package com.github.mwiede.dockerjava.jsch;

import com.github.dockerjava.transport.DockerHttpClient;
import com.github.dockerjava.transport.SSLConfig;
import com.jcraft.jsch.IdentityRepository;
import com.jcraft.jsch.JSch;
import com.jcraft.jsch.JSchException;
import com.jcraft.jsch.OpenSSHConfig;
import com.jcraft.jsch.Session;
import com.jcraft.jsch.Slf4jLogger;
import com.jcraft.jsch.UserInfo;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.UncheckedIOException;
import java.net.InetAddress;
import java.net.URI;
import java.security.cert.X509Certificate;
import java.time.Duration;
import java.util.Collections;
import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.SSLContext;
import javax.net.ssl.X509TrustManager;
import okhttp3.Call;
import okhttp3.ConnectionPool;
import okhttp3.Dns;
import okhttp3.HttpUrl;
import okhttp3.Interceptor;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import okhttp3.ResponseBody;
import okio.BufferedSink;
import okio.Okio;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/github/mwiede/dockerjava/jsch/JschDockerHttpClient.class */
public final class JschDockerHttpClient implements DockerHttpClient {
    private static final Logger LOGGER = LoggerFactory.getLogger(JschDockerHttpClient.class);
    private static final String SOCKET_SUFFIX = ".socket";
    final OkHttpClient client;
    final OkHttpClient streamingClient;
    private final HttpUrl baseUrl;
    private Session session;
    private boolean externalSession;

    /* loaded from: input_file:com/github/mwiede/dockerjava/jsch/JschDockerHttpClient$Builder.class */
    public static final class Builder {
        private URI dockerHost = null;
        private SSLConfig sslConfig = null;
        private Duration readTimeout = null;
        private Duration connectTimeout = null;
        private Boolean retryOnConnectionFailure = null;
        final JschDockerConfig jschDockerConfig = new JschDockerConfig();

        public Builder dockerHost(URI uri) {
            this.dockerHost = (URI) Objects.requireNonNull(uri, "dockerHost");
            return this;
        }

        public Builder sslConfig(SSLConfig sSLConfig) {
            this.sslConfig = sSLConfig;
            return this;
        }

        public Builder readTimeout(Duration duration) {
            this.readTimeout = duration;
            return this;
        }

        public Builder connectTimeout(Duration duration) {
            this.connectTimeout = duration;
            return this;
        }

        Builder retryOnConnectionFailure(Boolean bool) {
            this.retryOnConnectionFailure = bool;
            return this;
        }

        public Builder useSocket(String str) {
            this.jschDockerConfig.setUseSocket(true);
            this.jschDockerConfig.setSocketPath(str);
            return this;
        }

        public Builder sshSession(Session session) {
            this.jschDockerConfig.setSession(session);
            return this;
        }

        public Builder identityFile(File file) {
            this.jschDockerConfig.setIdentityFile(file);
            return this;
        }

        public Builder identity(String str) {
            return identityFile(new File(System.getProperty("user.home") + File.separator + ".ssh" + File.separator + str));
        }

        public Builder jschConfig(Hashtable hashtable) {
            this.jschDockerConfig.setJschConfig(hashtable);
            return this;
        }

        public Builder interceptor(Interceptor interceptor) {
            this.jschDockerConfig.setInterceptor(interceptor);
            return this;
        }

        public Builder useSocket() {
            this.jschDockerConfig.setUseSocket(true);
            return this;
        }

        public Builder useSocat() {
            this.jschDockerConfig.setUseSocat(true);
            return this;
        }

        public Builder useSocat(String str) {
            this.jschDockerConfig.setUseSocat(true);
            this.jschDockerConfig.setSocketPath(str);
            return this;
        }

        public Builder socatFlags(String str) {
            this.jschDockerConfig.setSocatFlags(str);
            return this;
        }

        public Builder useTcp() {
            this.jschDockerConfig.setUseTcp(true);
            return this;
        }

        public Builder useTcp(int i) {
            this.jschDockerConfig.setUseTcp(true);
            this.jschDockerConfig.setTcpPort(Integer.valueOf(i));
            return this;
        }

