package cz.integsoft.mule.ipm.internal.http.operation;

import cz.integsoft.mule.ipm.api.ProxyErrorCode;
import cz.integsoft.mule.ipm.api.exception.ProcessingException;
import cz.integsoft.mule.ipm.api.exception.ReadTimeoutException;
import cz.integsoft.mule.ipm.api.http.ProxyHttpResponseAttributes;
import cz.integsoft.mule.ipm.api.http.authentication.BasicAuthentication;
import cz.integsoft.mule.ipm.api.http.authentication.DigestAuthentication;
import cz.integsoft.mule.ipm.api.http.authentication.HttpRequestAuthentication;
import cz.integsoft.mule.ipm.api.http.authentication.NtlmAuthentication;
import cz.integsoft.mule.ipm.api.http.proxy.ViaHttpProxyConfig;
import cz.integsoft.mule.ipm.api.tcp.TcpSocketProperties;
import cz.integsoft.mule.ipm.internal.AbstractOperation;
import cz.integsoft.mule.ipm.internal.error.GenericErrorTypeProvider;
import cz.integsoft.mule.ipm.internal.http.HttpClientConnectionManager;
import cz.integsoft.mule.ipm.internal.http.HttpDeleteWithBody;
import cz.integsoft.mule.ipm.internal.http.ShareableHttpClient;
import cz.integsoft.mule.ipm.internal.http.config.HttpProxyConfig;
import cz.integsoft.mule.ipm.internal.http.parameter.HttpRequestParameter;
import cz.integsoft.mule.ipm.internal.http.parameter.KeyStoreMappingHolder;
import java.io.IOException;
import java.io.InputStream;
import java.net.Socket;
import java.net.SocketTimeoutException;
import java.net.URI;
import java.nio.charset.Charset;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.text.MessageFormat;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Map;
import java.util.Spliterators;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import java.util.stream.StreamSupport;
import javax.inject.Inject;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.HttpHost;
import org.apache.http.auth.AuthScheme;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.Credentials;
import org.apache.http.auth.NTCredentials;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpPut;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.config.SocketConfig;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.entity.ContentType;
import org.apache.http.entity.InputStreamEntity;
import org.apache.http.impl.auth.BasicScheme;
import org.apache.http.impl.auth.DigestScheme;
import org.apache.http.impl.auth.NTLMScheme;
import org.apache.http.impl.client.BasicAuthCache;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.message.BasicHeader;
import org.apache.http.protocol.HttpContext;
import org.apache.http.ssl.PrivateKeyDetails;
import org.apache.http.ssl.PrivateKeyStrategy;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.ssl.TrustStrategy;
import org.apache.http.util.EntityUtils;
import org.mule.extension.http.api.HttpRequestAttributes;
import org.mule.runtime.api.meta.model.operation.ExecutionType;
import org.mule.runtime.api.util.MultiMap;
import org.mule.runtime.core.api.MuleContext;
import org.mule.runtime.extension.api.annotation.Alias;
import org.mule.runtime.extension.api.annotation.error.Throws;
import org.mule.runtime.extension.api.annotation.execution.Execution;
import org.mule.runtime.extension.api.annotation.param.Config;
import org.mule.runtime.extension.api.annotation.param.Content;
import org.mule.runtime.extension.api.annotation.param.DefaultEncoding;
import org.mule.runtime.extension.api.annotation.param.MediaType;
import org.mule.runtime.extension.api.annotation.param.Optional;
import org.mule.runtime.extension.api.annotation.param.ParameterGroup;
import org.mule.runtime.extension.api.runtime.operation.Result;
import org.mule.runtime.http.api.HttpConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cz/integsoft/mule/ipm/internal/http/operation/HttpProxyOperation.class */
public class HttpProxyOperation extends AbstractOperation {
    private static final Logger E = LoggerFactory.getLogger(HttpProxyOperation.class);
    private static final Charset ab = Charset.defaultCharset();

    @Inject
    private HttpClientConnectionManager ac;

