package org.sonatype.nexus.proxy.storage.remote.commonshttpclient;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;
import org.apache.commons.httpclient.CustomMultiThreadedHttpConnectionManager;
import org.apache.commons.httpclient.HostConfiguration;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.NTCredentials;
import org.apache.commons.httpclient.UsernamePasswordCredentials;
import org.apache.commons.httpclient.auth.AuthScope;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.sonatype.nexus.proxy.repository.ClientSSLRemoteAuthenticationSettings;
import org.sonatype.nexus.proxy.repository.NtlmRemoteAuthenticationSettings;
import org.sonatype.nexus.proxy.repository.RemoteProxySettings;
import org.sonatype.nexus.proxy.repository.UsernamePasswordRemoteAuthenticationSettings;
import org.sonatype.nexus.proxy.storage.remote.RemoteStorageContext;
import org.sonatype.nexus.util.SystemPropertiesHelper;

/* loaded from: input_file:org/sonatype/nexus/proxy/storage/remote/commonshttpclient/HttpClientProxyUtil.class */
public class HttpClientProxyUtil {
    public static final String CONNECTION_POOL_SIZE_KEY = "httpClient.connectionPoolSize";
    public static final String NTLM_IS_IN_USE_KEY = "httpClient.ntlmIsInUse";
    private static final Logger LOGGER = LoggerFactory.getLogger(HttpClientProxyUtil.class);

