package com.azul.crs.client;

import com.azul.crs.client.Client;
import com.azul.crs.client.Utils;
import com.azul.crs.client.models.Payload;
import com.azul.crs.client.models.VMArtifactChunk;
import com.azul.crs.client.models.VMEvent;
import com.azul.crs.util.logging.Logger;
import java.io.BufferedReader;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.URL;
import java.net.URLConnection;
import java.nio.charset.StandardCharsets;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.Map;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:Contents/Home/lib/ext/crs-agent.jar:com/azul/crs/client/ConnectionManager.class */
public class ConnectionManager {
    private static final String AUTH_TOKEN_RESOURCE = "/crs/auth/rt/token";
    private static final String EVENT_RESOURCE = "/crs/instance/{vmId}";
    private static final String ARTIFACT_CHUNK_RESOURCE = "/crs/artifact/chunk";
    private static final String MEDIA_TYPE_TEXT_PLAIN = "text/plain";
    private static final String MEDIA_TYPE_JSON = "application/json";
    private static final String MEDIA_TYPE_BINARY = "application/octet-stream";
    private static final String HEADER_AUTHORIZATION = "Authorization";
    private static final String HEADER_CONTENT_TYPE = "Content-Type";
    private static final String HEADER_STREAM_LENGTH = "Stream-Length";
    private static final String HEADER_ACCEPT = "Accept";
    private static final String METHOD_GET = "GET";
    private static final String METHOD_POST = "POST";
    private static final String METHOD_PUT = "PUT";
    private static final String METHOD_PATCH = "PATCH";
    private static final int MAX_REQUEST_BYTES = 2097152;
    private static final int MAX_RETRIES = 3;
    private static final long RETRY_SLEEP = 100;
    private static final String YEK_IPA = "r1fhe2lVGN1EgDHH0Eg8d94tjv12e0F7a78RNysB";
    private final Logger logger = Logger.getLogger(ConnectionManager.class);
    private final String restAPI;
    private final String mailbox;
    private final ConnectionListener listener;
    private static final long TOKEN_REFRESH_TIMEOUT_MS = 300000;
    private final Client client;
    private final String keystore;
    private String runtimeToken;
    private long nextRuntimeTokenRefreshTimeCount;
    private String vmId;
    private boolean unrecoverableError;
    private SSLSocketFactory sslSocketFactoryOne;
    private SSLSocketFactory sslSocketFactoryTwo;
    private static final String UTF_8 = StandardCharsets.UTF_8.name();
    private static final Class<Payload> VOID = null;
    private static final ConnectionConsumer NONE = new ConnectionConsumer() { // from class: com.azul.crs.client.ConnectionManager.2
        @Override // com.azul.crs.client.ConnectionManager.ConnectionConsumer
        public void consume(HttpsURLConnection httpsURLConnection) throws IOException {
        }
    };

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:Contents/Home/lib/ext/crs-agent.jar:com/azul/crs/client/ConnectionManager$ConnectionConsumer.class */
    public interface ConnectionConsumer {
        void consume(HttpsURLConnection httpsURLConnection) throws IOException;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:Contents/Home/lib/ext/crs-agent.jar:com/azul/crs/client/ConnectionManager$ConnectionListener.class */
    public interface ConnectionListener {
        void authenticated();

        void syncFailed(Result<String[]> result);
    }

    @FunctionalInterface
    /* loaded from: input_file:Contents/Home/lib/ext/crs-agent.jar:com/azul/crs/client/ConnectionManager$ResponseSupplier.class */
    public interface ResponseSupplier {
        Response<String[]> get() throws IOException;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ConnectionManager(Map<Client.ClientProp, Object> map, Client client, ConnectionListener connectionListener) {
        this.client = client;
        this.listener = connectionListener;
        this.restAPI = (String) map.get(Client.ClientProp.API_URL);
        this.mailbox = (String) map.get(Client.ClientProp.API_MAILBOX);
        this.keystore = (String) map.get(Client.ClientProp.KS);
        this.logger.info("Using CRS endpoint configuration\n   API url = %s\n   mailbox = %s", this.restAPI, this.mailbox);
        if (this.keystore != null) {
            this.logger.info("   auth override keystore = %s", this.keystore);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void start() throws IOException {
        createCustomTrustManagers();
        saveRuntimeToken(getRuntimeToken(this.client.getClientVersion(), this.mailbox));
    }

