package org.sonarsource.scanner.api.internal;

import java.io.FileInputStream;
import java.io.IOException;
import java.net.CookieManager;
import java.net.CookiePolicy;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.CertificateException;
import java.time.Duration;
import java.util.Arrays;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.sonarsource.scanner.api.internal.cache.Logger;
import org.sonarsource.scanner.api.internal.shaded.okhttp.ConnectionSpec;
import org.sonarsource.scanner.api.internal.shaded.okhttp.Credentials;
import org.sonarsource.scanner.api.internal.shaded.okhttp.JavaNetCookieJar;
import org.sonarsource.scanner.api.internal.shaded.okhttp.OkHttpClient;

/* JADX WARN: Classes with same name are omitted:
  input_file:jars/sonar-orchestrator-3.39.0.167.jar:com/sonar/orchestrator/build/sonar-scanner-3.3.0.1492.zip:sonar-scanner-3.3.0.1492/lib/sonar-scanner-cli-3.3.0.1492.jar:org/sonarsource/scanner/api/internal/OkHttpClientFactory.class
  input_file:jars/sonar-orchestrator-3.39.0.167.jar:com/sonar/orchestrator/build/sonar-scanner-msbuild-4.10.0.19059-netcoreapp2.0.zip:sonar-scanner-4.4.0.2170/lib/sonar-scanner-cli-4.4.0.2170.jar:org/sonarsource/scanner/api/internal/OkHttpClientFactory.class
 */
/* loaded from: input_file:jars/sonar-orchestrator-3.39.0.167.jar:com/sonar/orchestrator/build/sonar-scanner-msbuild-4.10.0.19059-net46.zip:sonar-scanner-4.4.0.2170/lib/sonar-scanner-cli-4.4.0.2170.jar:org/sonarsource/scanner/api/internal/OkHttpClientFactory.class */
public class OkHttpClientFactory {
    static final String READ_TIMEOUT_SEC_PROPERTY = "sonar.ws.timeout";
    static final int CONNECT_TIMEOUT_MILLISECONDS = 5000;
    static final String NONE = "NONE";
    static final String P11KEYSTORE = "PKCS11";
    private static final String PROXY_AUTHORIZATION = "Proxy-Authorization";
    private static final JavaNetCookieJar COOKIE_JAR;
    static final int DEFAULT_READ_TIMEOUT_SEC = (int) Duration.ofMinutes(5).getSeconds();
    static final CookieManager COOKIE_MANAGER = new CookieManager();

    private OkHttpClientFactory() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static OkHttpClient create(Logger logger) {
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        int i = DEFAULT_READ_TIMEOUT_SEC;
        if (!System.getProperty(READ_TIMEOUT_SEC_PROPERTY, "").isEmpty()) {
            i = Integer.parseInt(System.getProperty(READ_TIMEOUT_SEC_PROPERTY));
        }
        builder.connectTimeout(5000L, TimeUnit.MILLISECONDS);
        builder.readTimeout(i, TimeUnit.SECONDS);
        builder.cookieJar(COOKIE_JAR);
        builder.connectionSpecs(Arrays.asList(new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).allEnabledTlsVersions().allEnabledCipherSuites().supportsTlsExtensions(true).build(), ConnectionSpec.CLEARTEXT));
        X509TrustManager systemDefaultTrustManager = systemDefaultTrustManager();
        builder.sslSocketFactory(systemDefaultSslSocketFactory(systemDefaultTrustManager, logger), systemDefaultTrustManager);
        String property = System.getProperty("http.proxyUser", "");
        if (!System.getProperty("http.proxyHost", "").isEmpty() && !property.isEmpty()) {
            builder.proxyAuthenticator((route, response) -> {
                if (response.request().header("Proxy-Authorization") != null || 407 != response.code()) {
                    return null;
                }
                return response.request().newBuilder().header("Proxy-Authorization", Credentials.basic(property, System.getProperty("http.proxyPassword"))).build();
            });
        }
        return builder.build();
    }

    private static X509TrustManager systemDefaultTrustManager() {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (trustManagers.length == 1 && (trustManagers[0] instanceof X509TrustManager)) {
                return (X509TrustManager) trustManagers[0];
            }
            throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
        } catch (GeneralSecurityException e) {
            throw new AssertionError(e);
        }
    }

    private static SSLSocketFactory systemDefaultSslSocketFactory(X509TrustManager x509TrustManager, Logger logger) {
        KeyManager[] defaultKeyManager = getDefaultKeyManager(logger);
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(defaultKeyManager, new TrustManager[]{x509TrustManager}, null);
            return sSLContext.getSocketFactory();
        } catch (GeneralSecurityException e) {
            throw new AssertionError(e);
        }
    }

    private static synchronized KeyManager[] getDefaultKeyManager(Logger logger) {
        String property = System.getProperty("javax.net.ssl.keyStore", "");
        String property2 = System.getProperty("javax.net.ssl.keyStoreType", KeyStore.getDefaultType());
        String property3 = System.getProperty("javax.net.ssl.keyStoreProvider", "");
        logger.debug("keyStore is : " + property);
        logger.debug("keyStore type is : " + property2);
        logger.debug("keyStore provider is : " + property3);
        if (P11KEYSTORE.equals(property2) && !NONE.equals(property)) {
            throw new IllegalArgumentException("if keyStoreType is PKCS11, then keyStore must be NONE");
        }
        String property4 = System.getProperty("javax.net.ssl.keyStorePassword", "");
        char[] charArray = property4.isEmpty() ? null : property4.toCharArray();
        try {
            KeyStore initKeyStore = initKeyStore(logger, property, property2, property3, charArray);
            logger.debug("init keymanager of type " + KeyManagerFactory.getDefaultAlgorithm());
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            if (P11KEYSTORE.equals(property2)) {
                keyManagerFactory.init(initKeyStore, null);
            } else {
                keyManagerFactory.init(initKeyStore, charArray);
            }
            return keyManagerFactory.getKeyManagers();
        } catch (Exception e) {
            throw new IllegalStateException("Unable to initialize key manager", e);
        }
    }

    private static KeyStore initKeyStore(Logger logger, String str, String str2, String str3, char[] cArr) throws KeyStoreException, NoSuchProviderException, IOException, NoSuchAlgorithmException, CertificateException {
        KeyStore keyStore = null;
        if (!str2.isEmpty()) {
            logger.debug("init keystore");
            keyStore = str3.isEmpty() ? KeyStore.getInstance(str2) : KeyStore.getInstance(str2, str3);
            if (str.isEmpty() || NONE.equals(str)) {
                keyStore.load(null, cArr);
            } else {
                FileInputStream fileInputStream = new FileInputStream(str);
                try {
                    keyStore.load(fileInputStream, cArr);
                    fileInputStream.close();
                } catch (Throwable th) {
                    try {
                        fileInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                    throw th;
                }
            }
        }
        return keyStore;
    }

    static {
        COOKIE_MANAGER.setCookiePolicy(CookiePolicy.ACCEPT_ALL);
        COOKIE_JAR = new JavaNetCookieJar(COOKIE_MANAGER);
    }
}
