package aQute.bnd.connection.settings;

import aQute.bnd.exceptions.Exceptions;
import aQute.bnd.header.Attrs;
import aQute.bnd.header.Parameters;
import aQute.bnd.http.HttpClient;
import aQute.bnd.osgi.Constants;
import aQute.bnd.osgi.Processor;
import aQute.bnd.service.url.ProxyHandler;
import aQute.bnd.service.url.URLConnectionHandler;
import aQute.bnd.url.BasicAuthentication;
import aQute.bnd.url.BearerAuthentication;
import aQute.bnd.url.HttpsVerification;
import aQute.bnd.util.home.Home;
import aQute.lib.collections.Iterables;
import aQute.lib.concurrentinit.ConcurrentInitialize;
import aQute.lib.converter.Converter;
import aQute.lib.hex.Hex;
import aQute.lib.io.IO;
import aQute.lib.mavenpasswordobfuscator.MavenPasswordObfuscator;
import aQute.lib.strings.Strings;
import aQute.lib.xpath.XPathParser;
import aQute.libg.glob.Glob;
import aQute.libg.uri.URIUtil;
import aQute.service.reporter.Reporter;
import java.io.File;
import java.net.InetAddress;
import java.net.InterfaceAddress;
import java.net.NetworkInterface;
import java.net.SocketException;
import java.net.URL;
import java.net.URLConnection;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Formatter;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Objects;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import org.apache.logging.log4j.util.ProcessIdUtil;
import org.osgi.service.dmt.Uri;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xml.sax.SAXParseException;

/* loaded from: input_file:aQute/bnd/connection/settings/ConnectionSettings.class */
public class ConnectionSettings {
    static final Logger logger;
    public static final String M2_SETTINGS_SECURITY_XML = "~/.m2/settings-security.xml";
    public static final String M2_SETTINGS_SECURITY_PROPERTY = "settings.security";
    private static final String M2_SETTINGS_XML = "~/.m2/settings.xml";
    private static final String BND_CONNECTION_SETTINGS_XML;
    private static final String CONNECTION_SETTINGS = "-connection-settings";
    private final Processor processor;
    private final HttpClient client;
    private final ConcurrentInitialize<String> mavenMasterPassphrase;
    private static final Pattern URI_P;
    static final /* synthetic */ boolean $assertionsDisabled;
    private final List<ServerDTO> servers = new ArrayList();
    private final List<String> parsed = new ArrayList();

    /* loaded from: input_file:aQute/bnd/connection/settings/ConnectionSettings$MasterPassphrase.class */
    private static final class MasterPassphrase extends ConcurrentInitialize<String> {
        private final Processor processor;

        MasterPassphrase(Processor processor) {
            this.processor = processor;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // aQute.lib.concurrentinit.ConcurrentInitialize
        public String create() throws Exception {
            String property = System.getProperty(ConnectionSettings.M2_SETTINGS_SECURITY_PROPERTY, ConnectionSettings.M2_SETTINGS_SECURITY_XML);
            File file = IO.getFile(property);
            if (!file.isFile()) {
                ConnectionSettings.logger.info("No Maven security settings file {}", property);
                return null;
            }
            String parse = new XPathParser(file).parse("/settingsSecurity/master");
            if (parse == null || parse.isEmpty()) {
                this.processor.warning("Found Maven security settings file %s but not master password in it", property);
                return null;
            }
            if (!MavenPasswordObfuscator.isObfuscatedPassword(parse)) {
                this.processor.warning("Master password in %s was not obfuscated, using actual value", property);
                return parse;
            }
            try {
                return MavenPasswordObfuscator.decrypt(parse, ConnectionSettings.M2_SETTINGS_SECURITY_PROPERTY);
            } catch (Exception e) {
                this.processor.exception(e, "Could not decrypt the master password from %s with key %s", property, ConnectionSettings.M2_SETTINGS_SECURITY_PROPERTY);
                return null;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:aQute/bnd/connection/settings/ConnectionSettings$SettingsProxyHandler.class */
    public static final class SettingsProxyHandler implements ProxyHandler {
        private final ProxyDTO proxyDTO;
        private List<Glob> globs;
        private ProxyHandler.ProxySetup proxySetup;

        SettingsProxyHandler(ProxyDTO proxyDTO) {
            this.proxyDTO = proxyDTO;
        }

