package fr.in2p3.cc.commons.coloss;

import com.sun.security.auth.callback.TextCallbackHandler;
import fr.in2p3.cc.commons.krb5remctl.JaasKrb5KeytabConfiguration;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.KeyStore;
import java.security.Principal;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.Credentials;
import org.apache.http.client.HttpResponseException;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.ssl.TrustStrategy;
import org.apache.http.util.EntityUtils;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: input_file:fr/in2p3/cc/commons/coloss/ColossClient.class */
public class ColossClient {
    private CloseableHttpClient client;
    protected URI address;
    private LoginContext loginContext;

    public ColossClient(URI uri, String str, String str2) throws Exception {
        this.client = null;
        this.address = null;
        this.loginContext = null;
        SSLContext build = new SSLContextBuilder().loadTrustMaterial((KeyStore) null, new TrustStrategy() { // from class: fr.in2p3.cc.commons.coloss.ColossClient.1
            public boolean isTrusted(X509Certificate[] x509CertificateArr, String str3) throws CertificateException {
                return true;
            }
        }).build();
        HttpClientBuilder create = HttpClientBuilder.create();
        create.setSSLContext(build);
        create.setConnectionManager(new PoolingHttpClientConnectionManager(RegistryBuilder.create().register("http", PlainConnectionSocketFactory.INSTANCE).register("https", new SSLConnectionSocketFactory(build, NoopHostnameVerifier.INSTANCE)).build()));
        Credentials credentials = new Credentials() { // from class: fr.in2p3.cc.commons.coloss.ColossClient.2
            @Override // org.apache.http.auth.Credentials
            public String getPassword() {
                return null;
            }

            @Override // org.apache.http.auth.Credentials
            public Principal getUserPrincipal() {
                return null;
            }
        };
        BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
        basicCredentialsProvider.setCredentials(new AuthScope(null, -1, null), credentials);
        create.setDefaultCredentialsProvider(basicCredentialsProvider);
        this.client = create.build();
        this.address = uri;
        this.loginContext = new LoginContext("Krb5LoginModule", (Subject) null, new TextCallbackHandler(), new JaasKrb5KeytabConfiguration(str2, str));
        this.loginContext.login();
    }

    public CloseableHttpClient getClient() {
        return this.client;
    }

    public URI getAddress() {
        return this.address;
    }

    public LoginContext getLoginContext() {
        return this.loginContext;
    }

    public JSONObject get(String str) throws JSONException, IOException, URISyntaxException, PrivilegedActionException {
        return request(new HttpGet(str));
    }

    public JSONObject post(String str, JSONObject jSONObject) throws JSONException, IOException, URISyntaxException, PrivilegedActionException {
        HttpPost httpPost = new HttpPost(str);
        httpPost.setHeader("Content-Type", "application/json");
        httpPost.setEntity(new StringEntity(jSONObject.toString()));
        return request(httpPost);
    }

    private JSONObject request(HttpRequestBase httpRequestBase) throws JSONException, IOException, URISyntaxException, PrivilegedActionException {
        httpRequestBase.setURI(new URIBuilder(String.valueOf(getAddress().toString()) + httpRequestBase.getURI().toString()).build());
        CloseableHttpResponse query = query(httpRequestBase);
        processResponseErrors(query);
        return new JSONObject(EntityUtils.toString(query.getEntity()));
    }

    private void processResponseErrors(CloseableHttpResponse closeableHttpResponse) throws HttpResponseException {
        int statusCode = closeableHttpResponse.getStatusLine().getStatusCode();
        if (statusCode < 200 || statusCode > 299) {
            throw new HttpResponseException(statusCode, closeableHttpResponse.getStatusLine().getReasonPhrase());
        }
    }

    private CloseableHttpResponse query(final HttpUriRequest httpUriRequest) throws PrivilegedActionException {
        return (CloseableHttpResponse) Subject.doAs(getLoginContext().getSubject(), new PrivilegedExceptionAction<CloseableHttpResponse>() { // from class: fr.in2p3.cc.commons.coloss.ColossClient.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public CloseableHttpResponse run() throws Exception {
                return ColossClient.this.getClient().execute(httpUriRequest);
            }
        });
    }
}
