package cz.integsoft.mule.ipm.internal.http.operation;

import cz.integsoft.mule.ipm.api.ProxyErrorCode;
import cz.integsoft.mule.ipm.api.exception.ProcessingException;
import cz.integsoft.mule.ipm.api.exception.ReadTimeoutException;
import cz.integsoft.mule.ipm.api.http.ProxyHttpResponseAttributes;
import cz.integsoft.mule.ipm.api.http.authentication.BasicAuthentication;
import cz.integsoft.mule.ipm.api.http.authentication.DigestAuthentication;
import cz.integsoft.mule.ipm.api.http.authentication.HttpRequestAuthentication;
import cz.integsoft.mule.ipm.api.http.authentication.NtlmAuthentication;
import cz.integsoft.mule.ipm.api.http.proxy.ViaHttpProxyConfig;
import cz.integsoft.mule.ipm.api.tcp.TcpClientSocketProperties;
import cz.integsoft.mule.ipm.internal.AbstractOperation;
import cz.integsoft.mule.ipm.internal.error.GenericErrorTypeProvider;
import cz.integsoft.mule.ipm.internal.http.HttpClientConnectionManager;
import cz.integsoft.mule.ipm.internal.http.HttpDeleteWithBody;
import cz.integsoft.mule.ipm.internal.http.ShareableHttpClient;
import cz.integsoft.mule.ipm.internal.http.config.HttpProxyConfig;
import cz.integsoft.mule.ipm.internal.http.parameter.HttpRequestParameter;
import cz.integsoft.mule.ipm.internal.http.parameter.KeyStoreMappingHolder;
import java.io.IOException;
import java.io.InputStream;
import java.net.Socket;
import java.net.SocketTimeoutException;
import java.net.URI;
import java.nio.charset.Charset;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.text.MessageFormat;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Map;
import java.util.Spliterators;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import java.util.stream.StreamSupport;
import javax.inject.Inject;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.HttpHost;
import org.apache.http.auth.AuthScheme;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.Credentials;
import org.apache.http.auth.NTCredentials;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpPut;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.config.SocketConfig;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.entity.ContentType;
import org.apache.http.entity.InputStreamEntity;
import org.apache.http.impl.auth.BasicScheme;
import org.apache.http.impl.auth.DigestScheme;
import org.apache.http.impl.auth.NTLMScheme;
import org.apache.http.impl.client.BasicAuthCache;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.message.BasicHeader;
import org.apache.http.protocol.HttpContext;
import org.apache.http.ssl.PrivateKeyDetails;
import org.apache.http.ssl.PrivateKeyStrategy;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.ssl.TrustStrategy;
import org.mule.extension.http.api.HttpRequestAttributes;
import org.mule.runtime.api.meta.model.operation.ExecutionType;
import org.mule.runtime.api.util.MultiMap;
import org.mule.runtime.core.api.MuleContext;
import org.mule.runtime.extension.api.annotation.Alias;
import org.mule.runtime.extension.api.annotation.Streaming;
import org.mule.runtime.extension.api.annotation.error.Throws;
import org.mule.runtime.extension.api.annotation.execution.Execution;
import org.mule.runtime.extension.api.annotation.param.Config;
import org.mule.runtime.extension.api.annotation.param.Content;
import org.mule.runtime.extension.api.annotation.param.DefaultEncoding;
import org.mule.runtime.extension.api.annotation.param.MediaType;
import org.mule.runtime.extension.api.annotation.param.Optional;
import org.mule.runtime.extension.api.annotation.param.ParameterGroup;
import org.mule.runtime.extension.api.runtime.operation.Result;
import org.mule.runtime.extension.api.runtime.process.CompletionCallback;
import org.mule.runtime.extension.api.runtime.streaming.StreamingHelper;
import org.mule.runtime.http.api.HttpConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cz/integsoft/mule/ipm/internal/http/operation/HttpProxyOperation.class */
public class HttpProxyOperation extends AbstractOperation {
    private static final Logger LOGGER = LoggerFactory.getLogger(HttpProxyOperation.class);
    private static final Charset am = Charset.defaultCharset();

    @Inject
    private HttpClientConnectionManager an;