    @Inject
    private MuleContext ad;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: cz.integsoft.mule.ipm.internal.http.operation.HttpProxyOperation$4, reason: invalid class name */
    /* loaded from: input_file:cz/integsoft/mule/ipm/internal/http/operation/HttpProxyOperation$4.class */
    public static /* synthetic */ class AnonymousClass4 {
        static final /* synthetic */ int[] ah = new int[HttpConstants.Method.values().length];

        static {
            try {
                ah[HttpConstants.Method.POST.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                ah[HttpConstants.Method.GET.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                ah[HttpConstants.Method.PUT.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                ah[HttpConstants.Method.DELETE.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    @Throws({GenericErrorTypeProvider.class})
    @Execution(ExecutionType.CPU_INTENSIVE)
    @MediaType(value = "*/*", strict = false)
    @Alias("http-outbound-endpoint")
    public Result<byte[], ProxyHttpResponseAttributes> send(@Config HttpProxyConfig httpProxyConfig, @ParameterGroup(name = "HTTP request parameters") HttpRequestParameter httpRequestParameter, @DefaultEncoding String str, @Optional(defaultValue = "#[attributes]") @Alias(value = "attributes", description = "Message attributes. Defaults to #[attributes]") Object obj, @Content InputStream inputStream) {
        ShareableHttpClient shareableHttpClient;
        E.debug("in HTTP Proxy component: outboundUrl={}", httpRequestParameter.getAddress());
        a();
        try {
            if (obj == null) {
                throw new ProcessingException(ProxyErrorCode.IPM_ANY_003, "Missing request attributes in the incoming message. Do you have http:listener before?");
            }
            if (!(obj instanceof HttpRequestAttributes)) {
                throw new ProcessingException(ProxyErrorCode.IPM_ANY_004, "Bad request attributes. It is expected that attributes are instance of HttpRequestAttributes.");
            }
            HttpRequestAttributes httpRequestAttributes = (HttpRequestAttributes) obj;
            URIBuilder uRIBuilder = new URIBuilder(httpRequestParameter.getAddress());
            MultiMap queryParams = httpRequestAttributes.getQueryParams();
            if (queryParams != null && !queryParams.isEmpty()) {
                queryParams.forEach((str2, str3) -> {
                    uRIBuilder.addParameter(str2, str3);
                });
            }
            String requestPath = httpRequestAttributes.getRequestPath();
            String method = httpRequestAttributes.getMethod();
            URI build = uRIBuilder.build();
            ViaHttpProxyConfig viaProxyConfig = httpProxyConfig.getViaProxyConfig();
            boolean a = a(build, viaProxyConfig);
            HttpRequestBase a2 = a(HttpConstants.Method.valueOf(method), build, httpRequestAttributes, inputStream);
            httpRequestParameter.getHttpHeaders().forEach(httpHeader -> {
                if (StringUtils.isNotBlank(httpHeader.getValue()) && a2.getFirstHeader(httpHeader.getKey()) == null) {
                    E.debug("Adding request header {}:{}", httpHeader.getKey(), httpHeader.getValue());
                    a2.setHeader(new BasicHeader(httpHeader.getKey(), httpHeader.getValue()));
                }
            });
            java.util.Optional<ShareableHttpClient> lookup = this.ac.lookup(a(requestPath, httpProxyConfig));
            if (lookup.isPresent()) {
                shareableHttpClient = lookup.get();
                E.debug("Returning already existing http client: {}", shareableHttpClient);
            } else {
                shareableHttpClient = new ShareableHttpClient(a(httpProxyConfig, httpRequestParameter, build, requestPath, viaProxyConfig));
                this.ac.put(a(requestPath, httpProxyConfig), shareableHttpClient, true);
                E.debug("Created a new http client: {}", shareableHttpClient);
            }
            HttpClientContext create = HttpClientContext.create();
            BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
            if (a && StringUtils.isNotBlank(viaProxyConfig.getUsername())) {
                HttpHost httpHost = new HttpHost(viaProxyConfig.getHost(), viaProxyConfig.getPort());
                if (viaProxyConfig instanceof ViaHttpProxyConfig.HttpNtlmProxyConfig) {
