package org.pkl.core.http;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.lang.invoke.MethodHandle;
import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.net.ConnectException;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
import java.nio.ByteBuffer;
import java.nio.file.Files;
import java.nio.file.NoSuchFileException;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.time.Duration;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import javax.annotation.concurrent.ThreadSafe;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.TrustManagerFactory;
import org.pkl.core.util.ErrorMessages;
import org.pkl.core.util.Exceptions;

/* JADX INFO: Access modifiers changed from: package-private */
@ThreadSafe
/* loaded from: input_file:org/pkl/core/http/JdkHttpClient.class */
public final class JdkHttpClient implements HttpClient {
    final java.net.http.HttpClient underlying;
    private static final MethodHandle closeMethod;

    /* JADX INFO: Access modifiers changed from: package-private */
    public JdkHttpClient(List<Path> list, List<ByteBuffer> list2, Duration duration, java.net.ProxySelector proxySelector) {
        this.underlying = java.net.http.HttpClient.newBuilder().sslContext(createSslContext(list, list2)).connectTimeout(duration).proxy(proxySelector).followRedirects(HttpClient.Redirect.NORMAL).build();
    }

    @Override // org.pkl.core.http.HttpClient
    public <T> HttpResponse<T> send(HttpRequest httpRequest, HttpResponse.BodyHandler<T> bodyHandler) throws IOException {
        try {
            return this.underlying.send(httpRequest, bodyHandler);
        } catch (InterruptedException e) {
            Thread.currentThread().interrupt();
            throw new IOException(e);
        } catch (ConnectException e2) {
            throw new ConnectException(ErrorMessages.create("errorConnectingToHost", httpRequest.uri().getHost()));
        } catch (SSLHandshakeException e3) {
            throw new SSLHandshakeException(ErrorMessages.create("errorSslHandshake", httpRequest.uri().getHost(), Exceptions.getRootReason(e3)));
        } catch (SSLException e4) {
            throw new SSLException(Exceptions.getRootReason(e4));
        }
    }

    @Override // org.pkl.core.http.HttpClient, java.lang.AutoCloseable
    public void close() {
        try {
            (void) closeMethod.invoke(this.underlying);
        } catch (Error | RuntimeException e) {
            throw e;
        } catch (Throwable th) {
            throw new AssertionError(th);
        }
    }

    private static SSLContext createSslContext(List<Path> list, List<ByteBuffer> list2) {
        try {
            if (list.isEmpty() && list2.isEmpty()) {
                return SSLContext.getDefault();
            }
            List<Certificate> gatherCertificates = gatherCertificates(CertificateFactory.getInstance("X.509"), list, list2);
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null);
            for (int i = 0; i < gatherCertificates.size(); i++) {
                keyStore.setCertificateEntry("Certificate" + i, gatherCertificates.get(i));
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX");
            trustManagerFactory.init(keyStore);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
            return sSLContext;
        } catch (IOException | GeneralSecurityException e) {
            throw new HttpClientInitException(ErrorMessages.create("cannotInitHttpClient", Exceptions.getRootReason(e)), e);
        }
    }

    private static List<Certificate> gatherCertificates(CertificateFactory certificateFactory, List<Path> list, List<ByteBuffer> list2) {
        ArrayList arrayList = new ArrayList();
        for (Path path : list) {
            try {
                InputStream newInputStream = Files.newInputStream(path, new OpenOption[0]);
                try {
                    collectCertificates(arrayList, certificateFactory, newInputStream, path);
                    if (newInputStream != null) {
                        newInputStream.close();
                    }
                } finally {
                }
            } catch (NoSuchFileException e) {
                throw new HttpClientInitException(ErrorMessages.create("cannotFindCertFile", path));
            } catch (IOException e2) {
                throw new HttpClientInitException(ErrorMessages.create("cannotReadCertFile", Exceptions.getRootReason(e2)));
            }
        }
        Iterator<ByteBuffer> it = list2.iterator();
        while (it.hasNext()) {
            collectCertificates(arrayList, certificateFactory, new ByteArrayInputStream(it.next().array()), "<unavailable>");
        }
        return arrayList;
    }

    private static void collectCertificates(ArrayList<Certificate> arrayList, CertificateFactory certificateFactory, InputStream inputStream, Object obj) {
        try {
            Collection<? extends Certificate> generateCertificates = certificateFactory.generateCertificates(inputStream);
            if (generateCertificates.isEmpty()) {
                throw new HttpClientInitException(ErrorMessages.create("emptyCertFile", obj));
            }
            arrayList.addAll(generateCertificates);
        } catch (CertificateException e) {
            throw new HttpClientInitException(ErrorMessages.create("cannotParseCertFile", obj, Exceptions.getRootReason(e)));
        }
    }

    static {
        MethodHandle empty;
        MethodType methodType = MethodType.methodType((Class<?>) Void.TYPE, (Class<?>) java.net.http.HttpClient.class);
        try {
            empty = MethodHandles.publicLookup().findVirtual(java.net.http.HttpClient.class, "close", methodType);
        } catch (IllegalAccessException | NoSuchMethodException e) {
            empty = MethodHandles.empty(methodType);
        }
        closeMethod = empty;
    }
}