    private void saveRuntimeToken(String[] strArr) {
        if (strArr.length != 2) {
            this.listener.syncFailed(new Result<>(new IOException("Protocol failure, wrong auth response")));
            return;
        }
        this.runtimeToken = strArr[0];
        this.vmId = strArr[1];
        this.listener.authenticated();
    }

    private X509TrustManager getX509TrustManager(KeyStore keyStore) throws NoSuchAlgorithmException, KeyStoreException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
            if (trustManager instanceof X509TrustManager) {
                return (X509TrustManager) trustManager;
            }
        }
        throw new NoSuchAlgorithmException();
    }

    private void createCustomTrustManagers() throws CRSException {
        try {
            char[] charArray = "crscrs".toCharArray();
            KeyStore keyStore = KeyStore.getInstance("JKS");
            InputStream resourceAsStream = this.keystore == null ? getClass().getResourceAsStream("crs.jks") : new FileInputStream(this.keystore);
            Throwable th = null;
            try {
                keyStore.load(resourceAsStream, charArray);
                if (resourceAsStream != null) {
                    if (0 != 0) {
                        try {
                            resourceAsStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        resourceAsStream.close();
                    }
                }
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("NewSunX509");
                keyManagerFactory.init(keyStore, charArray);
                final X509TrustManager x509TrustManager = getX509TrustManager(keyStore);
                final X509TrustManager x509TrustManager2 = getX509TrustManager(null);
                int length = x509TrustManager.getAcceptedIssuers().length;
                int length2 = x509TrustManager2.getAcceptedIssuers().length;
                final X509Certificate[] x509CertificateArr = new X509Certificate[length + length2];
                System.arraycopy(x509TrustManager.getAcceptedIssuers(), 0, x509CertificateArr, 0, length);
                System.arraycopy(x509TrustManager2.getAcceptedIssuers(), 0, x509CertificateArr, length, length2);
                X509TrustManager x509TrustManager3 = new X509TrustManager() { // from class: com.azul.crs.client.ConnectionManager.1
                    @Override // javax.net.ssl.X509TrustManager
                    public void checkClientTrusted(X509Certificate[] x509CertificateArr2, String str) throws CertificateException {
                        throw new CertificateException("unsupported operation");
                    }

                    @Override // javax.net.ssl.X509TrustManager
                    public void checkServerTrusted(X509Certificate[] x509CertificateArr2, String str) throws CertificateException {
                        try {
                            x509TrustManager.checkServerTrusted(x509CertificateArr2, str);
                        } catch (CertificateException e) {
                            x509TrustManager2.checkServerTrusted(x509CertificateArr2, str);
                        }
                    }

                    @Override // javax.net.ssl.X509TrustManager
                    public X509Certificate[] getAcceptedIssuers() {
                        return x509CertificateArr;
                    }
                };
                KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
                this.sslSocketFactoryOne = createSocketFactory(x509TrustManager, keyManagers);
                this.sslSocketFactoryTwo = createSocketFactory(x509TrustManager3, keyManagers);
            } finally {
            }
        } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
            this.unrecoverableError = true;
            throw new CRSException(-4, "Unrecoverable internal error: ", e);
        }
    }

    private SSLSocketFactory createSocketFactory(X509TrustManager x509TrustManager, KeyManager[] keyManagerArr) throws NoSuchAlgorithmException, KeyManagementException {
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(keyManagerArr, new TrustManager[]{x509TrustManager}, null);
        return sSLContext.getSocketFactory();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public HttpsURLConnection createConnection(String str) throws IOException {
        if (this.unrecoverableError) {
            throw new IOException("Unrecoverable error");
        }
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL(str).openConnection();
        httpsURLConnection.setUseCaches(false);
        httpsURLConnection.setConnectTimeout(30000);
        httpsURLConnection.setReadTimeout(20000);
        httpsURLConnection.setDoOutput(true);
        httpsURLConnection.setDoInput(true);
        httpsURLConnection.setRequestProperty(HEADER_CONTENT_TYPE, MEDIA_TYPE_JSON);
        httpsURLConnection.setRequestProperty("Accept", MEDIA_TYPE_TEXT_PLAIN);
        return httpsURLConnection;
    }

