClientException {
        return (T) request(new HttpPost(this.rootUri + str), str2, httpEntity, cls, i, str3, false, true);
    }

    public <T> T putRequest(String str, String str2, HttpEntity httpEntity, Class<T> cls, int i, String str3) throws IOException, CxClientException {
        return (T) request(new HttpPut(this.rootUri + str), str2, httpEntity, cls, i, str3, false, true);
    }

    public void patchRequest(String str, String str2, HttpEntity httpEntity, int i, String str3) throws IOException, CxClientException {
        request(new HttpPatch(this.rootUri + str), str2, httpEntity, null, i, str3, false, true);
    }

    private <T> T request(HttpRequestBase httpRequestBase, String str, HttpEntity httpEntity, Class<T> cls, int i, String str2, boolean z, boolean z2) throws IOException, CxClientException {
        if (str != null) {
            httpRequestBase.addHeader("Content-type", str);
        }
        if (httpEntity != null && (httpRequestBase instanceof HttpEntityEnclosingRequestBase)) {
            ((HttpEntityEnclosingRequestBase) httpRequestBase).setEntity(httpEntity);
        }
        try {
            try {
                httpRequestBase.addHeader(CxPARAM.ORIGIN_HEADER, this.cxOrigin);
                if (this.token != null) {
                    httpRequestBase.addHeader("Authorization", this.token.getToken_type() + " " + this.token.getAccess_token());
                }
                HttpResponse execute = apacheClient.execute(httpRequestBase);
                execute.getStatusLine().getStatusCode();
                if (execute.getStatusLine().getStatusCode() == 401) {
                    throw new CxTokenExpiredException(HttpClientHelper.extractResponseBody(execute));
                }
                HttpClientHelper.validateResponse(execute, i, "Failed to " + str2);
                T t = (T) HttpClientHelper.convertToObject(execute, cls, z);
                httpRequestBase.releaseConnection();
                HttpClientUtils.closeQuietly(execute);
                return t;
            } catch (CxTokenExpiredException e) {
                if (!z2) {
                    throw e;
                }
                this.logi.warn("Access token expired for request: " + httpRequestBase.getURI() + ", Status code:0requesting a new token. message: " + e.getMessage());
                login();
                T t2 = (T) request(httpRequestBase, str, httpEntity, cls, i, str2, z, false);
                httpRequestBase.releaseConnection();
                HttpClientUtils.closeQuietly((HttpResponse) null);
                return t2;
            } catch (UnknownHostException e2) {
                throw new CxHTTPClientException(ErrorMessage.CHECKMARX_SERVER_CONNECTION_FAILED.getErrorMessage());
            }
        } catch (Throwable th) {
            httpRequestBase.releaseConnection();
            HttpClientUtils.closeQuietly((HttpResponse) null);
            throw th;
        }
    }

    public void close() {
        HttpClientUtils.closeQuietly(apacheClient);
    }

    private void setSSLTls(HttpClientBuilder httpClientBuilder, String str, Logger logger) {
        try {
            httpClientBuilder.setSSLContext(SSLContextBuilder.create().useProtocol(str).build());
        } catch (KeyManagementException | NoSuchAlgorithmException e) {
            logger.warn("Failed to set SSL TLS : " + e.getMessage());
        }
    }
}
