package com.ibm.ws.security.common.http;

import com.ibm.ejs.ras.TraceNLS;
import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.Sensitive;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.common.TraceConstants;
import com.ibm.ws.security.common.jwk.utils.JsonUtils;
import com.ibm.ws.security.common.web.CommonWebConstants;
import com.ibm.wsspi.webcontainer.util.ThreadContextHelper;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSocketFactory;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.HttpClient;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.conn.ssl.DefaultHostnameVerifier;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.util.EntityUtils;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@TraceOptions
/* loaded from: input_file:com/ibm/ws/security/common/http/HttpUtils.class */
public class HttpUtils {
    public static final TraceComponent tc = Tr.register(HttpUtils.class, (String) null, (String) null);
    static final long serialVersionUID = 79432011522465843L;

    /* loaded from: input_file:com/ibm/ws/security/common/http/HttpUtils$RequestMethod.class */
    public enum RequestMethod {
        GET,
        POST
    }

    public HttpPost createHttpPostMethod(String str, List<NameValuePair> list) {
        if (str == null) {
            return null;
        }
        HttpPost httpPost = new HttpPost(str);
        addHeadersToHttpObject(httpPost, list);
        return httpPost;
    }

    public HttpGet createHttpGetMethod(String str, List<NameValuePair> list) {
        if (str == null) {
            return null;
        }
        HttpGet httpGet = new HttpGet(str);
        addHeadersToHttpObject(httpGet, list);
        return httpGet;
    }

    void addHeadersToHttpObject(HttpRequestBase httpRequestBase, List<NameValuePair> list) {
        if (list == null) {
            return;
        }
        for (NameValuePair nameValuePair : list) {
            httpRequestBase.addHeader(nameValuePair.getName(), nameValuePair.getValue());
        }
    }

    public void debugPostToEndPoint(String str, @Sensitive List<NameValuePair> list, String str2, @Sensitive String str3, String str4, List<NameValuePair> list2) {
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "postToEndpoint: url: " + str + " headers: " + list2 + " params: ***** baUsername: " + str2 + " baPassword: " + (str3 != null ? "****" : null) + " accessToken: " + str4, new Object[0]);
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("curl -k -v");
            if (list2 != null) {
                for (NameValuePair nameValuePair : list2) {
                    stringBuffer.append(" -H \"");
                    stringBuffer.append(nameValuePair.getName());
                    stringBuffer.append(": ");
                    stringBuffer.append(nameValuePair.getValue());
                    stringBuffer.append("\"");
                }
            }
            if (list != null && list.size() > 0) {
                stringBuffer.append(" -d \"");
                Iterator<NameValuePair> it = list.iterator();
                while (it.hasNext()) {
                    NameValuePair next = it.next();
                    String name = next.getName();
                    stringBuffer.append(name);
                    stringBuffer.append("=");
                    if (name.equals("client_secret")) {
                        stringBuffer.append("*****");
                    } else {
                        stringBuffer.append(next.getValue());
                    }
                    if (it.hasNext()) {
                        stringBuffer.append("&");
                    }
                }
                stringBuffer.append("\"");
            }
            if (str2 != null && str3 != null) {
                stringBuffer.append(" -u \"");
                stringBuffer.append(str2);
                stringBuffer.append(":");
                stringBuffer.append("****");
                stringBuffer.append("\"");
            }
            if (str4 != null) {
                stringBuffer.append(" -H \"Authorization: bearer ");
                stringBuffer.append(str4);
                stringBuffer.append("\"");
            }
            stringBuffer.append(" ");
            stringBuffer.append(str);
            Tr.debug(tc, "CURL Command: " + stringBuffer.toString(), new Object[0]);
        }
    }

    public HttpClient createHttpClient(SSLSocketFactory sSLSocketFactory, String str, boolean z) {
        return createHttpClient(sSLSocketFactory, str, z, false);
    }

    public HttpClient createHttpClient(SSLSocketFactory sSLSocketFactory, String str, boolean z, boolean z2) {
        return createHttpClient(sSLSocketFactory, str, z, z2, null);
    }