        public Builder userInfo(UserInfo userInfo) {
            this.jschDockerConfig.setUserInfo(userInfo);
            return this;
        }

        public Builder identityRepository(IdentityRepository identityRepository) {
            this.jschDockerConfig.setIdentityRepository(identityRepository);
            return this;
        }

        public JschDockerHttpClient build() throws IOException, JSchException {
            Objects.requireNonNull(this.dockerHost, "dockerHost not provided");
            return new JschDockerHttpClient(this.dockerHost, this.sslConfig, this.readTimeout, this.connectTimeout, this.retryOnConnectionFailure, this.jschDockerConfig);
        }
    }

    /* loaded from: input_file:com/github/mwiede/dockerjava/jsch/JschDockerHttpClient$OkResponse.class */
    static class OkResponse implements DockerHttpClient.Response {
        static final ThreadLocal<Boolean> CLOSING = ThreadLocal.withInitial(() -> {
            return false;
        });
        private final Call call;
        private final Response response;

        OkResponse(Call call) throws IOException {
            this.call = call;
            this.response = call.execute();
        }

        public int getStatusCode() {
            return this.response.code();
        }

        public Map<String, List<String>> getHeaders() {
            return this.response.headers().toMultimap();
        }

        public InputStream getBody() {
            ResponseBody body = this.response.body();
            if (body == null) {
                return null;
            }
            return body.source().inputStream();
        }

        public void close() {
            boolean booleanValue = CLOSING.get().booleanValue();
            CLOSING.set(true);
            try {
                try {
                    this.call.cancel();
                    this.response.close();
                    CLOSING.set(Boolean.valueOf(booleanValue));
                } catch (AssertionError | Exception e) {
                    JschDockerHttpClient.LOGGER.debug("Failed to close the response", e);
                    CLOSING.set(Boolean.valueOf(booleanValue));
                }
            } catch (Throwable th) {
                CLOSING.set(Boolean.valueOf(booleanValue));
                throw th;
            }
        }
    }

    /* loaded from: input_file:com/github/mwiede/dockerjava/jsch/JschDockerHttpClient$TrustAllX509TrustManager.class */
    static class TrustAllX509TrustManager implements X509TrustManager {
        TrustAllX509TrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    private JschDockerHttpClient(URI uri, SSLConfig sSLConfig, Duration duration, Duration duration2, Boolean bool, JschDockerConfig jschDockerConfig) throws IOException, JSchException {
        this.externalSession = false;
        OkHttpClient.Builder retryOnConnectionFailure = new OkHttpClient.Builder().addNetworkInterceptor(new HijackingInterceptor()).readTimeout(0L, TimeUnit.MILLISECONDS).retryOnConnectionFailure(true);
        if (jschDockerConfig.getInterceptor() != null) {
            retryOnConnectionFailure.addInterceptor(jschDockerConfig.getInterceptor());
        }
        if (duration != null) {
            retryOnConnectionFailure.readTimeout(duration.toMillis(), TimeUnit.MILLISECONDS);
        }
        if (duration2 != null) {
            retryOnConnectionFailure.connectTimeout(duration2.toMillis(), TimeUnit.MILLISECONDS);
        }
        if (bool != null) {
            retryOnConnectionFailure.retryOnConnectionFailure(bool.booleanValue());
        }
        this.session = jschDockerConfig.getSession();
        this.externalSession = jschDockerConfig.getSession() != null;
        if (!"ssh".equals(uri.getScheme())) {
            throw new IllegalArgumentException("Wrong docker host uri (" + uri + "). This implementation only supports ssh connection scheme.");
        }
        this.session = connectSSH(uri, duration2 != null ? (int) duration2.toMillis() : 0, jschDockerConfig);
        retryOnConnectionFailure.socketFactory(new JSchSocketFactory(this.session, jschDockerConfig));
        retryOnConnectionFailure.connectionPool(new ConnectionPool(0, 1L, TimeUnit.SECONDS)).dns(str -> {
            return str.endsWith(SOCKET_SUFFIX) ? Collections.singletonList(InetAddress.getByAddress(str, new byte[]{0, 0, 0, 0})) : Dns.SYSTEM.lookup(str);
        });
        if (sSLConfig != null) {
            try {
                SSLContext sSLContext = sSLConfig.getSSLContext();
                if (sSLContext != null) {
                    retryOnConnectionFailure.sslSocketFactory(sSLContext.getSocketFactory(), new TrustAllX509TrustManager());
                }
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
        this.client = retryOnConnectionFailure.build();
        this.streamingClient = this.client.newBuilder().build();
        this.baseUrl = new HttpUrl.Builder().scheme("http").host("127.0.0.1").build();
    }