    private Response<String[]> requestAny(String str, String str2, ConnectionConsumer connectionConsumer, ConnectionConsumer connectionConsumer2) throws IOException {
        long currentTimeCount = Utils.currentTimeCount();
        Response<String[]> response = new Response<>();
        HttpsURLConnection createConnection = createConnection(str);
        createConnection.setSSLSocketFactory(this.sslSocketFactoryOne);
        if (str2.equals(METHOD_PATCH)) {
            createConnection.setRequestProperty("X-HTTP-Method-Override", str2);
            str2 = METHOD_POST;
        }
        createConnection.setRequestProperty(HEADER_AUTHORIZATION, "Bearer " + this.runtimeToken);
        createConnection.setRequestMethod(str2);
        connectionConsumer.consume(createConnection);
        createConnection.connect();
        PerformanceMetrics.logHandshakeTime(Utils.elapsedTimeMillis(currentTimeCount));
        try {
            connectionConsumer2.consume(createConnection);
            int responseCode = createConnection.getResponseCode();
            String responseMessage = createConnection.getResponseMessage();
            response.code(responseCode);
            response.message(responseMessage);
            this.logger.debug("requestAny response code %d", Integer.valueOf(responseCode));
            if (responseCode >= 200 && responseCode < 300) {
                response.payload(readStreamToArray(createConnection.getInputStream()));
            } else {
                if (responseCode == 401 && Utils.currentTimeCount() > this.nextRuntimeTokenRefreshTimeCount) {
                    saveRuntimeToken(refreshRuntimeToken(this.runtimeToken));
                    Response<String[]> requestAny = requestAny(str, str2, connectionConsumer, connectionConsumer2);
                    PerformanceMetrics.logNetworkTime(Utils.elapsedTimeMillis(currentTimeCount));
                    createConnection.disconnect();
                    return requestAny;
                }
                if (createConnection.getErrorStream() != null) {
                    response.error(readStream(createConnection.getErrorStream()));
                }
            }
            return response;
        } finally {
            PerformanceMetrics.logNetworkTime(Utils.elapsedTimeMillis(currentTimeCount));
            createConnection.disconnect();
        }
    }

    public Response<String[]> sendVMEventBatch(Collection<VMEvent> collection) throws IOException {
        Iterator<String> jsonArrays = Payload.toJsonArrays(collection, 2097152);
        Response<String[]> response = new Response<>();
        while (jsonArrays.hasNext()) {
            response = requestAnyJson(this.restAPI + EVENT_RESOURCE.replace("{vmId}", this.vmId), METHOD_POST, jsonArrays.next());
            if (!response.successful()) {
                break;
            }
        }
        return response;
    }

    public void requestWithRetries(ResponseSupplier responseSupplier, String str, int i, long j) {
        Result<String[]> requestWithRetriesImpl = requestWithRetriesImpl(responseSupplier, str, i, j);
        if (requestWithRetriesImpl.successful()) {
            return;
        }
        this.listener.syncFailed(requestWithRetriesImpl);
    }

    /* JADX WARN: Code restructure failed: missing block: B:16:0x009f, code lost:
    
        r8.logger.debug("Request %s aborted after %d attempt, elapsed%s", r10, java.lang.Integer.valueOf(r14), com.azul.crs.client.Utils.elapsedTimeString(r0));
     */
    /* JADX WARN: Code restructure failed: missing block: B:17:0x00c2, code lost:
    
        return r15;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private com.azul.crs.client.Result<java.lang.String[]> requestWithRetriesImpl(com.azul.crs.client.ConnectionManager.ResponseSupplier r9, java.lang.String r10, int r11, long r12) {
        /*
            Method dump skipped, instructions count: 195
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.azul.crs.client.ConnectionManager.requestWithRetriesImpl(com.azul.crs.client.ConnectionManager$ResponseSupplier, java.lang.String, int, long):com.azul.crs.client.Result");
    }

