package com.openshift.restclient;

import com.openshift.internal.restclient.DefaultClient;
import com.openshift.internal.restclient.ResourceFactory;
import com.openshift.internal.restclient.authorization.AuthorizationContext;
import com.openshift.internal.restclient.okhttp.OpenShiftAuthenticator;
import com.openshift.internal.restclient.okhttp.ResponseCodeInterceptor;
import com.openshift.restclient.http.IHttpConstants;
import com.openshift.restclient.utils.SSLUtils;
import java.io.IOException;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.Authenticator;
import okhttp3.Dispatcher;
import okhttp3.OkHttpClient;

/* loaded from: input_file:com/openshift/restclient/ClientBuilder.class */
public class ClientBuilder {
    private String baseUrl;
    private ISSLCertificateCallback sslCertificateCallback;
    private boolean sslCertCallbackWithDefaultHostnameVerifier;
    private X509Certificate certificate;
    private Collection<X509Certificate> certificateCollection;
    private String certificateAlias;
    private IResourceFactory resourceFactory;
    private String userName;
    private String token;
    private String password;
    private Authenticator proxyAuthenticator;
    private int maxRequests;
    private int maxRequestsPerHost;
    private int readTimeout;
    private TimeUnit readTimeoutUnit;
    private int connectTimeout;
    private TimeUnit connectTimeoutUnit;
    private int writeTimeout;
    private TimeUnit writeTimeoutUnit;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/openshift/restclient/ClientBuilder$CallbackTrustManager.class */
    public static class CallbackTrustManager implements X509TrustManager {
        private X509TrustManager trustManager;
        private ISSLCertificateCallback callback;

        private CallbackTrustManager(X509TrustManager x509TrustManager, ISSLCertificateCallback iSSLCertificateCallback) throws NoSuchAlgorithmException, KeyStoreException {
            this.trustManager = x509TrustManager;
            this.callback = iSSLCertificateCallback;
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return this.trustManager.getAcceptedIssuers();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            try {
                this.trustManager.checkServerTrusted(x509CertificateArr, str);
            } catch (CertificateException e) {
                if (!this.callback.allowCertificate(x509CertificateArr)) {
                    throw e;
                }
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.trustManager.checkServerTrusted(x509CertificateArr, str);
        }
    }

    public ClientBuilder() {
        this(null);
    }

    public ClientBuilder(String str) {
        this.sslCertificateCallback = new NoopSSLCertificateCallback();
        this.sslCertCallbackWithDefaultHostnameVerifier = false;
        this.maxRequests = 64;
        this.maxRequestsPerHost = 10;
        this.readTimeout = IHttpConstants.DEFAULT_READ_TIMEOUT;
        this.readTimeoutUnit = TimeUnit.MILLISECONDS;
        this.connectTimeout = IHttpConstants.DEFAULT_READ_TIMEOUT;
        this.connectTimeoutUnit = TimeUnit.MILLISECONDS;
        this.writeTimeout = IHttpConstants.DEFAULT_READ_TIMEOUT;
        this.writeTimeoutUnit = TimeUnit.MILLISECONDS;
        this.baseUrl = str;
    }

    public ClientBuilder sslCertificateCallback(ISSLCertificateCallback iSSLCertificateCallback) {
        this.sslCertificateCallback = iSSLCertificateCallback == null ? new NoopSSLCertificateCallback() : iSSLCertificateCallback;
        return this;
    }

    public ClientBuilder sslCertCallbackWithDefaultHostnameVerifier(boolean z) {
        this.sslCertCallbackWithDefaultHostnameVerifier = z;
        return this;
    }

    public ClientBuilder sslCertificate(String str, X509Certificate x509Certificate) {
        this.certificateAlias = str;
        this.certificate = x509Certificate;
        return this;
    }

    public ClientBuilder sslCertificateCollection(String str, Collection<X509Certificate> collection) {
        this.certificateAlias = str;
        this.certificateCollection = collection;
        return this;
    }

    public ClientBuilder resourceFactory(IResourceFactory iResourceFactory) {
        this.resourceFactory = iResourceFactory;
        return this;
    }

    public ClientBuilder toCluster(String str) {
        this.baseUrl = str;
        return this;
    }

    public ClientBuilder withUserName(String str) {
        this.userName = str;
        return this;
    }

    public ClientBuilder withPassword(String str) {
        this.password = str;
        return this;
    }

    public ClientBuilder usingToken(String str) {
        this.token = str;
        return this;
    }