    public static void applyProxyToHttpClient(HttpClient httpClient, RemoteStorageContext remoteStorageContext, Logger logger) {
        httpClient.setHttpConnectionManager(new CustomMultiThreadedHttpConnectionManager());
        int connectionTimeout = remoteStorageContext.getRemoteConnectionSettings().getConnectionTimeout();
        int integer = SystemPropertiesHelper.getInteger(CONNECTION_POOL_SIZE_KEY, 20);
        httpClient.getHttpConnectionManager().getParams().setConnectionTimeout(connectionTimeout);
        httpClient.getHttpConnectionManager().getParams().setSoTimeout(connectionTimeout);
        httpClient.getHttpConnectionManager().getParams().setMaxTotalConnections(integer);
        httpClient.getHttpConnectionManager().getParams().setMaxConnectionsPerHost(HostConfiguration.ANY_HOST_CONFIGURATION, integer);
        HostConfiguration hostConfiguration = httpClient.getHostConfiguration();
        NtlmRemoteAuthenticationSettings remoteAuthenticationSettings = remoteStorageContext.getRemoteAuthenticationSettings();
        boolean z = false;
        boolean z2 = false;
        if (remoteAuthenticationSettings != null) {
            ArrayList arrayList = new ArrayList(2);
            arrayList.add("Digest");
            arrayList.add("Basic");
            if (!(remoteAuthenticationSettings instanceof ClientSSLRemoteAuthenticationSettings)) {
                if (remoteAuthenticationSettings instanceof NtlmRemoteAuthenticationSettings) {
                    NtlmRemoteAuthenticationSettings ntlmRemoteAuthenticationSettings = remoteAuthenticationSettings;
                    arrayList.add(0, "NTLM");
                    logger(logger).info("... authentication setup for NTLM domain '{}'", ntlmRemoteAuthenticationSettings.getNtlmDomain());
                    hostConfiguration.setHost(ntlmRemoteAuthenticationSettings.getNtlmHost());
                    httpClient.getState().setCredentials(AuthScope.ANY, new NTCredentials(ntlmRemoteAuthenticationSettings.getUsername(), ntlmRemoteAuthenticationSettings.getPassword(), ntlmRemoteAuthenticationSettings.getNtlmHost(), ntlmRemoteAuthenticationSettings.getNtlmDomain()));
                    z2 = true;
                } else if (remoteAuthenticationSettings instanceof UsernamePasswordRemoteAuthenticationSettings) {
                    UsernamePasswordRemoteAuthenticationSettings usernamePasswordRemoteAuthenticationSettings = (UsernamePasswordRemoteAuthenticationSettings) remoteAuthenticationSettings;
                    logger(logger).info("... authentication setup for remote storage with username '{}'", usernamePasswordRemoteAuthenticationSettings.getUsername());
                    httpClient.getState().setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(usernamePasswordRemoteAuthenticationSettings.getUsername(), usernamePasswordRemoteAuthenticationSettings.getPassword()));
                    z = true;
                }
            }
            httpClient.getParams().setParameter("http.auth.scheme-priority", arrayList);
        }
        RemoteProxySettings remoteProxySettings = remoteStorageContext.getRemoteProxySettings();
        boolean z3 = false;
        if (remoteProxySettings.isEnabled()) {
            z3 = true;
            logger(logger).info("... proxy setup with host '{}'", remoteProxySettings.getHostname());
            hostConfiguration.setProxy(remoteProxySettings.getHostname(), remoteProxySettings.getPort());
            if (remoteProxySettings.getNonProxyHosts() != null && !remoteProxySettings.getNonProxyHosts().isEmpty()) {
                HashSet hashSet = new HashSet(remoteProxySettings.getNonProxyHosts().size());
                for (String str : remoteProxySettings.getNonProxyHosts()) {
                    try {
                        hashSet.add(Pattern.compile(str, 2));
                    } catch (PatternSyntaxException e) {
                        logger(logger).warn("Invalid non proxy host regex: {}", str, e);
                    }
                }
                hostConfiguration.getParams().setParameter(CustomMultiThreadedHttpConnectionManager.NON_PROXY_HOSTS_PATTERNS_KEY, hashSet);
            }
            if (remoteProxySettings.getProxyAuthentication() != null) {
                NtlmRemoteAuthenticationSettings proxyAuthentication = remoteProxySettings.getProxyAuthentication();
                ArrayList arrayList2 = new ArrayList(2);
                arrayList2.add("Digest");
                arrayList2.add("Basic");
                if (!(proxyAuthentication instanceof ClientSSLRemoteAuthenticationSettings)) {
                    if (proxyAuthentication instanceof NtlmRemoteAuthenticationSettings) {
                        NtlmRemoteAuthenticationSettings ntlmRemoteAuthenticationSettings2 = proxyAuthentication;
                        arrayList2.add(0, "NTLM");
                        if (remoteStorageContext.getRemoteAuthenticationSettings() != null && (remoteStorageContext.getRemoteAuthenticationSettings() instanceof NtlmRemoteAuthenticationSettings)) {
                            logger(logger).warn("... Apache Commons HttpClient 3.x is unable to use NTLM auth scheme\n for BOTH server side and proxy side authentication!\n You MUST reconfigure server side auth and use BASIC/DIGEST scheme\n if you have to use NTLM proxy, otherwise it will not work!\n *** SERVER SIDE AUTH OVERRIDDEN");
                        }
                        logger(logger).info("... proxy authentication setup for NTLM domain '{}'", ntlmRemoteAuthenticationSettings2.getNtlmDomain());
                        hostConfiguration.setHost(ntlmRemoteAuthenticationSettings2.getNtlmHost());
                        httpClient.getState().setProxyCredentials(AuthScope.ANY, new NTCredentials(ntlmRemoteAuthenticationSettings2.getUsername(), ntlmRemoteAuthenticationSettings2.getPassword(), ntlmRemoteAuthenticationSettings2.getNtlmHost(), ntlmRemoteAuthenticationSettings2.getNtlmDomain()));
                        z2 = true;
                    } else if (proxyAuthentication instanceof UsernamePasswordRemoteAuthenticationSettings) {
                        UsernamePasswordRemoteAuthenticationSettings usernamePasswordRemoteAuthenticationSettings2 = (UsernamePasswordRemoteAuthenticationSettings) proxyAuthentication;
                        logger(logger).info("... proxy authentication setup for remote storage with username '{}'", usernamePasswordRemoteAuthenticationSettings2.getUsername());
                        httpClient.getState().setProxyCredentials(AuthScope.ANY, new UsernamePasswordCredentials(usernamePasswordRemoteAuthenticationSettings2.getUsername(), usernamePasswordRemoteAuthenticationSettings2.getPassword()));
                    }
                }
                httpClient.getParams().setParameter("http.auth.scheme-priority", arrayList2);
            }
        }
        if (z && !z3) {
            logger(logger).info("... simple scenario: simple authentication used with no proxy in between target and us, will use preemptive authentication");
            httpClient.getParams().setAuthenticationPreemptive(true);
        }
        Boolean bool = (Boolean) remoteStorageContext.getContextObject(NTLM_IS_IN_USE_KEY);
        if (bool == null || bool.booleanValue() != z2) {
            if (z2) {
                remoteStorageContext.putContextObject(NTLM_IS_IN_USE_KEY, Boolean.TRUE);
            } else {
                remoteStorageContext.putContextObject(NTLM_IS_IN_USE_KEY, Boolean.FALSE);
            }
        }
    }

    private static Logger logger(Logger logger) {
        return logger != null ? logger : LOGGER;
    }
}