    public HttpClient createHttpClientWithCookieSpec(SSLSocketFactory sSLSocketFactory, String str, boolean z, boolean z2, BasicCredentialsProvider basicCredentialsProvider) {
        CloseableHttpClient build;
        if (str != null && str.startsWith("https:")) {
            ClassLoader contextClassLoader = ThreadContextHelper.getContextClassLoader();
            ThreadContextHelper.setClassLoader(getClass().getClassLoader());
            try {
                build = createBuilder(z2).setDefaultCredentialsProvider(basicCredentialsProvider).setSSLSocketFactory(!z ? new SSLConnectionSocketFactory(sSLSocketFactory, new NoopHostnameVerifier()) : new SSLConnectionSocketFactory(sSLSocketFactory, new DefaultHostnameVerifier())).setDefaultRequestConfig(RequestConfig.custom().setCookieSpec("standard").build()).build();
                ThreadContextHelper.setClassLoader(contextClassLoader);
            } catch (Throwable th) {
                ThreadContextHelper.setClassLoader(contextClassLoader);
                throw th;
            }
        } else {
            HttpClientBuilder createBuilder = createBuilder(z2);
            if (basicCredentialsProvider != null) {
                createBuilder.setDefaultCredentialsProvider(basicCredentialsProvider);
            }
            build = createBuilder.build();
        }
        return build;
    }

    public HttpClient createHttpClient(SSLSocketFactory sSLSocketFactory, String str, boolean z, boolean z2, BasicCredentialsProvider basicCredentialsProvider) {
        CloseableHttpClient build;
        if (str != null && str.startsWith("https:")) {
            ClassLoader contextClassLoader = ThreadContextHelper.getContextClassLoader();
            ThreadContextHelper.setClassLoader(getClass().getClassLoader());
            try {
                HttpClientBuilder sSLSocketFactory2 = createBuilder(z2).setSSLSocketFactory(!z ? new SSLConnectionSocketFactory(sSLSocketFactory, new NoopHostnameVerifier()) : new SSLConnectionSocketFactory(sSLSocketFactory, new DefaultHostnameVerifier()));
                if (basicCredentialsProvider != null) {
                    sSLSocketFactory2.setDefaultCredentialsProvider(basicCredentialsProvider);
                }
                build = sSLSocketFactory2.build();
                ThreadContextHelper.setClassLoader(contextClassLoader);
            } catch (Throwable th) {
                ThreadContextHelper.setClassLoader(contextClassLoader);
                throw th;
            }
        } else {
            HttpClientBuilder createBuilder = createBuilder(z2);
            if (basicCredentialsProvider != null) {
                createBuilder.setDefaultCredentialsProvider(basicCredentialsProvider);
            }
            build = createBuilder.build();
        }
        return build;
    }

    HttpClientBuilder createBuilder(boolean z) {
        return z ? HttpClientBuilder.create().useSystemProperties() : HttpClientBuilder.create();
    }

    public BasicCredentialsProvider createCredentialsProvider(String str, @Sensitive String str2) {
        BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
        basicCredentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(str, str2));
        return basicCredentialsProvider;
    }

    public String getHttpJsonRequest(HttpClient httpClient, String str) throws SocialLoginWrapperException, IOException {
        if (httpClient != null) {
            return getHttpJsonRequestAsString(httpClient, str);
        }
        return null;
    }

    public String getHttpJsonRequest(SSLSocketFactory sSLSocketFactory, String str, boolean z, boolean z2) throws SocialLoginWrapperException, IOException {
        HttpClient createHttpClient = createHttpClient(sSLSocketFactory, str, z, z2);
        if (createHttpClient != null) {
            return getHttpJsonRequestAsString(createHttpClient, str);
        }
        return null;
    }

    String getHttpJsonRequestAsString(HttpClient httpClient, String str) throws SocialLoginWrapperException, IOException {
        return getHttpRequestAsString(httpClient, str, new ArrayList());
    }

    @FFDCIgnore({AbstractHttpResponseException.class})
    String getHttpRequestAsString(HttpClient httpClient, String str, List<NameValuePair> list) throws SocialLoginWrapperException, IOException {
        HttpGet createHttpGetMethod = createHttpGetMethod(str, list);
        ClassLoader contextClassLoader = ThreadContextHelper.getContextClassLoader();
        ThreadContextHelper.setClassLoader(getClass().getClassLoader());
        try {
            try {
                HttpResponse execute = httpClient.execute(createHttpGetMethod);
                ThreadContextHelper.setClassLoader(contextClassLoader);
                try {
                    return extractResponseAsString(execute, str);
                } catch (AbstractHttpResponseException e) {
                    throw getSocialLoginWrapperException(e);
                }
            } catch (IOException e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.security.common.http.HttpUtils", "267", this, new Object[]{httpClient, str, list});
                throw new SocialLoginWrapperException(str, 0, TraceNLS.getFormattedMessage(getClass(), TraceConstants.MESSAGE_BUNDLE, "OIDC_CLIENT_DISCOVERY_ERROR", new Object[]{str, "IOException: " + e2.getMessage() + " " + e2.getCause()}, "Error processing discovery request"), e2);
            }
        } catch (Throwable th) {
            ThreadContextHelper.setClassLoader(contextClassLoader);
            throw th;
        }
    }

