package org.sonatype.nexus.apachehttpclient;

import com.google.common.base.Preconditions;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.concurrent.TimeUnit;
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import org.apache.http.HttpHost;
import org.apache.http.HttpVersion;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.Credentials;
import org.apache.http.auth.NTCredentials;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.protocol.ResponseContentEncoding;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.scheme.SchemeSocketFactory;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.NoConnectionReuseStrategy;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.conn.PoolingClientConnectionManager;
import org.apache.http.params.HttpParams;
import org.apache.http.params.SyncBasicHttpParams;
import org.apache.http.protocol.BasicHttpProcessor;
import org.sonatype.nexus.configuration.application.ApplicationConfiguration;
import org.sonatype.nexus.logging.AbstractLoggingComponent;
import org.sonatype.nexus.proxy.events.NexusStoppedEvent;
import org.sonatype.nexus.proxy.repository.ClientSSLRemoteAuthenticationSettings;
import org.sonatype.nexus.proxy.repository.NtlmRemoteAuthenticationSettings;
import org.sonatype.nexus.proxy.repository.RemoteAuthenticationSettings;
import org.sonatype.nexus.proxy.repository.RemoteProxySettings;
import org.sonatype.nexus.proxy.repository.UsernamePasswordRemoteAuthenticationSettings;
import org.sonatype.nexus.proxy.storage.remote.RemoteStorageContext;
import org.sonatype.nexus.proxy.utils.UserAgentBuilder;
import org.sonatype.nexus.util.SystemPropertiesHelper;
import org.sonatype.plexus.appevents.ApplicationEventMulticaster;
import org.sonatype.plexus.appevents.Event;
import org.sonatype.plexus.appevents.EventListener;

@Singleton
@Named
/* loaded from: input_file:org/sonatype/nexus/apachehttpclient/Hc4ProviderImpl.class */
public class Hc4ProviderImpl extends AbstractLoggingComponent implements Hc4Provider, EventListener {
    private static final String CONNECTION_POOL_MAX_SIZE_KEY = "nexus.apacheHttpClient4x.connectionPoolMaxSize";
    private static final int CONNECTION_POOL_MAX_SIZE_DEFAULT = 200;
    private static final String CONNECTION_POOL_SIZE_KEY = "nexus.apacheHttpClient4x.connectionPoolSize";
    private static final int CONNECTION_POOL_SIZE_DEFAULT = 20;
    private static final String CONNECTION_POOL_KEEPALIVE_KEY = "nexus.apacheHttpClient4x.connectionPoolKeepalive";
    private static final String CONNECTION_POOL_TIMEOUT_KEY = "nexus.apacheHttpClient4x.connectionPoolTimeout";
    private final ApplicationConfiguration applicationConfiguration;
    private final UserAgentBuilder userAgentBuilder;
    private final ApplicationEventMulticaster applicationEventMulticaster;
    private final PoolingClientConnectionManager sharedConnectionManager = createClientConnectionManager();
    private final EvictingThread evictingThread = new EvictingThread(this.sharedConnectionManager, getConnectionPoolKeepalive());
    private final PoolingClientConnectionManagerMBeanInstaller jmxInstaller;
    private static final long CONNECTION_POOL_KEEPALIVE_DEFAULT = TimeUnit.MINUTES.toMillis(1);
    private static final long CONNECTION_POOL_TIMEOUT_DEFAULT = CONNECTION_POOL_KEEPALIVE_DEFAULT;

    @Inject
    public Hc4ProviderImpl(ApplicationConfiguration applicationConfiguration, UserAgentBuilder userAgentBuilder, ApplicationEventMulticaster applicationEventMulticaster, PoolingClientConnectionManagerMBeanInstaller poolingClientConnectionManagerMBeanInstaller) {
        this.applicationConfiguration = (ApplicationConfiguration) Preconditions.checkNotNull(applicationConfiguration);
        this.userAgentBuilder = (UserAgentBuilder) Preconditions.checkNotNull(userAgentBuilder);
        this.jmxInstaller = (PoolingClientConnectionManagerMBeanInstaller) Preconditions.checkNotNull(poolingClientConnectionManagerMBeanInstaller);
        this.evictingThread.start();
        this.applicationEventMulticaster = (ApplicationEventMulticaster) Preconditions.checkNotNull(applicationEventMulticaster);
        this.applicationEventMulticaster.addEventListener(this);
        this.jmxInstaller.register(this.sharedConnectionManager);
        getLogger().info("{} started up (keep-alive {} millis), listening for shutdown.", getClass().getSimpleName(), Long.valueOf(getConnectionPoolKeepalive()));
    }