                    ViaHttpProxyConfig.HttpNtlmProxyConfig httpNtlmProxyConfig = (ViaHttpProxyConfig.HttpNtlmProxyConfig) viaProxyConfig;
                    basicCredentialsProvider.setCredentials(new AuthScope(httpHost), new NTCredentials(httpNtlmProxyConfig.getUsername(), httpNtlmProxyConfig.getPassword(), null, httpNtlmProxyConfig.getNtlmDomain()));
                } else {
                    basicCredentialsProvider.setCredentials(new AuthScope(httpHost), new UsernamePasswordCredentials(viaProxyConfig.getUsername(), viaProxyConfig.getPassword()));
                }
            }
            HttpRequestAuthentication authentication = httpProxyConfig.getAuthentication();
            if (authentication != null) {
                HttpHost httpHost2 = new HttpHost(build.getHost(), build.getPort(), build.getScheme());
                basicCredentialsProvider.setCredentials(new AuthScope(httpHost2), a(authentication));
                BasicAuthCache basicAuthCache = new BasicAuthCache();
                if (authentication.isPreemptive()) {
                    AuthScheme b = b(authentication);
                    E.debug("Auth preemptively with scheme {} to target {}", b, httpHost2);
                    basicAuthCache.put(httpHost2, b);
                }
                create.setAuthCache(basicAuthCache);
            }
            create.setCredentialsProvider(basicCredentialsProvider);
            CloseableHttpResponse closeableHttpResponse = null;
            try {
                RequestConfig.Builder custom = RequestConfig.custom();
                custom.setConnectTimeout(httpProxyConfig.getClientSocketProperties().getConnectionTimeout().intValue());
                if (a) {
                    custom.setProxy(new HttpHost(viaProxyConfig.getHost(), viaProxyConfig.getPort()));
                }
                create.setRequestConfig(custom.build());
                E.debug("HTTP sending: {} : {}", a2.getRequestLine(), inputStream);
                closeableHttpResponse = shareableHttpClient.execute((HttpUriRequest) a2, (HttpContext) create);
                if (E.isDebugEnabled()) {
                    E.debug("HTTP response status: {}", closeableHttpResponse.getStatusLine());
                }
                MultiMap multiMap = new MultiMap();
                Arrays.asList(closeableHttpResponse.getAllHeaders()).forEach(header -> {
                    multiMap.put(header.getName(), header.getValue());
                    E.debug("Adding header {}", header);
                });
                ProxyHttpResponseAttributes proxyHttpResponseAttributes = new ProxyHttpResponseAttributes(closeableHttpResponse.getStatusLine().getStatusCode(), closeableHttpResponse.getStatusLine().getReasonPhrase(), multiMap);
                HttpEntity entity = closeableHttpResponse.getEntity();
                byte[] byteArray = EntityUtils.toByteArray(entity);
                if (E.isDebugEnabled()) {
                    E.debug("HTTP response entity from remote: {}", new String(byteArray));
                }
                EntityUtils.consume(entity);
                Header firstHeader = closeableHttpResponse.getFirstHeader("Content-Type");
                Result<byte[], ProxyHttpResponseAttributes> build2 = Result.builder().output(byteArray).attributes(proxyHttpResponseAttributes).mediaType(firstHeader == null ? org.mule.runtime.api.metadata.MediaType.ANY : org.mule.runtime.api.metadata.MediaType.parse(firstHeader.getValue())).build();
                if (closeableHttpResponse != null) {
                    try {
                        closeableHttpResponse.close();
                    } catch (IOException e) {
                    }
                }
                return build2;
            } catch (Throwable th) {
                if (closeableHttpResponse != null) {
                    try {
                        closeableHttpResponse.close();
                    } catch (IOException e2) {
                    }
                }
                throw th;
            }
        } catch (SocketTimeoutException e3) {
            throw new ReadTimeoutException(ProxyErrorCode.IPM_SND_002, "Read timeout occurred while sending http request to " + httpRequestParameter.getAddress() + ": " + e3.getLocalizedMessage(), e3);
        } catch (Exception e4) {
            throw new ProcessingException(ProxyErrorCode.IPM_SND_003, "Error occurred while sending http request to " + httpRequestParameter.getAddress() + ": " + e4.getLocalizedMessage(), e4);
        }
    }

