package org.hawkular.agent.monitor.protocol.jmx;

import com.arjuna.ats.jts.exceptions.ExceptionCodes;
import java.io.IOException;
import javax.net.ssl.SSLContext;
import org.apache.http.Header;
import org.apache.http.HttpException;
import org.apache.http.HttpHost;
import org.apache.http.HttpRequest;
import org.apache.http.HttpRequestInterceptor;
import org.apache.http.auth.AuthScheme;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.AuthState;
import org.apache.http.auth.AuthenticationException;
import org.apache.http.auth.Credentials;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.CredentialsProvider;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.auth.BasicScheme;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.message.BufferedHeader;
import org.apache.http.protocol.HttpContext;
import org.apache.http.util.Args;
import org.apache.http.util.CharArrayBuffer;
import org.hawkular.agent.monitor.extension.MonitorServiceConfiguration;
import org.hawkular.agent.monitor.inventory.ConnectionData;
import org.hawkular.agent.monitor.inventory.MonitoredEndpoint;
import org.jolokia.client.BasicAuthenticator;
import org.jolokia.client.J4pAuthenticator;
import org.jolokia.client.J4pClient;

/* loaded from: input_file:m2repo/org/hawkular/agent/hawkular-wildfly-agent/0.23.0.Final/hawkular-wildfly-agent-0.23.0.Final.jar:org/hawkular/agent/monitor/protocol/jmx/JmxClientFactory.class */
public class JmxClientFactory {
    private static final String BEARER_TOKEN_USER_ID = "_bearer";
    private final MonitoredEndpoint<MonitorServiceConfiguration.EndpointConfiguration> endpoint;

    /* loaded from: input_file:m2repo/org/hawkular/agent/hawkular-wildfly-agent/0.23.0.Final/hawkular-wildfly-agent-0.23.0.Final.jar:org/hawkular/agent/monitor/protocol/jmx/JmxClientFactory$BearerAuthenticator.class */
    private class BearerAuthenticator implements J4pAuthenticator {

        /* JADX INFO: Access modifiers changed from: package-private */
        /* loaded from: input_file:m2repo/org/hawkular/agent/hawkular-wildfly-agent/0.23.0.Final/hawkular-wildfly-agent-0.23.0.Final.jar:org/hawkular/agent/monitor/protocol/jmx/JmxClientFactory$BearerAuthenticator$PreemptiveAuthInterceptor.class */
        public class PreemptiveAuthInterceptor implements HttpRequestInterceptor {
            private AuthScheme authScheme;

            PreemptiveAuthInterceptor(AuthScheme authScheme) {
                this.authScheme = authScheme;
            }

            @Override // org.apache.http.HttpRequestInterceptor
            public void process(HttpRequest httpRequest, HttpContext httpContext) throws HttpException, IOException {
                AuthState authState = (AuthState) httpContext.getAttribute("http.auth.target-scope");
                if (authState.getAuthScheme() == null) {
                    CredentialsProvider credentialsProvider = (CredentialsProvider) httpContext.getAttribute("http.auth.credentials-provider");
                    HttpHost httpHost = (HttpHost) httpContext.getAttribute("http.target_host");
                    Credentials credentials = credentialsProvider.getCredentials(new AuthScope(httpHost.getHostName(), httpHost.getPort()));
                    if (credentials == null) {
                        throw new HttpException("No credentials given for preemptive authentication");
                    }
                    authState.update(this.authScheme, credentials);
                }
            }
        }

        private BearerAuthenticator() {
        }

        @Override // org.jolokia.client.J4pAuthenticator
        public void authenticate(HttpClientBuilder httpClientBuilder, String str, String str2) {
            BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
            basicCredentialsProvider.setCredentials(new AuthScope(AuthScope.ANY), new UsernamePasswordCredentials(str, str2));
            httpClientBuilder.setDefaultCredentialsProvider(basicCredentialsProvider);
            httpClientBuilder.addInterceptorFirst(new PreemptiveAuthInterceptor(new BearerScheme()));
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:m2repo/org/hawkular/agent/hawkular-wildfly-agent/0.23.0.Final/hawkular-wildfly-agent-0.23.0.Final.jar:org/hawkular/agent/monitor/protocol/jmx/JmxClientFactory$BearerScheme.class */
    public class BearerScheme extends BasicScheme {
        private BearerScheme() {
        }