    protected int getConnectionPoolMaxSize() {
        return SystemPropertiesHelper.getInteger(CONNECTION_POOL_MAX_SIZE_KEY, CONNECTION_POOL_MAX_SIZE_DEFAULT);
    }

    protected int getConnectionPoolSize() {
        return SystemPropertiesHelper.getInteger(CONNECTION_POOL_SIZE_KEY, 20);
    }

    protected long getConnectionPoolKeepalive() {
        return SystemPropertiesHelper.getLong(CONNECTION_POOL_KEEPALIVE_KEY, CONNECTION_POOL_KEEPALIVE_DEFAULT);
    }

    protected long getConnectionPoolTimeout() {
        return SystemPropertiesHelper.getLong(CONNECTION_POOL_TIMEOUT_KEY, CONNECTION_POOL_TIMEOUT_DEFAULT);
    }

    protected int getConnectionTimeout(RemoteStorageContext remoteStorageContext) {
        if (remoteStorageContext.getRemoteConnectionSettings() != null) {
            return remoteStorageContext.getRemoteConnectionSettings().getConnectionTimeout();
        }
        return 1000;
    }

    protected int getSoTimeout(RemoteStorageContext remoteStorageContext) {
        return getConnectionTimeout(remoteStorageContext);
    }

    public synchronized void shutdown() {
        this.evictingThread.interrupt();
        this.jmxInstaller.unregister();
        this.sharedConnectionManager.shutdown();
        this.applicationEventMulticaster.removeEventListener(this);
        getLogger().info("{} shut down.", getClass().getSimpleName());
    }

    public void onEvent(Event<?> event) {
        if (event instanceof NexusStoppedEvent) {
            shutdown();
        }
    }

    protected void finalize() throws Throwable {
        try {
            shutdown();
            super.finalize();
        } catch (Throwable th) {
            super.finalize();
            throw th;
        }
    }

    @Override // org.sonatype.nexus.apachehttpclient.Hc4Provider
    public DefaultHttpClient createHttpClient() {
        DefaultHttpClient createHttpClient = createHttpClient(this.applicationConfiguration.getGlobalRemoteStorageContext());
        createHttpClient.setReuseStrategy(new NoConnectionReuseStrategy());
        return createHttpClient;
    }

    @Override // org.sonatype.nexus.apachehttpclient.Hc4Provider
    public DefaultHttpClient createHttpClient(RemoteStorageContext remoteStorageContext) {
        return createHttpClient(remoteStorageContext, this.sharedConnectionManager);
    }

    protected DefaultHttpClient createHttpClient(RemoteStorageContext remoteStorageContext, ClientConnectionManager clientConnectionManager) {
        DefaultHttpClient defaultHttpClient = new DefaultHttpClient(clientConnectionManager, createHttpParams(remoteStorageContext)) { // from class: org.sonatype.nexus.apachehttpclient.Hc4ProviderImpl.1
            @Override // org.apache.http.impl.client.DefaultHttpClient, org.apache.http.impl.client.AbstractHttpClient
            protected BasicHttpProcessor createHttpProcessor() {
                BasicHttpProcessor createHttpProcessor = super.createHttpProcessor();
                createHttpProcessor.addResponseInterceptor(new ResponseContentEncoding());
                return createHttpProcessor;
            }
        };
        configureAuthentication(defaultHttpClient, remoteStorageContext.getRemoteAuthenticationSettings(), null);
        configureProxy(defaultHttpClient, remoteStorageContext.getRemoteProxySettings());
        return defaultHttpClient;
    }

    protected HttpParams createHttpParams(RemoteStorageContext remoteStorageContext) {
        SyncBasicHttpParams syncBasicHttpParams = new SyncBasicHttpParams();
        syncBasicHttpParams.setParameter("http.protocol.version", HttpVersion.HTTP_1_1);
        syncBasicHttpParams.setBooleanParameter("http.protocol.expect-continue", false);
        syncBasicHttpParams.setBooleanParameter("http.connection.stalecheck", false);
        syncBasicHttpParams.setIntParameter("http.socket.buffer-size", 8192);
        syncBasicHttpParams.setLongParameter("http.conn-manager.timeout", getConnectionPoolTimeout());
        syncBasicHttpParams.setIntParameter("http.connection.timeout", getConnectionTimeout(remoteStorageContext));
        syncBasicHttpParams.setIntParameter("http.socket.timeout", getSoTimeout(remoteStorageContext));
        syncBasicHttpParams.setParameter("http.useragent", this.userAgentBuilder.formatGenericUserAgentString());
        return syncBasicHttpParams;
    }