    @Inject
    private MuleContext ao;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: cz.integsoft.mule.ipm.internal.http.operation.HttpProxyOperation$4, reason: invalid class name */
    /* loaded from: input_file:cz/integsoft/mule/ipm/internal/http/operation/HttpProxyOperation$4.class */
    public static /* synthetic */ class AnonymousClass4 {
        static final /* synthetic */ int[] as = new int[HttpConstants.Method.values().length];

        static {
            try {
                as[HttpConstants.Method.POST.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                as[HttpConstants.Method.GET.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                as[HttpConstants.Method.PUT.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                as[HttpConstants.Method.DELETE.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    @Throws({GenericErrorTypeProvider.class})
    @Streaming
    @Execution(ExecutionType.CPU_INTENSIVE)
    @MediaType(value = "*/*", strict = false)
    @Alias("http-outbound-endpoint")
    public void a(@Config HttpProxyConfig httpProxyConfig, @ParameterGroup(name = "HTTP request parameters") HttpRequestParameter httpRequestParameter, @DefaultEncoding String str, @Optional(defaultValue = "#[attributes]") @Alias(value = "attributes", description = "Message attributes. Defaults to #[attributes]") Object obj, @Content InputStream inputStream, StreamingHelper streamingHelper, CompletionCallback<InputStream, ProxyHttpResponseAttributes> completionCallback) {
        ShareableHttpClient shareableHttpClient;
        LOGGER.debug("in HTTP Proxy component: outboundUrl={}", httpRequestParameter.K());
        r();
        try {
            if (obj == null) {
                throw new ProcessingException(ProxyErrorCode.IPM_ANY_003, "Missing request attributes in the incoming message. Do you have http:listener before?");
            }
            if (!(obj instanceof HttpRequestAttributes)) {
                throw new ProcessingException(ProxyErrorCode.IPM_ANY_004, "Bad request attributes. It is expected that attributes are instance of HttpRequestAttributes.");
            }
            HttpRequestAttributes httpRequestAttributes = (HttpRequestAttributes) obj;
            URIBuilder uRIBuilder = new URIBuilder(httpRequestParameter.K());
            MultiMap queryParams = httpRequestAttributes.getQueryParams();
            if (queryParams != null && !queryParams.isEmpty()) {
                queryParams.forEach((str2, str3) -> {
                    uRIBuilder.addParameter(str2, str3);
                });
            }
            String requestPath = httpRequestAttributes.getRequestPath();
            String method = httpRequestAttributes.getMethod();
            URI build = uRIBuilder.build();
            ViaHttpProxyConfig H = httpProxyConfig.H();
            boolean a = a(build, H);
            HttpRequestBase a2 = a(HttpConstants.Method.valueOf(method), build, httpRequestAttributes, inputStream);
            httpRequestParameter.L().forEach(httpHeader -> {
                if (StringUtils.isNotBlank(httpHeader.getValue()) && a2.getFirstHeader(httpHeader.getKey()) == null) {
                    LOGGER.debug("Adding request header {}:{}", httpHeader.getKey(), httpHeader.getValue());
                    a2.setHeader(new BasicHeader(httpHeader.getKey(), httpHeader.getValue()));
                }
            });
            java.util.Optional<ShareableHttpClient> h = this.an.h(a(requestPath, httpProxyConfig));
            if (h.isPresent()) {
                shareableHttpClient = h.get();
                LOGGER.debug("Returning already existing http client: {}", shareableHttpClient);
            } else {
                shareableHttpClient = new ShareableHttpClient(a(httpProxyConfig, httpRequestParameter, build, requestPath, H));
                this.an.a(a(requestPath, httpProxyConfig), shareableHttpClient, true);
                LOGGER.debug("Created a new http client: {}", shareableHttpClient);
            }
            HttpClientContext create = HttpClientContext.create();
            BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
            if (a && StringUtils.isNotBlank(H.getUsername())) {
                HttpHost httpHost = new HttpHost(H.getHost(), H.getPort());
                if (H instanceof ViaHttpProxyConfig.HttpNtlmProxyConfig) {