    Response<String[]> requestAnyJson(final String str, final String str2, final String str3) throws IOException {
        return requestAny(str, str2, NONE, new ConnectionConsumer() { // from class: com.azul.crs.client.ConnectionManager.3
            @Override // com.azul.crs.client.ConnectionManager.ConnectionConsumer
            public void consume(HttpsURLConnection httpsURLConnection) throws IOException {
                ConnectionManager.this.logger.debug("%s %s\n", str2, str);
                ConnectionManager.this.logger.trace("%s\n\n", str3);
                ConnectionManager.this.writeData(httpsURLConnection, str3.getBytes(ConnectionManager.UTF_8));
            }
        });
    }

    private String readStream(InputStream inputStream) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        long j = 0;
        byte[] bArr = new byte[1024];
        while (true) {
            try {
                int read = inputStream.read(bArr);
                if (read == -1) {
                    return byteArrayOutputStream.toString(UTF_8);
                }
                byteArrayOutputStream.write(bArr, 0, read);
                j += read;
            } finally {
                PerformanceMetrics.logBytes(j, 0L);
            }
        }
    }

    private String[] readStreamToArray(InputStream inputStream) throws IOException {
        LinkedList linkedList = new LinkedList();
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                return (String[]) linkedList.toArray(new String[0]);
            }
            linkedList.add(readLine);
        }
    }

    private void writeData(URLConnection uRLConnection, byte[] bArr, int i) throws IOException {
        OutputStream outputStream = uRLConnection.getOutputStream();
        Throwable th = null;
        try {
            try {
                outputStream.write(bArr, 0, i);
                PerformanceMetrics.logBytes(0L, i);
                if (outputStream != null) {
                    if (0 == 0) {
                        outputStream.close();
                        return;
                    }
                    try {
                        outputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (outputStream != null) {
                if (th != null) {
                    try {
                        outputStream.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    outputStream.close();
                }
            }
            throw th4;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void writeData(URLConnection uRLConnection, byte[] bArr) throws IOException {
        writeData(uRLConnection, bArr, bArr.length);
    }

    private Response putBinaryData(String str, ConnectionConsumer connectionConsumer) throws IOException {
        long currentTimeCount = Utils.currentTimeCount();
        Response response = new Response();
        HttpsURLConnection createConnection = createConnection(str);
        createConnection.setSSLSocketFactory(this.sslSocketFactoryTwo);
        createConnection.setRequestProperty(HEADER_CONTENT_TYPE, MEDIA_TYPE_BINARY);
        createConnection.setRequestMethod(METHOD_PUT);
        createConnection.connect();
        PerformanceMetrics.logHandshakeTime(Utils.elapsedTimeMillis(currentTimeCount));
        try {
            connectionConsumer.consume(createConnection);
            response.code(createConnection.getResponseCode());
            response.message(createConnection.getResponseMessage());
            if (!response.successful()) {
                response.error(readStream(createConnection.getErrorStream()));
            }
            return response;
        } finally {
            PerformanceMetrics.logNetworkTime(Utils.elapsedTimeMillis(currentTimeCount));
            createConnection.disconnect();
        }
    }

    public Response<String[]> sendVMArtifactChunk(VMArtifactChunk vMArtifactChunk, Client.DataWriter dataWriter) throws IOException {
        Response<String[]> requestAnyJson = requestAnyJson(this.restAPI + ARTIFACT_CHUNK_RESOURCE, METHOD_POST, vMArtifactChunk.toJson());
        if (requestAnyJson.successful() && dataWriter != null) {
            String[] payload = requestAnyJson.getPayload();
            Response putBinaryData = putBinaryData(payload[0], httpsURLConnection -> {
                dataWriter.writeData(new Utils.CountingOutputStream(httpsURLConnection.getOutputStream(), l -> {
                    PerformanceMetrics.logBytes(0L, l.longValue());
                }));
            });
            if (!putBinaryData.successful()) {
                throw new IOException("Created VM artifact chunk failed to upload data: chunkId=" + payload[1] + ", error=" + putBinaryData.getError());
            }
        }
        return requestAnyJson;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Response<String[]> retrieveRuntimeToken(HttpsURLConnection httpsURLConnection) throws IOException {
        Response<String[]> message = new Response().code(httpsURLConnection.getResponseCode()).message(httpsURLConnection.getResponseMessage());
        if (message.successful()) {
            return message.payload(readStreamToArray(httpsURLConnection.getInputStream()));
        }
        if (httpsURLConnection.getErrorStream() != null) {
            message.error(readStream(httpsURLConnection.getErrorStream()));
        }
        return message;
    }

