package com.jd.httpservice.agent;

import java.io.Closeable;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.HttpClientConnectionManager;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import utils.StringUtils;
import utils.crypto.sm.GmSSLProvider;
import utils.net.SSLMode;
import utils.net.SSLSecurity;

/* loaded from: input_file:com/jd/httpservice/agent/ServiceConnectionManager.class */
public class ServiceConnectionManager implements Closeable {
    private static TrustManager trustManager = new X509TrustManager() { // from class: com.jd.httpservice.agent.ServiceConnectionManager.1
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    };
    private PoolingHttpClientConnectionManager connectionManager;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.jd.httpservice.agent.ServiceConnectionManager$2, reason: invalid class name */
    /* loaded from: input_file:com/jd/httpservice/agent/ServiceConnectionManager$2.class */
    public static /* synthetic */ class AnonymousClass2 {
        static final /* synthetic */ int[] $SwitchMap$utils$net$SSLMode = new int[SSLMode.values().length];

        static {
            try {
                $SwitchMap$utils$net$SSLMode[SSLMode.OFF.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$utils$net$SSLMode[SSLMode.ONE_WAY.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$utils$net$SSLMode[SSLMode.TWO_WAY.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    public ServiceConnectionManager() {
        this(false, new SSLSecurity());
    }

    public ServiceConnectionManager(boolean z, SSLSecurity sSLSecurity) {
        SSLMode sslMode = sSLSecurity.getSslMode(true);
        this.connectionManager = new PoolingHttpClientConnectionManager((!z || sslMode.equals(SSLMode.OFF)) ? RegistryBuilder.create().register("http", PlainConnectionSocketFactory.getSocketFactory()).register("https", createSSLIgnoreConnectionSocketFactory(sSLSecurity)).build() : sslMode.equals(SSLMode.ONE_WAY) ? RegistryBuilder.create().register("http", PlainConnectionSocketFactory.getSocketFactory()).register("https", createOneWaySSLConnectionSocketFactory(sSLSecurity)).build() : RegistryBuilder.create().register("http", PlainConnectionSocketFactory.getSocketFactory()).register("https", createTwoWaySSLConnectionSocketFactory(sSLSecurity)).build());
        setMaxTotal(100).setDefaultMaxPerRoute(20);
    }

    public static ServiceConnection connect(ServiceEndpoint serviceEndpoint) {
        return new HttpServiceConnection(serviceEndpoint, buildHttpClient(serviceEndpoint));
    }

    public static CloseableHttpClient buildHttpClient(ServiceEndpoint serviceEndpoint) {
        HttpClientBuilder custom = HttpClients.custom();
        if (serviceEndpoint.isSecure()) {
            SSLSecurity sslSecurity = serviceEndpoint.getSslSecurity();
            SSLConnectionSocketFactory sSLConnectionSocketFactory = null;
            switch (AnonymousClass2.$SwitchMap$utils$net$SSLMode[sslSecurity.getSslMode(true).ordinal()]) {
                case 1:
                    sSLConnectionSocketFactory = createSSLIgnoreConnectionSocketFactory(sslSecurity);
                    break;
                case 2:
                    sSLConnectionSocketFactory = createOneWaySSLConnectionSocketFactory(sslSecurity);
                    break;
                case 3:
                    sSLConnectionSocketFactory = createTwoWaySSLConnectionSocketFactory(sslSecurity);
                    break;
            }
            custom.setSSLSocketFactory(sSLConnectionSocketFactory);
        }
        return custom.build();
    }

    private static CloseableHttpClient createHttpClient(ServiceConnectionManager serviceConnectionManager) {
        HttpClientBuilder custom = HttpClients.custom();
        custom.setConnectionManager(serviceConnectionManager.getHttpConnectionManager()).setConnectionManagerShared(true);
        return custom.build();
    }