                    ViaHttpProxyConfig.HttpNtlmProxyConfig httpNtlmProxyConfig = (ViaHttpProxyConfig.HttpNtlmProxyConfig) H;
                    basicCredentialsProvider.setCredentials(new AuthScope(httpHost), new NTCredentials(httpNtlmProxyConfig.getUsername(), httpNtlmProxyConfig.getPassword(), null, httpNtlmProxyConfig.getNtlmDomain()));
                } else {
                    basicCredentialsProvider.setCredentials(new AuthScope(httpHost), new UsernamePasswordCredentials(H.getUsername(), H.getPassword()));
                }
            }
            HttpRequestAuthentication I = httpProxyConfig.I();
            if (I != null) {
                HttpHost httpHost2 = new HttpHost(build.getHost(), build.getPort(), build.getScheme());
                basicCredentialsProvider.setCredentials(new AuthScope(httpHost2), a(I));
                BasicAuthCache basicAuthCache = new BasicAuthCache();
                if (I.isPreemptive()) {
                    AuthScheme b = b(I);
                    LOGGER.debug("Auth preemptively with scheme {} to target {}", b, httpHost2);
                    basicAuthCache.put(httpHost2, b);
                }
                create.setAuthCache(basicAuthCache);
            }
            create.setCredentialsProvider(basicCredentialsProvider);
            RequestConfig.Builder custom = RequestConfig.custom();
            custom.setConnectTimeout(httpProxyConfig.C().o().intValue());
            if (a) {
                custom.setProxy(new HttpHost(H.getHost(), H.getPort()));
            }
            create.setRequestConfig(custom.build());
            LOGGER.debug("HTTP sending: {} : {}", a2.getRequestLine(), inputStream);
            try {
                CloseableHttpResponse a3 = shareableHttpClient.a((HttpUriRequest) a2, (HttpContext) create);
                if (LOGGER.isDebugEnabled()) {
                    LOGGER.debug("HTTP response status: {}", a3.getStatusLine());
                }
                MultiMap multiMap = new MultiMap();
                Arrays.asList(a3.getAllHeaders()).forEach(header -> {
                    multiMap.put(header.getName(), header.getValue());
                    LOGGER.debug("Adding header {}", header);
                });
                ProxyHttpResponseAttributes proxyHttpResponseAttributes = new ProxyHttpResponseAttributes(a3.getStatusLine().getStatusCode(), a3.getStatusLine().getReasonPhrase(), multiMap);
                HttpEntity entity = a3.getEntity();
                Header firstHeader = a3.getFirstHeader("Content-Type");
                if (entity != null) {
                    LOGGER.debug("Entity: {} Is response streaming? {} Is response chunked? {} Is response repeatable? {}", new Object[]{entity, Boolean.valueOf(entity.isStreaming()), Boolean.valueOf(entity.isChunked()), Boolean.valueOf(entity.isRepeatable())});
                    completionCallback.success(Result.builder().output(entity.getContent()).attributes(proxyHttpResponseAttributes).mediaType(firstHeader == null ? org.mule.runtime.api.metadata.MediaType.ANY : org.mule.runtime.api.metadata.MediaType.parse(firstHeader.getValue())).build());
                } else {
                    LOGGER.debug("Entity is null");
                    completionCallback.success(Result.builder().attributes(proxyHttpResponseAttributes).mediaType(firstHeader == null ? org.mule.runtime.api.metadata.MediaType.ANY : org.mule.runtime.api.metadata.MediaType.parse(firstHeader.getValue())).build());
                }
                if (a3 != null) {
                    LOGGER.debug("Not closing http response object");
                }
            } catch (Throwable th) {
                if (0 != 0) {
                    LOGGER.debug("Not closing http response object");
                }
                throw th;
            }
        } catch (SocketTimeoutException e) {
            completionCallback.error(new ReadTimeoutException(ProxyErrorCode.IPM_SND_002, "Read timeout occurred while sending http request to " + httpRequestParameter.K() + ": " + e.getLocalizedMessage(), e));
        } catch (Throwable th2) {
            completionCallback.error(new ProcessingException(ProxyErrorCode.IPM_SND_003, "Error occurred while sending http request to " + httpRequestParameter.K() + ": " + th2.getLocalizedMessage(), th2));
        }
    }