    protected PoolingClientConnectionManager createClientConnectionManager() throws IllegalStateException {
        SchemeRegistry schemeRegistry = new SchemeRegistry();
        schemeRegistry.register(new Scheme("http", 80, (SchemeSocketFactory) PlainSocketFactory.getSocketFactory()));
        schemeRegistry.register(new Scheme("https", 443, (SchemeSocketFactory) SSLSocketFactory.getSocketFactory()));
        PoolingClientConnectionManager poolingClientConnectionManager = new PoolingClientConnectionManager(schemeRegistry);
        int connectionPoolMaxSize = getConnectionPoolMaxSize();
        int min = Math.min(getConnectionPoolSize(), connectionPoolMaxSize);
        poolingClientConnectionManager.setMaxTotal(connectionPoolMaxSize);
        poolingClientConnectionManager.setDefaultMaxPerRoute(min);
        return poolingClientConnectionManager;
    }

    protected void configureAuthentication(DefaultHttpClient defaultHttpClient, RemoteAuthenticationSettings remoteAuthenticationSettings, HttpHost httpHost) {
        if (remoteAuthenticationSettings != null) {
            String str = httpHost != null ? httpHost.toHostString() + " proxy" : "target";
            ArrayList arrayList = new ArrayList(2);
            arrayList.add("Digest");
            arrayList.add("Basic");
            Credentials credentials = null;
            if (remoteAuthenticationSettings instanceof ClientSSLRemoteAuthenticationSettings) {
                throw new IllegalArgumentException("SSL client authentication not yet supported!");
            }
            if (remoteAuthenticationSettings instanceof NtlmRemoteAuthenticationSettings) {
                NtlmRemoteAuthenticationSettings ntlmRemoteAuthenticationSettings = (NtlmRemoteAuthenticationSettings) remoteAuthenticationSettings;
                arrayList.add(0, "NTLM");
                getLogger().info("... {} authentication setup for NTLM domain '{}'", str, ntlmRemoteAuthenticationSettings.getNtlmDomain());
                credentials = new NTCredentials(ntlmRemoteAuthenticationSettings.getUsername(), ntlmRemoteAuthenticationSettings.getPassword(), ntlmRemoteAuthenticationSettings.getNtlmHost(), ntlmRemoteAuthenticationSettings.getNtlmDomain());
            } else if (remoteAuthenticationSettings instanceof UsernamePasswordRemoteAuthenticationSettings) {
                UsernamePasswordRemoteAuthenticationSettings usernamePasswordRemoteAuthenticationSettings = (UsernamePasswordRemoteAuthenticationSettings) remoteAuthenticationSettings;
                getLogger().info("... {} authentication setup for remote storage with username '{}'", str, usernamePasswordRemoteAuthenticationSettings.getUsername());
                credentials = new UsernamePasswordCredentials(usernamePasswordRemoteAuthenticationSettings.getUsername(), usernamePasswordRemoteAuthenticationSettings.getPassword());
            }
            if (credentials != null) {
                if (httpHost != null) {
                    defaultHttpClient.getCredentialsProvider().setCredentials(new AuthScope(httpHost), credentials);
                    defaultHttpClient.getParams().setParameter("http.auth.proxy-scheme-pref", arrayList);
                } else {
                    defaultHttpClient.getCredentialsProvider().setCredentials(AuthScope.ANY, credentials);
                    defaultHttpClient.getParams().setParameter("http.auth.target-scheme-pref", arrayList);
                }
            }
        }
    }

    protected void configureProxy(DefaultHttpClient defaultHttpClient, RemoteProxySettings remoteProxySettings) {
        if (remoteProxySettings.isEnabled()) {
            getLogger().info("... proxy setup with host '{}'", remoteProxySettings.getHostname());
            HttpHost httpHost = new HttpHost(remoteProxySettings.getHostname(), remoteProxySettings.getPort());
            defaultHttpClient.getParams().setParameter("http.route.default-proxy", httpHost);
            if (remoteProxySettings.getNonProxyHosts() != null && !remoteProxySettings.getNonProxyHosts().isEmpty()) {
                HashSet hashSet = new HashSet(remoteProxySettings.getNonProxyHosts().size());
                for (String str : remoteProxySettings.getNonProxyHosts()) {
                    try {
                        hashSet.add(Pattern.compile(str, 2));
                    } catch (PatternSyntaxException e) {
                        getLogger().warn("Invalid non proxy host regex: {}", str, e);
                    }
                }
                defaultHttpClient.setRoutePlanner(new NonProxyHostsAwareHttpRoutePlanner(defaultHttpClient.getConnectionManager().getSchemeRegistry(), hashSet));
            }
            configureAuthentication(defaultHttpClient, remoteProxySettings.getProxyAuthentication(), httpHost);
        }
    }
}