    private static SSLConnectionSocketFactory createSSLIgnoreConnectionSocketFactory(SSLSecurity sSLSecurity) {
        try {
            if (GmSSLProvider.isGMSSL(sSLSecurity.getProtocol())) {
                GmSSLProvider.enableGMSupport(sSLSecurity.getProtocol());
            }
            SSLContext sSLContext = SSLContext.getInstance(sSLSecurity.getProtocol());
            sSLContext.init(null, new TrustManager[]{trustManager}, null);
            return createSSLConnectionSocketFactory(sSLContext, sSLSecurity);
        } catch (Exception e) {
            throw new IllegalStateException(e.getMessage(), e);
        }
    }

    private static SSLConnectionSocketFactory createOneWaySSLConnectionSocketFactory(SSLSecurity sSLSecurity) {
        try {
            if (GmSSLProvider.isGMSSL(sSLSecurity.getProtocol())) {
                GmSSLProvider.enableGMSupport(sSLSecurity.getProtocol());
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            KeyStore keyStore = KeyStore.getInstance(sSLSecurity.getTrustStoreType());
            keyStore.load(new FileInputStream(sSLSecurity.getTrustStore()), sSLSecurity.getTrustStorePassword().toCharArray());
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            SSLContext sSLContext = SSLContext.getInstance(sSLSecurity.getProtocol());
            sSLContext.init(null, trustManagers, new SecureRandom());
            return createSSLConnectionSocketFactory(sSLContext, sSLSecurity);
        } catch (Exception e) {
            throw new IllegalStateException(e.getMessage(), e);
        }
    }

    private static SSLConnectionSocketFactory createTwoWaySSLConnectionSocketFactory(SSLSecurity sSLSecurity) {
        try {
            if (GmSSLProvider.isGMSSL(sSLSecurity.getProtocol())) {
                GmSSLProvider.enableGMSupport(sSLSecurity.getProtocol());
            }
            KeyManager[] keyManagerArr = null;
            if (!StringUtils.isEmpty(sSLSecurity.getKeyStore())) {
                KeyStore keyStore = KeyStore.getInstance(sSLSecurity.getKeyStoreType());
                keyStore.load(new FileInputStream(sSLSecurity.getKeyStore()), sSLSecurity.getKeyStorePassword().toCharArray());
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                keyManagerFactory.init(keyStore, sSLSecurity.getKeyStorePassword().toCharArray());
                keyManagerArr = keyManagerFactory.getKeyManagers();
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            KeyStore keyStore2 = KeyStore.getInstance(sSLSecurity.getTrustStoreType());
            keyStore2.load(new FileInputStream(sSLSecurity.getTrustStore()), sSLSecurity.getTrustStorePassword().toCharArray());
            trustManagerFactory.init(keyStore2);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            SSLContext sSLContext = SSLContext.getInstance(sSLSecurity.getProtocol());
            sSLContext.init(keyManagerArr, trustManagers, new SecureRandom());
            return createSSLConnectionSocketFactory(sSLContext, sSLSecurity);
        } catch (Exception e) {
            throw new IllegalStateException(e.getMessage(), e);
        }
    }

    private static SSLConnectionSocketFactory createSSLConnectionSocketFactory(SSLContext sSLContext, SSLSecurity sSLSecurity) {
        return new SSLConnectionSocketFactory(sSLContext, sSLSecurity.getEnabledProtocols(), sSLSecurity.getCiphers(), sSLSecurity.isNoopHostnameVerifier() ? NoopHostnameVerifier.INSTANCE : SSLConnectionSocketFactory.getDefaultHostnameVerifier());
    }

    public ServiceConnectionManager setMaxTotal(int i) {
        this.connectionManager.setMaxTotal(i);
        return this;
    }

    public ServiceConnectionManager setDefaultMaxPerRoute(int i) {
        this.connectionManager.setDefaultMaxPerRoute(i);
        return this;
    }

    HttpClientConnectionManager getHttpConnectionManager() {
        return this.connectionManager;
    }

    public ServiceConnection create(ServiceEndpoint serviceEndpoint) {
        return new HttpServiceConnection(serviceEndpoint, createHttpClient(this));
    }

    @Override // java.io.Closeable, java.lang.AutoCloseable
    public void close() {
        PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = this.connectionManager;
        if (poolingHttpClientConnectionManager != null) {
            this.connectionManager = null;
            poolingHttpClientConnectionManager.close();
        }
    }
}
