package com.amazonaws.http;

import com.amazonaws.AmazonClientException;
import com.amazonaws.ClientConfiguration;
import com.amazonaws.SDKGlobalConfiguration;
import com.amazonaws.http.conn.ssl.SdkTLSSocketFactory;
import com.amazonaws.http.impl.client.HttpRequestNoRetryHandler;
import com.amazonaws.http.impl.client.SdkHttpClient;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.Header;
import org.apache.http.HeaderElement;
import org.apache.http.HttpEntity;
import org.apache.http.HttpException;
import org.apache.http.HttpHost;
import org.apache.http.HttpRequest;
import org.apache.http.HttpRequestInterceptor;
import org.apache.http.HttpResponseInterceptor;
import org.apache.http.ProtocolException;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.ChallengeState;
import org.apache.http.auth.NTCredentials;
import org.apache.http.client.AuthCache;
import org.apache.http.client.HttpClient;
import org.apache.http.client.RedirectStrategy;
import org.apache.http.client.entity.GzipDecompressingEntity;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.conn.ConnectTimeoutException;
import org.apache.http.conn.params.ConnRoutePNames;
import org.apache.http.conn.params.ConnRouteParams;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeLayeredSocketFactory;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.scheme.SchemeSocketFactory;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.auth.BasicScheme;
import org.apache.http.impl.client.BasicAuthCache;
import org.apache.http.impl.conn.PoolingClientConnectionManager;
import org.apache.http.params.BasicHttpParams;
import org.apache.http.params.HttpConnectionParams;
import org.apache.http.params.HttpParams;
import org.apache.http.protocol.HttpContext;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/amazonaws/http/HttpClientFactory.class */
public class HttpClientFactory {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/amazonaws/http/HttpClientFactory$NeverFollowRedirectStrategy.class */
    public static final class NeverFollowRedirectStrategy implements RedirectStrategy {
        private NeverFollowRedirectStrategy() {
        }

        @Override // org.apache.http.client.RedirectStrategy
        public boolean isRedirected(HttpRequest httpRequest, org.apache.http.HttpResponse httpResponse, HttpContext httpContext) throws ProtocolException {
            return false;
        }

        @Override // org.apache.http.client.RedirectStrategy
        public HttpUriRequest getRedirect(HttpRequest httpRequest, org.apache.http.HttpResponse httpResponse, HttpContext httpContext) throws ProtocolException {
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/amazonaws/http/HttpClientFactory$PreemptiveProxyAuth.class */
    public static class PreemptiveProxyAuth implements HttpRequestInterceptor {
        private final HttpHost proxyHost;

        public PreemptiveProxyAuth(HttpHost httpHost) {
            this.proxyHost = httpHost;
        }

        @Override // org.apache.http.HttpRequestInterceptor
        public void process(HttpRequest httpRequest, HttpContext httpContext) {
            BasicScheme basicScheme = new BasicScheme(ChallengeState.PROXY);
            if (httpContext.getAttribute("http.auth.auth-cache") != null) {
                ((AuthCache) httpContext.getAttribute("http.auth.auth-cache")).put(this.proxyHost, basicScheme);
                return;
            }
            BasicAuthCache basicAuthCache = new BasicAuthCache();
            basicAuthCache.put(this.proxyHost, basicScheme);
            httpContext.setAttribute("http.auth.auth-cache", basicAuthCache);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/amazonaws/http/HttpClientFactory$TrustingSocketFactory.class */
    public static class TrustingSocketFactory implements SchemeSocketFactory, SchemeLayeredSocketFactory {
        private SSLContext sslcontext;

        private TrustingSocketFactory() {
            this.sslcontext = null;
        }

        private static SSLContext createSSLContext() throws IOException {
            try {
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(null, new TrustManager[]{new TrustingX509TrustManager()}, null);
                return sSLContext;
            } catch (Exception e) {
                throw new IOException(e.getMessage(), e);
            }
        }

        private SSLContext getSSLContext() throws IOException {
            if (this.sslcontext == null) {
                this.sslcontext = createSSLContext();
            }
            return this.sslcontext;
        }

        @Override // org.apache.http.conn.scheme.SchemeSocketFactory
        public Socket createSocket(HttpParams httpParams) throws IOException {
            return getSSLContext().getSocketFactory().createSocket();
        }

        @Override // org.apache.http.conn.scheme.SchemeSocketFactory
        public Socket connectSocket(Socket socket, InetSocketAddress inetSocketAddress, InetSocketAddress inetSocketAddress2, HttpParams httpParams) throws IOException, UnknownHostException, ConnectTimeoutException {
            int connectionTimeout = HttpConnectionParams.getConnectionTimeout(httpParams);
            int soTimeout = HttpConnectionParams.getSoTimeout(httpParams);
            SSLSocket sSLSocket = (SSLSocket) (socket != null ? socket : createSocket(httpParams));
            if (inetSocketAddress2 != null) {
                sSLSocket.bind(inetSocketAddress2);
            }
            sSLSocket.connect(inetSocketAddress, connectionTimeout);
            sSLSocket.setSoTimeout(soTimeout);
            return sSLSocket;
        }

        @Override // org.apache.http.conn.scheme.SchemeSocketFactory
        public boolean isSecure(Socket socket) throws IllegalArgumentException {
            return true;
        }