    private String a(String str, HttpProxyConfig httpProxyConfig) {
        return this.ao.getId() + "_" + httpProxyConfig.getConfigName() + "_" + str;
    }

    private CloseableHttpClient a(HttpProxyConfig httpProxyConfig, HttpRequestParameter httpRequestParameter, URI uri, String str, ViaHttpProxyConfig viaHttpProxyConfig) throws KeyManagementException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException {
        RegistryBuilder create = RegistryBuilder.create();
        create.register("http", PlainConnectionSocketFactory.getSocketFactory());
        final KeyStoreMappingHolder b = b(str, httpProxyConfig);
        LOGGER.debug("Found client keystore {} for request path: {}", b, str);
        SSLContextBuilder create2 = SSLContextBuilder.create();
        if (a(uri)) {
            if (httpProxyConfig.G()) {
                LOGGER.debug("Setting trust to all certificates");
                create2.loadTrustMaterial(new TrustStrategy() { // from class: cz.integsoft.mule.ipm.internal.http.operation.HttpProxyOperation.1
                    public boolean isTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
                        return true;
                    }
                });
            } else if (httpProxyConfig.v() != null) {
                LOGGER.debug("Adding trust store to SSL context.");
                create2.loadTrustMaterial(httpProxyConfig.v().N(), (TrustStrategy) null);
            }
        }
        if (b != null) {
            LOGGER.debug("Adding client certificate to SSL context.");
            if (LOGGER.isDebugEnabled()) {
                final Enumeration<String> aliases = b.N().aliases();
                LOGGER.debug("Available keystore aliases: {}", StreamSupport.stream(Spliterators.spliteratorUnknownSize(new Iterator<String>() { // from class: cz.integsoft.mule.ipm.internal.http.operation.HttpProxyOperation.2
                    @Override // java.util.Iterator
                    /* renamed from: J, reason: merged with bridge method [inline-methods] */
                    public String next() {
                        return (String) aliases.nextElement();
                    }

                    @Override // java.util.Iterator
                    public boolean hasNext() {
                        return aliases.hasMoreElements();
                    }
                }, 16), false).collect(Collectors.joining(",")));
            }
            create2.loadKeyMaterial(b.N(), b.R(), new PrivateKeyStrategy() { // from class: cz.integsoft.mule.ipm.internal.http.operation.HttpProxyOperation.3
                public String chooseAlias(Map<String, PrivateKeyDetails> map, Socket socket) {
                    if (map == null || !map.containsKey(b.c())) {
                        throw new IllegalArgumentException(MessageFormat.format("Could not find any suitable alias in the client store ''{0}'' for name ''{1}''", b.P().getFileName().toString(), b.c()));
                    }
                    return b.c();
                }
            });
        }
        SSLConnectionSocketFactory sSLConnectionSocketFactory = new SSLConnectionSocketFactory(create2.build(), new String[]{httpProxyConfig.F()}, (String[]) null, httpProxyConfig.G() ? NoopHostnameVerifier.INSTANCE : SSLConnectionSocketFactory.getDefaultHostnameVerifier());
        create.register("https", sSLConnectionSocketFactory);
        HttpClientBuilder sSLSocketFactory = HttpClients.custom().setSSLSocketFactory(sSLConnectionSocketFactory);
        PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager(create.build());
        SocketConfig a = a(httpProxyConfig);
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("Using default socket config: {}", a.toString());
        }
        poolingHttpClientConnectionManager.setDefaultSocketConfig(a);
        poolingHttpClientConnectionManager.setMaxTotal(httpProxyConfig.y().intValue());
        poolingHttpClientConnectionManager.setDefaultMaxPerRoute(httpProxyConfig.z().intValue());
        sSLSocketFactory.setConnectionManager(poolingHttpClientConnectionManager);
        sSLSocketFactory.setConnectionManagerShared(false);
        if (httpProxyConfig.B() != null) {
            sSLSocketFactory.setConnectionTimeToLive(httpProxyConfig.B().intValue(), TimeUnit.MILLISECONDS);
        }
        sSLSocketFactory.evictIdleConnections(httpProxyConfig.A().intValue(), TimeUnit.MILLISECONDS);
        if (!httpProxyConfig.D()) {
            sSLSocketFactory.disableCookieManagement();
        }
        if (!httpProxyConfig.E()) {
            sSLSocketFactory.disableRedirectHandling();
        }
        return sSLSocketFactory.build();
    }