        /* JADX WARN: Failed to find 'out' block for switch in B:16:0x007b. Please report as an issue. */
        /* JADX WARN: Removed duplicated region for block: B:20:0x00df A[RETURN] */
        /* JADX WARN: Removed duplicated region for block: B:22:0x00e1  */
        @Override // aQute.bnd.service.url.ProxyHandler
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        public aQute.bnd.service.url.ProxyHandler.ProxySetup forURL(java.net.URL r7) throws java.lang.Exception {
            /*
                Method dump skipped, instructions count: 364
                To view this dump add '--comments-level debug' option
            */
            throw new UnsupportedOperationException("Method not decompiled: aQute.bnd.connection.settings.ConnectionSettings.SettingsProxyHandler.forURL(java.net.URL):aQute.bnd.service.url.ProxyHandler$ProxySetup");
        }

        private boolean isNonProxyHost(String str) {
            if (str == null) {
                return false;
            }
            return getNonProxyHosts().stream().anyMatch(glob -> {
                return glob.matcher(str).matches();
            });
        }

        private List<Glob> getNonProxyHosts() {
            if (this.globs != null) {
                return this.globs;
            }
            if (this.proxyDTO.nonProxyHosts == null) {
                List<Glob> emptyList = Collections.emptyList();
                this.globs = emptyList;
                return emptyList;
            }
            List<Glob> list = (List) Processor.split(this.proxyDTO.nonProxyHosts, "\\s*\\|\\s*").stream().map(Glob::new).collect(Collectors.toList());
            this.globs = list;
            return list;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:aQute/bnd/connection/settings/ConnectionSettings$SettingsURLConnectionHandler.class */
    public static final class SettingsURLConnectionHandler implements URLConnectionHandler {
        private final Glob match;
        private final URLConnectionHandler handler;
        private final URLConnectionHandler https;
        private final int maxConcurrentConnections;

        SettingsURLConnectionHandler(ServerDTO serverDTO, Processor processor) {
            this.match = new Glob(serverDTO.match != null ? serverDTO.match : serverDTO.id);
            this.maxConcurrentConnections = serverDTO.maxConcurrentConnections;
            if (serverDTO.password == null) {
                this.handler = null;
            } else if (serverDTO.username != null) {
                this.handler = new BasicAuthentication(serverDTO.username, serverDTO.password, processor);
            } else {
                this.handler = new BearerAuthentication(serverDTO.password, processor);
            }
            boolean z = (serverDTO.trust == null || serverDTO.trust.isEmpty()) ? false : true;
            if (!serverDTO.verify || z) {
                this.https = new HttpsVerification(serverDTO.trust, serverDTO.verify, processor);
            } else {
                this.https = null;
            }
        }

        @Override // aQute.bnd.service.url.URLConnectionHandler
        public boolean matches(URL url) {
            return this.match.matcher(ConnectionSettings.normalize(url.toString())).matches();
        }

        @Override // aQute.bnd.service.url.URLConnectionHandler
        public void handle(URLConnection uRLConnection) throws Exception {
            if (this.handler != null) {
                this.handler.handle(uRLConnection);
            }
            if (this.https == null || !isHttps(uRLConnection)) {
                return;
            }
            this.https.handle(uRLConnection);
        }

        @Override // aQute.bnd.service.url.URLConnectionHandler
        public int maxConcurrentConnections() {
            return this.maxConcurrentConnections;
        }

        private boolean isHttps(URLConnection uRLConnection) {
            return "https".equalsIgnoreCase(uRLConnection.getURL().getProtocol());
        }

        public String toString() {
            return "Server [ match=" + this.match + ", handler=" + this.handler + ", maxConcurrentConnections=" + this.maxConcurrentConnections + ", https=" + this.https + "]";
        }
    }

