package se.arkalix.net.http.client;

import io.netty.bootstrap.Bootstrap;
import io.netty.handler.ssl.ClientAuth;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import java.net.InetSocketAddress;
import java.util.Map;
import java.util.Objects;
import java.util.WeakHashMap;
import javax.net.ssl.SSLException;
import se.arkalix.ArSystem;
import se.arkalix.internal.net.http.client.FutureHttpClientConnection;
import se.arkalix.internal.net.http.client.NettyHttpClientConnectionInitializer;
import se.arkalix.internal.util.concurrent.NettyFutures;
import se.arkalix.internal.util.concurrent.NettyScheduler;
import se.arkalix.security.NotSecureException;
import se.arkalix.security.identity.OwnedIdentity;
import se.arkalix.security.identity.SystemIdentity;
import se.arkalix.security.identity.TrustStore;
import se.arkalix.util.concurrent.Future;
import se.arkalix.util.concurrent.Schedulers;

/* loaded from: input_file:se/arkalix/net/http/client/HttpClient.class */
public class HttpClient {
    private static final Map<ArSystem, HttpClient> cache = new WeakHashMap();
    private static HttpClient http = null;
    private static HttpClient https = null;
    private final Bootstrap bootstrap;
    private final InetSocketAddress localSocketAddress;
    private final SslContext sslContext;
    private final SystemIdentity identity;

    /* loaded from: input_file:se/arkalix/net/http/client/HttpClient$Builder.class */
    public static class Builder {
        private InetSocketAddress localSocketAddress;
        private OwnedIdentity identity;
        private TrustStore trustStore;
        private boolean isInsecure = false;

        public final Builder localSocketAddress(InetSocketAddress inetSocketAddress) {
            this.localSocketAddress = inetSocketAddress;
            return this;
        }

        public final Builder identity(OwnedIdentity ownedIdentity) {
            this.identity = ownedIdentity;
            return this;
        }

        public final Builder trustStore(TrustStore trustStore) {
            this.trustStore = trustStore;
            return this;
        }

        public final Builder insecure() {
            this.isInsecure = true;
            return this;
        }

        public HttpClient build() throws SSLException {
            return new HttpClient(this);
        }
    }

    private HttpClient(Builder builder) throws SSLException {
        NettyScheduler nettyScheduler = (NettyScheduler) Schedulers.fixed();
        this.bootstrap = new Bootstrap().group(nettyScheduler.eventLoopGroup()).channel(nettyScheduler.socketChannelClass());
        this.localSocketAddress = builder.localSocketAddress;
        if (builder.isInsecure) {
            this.sslContext = null;
            this.identity = null;
            return;
        }
        SslContextBuilder startTls = SslContextBuilder.forClient().trustManager(builder.trustStore != null ? builder.trustStore.certificates() : null).startTls(false);
        if (builder.identity != null) {
            startTls.keyManager(builder.identity.privateKey(), builder.identity.chain()).clientAuth(ClientAuth.REQUIRE);
        }
        this.sslContext = startTls.build();
        this.identity = builder.identity;
    }

    public static synchronized HttpClient from(ArSystem arSystem) throws SSLException {
        HttpClient httpClient = cache.get(arSystem);
        if (httpClient != null) {
            return httpClient;
        }
        Builder builder = new Builder();
        if (arSystem.isSecure()) {
            builder.identity(arSystem.identity()).trustStore(arSystem.trustStore());
        } else {
            builder.insecure();
        }
        HttpClient build = builder.localSocketAddress(new InetSocketAddress(arSystem.localAddress(), 0)).build();
        cache.put(arSystem, build);
        return build;
    }

    public static synchronized HttpClient http() {
        if (http == null) {
            try {
                http = new Builder().insecure().build();
            } catch (SSLException e) {
                throw new RuntimeException(e);
            }
        }
        return http;
    }

    public static synchronized HttpClient https() throws SSLException {
        if (https == null) {
            https = new Builder().build();
        }
        return https;
    }

    public SystemIdentity identity() {
        if (this.identity == null) {
            throw new NotSecureException("Anonymous HTTP client; no system identity is available");
        }
        return this.identity;
    }

    public boolean isIdentifiable() {
        return this.identity != null;
    }

    public boolean isSecure() {
        return this.sslContext != null;
    }

    public Future<HttpClientConnection> connect(InetSocketAddress inetSocketAddress) {
        return connect(inetSocketAddress, null);
    }

    public Future<HttpClientConnection> connect(InetSocketAddress inetSocketAddress, InetSocketAddress inetSocketAddress2) {
        Objects.requireNonNull(inetSocketAddress, "Expected remoteSocketAddress");
        FutureHttpClientConnection futureHttpClientConnection = new FutureHttpClientConnection();
        return NettyFutures.adapt(this.bootstrap.clone().handler(new NettyHttpClientConnectionInitializer(futureHttpClientConnection, this.sslContext)).connect(inetSocketAddress, inetSocketAddress2 != null ? inetSocketAddress2 : this.localSocketAddress)).flatMap(channel -> {
            return futureHttpClientConnection;
        });
    }

    public Future<HttpClientResponse> send(InetSocketAddress inetSocketAddress, HttpClientRequest httpClientRequest) {
        Objects.requireNonNull(httpClientRequest, "Expected request");
        return connect(inetSocketAddress).flatMap(httpClientConnection -> {
            return httpClientConnection.sendAndClose(httpClientRequest);
        });
    }
}