    private String[] getRuntimeToken(final String str, final String str2) throws CRSException {
        this.logger.info("Get runtime token: clientVersion=%s, mailbox=%s", str, str2);
        final long currentTimeCount = Utils.currentTimeCount();
        this.nextRuntimeTokenRefreshTimeCount = Utils.nextTimeCount(TOKEN_REFRESH_TIMEOUT_MS);
        Result<String[]> requestWithRetriesImpl = requestWithRetriesImpl(new ResponseSupplier() { // from class: com.azul.crs.client.ConnectionManager.4
            @Override // com.azul.crs.client.ConnectionManager.ResponseSupplier
            public Response<String[]> get() throws IOException {
                long currentTimeCount2 = Utils.currentTimeCount();
                HttpsURLConnection createConnection = ConnectionManager.this.createConnection(ConnectionManager.this.restAPI + ConnectionManager.AUTH_TOKEN_RESOURCE + "?clientVersion=" + str + "&mailbox=" + str2);
                createConnection.setSSLSocketFactory(ConnectionManager.this.sslSocketFactoryOne);
                createConnection.setRequestProperty("x-api-key", ConnectionManager.YEK_IPA);
                createConnection.setRequestMethod(ConnectionManager.METHOD_GET);
                createConnection.connect();
                PerformanceMetrics.logHandshakeTime(Utils.elapsedTimeMillis(currentTimeCount2));
                try {
                    Response<String[]> retrieveRuntimeToken = ConnectionManager.this.retrieveRuntimeToken(createConnection);
                    PerformanceMetrics.logNetworkTime(Utils.elapsedTimeMillis(currentTimeCount));
                    createConnection.disconnect();
                    return retrieveRuntimeToken;
                } catch (Throwable th) {
                    PerformanceMetrics.logNetworkTime(Utils.elapsedTimeMillis(currentTimeCount));
                    createConnection.disconnect();
                    throw th;
                }
            }
        }, "getRuntimeToken", 3, 100L);
        if (requestWithRetriesImpl.successful()) {
            return requestWithRetriesImpl.getResponse().getPayload();
        }
        throw new CRSException(this.client, -2, "Cannot get runtime token: ", requestWithRetriesImpl);
    }

    private String[] refreshRuntimeToken(final String str) throws IOException {
        final long currentTimeCount = Utils.currentTimeCount();
        this.nextRuntimeTokenRefreshTimeCount = Utils.nextTimeCount(TOKEN_REFRESH_TIMEOUT_MS);
        this.logger.info("Refresh runtime token", new Object[0]);
        Result<String[]> requestWithRetriesImpl = requestWithRetriesImpl(new ResponseSupplier() { // from class: com.azul.crs.client.ConnectionManager.5
            @Override // com.azul.crs.client.ConnectionManager.ResponseSupplier
            public Response<String[]> get() throws IOException {
                long currentTimeCount2 = Utils.currentTimeCount();
                HttpsURLConnection createConnection = ConnectionManager.this.createConnection(ConnectionManager.this.restAPI + ConnectionManager.AUTH_TOKEN_RESOURCE);
                createConnection.setSSLSocketFactory(ConnectionManager.this.sslSocketFactoryOne);
                createConnection.setRequestProperty("x-api-key", ConnectionManager.YEK_IPA);
                createConnection.setRequestProperty(ConnectionManager.HEADER_CONTENT_TYPE, ConnectionManager.MEDIA_TYPE_TEXT_PLAIN);
                createConnection.setRequestMethod(ConnectionManager.METHOD_POST);
                createConnection.connect();
                PerformanceMetrics.logHandshakeTime(Utils.elapsedTimeMillis(currentTimeCount2));
                try {
                    createConnection.getOutputStream().write(str.getBytes());
                    Response<String[]> retrieveRuntimeToken = ConnectionManager.this.retrieveRuntimeToken(createConnection);
                    PerformanceMetrics.logNetworkTime(Utils.elapsedTimeMillis(currentTimeCount));
                    createConnection.disconnect();
                    return retrieveRuntimeToken;
                } catch (Throwable th) {
                    PerformanceMetrics.logNetworkTime(Utils.elapsedTimeMillis(currentTimeCount));
                    createConnection.disconnect();
                    throw th;
                }
            }
        }, "refreshRuntimeToken", 3, 100L);
        if (requestWithRetriesImpl.successful()) {
            return requestWithRetriesImpl.getResponse().getPayload();
        }
        throw new CRSException(this.client, -2, "Cannot refresh runtime token: ", requestWithRetriesImpl);
    }

    public String getVmId() {
        return this.vmId;
    }

    public String getMailbox() {
        return this.mailbox;
    }

    public String getRestAPI() {
        return this.restAPI;
    }
}
