package com.helger.pd.client;

import com.helger.commons.ValueEnforcer;
import com.helger.commons.annotation.Nonempty;
import com.helger.commons.string.StringHelper;
import com.helger.commons.url.EURLProtocol;
import com.helger.httpclient.HttpClientSettings;
import com.helger.httpclient.security.PrivateKeyStrategyFromAliasCaseInsensitive;
import com.helger.httpclient.security.TrustStrategyTrustAll;
import com.helger.peppol.utils.PeppolKeyStoreHelper;
import com.helger.security.keystore.LoadedKey;
import com.helger.security.keystore.LoadedKeyStore;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import javax.annotation.Nonnull;
import org.apache.hc.client5.http.auth.UsernamePasswordCredentials;
import org.apache.hc.core5.http.HttpHost;
import org.apache.hc.core5.ssl.SSLContexts;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/phoss-directory-client-0.12.0.jar:com/helger/pd/client/PDHttpClientSettings.class */
public class PDHttpClientSettings extends HttpClientSettings {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) PDHttpClientSettings.class);

    public PDHttpClientSettings(@Nonnull @Nonempty String str) {
        resetToConfiguration(str);
    }

    public final void resetToConfiguration(@Nonnull @Nonempty String str) {
        ValueEnforcer.notEmpty(str, "TargetURI");
        boolean isUsedInURL = EURLProtocol.HTTPS.isUsedInURL(str);
        String httpProxyHost = PDClientConfiguration.getHttpProxyHost();
        int httpProxyPort = PDClientConfiguration.getHttpProxyPort();
        if (httpProxyHost == null || httpProxyPort <= 0) {
            setProxyHost(null);
        } else {
            HttpHost httpHost = new HttpHost(httpProxyHost, httpProxyPort);
            if (LOGGER.isInfoEnabled()) {
                LOGGER.info("PD client uses proxy host " + httpHost);
            }
            setProxyHost(httpHost);
        }
        String proxyUsername = PDClientConfiguration.getProxyUsername();
        if (StringHelper.hasText(proxyUsername)) {
            LOGGER.info("PD client uses proxy credentials");
            setProxyCredentials(new UsernamePasswordCredentials(proxyUsername, PDClientConfiguration.getProxyPassword()));
        } else {
            setProxyCredentials(null);
        }
        setHostnameVerifier(null);
        setSSLContext(null);
        if (isUsedInURL) {
            if (PDClientConfiguration.isHttpsHostnameVerificationDisabled()) {
                LOGGER.info("PD client uses disabled hostname verification");
                setHostnameVerifierVerifyAll();
            }
            LoadedKeyStore loadKeyStore = PDClientConfiguration.loadKeyStore();
            if (loadKeyStore.isFailure()) {
                LOGGER.error("PD client failed to initialize keystore for service connection - can only use http now! Details: " + PeppolKeyStoreHelper.getLoadError(loadKeyStore));
            } else {
                LOGGER.info("PD client keystore successfully loaded");
                LoadedKey<KeyStore.PrivateKeyEntry> loadPrivateKey = PDClientConfiguration.loadPrivateKey(loadKeyStore.getKeyStore());
                if (loadPrivateKey.isFailure()) {
                    LOGGER.error("PD client failed to initialize key from keystore. Details: " + PeppolKeyStoreHelper.getLoadError(loadPrivateKey));
                } else {
                    LOGGER.info("PD client key successfully loaded");
                }
                LoadedKeyStore loadTrustStore = PDClientConfiguration.loadTrustStore();
                if (loadTrustStore.isFailure()) {
                    LOGGER.error("PD client failed to initialize truststore for service connection. Details: " + PeppolKeyStoreHelper.getLoadError(loadTrustStore));
                } else {
                    LOGGER.info("PD client truststore successfully loaded");
                }
                try {
                    PrivateKeyStrategyFromAliasCaseInsensitive privateKeyStrategyFromAliasCaseInsensitive = new PrivateKeyStrategyFromAliasCaseInsensitive(PDClientConfiguration.getKeyStoreKeyAlias());
                    setSSLContext(SSLContexts.custom().loadKeyMaterial(loadKeyStore.getKeyStore(), PDClientConfiguration.getKeyStoreKeyPassword(), privateKeyStrategyFromAliasCaseInsensitive).loadTrustMaterial(loadTrustStore.getKeyStore(), new TrustStrategyTrustAll()).build());
                    LOGGER.info("PD client successfully set SSL context");
                } catch (GeneralSecurityException e) {
                    throw new IllegalStateException("PD client failed to set SSL context", e);
                }
            }
        }
        setConnectTimeout(PDClientConfiguration.getConnectTimeout());
        setResponseTimeout(PDClientConfiguration.getResponseTimeout());
    }
}