    public ConnectionSettings(Processor processor, HttpClient httpClient) throws Exception {
        this.processor = (Processor) Objects.requireNonNull(processor);
        this.client = httpClient;
        String property = processor.getProperty(Constants.CONNECTION_LOG);
        if (Strings.nonNullOrEmpty(property)) {
            File file = IO.getFile(property);
            file.getParentFile().mkdirs();
            this.client.setLog(file);
        }
        this.mavenMasterPassphrase = new MasterPassphrase(processor);
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:23:0x00a1. Please report as an issue. */
    /* JADX WARN: Failed to find 'out' block for switch in B:34:0x00f3. Please report as an issue. */
    public void readSettings() throws Exception {
        Parameters parameters = new Parameters(this.processor.mergeProperties("-connection-settings"), this.processor);
        if (parameters.isEmpty()) {
            File file = IO.getFile(BND_CONNECTION_SETTINGS_XML);
            if (!file.isFile()) {
                file = IO.getFile(M2_SETTINGS_XML);
                if (!file.isFile()) {
                    return;
                }
            }
            parse(file);
            return;
        }
        ArrayList arrayList = new ArrayList();
        try {
            for (Map.Entry<String, Attrs> entry : parameters.entrySet()) {
                String key = entry.getKey();
                if (!"false".equalsIgnoreCase(key)) {
                    boolean z = false;
                    if (key.startsWith(ProcessIdUtil.DEFAULT_PROCESSID)) {
                        z = true;
                        key = key.substring(1);
                    }
                    String str = key;
                    boolean z2 = -1;
                    switch (str.hashCode()) {
                        case 97688:
                            if (str.equals(Constants.BNDDRIVER_BND)) {
                                z2 = true;
                                break;
                            }
                            break;
                        case 100589:
                            if (str.equals("env")) {
                                z2 = 2;
                                break;
                            }
                            break;
                        case 103670155:
                            if (str.equals(Constants.BNDDRIVER_MAVEN)) {
                                z2 = false;
                                break;
                            }
                            break;
                    }
                    switch (z2) {
                        case false:
                            key = M2_SETTINGS_XML;
                            break;
                        case true:
                            key = BND_CONNECTION_SETTINGS_XML;
                            break;
                        case true:
                            String str2 = entry.getValue().get("var");
                            if (str2 == null) {
                                this.processor.error("Specified -connection-settings: %s, with 'env' but the 'var' parameter was not found", parameters);
                                break;
                            } else {
                                String str3 = System.getenv(str2);
                                if (str3 != null) {
                                    File createTempFile = File.createTempFile(str2, ".xml");
                                    IO.store(str3, createTempFile);
                                    key = IO.absolutePath(createTempFile);
                                    arrayList.add(createTempFile);
                                    break;
                                } else if (!z) {
                                    this.processor.error("Specified -connection-settings: %s, but no such environment variable %s is found", parameters, str2);
                                    break;
                                }
                            }
                            break;
                    }
                    String removeDuplicateMarker = Processor.removeDuplicateMarker(key);
                    if ("server".equals(removeDuplicateMarker)) {
                        parseServer(entry.getValue());
                    } else {
                        File file2 = this.processor.getFile(removeDuplicateMarker);
                        if (file2.isFile()) {
                            parse(file2);
                        } else if (!z) {
                            Reporter.SetLocation error = this.processor.error("Specified -connection-settings: %s, but no such file or is directory", file2);
                            Processor.FileLine header = this.processor.getHeader("-connection-settings", removeDuplicateMarker);
                            if (header != null) {
                                header.set(error);
                            }
                        }
                    }
                }
            }
        } finally {
            arrayList.forEach(IO::delete);
        }
    }

    private void parseServer(Attrs attrs) throws Exception {
        this.parsed.add("direct: " + attrs);
        ServerDTO serverDTO = (ServerDTO) Converter.cnv(ServerDTO.class, (Object) attrs);
        if (isBasicAuth(serverDTO) || isBearerAuth(serverDTO) || isPrivateKey(serverDTO) || isHttpsVerification(serverDTO)) {
            if (serverDTO.id == null) {
                serverDTO.id = "*";
            } else {
                String normalize = normalize(serverDTO.id);
                if (serverDTO.id != normalize) {
                    serverDTO.id = normalize;
                } else if (serverDTO.match == null && serverDTO.id.indexOf(42) < 0) {
                    serverDTO.match = "*" + serverDTO.id + "*";
                }
            }
            add(serverDTO);
        }
    }

    static String normalize(String str) {
        int defaultPort;
        Matcher matcher = URI_P.matcher(str);
        if (!matcher.matches()) {
            return str;
        }
        String lowerCase = matcher.group(1).toLowerCase(Locale.ROOT);
        String group = matcher.group(2);
        String group2 = matcher.group(3);
        StringBuilder sb = new StringBuilder();
        sb.append(lowerCase).append(':').append('/').append('/').append(group);
        if (group2 != null && ((defaultPort = URIUtil.getDefaultPort(lowerCase)) < 0 || !group2.equals(Integer.toString(defaultPort)))) {
            sb.append(':').append(group2);
        }
        return sb.toString();
    }