    private String a(String str, HttpProxyConfig httpProxyConfig) {
        return this.ad.getId() + "_" + httpProxyConfig.getConfigName() + "_" + str;
    }

    private CloseableHttpClient a(HttpProxyConfig httpProxyConfig, HttpRequestParameter httpRequestParameter, URI uri, String str, ViaHttpProxyConfig viaHttpProxyConfig) throws KeyManagementException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException {
        RegistryBuilder create = RegistryBuilder.create();
        create.register("http", PlainConnectionSocketFactory.getSocketFactory());
        final KeyStoreMappingHolder b = b(str, httpProxyConfig);
        E.debug("Found client keystore {} for request path: {}", b, str);
        SSLContextBuilder create2 = SSLContextBuilder.create();
        if (a(uri)) {
            if (httpProxyConfig.isTrustAll()) {
                E.debug("Setting trust to all certificates");
                create2.loadTrustMaterial(new TrustStrategy() { // from class: cz.integsoft.mule.ipm.internal.http.operation.HttpProxyOperation.1
                    public boolean isTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
                        return true;
                    }
                });
            } else if (httpProxyConfig.getTrustStoreHolder() != null) {
                E.debug("Adding trust store to SSL context.");
                create2.loadTrustMaterial(httpProxyConfig.getTrustStoreHolder().getKeystore(), (TrustStrategy) null);
            }
        }
        if (b != null) {
            E.debug("Adding client certificate to SSL context.");
            if (E.isDebugEnabled()) {
                final Enumeration<String> aliases = b.getKeystore().aliases();
                E.debug("Available keystore aliases: {}", StreamSupport.stream(Spliterators.spliteratorUnknownSize(new Iterator<String>() { // from class: cz.integsoft.mule.ipm.internal.http.operation.HttpProxyOperation.2
                    @Override // java.util.Iterator
                    /* renamed from: c, reason: merged with bridge method [inline-methods] */
                    public String next() {
                        return (String) aliases.nextElement();
                    }

                    @Override // java.util.Iterator
                    public boolean hasNext() {
                        return aliases.hasMoreElements();
                    }
                }, 16), false).collect(Collectors.joining(",")));
            }
            create2.loadKeyMaterial(b.getKeystore(), b.getKeyPasswordAsChar(), new PrivateKeyStrategy() { // from class: cz.integsoft.mule.ipm.internal.http.operation.HttpProxyOperation.3
                public String chooseAlias(Map<String, PrivateKeyDetails> map, Socket socket) {
                    if (map == null || !map.containsKey(b.getAlias())) {
                        throw new IllegalArgumentException(MessageFormat.format("Could not find any suitable alias in the client store ''{0}'' for name ''{1}''", b.getPath().getFileName().toString(), b.getAlias()));
                    }
                    return b.getAlias();
                }
            });
        }
        SSLConnectionSocketFactory sSLConnectionSocketFactory = new SSLConnectionSocketFactory(create2.build(), new String[]{httpProxyConfig.getSslProtocol()}, (String[]) null, httpProxyConfig.isTrustAll() ? NoopHostnameVerifier.INSTANCE : SSLConnectionSocketFactory.getDefaultHostnameVerifier());
        create.register("https", sSLConnectionSocketFactory);
        HttpClientBuilder sSLSocketFactory = HttpClients.custom().setSSLSocketFactory(sSLConnectionSocketFactory);
        PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager(create.build());
        SocketConfig a = a(httpProxyConfig);
        if (E.isDebugEnabled()) {
            E.debug("Using default socket config: {}", a.toString());
        }
        poolingHttpClientConnectionManager.setDefaultSocketConfig(a);
        poolingHttpClientConnectionManager.setMaxTotal(httpProxyConfig.getMaxConnections().intValue());
        poolingHttpClientConnectionManager.setDefaultMaxPerRoute(httpProxyConfig.getMaxConnectionsPerRoute().intValue());
        sSLSocketFactory.setConnectionManager(poolingHttpClientConnectionManager);
        sSLSocketFactory.setConnectionManagerShared(false);
        if (httpProxyConfig.getConnectionTimeToLive() != null) {
            sSLSocketFactory.setConnectionTimeToLive(httpProxyConfig.getConnectionTimeToLive().intValue(), TimeUnit.MILLISECONDS);
        }
        sSLSocketFactory.evictIdleConnections(httpProxyConfig.getConnectionIdleTimeout().intValue(), TimeUnit.MILLISECONDS);
        if (!httpProxyConfig.isEnableCookies()) {
            sSLSocketFactory.disableCookieManagement();
        }
        if (!httpProxyConfig.isFollowRedirects()) {
            sSLSocketFactory.disableRedirectHandling();
        }
        return sSLSocketFactory.build();
    }

    private boolean a(URI uri, ViaHttpProxyConfig viaHttpProxyConfig) {
        if (viaHttpProxyConfig == null) {
            return false;
        }
        if (!StringUtils.isNotBlank(viaHttpProxyConfig.getNonProxyHosts())) {
            return viaHttpProxyConfig != null && StringUtils.isNotBlank(viaHttpProxyConfig.getHost());
        }
        String host = uri.getHost();
        boolean anyMatch = ((Stream) Stream.of((Object[]) viaHttpProxyConfig.getNonProxyHosts().split(",")).parallel()).anyMatch(str -> {
            return str.equalsIgnoreCase(host);
        });
        if (anyMatch) {
            E.info("Excluding host {} from the call thru web proxy.", host);
        }
        return !anyMatch;
    }

