package io.jshift.kit.build.service.docker.access.hc.http;

import io.jshift.kit.build.service.docker.access.KeyStoreUtil;
import io.jshift.kit.build.service.docker.access.hc.util.ClientBuilder;
import io.jshift.kit.build.service.docker.config.handler.property.PropertyConfigHandler;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import javax.net.ssl.SSLContext;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.HttpClientConnectionManager;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.BasicHttpClientConnectionManager;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.ssl.TrustStrategy;

/* loaded from: input_file:io/jshift/kit/build/service/docker/access/hc/http/HttpClientBuilder.class */
public class HttpClientBuilder implements ClientBuilder {
    private final String certPath;
    private final int maxConnections;

    public HttpClientBuilder(String str, int i) {
        this.certPath = str;
        this.maxConnections = i;
    }

    @Override // io.jshift.kit.build.service.docker.access.hc.util.ClientBuilder
    public CloseableHttpClient buildPooledClient() throws IOException {
        org.apache.http.impl.client.HttpClientBuilder custom = HttpClients.custom();
        custom.setConnectionManager(getPooledConnectionFactory(this.certPath, this.maxConnections));
        return custom.build();
    }

    @Override // io.jshift.kit.build.service.docker.access.hc.util.ClientBuilder
    public CloseableHttpClient buildBasicClient() throws IOException {
        return HttpClients.custom().setConnectionManager(getBasicConnectionFactory(this.certPath)).build();
    }

    private static HttpClientConnectionManager getPooledConnectionFactory(String str, int i) throws IOException {
        PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = str != null ? new PoolingHttpClientConnectionManager(getSslFactoryRegistry(str)) : new PoolingHttpClientConnectionManager();
        poolingHttpClientConnectionManager.setDefaultMaxPerRoute(i);
        poolingHttpClientConnectionManager.setMaxTotal(i);
        return poolingHttpClientConnectionManager;
    }

    private static HttpClientConnectionManager getBasicConnectionFactory(String str) throws IOException {
        return str != null ? new BasicHttpClientConnectionManager(getSslFactoryRegistry(str)) : new BasicHttpClientConnectionManager();
    }

    private static Registry<ConnectionSocketFactory> getSslFactoryRegistry(String str) throws IOException {
        try {
            KeyStore createDockerKeyStore = KeyStoreUtil.createDockerKeyStore(str);
            SSLContext build = SSLContexts.custom().setProtocol("TLS").loadKeyMaterial(createDockerKeyStore, PropertyConfigHandler.DEFAULT_PREFIX.toCharArray()).loadTrustMaterial(createDockerKeyStore, (TrustStrategy) null).build();
            String str2 = System.getenv("DOCKER_TLS_VERIFY");
            return RegistryBuilder.create().register("https", (str2 == null || str2.equals("0") || str2.equals("false")) ? new SSLConnectionSocketFactory(build, NoopHostnameVerifier.INSTANCE) : new SSLConnectionSocketFactory(build)).build();
        } catch (GeneralSecurityException e) {
            throw new IOException(e);
        }
    }
}