    private boolean isPrivateKey(ServerDTO serverDTO) {
        return (isEmpty(serverDTO.privateKey) || isEmpty(serverDTO.passphrase)) ? false : true;
    }

    private boolean isBasicAuth(ServerDTO serverDTO) {
        return (isEmpty(serverDTO.username) || isEmpty(serverDTO.password)) ? false : true;
    }

    private boolean isBearerAuth(ServerDTO serverDTO) {
        return isEmpty(serverDTO.username) && !isEmpty(serverDTO.password);
    }

    private boolean isHttpsVerification(ServerDTO serverDTO) {
        return !isEmpty(serverDTO.trust);
    }

    private boolean isEmpty(String str) {
        return str == null || str.trim().isEmpty();
    }

    public URLConnectionHandler createURLConnectionHandler(ServerDTO serverDTO) {
        return new SettingsURLConnectionHandler(serverDTO, this.processor);
    }

    public ProxyHandler createProxyHandler(ProxyDTO proxyDTO) {
        return new SettingsProxyHandler(proxyDTO);
    }

    private void parse(File file) throws Exception {
        String str;
        try {
            if (!$assertionsDisabled && file == null) {
                throw new AssertionError("File must be set");
            }
            if (!$assertionsDisabled && !file.isFile()) {
                throw new AssertionError("File must be a file and exist");
            }
            this.parsed.add(file.getAbsolutePath());
            SettingsDTO settings = new SettingsParser(file).getSettings();
            for (ProxyDTO proxyDTO : settings.proxies) {
                if (isActive(proxyDTO)) {
                    add(proxyDTO);
                }
            }
            ServerDTO serverDTO = null;
            for (ServerDTO serverDTO2 : settings.servers) {
                String normalize = normalize(serverDTO2.id);
                if (serverDTO2.id != normalize) {
                    serverDTO2.id = normalize;
                } else if (serverDTO2.match == null && serverDTO2.id.indexOf(42) < 0) {
                    serverDTO2.match = "*" + serverDTO2.id + "*";
                }
                serverDTO2.trust = makeAbsolute(file.getParentFile(), serverDTO2.trust);
                if (MavenPasswordObfuscator.isObfuscatedPassword(serverDTO2.password) && (str = this.mavenMasterPassphrase.get()) != null) {
                    try {
                        serverDTO2.password = MavenPasswordObfuscator.decrypt(serverDTO2.password, str);
                    } catch (Exception e) {
                        this.processor.exception(e, "Could not decrypt the password for server %s", serverDTO2.id);
                    }
                }
                if ("default".equals(serverDTO2.id)) {
                    serverDTO = serverDTO2;
                } else {
                    add(serverDTO2);
                }
            }
            if (serverDTO != null) {
                add(serverDTO);
            }
        } catch (SAXParseException e2) {
            this.processor.error("Invalid XML in connection settings for file : %s: %s", file, e2.getMessage());
        }
    }

    private boolean isActive(ProxyDTO proxyDTO) throws SocketException {
        if (!proxyDTO.active) {
            return false;
        }
        String str = proxyDTO.mask;
        if (str == null) {
            return true;
        }
        for (String str2 : str.split(Processor.LIST_SPLITTER)) {
            try {
                String[] split = str2.split("\\s*:\\s*");
                Glob glob = new Glob(split[0]);
                byte[] bArr = null;
                int i = 0;
                if (split.length > 1) {
                    String[] split2 = split[1].split(Uri.PATH_SEPARATOR);
                    bArr = InetAddress.getByName(split2[0]).getAddress();
                    i = split2.length > 1 ? Integer.parseInt(split2[1]) : bArr.length * 8;
                }
                for (NetworkInterface networkInterface : Iterables.iterable(NetworkInterface.getNetworkInterfaces())) {
                    if (networkInterface != null && networkInterface.isUp()) {
                        if (glob.matcher(networkInterface.getName()).matches()) {
                            if (bArr == null) {
                                return true;
                            }
                            for (InterfaceAddress interfaceAddress : networkInterface.getInterfaceAddresses()) {
                                byte[] address = interfaceAddress.getAddress().getAddress();
                                if (bArr.length == address.length && (i == 0 || interfaceAddress.getNetworkPrefixLength() == i)) {
                                    if (Arrays.equals(bArr, address)) {
                                        return true;
                                    }
                                }
                            }
                        }
                    }
                }
            } catch (Exception e) {
                this.processor.exception(e, "Failed to parse proxy 'mask' clause in settings: %s", str2);
            }
        }
        return false;
    }