    private boolean a(URI uri) {
        return "https".equalsIgnoreCase(uri.getScheme());
    }

    private KeyStoreMappingHolder b(String str, HttpProxyConfig httpProxyConfig) {
        return httpProxyConfig.getClientKeystoreHolders().stream().filter(keyStoreMappingHolder -> {
            return keyStoreMappingHolder.matches(str);
        }).findFirst().orElse(null);
    }

    private HttpRequestBase a(HttpConstants.Method method, URI uri, HttpRequestAttributes httpRequestAttributes, InputStream inputStream) throws IOException {
        switch (AnonymousClass4.ah[method.ordinal()]) {
            case 1:
                HttpPost httpPost = new HttpPost(uri);
                httpPost.setEntity(new InputStreamEntity(inputStream, a(httpRequestAttributes)));
                return httpPost;
            case 2:
                return new HttpGet(uri);
            case 3:
                HttpPut httpPut = new HttpPut(uri);
                httpPut.setEntity(new InputStreamEntity(inputStream, a(httpRequestAttributes)));
                return httpPut;
            case 4:
                HttpDeleteWithBody httpDeleteWithBody = new HttpDeleteWithBody(uri);
                httpDeleteWithBody.setEntity(new InputStreamEntity(inputStream, a(httpRequestAttributes)));
                return httpDeleteWithBody;
            default:
                throw new IllegalArgumentException(MessageFormat.format("Unsupported HTTP method! [%s]", method));
        }
    }

    private ContentType a(HttpRequestAttributes httpRequestAttributes) {
        String str = (String) httpRequestAttributes.getHeaders().get("Content-Type");
        return str == null ? ContentType.create(ContentType.TEXT_PLAIN.getMimeType(), ab) : ContentType.parse(str);
    }

    private SocketConfig a(HttpProxyConfig httpProxyConfig) {
        TcpSocketProperties clientSocketProperties = httpProxyConfig.getClientSocketProperties();
        SocketConfig.Builder custom = SocketConfig.custom();
        if (clientSocketProperties.getClientTimeout() != null) {
            custom.setSoTimeout(clientSocketProperties.getClientTimeout().intValue());
        }
        if (clientSocketProperties.getLinger() != null) {
            custom.setSoLinger(clientSocketProperties.getLinger().intValue());
        }
        if (clientSocketProperties.getReceiveBufferSize() != null) {
            custom.setRcvBufSize(clientSocketProperties.getReceiveBufferSize().intValue());
        }
        if (clientSocketProperties.getSendBufferSize() != null) {
            custom.setSndBufSize(clientSocketProperties.getSendBufferSize().intValue());
        }
        custom.setSoReuseAddress(clientSocketProperties.isReuseAddress()).setSoKeepAlive(clientSocketProperties.isKeepAlive()).setTcpNoDelay(clientSocketProperties.isSendTcpNoDelay());
        return custom.build();
    }

    static Credentials a(HttpRequestAuthentication httpRequestAuthentication) {
        if (!(httpRequestAuthentication instanceof BasicAuthentication) && !(httpRequestAuthentication instanceof DigestAuthentication)) {
            if (!(httpRequestAuthentication instanceof NtlmAuthentication)) {
                throw new IllegalStateException("Could not determine security scheme! Only supported is BASIC, DIGEST and NTLM.");
            }
            NtlmAuthentication ntlmAuthentication = (NtlmAuthentication) httpRequestAuthentication;
            return new NTCredentials(ntlmAuthentication.getUsername(), ntlmAuthentication.getPassword(), ntlmAuthentication.getWorkstation(), ntlmAuthentication.getDomain());
        }
        return new UsernamePasswordCredentials(httpRequestAuthentication.getUsername(), httpRequestAuthentication.getPassword());
    }

    static AuthScheme b(HttpRequestAuthentication httpRequestAuthentication) {
        if (httpRequestAuthentication instanceof BasicAuthentication) {
            return new BasicScheme();
        }
        if (httpRequestAuthentication instanceof DigestAuthentication) {
            return new DigestScheme();
        }
        if (httpRequestAuthentication instanceof NtlmAuthentication) {
            return new NTLMScheme();
        }
        throw new IllegalStateException("Could not determine security scheme! Only supported is BASIC, DIGEST and NTLM.");
    }
}