    private RequestBody toRequestBody(DockerHttpClient.Request request) {
        final InputStream body = request.body();
        if (body != null) {
            return new RequestBody() { // from class: com.github.mwiede.dockerjava.jsch.JschDockerHttpClient.1
                public MediaType contentType() {
                    return null;
                }

                public void writeTo(BufferedSink bufferedSink) throws IOException {
                    bufferedSink.writeAll(Okio.source(body));
                }
            };
        }
        if ("POST".equals(request.method())) {
            return RequestBody.create((MediaType) null, "");
        }
        return null;
    }

    public DockerHttpClient.Response execute(DockerHttpClient.Request request) {
        String httpUrl = this.baseUrl.toString();
        if (httpUrl.endsWith("/") && request.path().startsWith("/")) {
            httpUrl = httpUrl.substring(0, httpUrl.length() - 1);
        }
        Request.Builder method = new Request.Builder().url(httpUrl + request.path()).tag(DockerHttpClient.Request.class, request).method(request.method(), toRequestBody(request));
        Map headers = request.headers();
        method.getClass();
        headers.forEach(method::header);
        Call newCall = (request.hijackedInput() == null ? this.client : this.streamingClient).newCall(method.build());
        try {
            return new OkResponse(newCall);
        } catch (IOException e) {
            newCall.cancel();
            throw new UncheckedIOException("Error while executing " + request, e);
        }
    }

    public void close() {
        try {
            disconnectSSH();
            for (OkHttpClient okHttpClient : new OkHttpClient[]{this.client, this.streamingClient}) {
                okHttpClient.dispatcher().cancelAll();
                okHttpClient.dispatcher().executorService().shutdown();
                okHttpClient.connectionPool().evictAll();
            }
        } catch (Throwable th) {
            for (OkHttpClient okHttpClient2 : new OkHttpClient[]{this.client, this.streamingClient}) {
                okHttpClient2.dispatcher().cancelAll();
                okHttpClient2.dispatcher().executorService().shutdown();
                okHttpClient2.connectionPool().evictAll();
            }
            throw th;
        }
    }

    private Session connectSSH(URI uri, int i, JschDockerConfig jschDockerConfig) throws IOException, JSchException {
        if (this.session != null && this.session.isConnected()) {
            return this.session;
        }
        JSch jSch = new JSch();
        JSch.setLogger(new Slf4jLogger());
        File file = new File(System.getProperty("user.home") + File.separator + ".ssh" + File.separator + "config");
        if (file.exists()) {
            jSch.setConfigRepository(OpenSSHConfig.parseFile(file.getAbsolutePath()));
        }
        String str = System.getProperty("user.home") + File.separator + ".ssh" + File.separator + "known_hosts";
        if (new File(str).exists()) {
            jSch.setKnownHosts(str);
        }
        Session session = jSch.getSession(uri.getUserInfo(), uri.getHost(), uri.getPort() > 0 ? uri.getPort() : 22);
        if (jschDockerConfig.getJschConfig() != null) {
            session.setConfig(jschDockerConfig.getJschConfig());
        }
        if (jschDockerConfig.getIdentityFile() != null) {
            jSch.addIdentity(jschDockerConfig.getIdentityFile().getAbsolutePath());
        } else if (jschDockerConfig.getIdentityRepository() != null) {
            jSch.setIdentityRepository(jschDockerConfig.getIdentityRepository());
        }
        session.setUserInfo(jschDockerConfig.getUserInfo());
        session.connect(i);
        return session;
    }

    private void disconnectSSH() {
        if (this.externalSession) {
            return;
        }
        this.session.disconnect();
    }
}