    String extractResponseAsString(HttpResponse httpResponse, String str) throws IOException, AbstractHttpResponseException {
        int statusCode = httpResponse.getStatusLine().getStatusCode();
        String entityUtils = EntityUtils.toString(httpResponse.getEntity(), CommonWebConstants.UTF_8);
        if (statusCode != 200) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "status:" + statusCode + " errorMsg:" + entityUtils, new Object[0]);
            }
            throw new HttpResponseNot200Exception(str, statusCode, entityUtils);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Response: ", new Object[]{entityUtils});
        }
        if (entityUtils == null || entityUtils.isEmpty()) {
            throw new HttpResponseNullOrEmptyException(str, statusCode, "empty or null response");
        }
        return entityUtils;
    }

    private SocialLoginWrapperException getSocialLoginWrapperException(AbstractHttpResponseException abstractHttpResponseException) {
        return new SocialLoginWrapperException(abstractHttpResponseException.getUrl(), Integer.valueOf(abstractHttpResponseException.getStatusCode()).intValue(), TraceNLS.getFormattedMessage(getClass(), TraceConstants.MESSAGE_BUNDLE, "OIDC_CLIENT_DISC_RESPONSE_ERROR", new Object[]{abstractHttpResponseException.getUrl(), Integer.valueOf(abstractHttpResponseException.getStatusCode()), abstractHttpResponseException.getNlsMessage()}, "Error processing discovery request"), abstractHttpResponseException);
    }

    public String invokeUrl(RequestMethod requestMethod, String str, SSLSocketFactory sSLSocketFactory) throws Exception {
        try {
            HttpURLConnection createConnection = createConnection(requestMethod, str, sSLSocketFactory);
            String readConnectionResponse = readConnectionResponse(createConnection);
            int responseCode = createConnection.getResponseCode();
            if (responseCode != 200) {
                throw new Exception("Received unexpected " + responseCode + " response from " + requestMethod + " request sent to " + str + JsonUtils.DELIMITER);
            }
            return readConnectionResponse;
        } catch (IOException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.common.http.HttpUtils", "321", this, new Object[]{requestMethod, str, sSLSocketFactory});
            throw new Exception("Connection to URL [" + str + "] failed. " + e, e);
        }
    }

    public HttpURLConnection createConnection(RequestMethod requestMethod, String str, SSLSocketFactory sSLSocketFactory) throws IOException {
        return (str == null || !str.toLowerCase().startsWith("https")) ? getHttpConnection(requestMethod, str) : getHttpsConnection(requestMethod, str, sSLSocketFactory);
    }

    public String readConnectionResponse(HttpURLConnection httpURLConnection) throws IOException {
        InputStream responseStream = getResponseStream(httpURLConnection);
        if (responseStream == null) {
            return null;
        }
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(responseStream, CommonWebConstants.UTF_8));
        String str = "";
        while (true) {
            String str2 = str;
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                bufferedReader.close();
                return str2;
            }
            str = str2 + readLine;
        }
    }

    HttpsURLConnection getHttpsConnection(RequestMethod requestMethod, String str, SSLSocketFactory sSLSocketFactory) throws IOException {
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL(str).openConnection();
        httpsURLConnection.setSSLSocketFactory(sSLSocketFactory);
        httpsURLConnection.setRequestMethod(requestMethod.toString());
        return httpsURLConnection;
    }

    HttpURLConnection getHttpConnection(RequestMethod requestMethod, String str) throws IOException {
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(str).openConnection();
        httpURLConnection.setRequestMethod(requestMethod.toString());
        return httpURLConnection;
    }

    InputStream getResponseStream(HttpURLConnection httpURLConnection) throws IOException {
        InputStream errorStream;
        if (httpURLConnection.getResponseCode() < 400) {
            errorStream = httpURLConnection.getInputStream();
            if (errorStream == null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Failed to obtain response stream from InputStream. Getting ErrorStream instead", new Object[0]);
                }
                errorStream = httpURLConnection.getErrorStream();
            }
        } else {
            errorStream = httpURLConnection.getErrorStream();
            if (errorStream == null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Failed to obtain response stream from ErrorStream. Getting InputStream instead", new Object[0]);
                }
                errorStream = httpURLConnection.getInputStream();
            }
        }
        return errorStream;
    }

    public HttpURLConnection setHeaders(HttpURLConnection httpURLConnection, @Sensitive Map<String, String> map) {
        if (map == null) {
            return httpURLConnection;
        }
        for (Map.Entry<String, String> entry : map.entrySet()) {
            httpURLConnection.setRequestProperty(entry.getKey(), entry.getValue());
        }
        return httpURLConnection;
    }
}