    public static String makeAbsolute(File file, String str) {
        if (str == null || str.trim().isEmpty()) {
            return null;
        }
        return (String) Processor.split(str).stream().map(str2 -> {
            return resolve(file, str2);
        }).collect(Collectors.joining(","));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String resolve(File file, String str) {
        return IO.getFile(file, str).getPath();
    }

    public void add(ServerDTO serverDTO) {
        this.servers.add(serverDTO);
        if (this.client != null) {
            this.client.addURLConnectionHandler(createURLConnectionHandler(serverDTO));
        }
    }

    public void add(ProxyDTO proxyDTO) {
        if (this.client != null) {
            this.client.addProxyHandler(createProxyHandler(proxyDTO));
        }
    }

    public List<ServerDTO> getServerDTOs() {
        return this.servers;
    }

    public List<String> getParsedFiles() {
        return this.parsed;
    }

    public void report(Formatter formatter) {
        formatter.format("-connection-settings          %s%n", this.processor.getProperty("-connection-settings", "<>"));
        formatter.format("Parsed files:%n", new Object[0]);
        getParsedFiles().forEach(str -> {
            formatter.format("   %s%n", str);
        });
        getServerDTOs().forEach(serverDTO -> {
            formatter.format("%n", new Object[0]);
            formatter.format("Id                  %s%n", serverDTO.id);
            formatter.format("Username            %s%n", serverDTO.username);
            Object[] objArr = new Object[1];
            objArr[0] = serverDTO.password == null ? "<>" : "*******";
            formatter.format("Password            %s%n", objArr);
            Object[] objArr2 = new Object[1];
            objArr2[0] = serverDTO.privateKey == null ? "<>" : "*******";
            formatter.format("Private Key         %s%n", objArr2);
            Object[] objArr3 = new Object[1];
            objArr3[0] = serverDTO.passphrase == null ? "<>" : "*******";
            formatter.format("Passphrase          %s%n", objArr3);
            if (serverDTO.trust == null || serverDTO.trust.trim().isEmpty()) {
                return;
            }
            formatter.format("Trust%n", new Object[0]);
            for (String str2 : Strings.split(serverDTO.trust)) {
                try {
                    File file = new File(str2);
                    if (file.isFile()) {
                        formatter.format("    %s%n", file);
                        ArrayList<X509Certificate> arrayList = new ArrayList();
                        HttpsVerification.getCertificates(str2, arrayList);
                        for (X509Certificate x509Certificate : arrayList) {
                            formatter.format("        Subject     %s%n", x509Certificate.getSubjectDN());
                            formatter.format("        Serial Nr   %s%n", Hex.separated(x509Certificate.getSerialNumber().toByteArray(), ":"));
                            formatter.format("        Issuer      %s%n", x509Certificate.getIssuerDN());
                            formatter.format("        Type        %s%n", x509Certificate.getType());
                            try {
                                x509Certificate.checkValidity();
                                formatter.format("        Valid       yes%n", new Object[0]);
                            } catch (Exception e) {
                                formatter.format("        Valid       %s%n", e.getMessage());
                            }
                        }
                    } else {
                        formatter.format("    %s NO SUCH FILE%n", file);
                    }
                } catch (Exception e2) {
                    formatter.format("        Unexpected connection settings  '%s'%n", Exceptions.causes(e2));
                }
            }
            formatter.format("Verify              %s%n", Boolean.valueOf(serverDTO.verify));
        });
    }

    static {
        $assertionsDisabled = !ConnectionSettings.class.desiredAssertionStatus();
        logger = LoggerFactory.getLogger((Class<?>) ConnectionSettings.class);
        BND_CONNECTION_SETTINGS_XML = Home.getUserHomeBnd() + "/connection-settings.xml";
        URI_P = Pattern.compile("([^:/?#]+)://([^:/?#]+)(?::([^:/?#]+))?.*");
    }
}