        @Override // org.apache.http.conn.scheme.SchemeLayeredSocketFactory
        public Socket createLayeredSocket(Socket socket, String str, int i, HttpParams httpParams) throws IOException, UnknownHostException {
            return getSSLContext().getSocketFactory().createSocket(socket, str, i, true);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/amazonaws/http/HttpClientFactory$TrustingX509TrustManager.class */
    public static class TrustingX509TrustManager implements X509TrustManager {
        private static final X509Certificate[] X509_CERTIFICATES = new X509Certificate[0];

        private TrustingX509TrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return X509_CERTIFICATES;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }
    }

    public HttpClient createHttpClient(ClientConfiguration clientConfiguration) {
        BasicHttpParams basicHttpParams = new BasicHttpParams();
        HttpConnectionParams.setConnectionTimeout(basicHttpParams, clientConfiguration.getConnectionTimeout());
        HttpConnectionParams.setSoTimeout(basicHttpParams, clientConfiguration.getSocketTimeout());
        HttpConnectionParams.setStaleCheckingEnabled(basicHttpParams, true);
        HttpConnectionParams.setTcpNoDelay(basicHttpParams, true);
        HttpConnectionParams.setSoKeepalive(basicHttpParams, clientConfiguration.useTcpKeepAlive());
        int i = clientConfiguration.getSocketBufferSizeHints()[0];
        int i2 = clientConfiguration.getSocketBufferSizeHints()[1];
        if (i > 0 || i2 > 0) {
            HttpConnectionParams.setSocketBufferSize(basicHttpParams, Math.max(i, i2));
        }
        PoolingClientConnectionManager createPoolingClientConnManager = ConnectionManagerFactory.createPoolingClientConnManager(clientConfiguration, basicHttpParams);
        SdkHttpClient sdkHttpClient = new SdkHttpClient(createPoolingClientConnManager, basicHttpParams);
        sdkHttpClient.setHttpRequestRetryHandler(HttpRequestNoRetryHandler.Singleton);
        sdkHttpClient.setRedirectStrategy(new NeverFollowRedirectStrategy());
        if (clientConfiguration.getLocalAddress() != null) {
            ConnRouteParams.setLocalAddress(basicHttpParams, clientConfiguration.getLocalAddress());
        }
        try {
            Scheme scheme = new Scheme("http", 80, PlainSocketFactory.getSocketFactory());
            SSLSocketFactory sslSocketFactory = clientConfiguration.getApacheHttpClientConfig().getSslSocketFactory();
            if (sslSocketFactory == null) {
                sslSocketFactory = new SdkTLSSocketFactory(SSLContext.getDefault(), SSLSocketFactory.STRICT_HOSTNAME_VERIFIER);
            }
            Scheme scheme2 = new Scheme("https", 443, sslSocketFactory);
            SchemeRegistry schemeRegistry = createPoolingClientConnManager.getSchemeRegistry();
            schemeRegistry.register(scheme);
            schemeRegistry.register(scheme2);
            if (System.getProperty(SDKGlobalConfiguration.DISABLE_CERT_CHECKING_SYSTEM_PROPERTY) != null) {
                sdkHttpClient.getConnectionManager().getSchemeRegistry().register(new Scheme("https", 443, new TrustingSocketFactory()));
            }
            String proxyHost = clientConfiguration.getProxyHost();
            int proxyPort = clientConfiguration.getProxyPort();
            if (proxyHost != null && proxyPort > 0) {
                AmazonHttpClient.log.info("Configuring Proxy. Proxy Host: " + proxyHost + " Proxy Port: " + proxyPort);
                HttpHost httpHost = new HttpHost(proxyHost, proxyPort);
                sdkHttpClient.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY, httpHost);
                String proxyUsername = clientConfiguration.getProxyUsername();
                String proxyPassword = clientConfiguration.getProxyPassword();
                String proxyDomain = clientConfiguration.getProxyDomain();
                String proxyWorkstation = clientConfiguration.getProxyWorkstation();
                if (proxyUsername != null && proxyPassword != null) {
                    sdkHttpClient.getCredentialsProvider().setCredentials(new AuthScope(proxyHost, proxyPort), new NTCredentials(proxyUsername, proxyPassword, proxyWorkstation, proxyDomain));
                }
                if (clientConfiguration.isPreemptiveBasicProxyAuth()) {
                    sdkHttpClient.addRequestInterceptor(new PreemptiveProxyAuth(httpHost), 0);
                }
            }
            if (clientConfiguration.useGzip()) {
                sdkHttpClient.addRequestInterceptor(new HttpRequestInterceptor() { // from class: com.amazonaws.http.HttpClientFactory.1
                    @Override // org.apache.http.HttpRequestInterceptor
                    public void process(HttpRequest httpRequest, HttpContext httpContext) throws HttpException, IOException {
                        if (httpRequest.containsHeader("Accept-Encoding")) {
                            return;
                        }
                        httpRequest.addHeader("Accept-Encoding", "gzip");
                    }
                });
                sdkHttpClient.addResponseInterceptor(new HttpResponseInterceptor() { // from class: com.amazonaws.http.HttpClientFactory.2
                    @Override // org.apache.http.HttpResponseInterceptor
                    public void process(org.apache.http.HttpResponse httpResponse, HttpContext httpContext) throws HttpException, IOException {
                        Header contentEncoding;
                        HttpEntity entity = httpResponse.getEntity();
                        if (entity == null || (contentEncoding = entity.getContentEncoding()) == null) {
                            return;
                        }
                        for (HeaderElement headerElement : contentEncoding.getElements()) {
                            if (headerElement.getName().equalsIgnoreCase("gzip")) {
                                httpResponse.setEntity(new GzipDecompressingEntity(httpResponse.getEntity()));
                                return;
                            }
                        }
                    }
                });
            }
            return sdkHttpClient;
        } catch (NoSuchAlgorithmException e) {
            throw new AmazonClientException("Unable to access default SSL context", e);
        }
    }
}