    private boolean a(URI uri, ViaHttpProxyConfig viaHttpProxyConfig) {
        if (viaHttpProxyConfig == null) {
            return false;
        }
        if (!StringUtils.isNotBlank(viaHttpProxyConfig.getNonProxyHosts())) {
            return viaHttpProxyConfig != null && StringUtils.isNotBlank(viaHttpProxyConfig.getHost());
        }
        String host = uri.getHost();
        boolean anyMatch = ((Stream) Stream.of((Object[]) viaHttpProxyConfig.getNonProxyHosts().split(",")).parallel()).anyMatch(str -> {
            return str.equalsIgnoreCase(host);
        });
        if (anyMatch) {
            LOGGER.info("Excluding host {} from the call thru web proxy.", host);
        }
        return !anyMatch;
    }

    private boolean a(URI uri) {
        return "https".equalsIgnoreCase(uri.getScheme());
    }

    private KeyStoreMappingHolder b(String str, HttpProxyConfig httpProxyConfig) {
        return httpProxyConfig.w().stream().filter(keyStoreMappingHolder -> {
            return keyStoreMappingHolder.k(str);
        }).findFirst().orElse(null);
    }

    private HttpRequestBase a(HttpConstants.Method method, URI uri, HttpRequestAttributes httpRequestAttributes, InputStream inputStream) throws IOException {
        switch (AnonymousClass4.as[method.ordinal()]) {
            case 1:
                HttpPost httpPost = new HttpPost(uri);
                httpPost.setEntity(new InputStreamEntity(inputStream, a(httpRequestAttributes)));
                return httpPost;
            case 2:
                return new HttpGet(uri);
            case 3:
                HttpPut httpPut = new HttpPut(uri);
                httpPut.setEntity(new InputStreamEntity(inputStream, a(httpRequestAttributes)));
                return httpPut;
            case 4:
                HttpDeleteWithBody httpDeleteWithBody = new HttpDeleteWithBody(uri);
                httpDeleteWithBody.setEntity(new InputStreamEntity(inputStream, a(httpRequestAttributes)));
                return httpDeleteWithBody;
            default:
                throw new IllegalArgumentException(MessageFormat.format("Unsupported HTTP method! [%s]", method));
        }
    }

    private ContentType a(HttpRequestAttributes httpRequestAttributes) {
        String str = (String) httpRequestAttributes.getHeaders().get("Content-Type");
        return str == null ? ContentType.create(ContentType.TEXT_PLAIN.getMimeType(), am) : ContentType.parse(str);
    }

    private SocketConfig a(HttpProxyConfig httpProxyConfig) {
        TcpClientSocketProperties C = httpProxyConfig.C();
        SocketConfig.Builder custom = SocketConfig.custom();
        if (C.i() != null) {
            custom.setSoTimeout(C.i().intValue());
        }
        if (C.l() != null) {
            custom.setSoLinger(C.l().intValue());
        }
        if (C.h() != null) {
            custom.setRcvBufSize(C.h().intValue());
        }
        if (C.g() != null) {
            custom.setSndBufSize(C.g().intValue());
        }
        custom.setSoReuseAddress(C.j()).setSoKeepAlive(C.m()).setTcpNoDelay(C.k());
        return custom.build();
    }

    static Credentials a(HttpRequestAuthentication httpRequestAuthentication) {
        if (!(httpRequestAuthentication instanceof BasicAuthentication) && !(httpRequestAuthentication instanceof DigestAuthentication)) {
            if (!(httpRequestAuthentication instanceof NtlmAuthentication)) {
                throw new IllegalStateException("Could not determine security scheme! Only supported is BASIC, DIGEST and NTLM.");
            }
            NtlmAuthentication ntlmAuthentication = (NtlmAuthentication) httpRequestAuthentication;
            return new NTCredentials(ntlmAuthentication.getUsername(), ntlmAuthentication.getPassword(), ntlmAuthentication.getWorkstation(), ntlmAuthentication.getDomain());
        }
        return new UsernamePasswordCredentials(httpRequestAuthentication.getUsername(), httpRequestAuthentication.getPassword());
    }

    static AuthScheme b(HttpRequestAuthentication httpRequestAuthentication) {
        if (httpRequestAuthentication instanceof BasicAuthentication) {
            return new BasicScheme();
        }
        if (httpRequestAuthentication instanceof DigestAuthentication) {
            return new DigestScheme();
        }
        if (httpRequestAuthentication instanceof NtlmAuthentication) {
            return new NTLMScheme();
        }
        throw new IllegalStateException("Could not determine security scheme! Only supported is BASIC, DIGEST and NTLM.");
    }
}
