package com.teamscale.client;

import com.teamscale.client.ProxySystemProperties;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Proxy;
import java.security.GeneralSecurityException;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.time.Duration;
import java.util.Base64;
import java.util.function.Consumer;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import okhttp3.Credentials;
import okhttp3.Interceptor;
import okhttp3.OkHttpClient;
import okhttp3.ResponseBody;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import retrofit2.Response;
import retrofit2.Retrofit;

/* loaded from: input_file:com/teamscale/client/HttpUtils.class */
public class HttpUtils {
    public static final String PROXY_AUTHORIZATION_HTTP_HEADER = "Proxy-Authorization";
    private static final Logger LOGGER = LoggerFactory.getLogger(HttpUtils.class);
    public static final Duration DEFAULT_READ_TIMEOUT = Duration.ofSeconds(60);
    public static final Duration DEFAULT_WRITE_TIMEOUT = Duration.ofSeconds(60);
    private static boolean shouldValidateSsl = true;

    /* loaded from: input_file:com/teamscale/client/HttpUtils$TrustAllCertificatesManager.class */
    public static class TrustAllCertificatesManager implements X509TrustManager {
        static final TrustAllCertificatesManager INSTANCE = new TrustAllCertificatesManager();

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }
    }

    public static void setShouldValidateSsl(boolean z) {
        shouldValidateSsl = z;
    }

    public static Retrofit createRetrofit(Consumer<Retrofit.Builder> consumer, Consumer<OkHttpClient.Builder> consumer2) {
        return createRetrofit(consumer, consumer2, DEFAULT_READ_TIMEOUT, DEFAULT_WRITE_TIMEOUT);
    }

    public static Retrofit createRetrofit(Consumer<Retrofit.Builder> consumer, Consumer<OkHttpClient.Builder> consumer2, Duration duration, Duration duration2) {
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        setTimeouts(builder, duration, duration2);
        setUpSslValidation(builder);
        setUpProxyServer(builder);
        consumer2.accept(builder);
        Retrofit.Builder client = new Retrofit.Builder().client(builder.build());
        consumer.accept(client);
        return client.build();
    }

    private static void setUpProxyServer(OkHttpClient.Builder builder) {
        if (setUpProxyServerForProtocol(ProxySystemProperties.Protocol.HTTPS, builder)) {
            return;
        }
        setUpProxyServerForProtocol(ProxySystemProperties.Protocol.HTTP, builder);
    }

    private static boolean setUpProxyServerForProtocol(ProxySystemProperties.Protocol protocol, OkHttpClient.Builder builder) {
        ProxySystemProperties proxySystemProperties = new ProxySystemProperties(protocol);
        String proxyHost = proxySystemProperties.getProxyHost();
        int proxyPort = proxySystemProperties.getProxyPort();
        String proxyUser = proxySystemProperties.getProxyUser();
        String proxyPassword = proxySystemProperties.getProxyPassword();
        if (!proxySystemProperties.proxyServerIsSet()) {
            return false;
        }
        useProxyServer(builder, proxyHost, proxyPort);
        if (!proxySystemProperties.proxyAuthIsSet()) {
            return true;
        }
        useProxyAuthenticator(builder, proxyUser, proxyPassword);
        return true;
    }

    private static void useProxyServer(OkHttpClient.Builder builder, String str, int i) {
        builder.proxy(new Proxy(Proxy.Type.HTTP, new InetSocketAddress(str, i)));
    }

    private static void useProxyAuthenticator(OkHttpClient.Builder builder, String str, String str2) {
        builder.proxyAuthenticator((route, response) -> {
            return response.request().newBuilder().header(PROXY_AUTHORIZATION_HTTP_HEADER, Credentials.basic(str, str2)).build();
        });
    }

    private static void setTimeouts(OkHttpClient.Builder builder, Duration duration, Duration duration2) {
        builder.connectTimeout(Duration.ofSeconds(60L));
        builder.readTimeout(duration);
        builder.writeTimeout(duration2);
    }

    private static void setUpSslValidation(OkHttpClient.Builder builder) {
        if (shouldValidateSsl) {
            return;
        }
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{TrustAllCertificatesManager.INSTANCE}, new SecureRandom());
            builder.sslSocketFactory(sSLContext.getSocketFactory(), TrustAllCertificatesManager.INSTANCE);
            builder.hostnameVerifier((str, sSLSession) -> {
                return true;
            });
        } catch (GeneralSecurityException e) {
            LOGGER.error("Could not disable SSL certificate validation. Leaving it enabled", e);
        }
    }

    public static <T> String getErrorBodyStringSafe(Response<T> response) throws IOException {
        ResponseBody errorBody = response.errorBody();
        return errorBody == null ? "<no response body provided>" : errorBody.string();
    }

    public static Interceptor getBasicAuthInterceptor(String str, String str2) {
        String str3 = "Basic " + Base64.getEncoder().encodeToString((str + ":" + str2).getBytes());
        return chain -> {
            return chain.proceed(chain.request().newBuilder().header("Authorization", str3).build());
        };
    }
}