    public ClientBuilder withConnectTimeout(int i, TimeUnit timeUnit) {
        this.connectTimeout = i;
        this.connectTimeoutUnit = timeUnit;
        return this;
    }

    public ClientBuilder withReadTimeout(int i, TimeUnit timeUnit) {
        this.readTimeout = i;
        this.readTimeoutUnit = timeUnit;
        return this;
    }

    public ClientBuilder withWriteTimeout(int i, TimeUnit timeUnit) {
        this.writeTimeout = i;
        this.writeTimeoutUnit = timeUnit;
        return this;
    }

    public ClientBuilder proxyAuthenticator(Authenticator authenticator) {
        this.proxyAuthenticator = authenticator;
        return this;
    }

    public ClientBuilder withConnectTimeout(int i) {
        this.connectTimeout = i;
        return this;
    }

    public ClientBuilder withMaxRequests(int i) {
        this.maxRequests = i;
        return this;
    }

    public ClientBuilder withMaxRequestsPerHost(int i) {
        this.maxRequestsPerHost = i;
        return this;
    }

    public IClient build() {
        try {
            X509TrustManager currentTrustManager = getCurrentTrustManager(initTrustManagerFactory(this.certificateAlias, this.certificate, this.certificateCollection));
            SSLContext sSLContext = SSLUtils.getSSLContext(currentTrustManager);
            ResponseCodeInterceptor responseCodeInterceptor = new ResponseCodeInterceptor();
            OpenShiftAuthenticator openShiftAuthenticator = new OpenShiftAuthenticator();
            Dispatcher dispatcher = new Dispatcher();
            dispatcher.setMaxRequests(this.maxRequests);
            dispatcher.setMaxRequestsPerHost(this.maxRequestsPerHost);
            OkHttpClient.Builder sslSocketFactory = new OkHttpClient.Builder().addInterceptor(responseCodeInterceptor).authenticator(openShiftAuthenticator).dispatcher(dispatcher).readTimeout(this.readTimeout, this.readTimeoutUnit).writeTimeout(this.writeTimeout, this.writeTimeoutUnit).connectTimeout(this.connectTimeout, this.connectTimeoutUnit).sslSocketFactory(sSLContext.getSocketFactory(), currentTrustManager);
            if (!this.sslCertCallbackWithDefaultHostnameVerifier) {
                sslSocketFactory.hostnameVerifier(this.sslCertificateCallback);
            }
            if (this.proxyAuthenticator != null) {
                sslSocketFactory.proxyAuthenticator(this.proxyAuthenticator);
            }
            OkHttpClient build = sslSocketFactory.build();
            IResourceFactory iResourceFactory = (IResourceFactory) defaultIfNull(this.resourceFactory, new ResourceFactory(null));
            AuthorizationContext authorizationContext = new AuthorizationContext(this.token, this.userName, this.password);
            DefaultClient defaultClient = new DefaultClient(new URL(this.baseUrl), build, iResourceFactory, null, authorizationContext);
            authorizationContext.setClient(defaultClient);
            responseCodeInterceptor.setClient(defaultClient);
            openShiftAuthenticator.setClient(defaultClient);
            openShiftAuthenticator.setOkClient(build);
            return defaultClient;
        } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new OpenShiftException(e, "Unable to initialize client", new Object[0]);
        }
    }

    private <T> T defaultIfNull(T t, T t2) {
        return t != null ? t : t2;
    }

    private X509TrustManager getCurrentTrustManager(TrustManagerFactory trustManagerFactory) throws NoSuchAlgorithmException, KeyStoreException {
        for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
            if (trustManager instanceof X509TrustManager) {
                return new CallbackTrustManager((X509TrustManager) trustManager, this.sslCertificateCallback);
            }
        }
        return null;
    }

    private TrustManagerFactory initTrustManagerFactory(String str, X509Certificate x509Certificate, Collection<X509Certificate> collection) throws NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        if (str == null || (x509Certificate == null && collection == null)) {
            trustManagerFactory.init((KeyStore) null);
        } else {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            if (x509Certificate != null) {
                x509Certificate.checkValidity();
                keyStore.setCertificateEntry(str, x509Certificate);
            }
            if (collection != null) {
                int i = 0;
                for (X509Certificate x509Certificate2 : collection) {
                    x509Certificate2.checkValidity();
                    keyStore.setCertificateEntry(str + i, x509Certificate2);
                    i++;
                }
            }
            trustManagerFactory.init(keyStore);
        }
        return trustManagerFactory;
    }
}