        @Override // org.apache.http.impl.auth.BasicScheme, org.apache.http.auth.AuthScheme
        public String getSchemeName() {
            return "bearer";
        }

        @Override // org.apache.http.impl.auth.BasicScheme, org.apache.http.impl.auth.AuthSchemeBase, org.apache.http.auth.ContextAwareAuthScheme
        public Header authenticate(Credentials credentials, HttpRequest httpRequest, HttpContext httpContext) throws AuthenticationException {
            Args.notNull(credentials, "Credentials");
            Args.notNull(httpRequest, "HTTP request");
            String password = credentials.getPassword();
            CharArrayBuffer charArrayBuffer = new CharArrayBuffer(64);
            if (isProxy()) {
                charArrayBuffer.append("Proxy-Authorization");
            } else {
                charArrayBuffer.append("Authorization");
            }
            charArrayBuffer.append(": Bearer ");
            charArrayBuffer.append(password);
            return new BufferedHeader(charArrayBuffer);
        }
    }

    /* loaded from: input_file:m2repo/org/hawkular/agent/hawkular-wildfly-agent/0.23.0.Final/hawkular-wildfly-agent-0.23.0.Final.jar:org/hawkular/agent/monitor/protocol/jmx/JmxClientFactory$SecureBasicAuthenticator.class */
    private static class SecureBasicAuthenticator extends BasicAuthenticator {
        private final SSLContext sslContext;

        public SecureBasicAuthenticator(SSLContext sSLContext) {
            this.sslContext = sSLContext;
        }

        @Override // org.jolokia.client.BasicAuthenticator, org.jolokia.client.J4pAuthenticator
        public void authenticate(HttpClientBuilder httpClientBuilder, String str, String str2) {
            httpClientBuilder.setSSLSocketFactory(new SSLConnectionSocketFactory(this.sslContext));
            super.authenticate(httpClientBuilder, str, str2);
        }
    }

    /* loaded from: input_file:m2repo/org/hawkular/agent/hawkular-wildfly-agent/0.23.0.Final/hawkular-wildfly-agent-0.23.0.Final.jar:org/hawkular/agent/monitor/protocol/jmx/JmxClientFactory$SecureBearerAuthenticator.class */
    private class SecureBearerAuthenticator extends BearerAuthenticator {
        private final SSLContext sslContext;

        public SecureBearerAuthenticator(SSLContext sSLContext) {
            super();
            this.sslContext = sSLContext;
        }

        @Override // org.hawkular.agent.monitor.protocol.jmx.JmxClientFactory.BearerAuthenticator, org.jolokia.client.J4pAuthenticator
        public void authenticate(HttpClientBuilder httpClientBuilder, String str, String str2) {
            httpClientBuilder.setSSLSocketFactory(new SSLConnectionSocketFactory(this.sslContext));
            super.authenticate(httpClientBuilder, str, str2);
        }
    }

    public JmxClientFactory(MonitoredEndpoint<MonitorServiceConfiguration.EndpointConfiguration> monitoredEndpoint) {
        this.endpoint = monitoredEndpoint;
    }

    public J4pClient createClient() {
        ConnectionData connectionData = this.endpoint.getConnectionData();
        SSLContext sSLContext = this.endpoint.getSSLContext();
        boolean z = false;
        if (connectionData.getUsername() != null && connectionData.getUsername().equalsIgnoreCase(BEARER_TOKEN_USER_ID)) {
            if (connectionData.getPassword() == null) {
                throw new IllegalStateException("Bearer token is missing. Must be specified as the password");
            }
            z = true;
        }
        return J4pClient.url(connectionData.getUri().toString()).user(connectionData.getUsername()).password(connectionData.getPassword()).authenticator((sSLContext == null || !connectionData.getUri().getScheme().equalsIgnoreCase("https")) ? z ? new BearerAuthenticator() : new BasicAuthenticator().preemptive() : z ? new SecureBearerAuthenticator(sSLContext) : new SecureBasicAuthenticator(sSLContext).preemptive()).connectionTimeout(ExceptionCodes.INVALID_TRANSACTION_BASE).build();
    }
}
