package org.mandas.docker.client.builder;

import jakarta.ws.rs.client.Client;
import jakarta.ws.rs.client.ClientBuilder;
import java.net.URI;
import java.nio.file.Paths;
import java.time.Duration;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import java.util.NoSuchElementException;
import java.util.Objects;
import java.util.Optional;
import java.util.concurrent.TimeUnit;
import org.apache.hc.client5.http.config.ConnectionConfig;
import org.apache.hc.client5.http.config.RequestConfig;
import org.apache.hc.client5.http.impl.DefaultHttpRequestRetryStrategy;
import org.apache.hc.client5.http.impl.io.BasicHttpClientConnectionManager;
import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager;
import org.apache.hc.client5.http.io.HttpClientConnectionManager;
import org.apache.hc.client5.http.socket.ConnectionSocketFactory;
import org.apache.hc.client5.http.socket.PlainConnectionSocketFactory;
import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory;
import org.apache.hc.core5.http.config.Registry;
import org.apache.hc.core5.http.config.RegistryBuilder;
import org.apache.hc.core5.util.TimeValue;
import org.apache.hc.core5.util.Timeout;
import org.glassfish.jersey.apache5.connector.Apache5ConnectorProvider;
import org.glassfish.jersey.client.ClientConfig;
import org.glassfish.jersey.client.RequestEntityProcessing;
import org.glassfish.jersey.jackson.JacksonFeature;
import org.mandas.docker.client.DefaultDockerClient;
import org.mandas.docker.client.DockerCertificates;
import org.mandas.docker.client.DockerCertificatesStore;
import org.mandas.docker.client.DockerHost;
import org.mandas.docker.client.ObjectMapperProvider;
import org.mandas.docker.client.UnixConnectionSocketFactory;
import org.mandas.docker.client.auth.ConfigFileRegistryAuthSupplier;
import org.mandas.docker.client.auth.RegistryAuthSupplier;
import org.mandas.docker.client.exceptions.DockerCertificateException;
import org.mandas.docker.client.npipe.NpipeConnectionSocketFactory;

/* loaded from: input_file:org/mandas/docker/client/builder/DockerClientBuilder.class */
public class DockerClientBuilder {
    private static String UNIX_SCHEME = "unix";
    private static String NPIPE_SCHEME = "npipe";
    private long DEFAULT_CONNECT_TIMEOUT_MILLIS;
    private long DEFAULT_READ_TIMEOUT_MILLIS;
    private int DEFAULT_CONNECTION_POOL_SIZE;
    private String ERROR_MESSAGE;
    private URI uri;
    private String apiVersion;
    private long connectTimeoutMillis;
    private long readTimeoutMillis;
    private int connectionPoolSize;
    private DockerCertificatesStore dockerCertificatesStore;
    private boolean useProxy;
    private RegistryAuthSupplier registryAuthSupplier;
    private Map<String, Object> headers;
    private Client client;
    private EntityProcessing entityProcessing;

    /* loaded from: input_file:org/mandas/docker/client/builder/DockerClientBuilder$EntityProcessing.class */
    public enum EntityProcessing {
        CHUNKED,
        BUFFERED
    }

    private ClientConfig updateProxy(ClientConfig clientConfig) {
        ProxyConfiguration proxyFromEnv = proxyFromEnv();
        if (proxyFromEnv == null) {
            return clientConfig;
        }
        String host = proxyFromEnv.host();
        clientConfig.property("jersey.config.client.proxy.uri", (!host.startsWith("http") ? "http://" : "") + host + ":" + proxyFromEnv.port());
        if (proxyFromEnv.username() != null) {
            clientConfig.property("jersey.config.client.proxy.username", proxyFromEnv.username());
        }
        if (proxyFromEnv.password() != null) {
            clientConfig.property("jersey.config.client.proxy.password", proxyFromEnv.password());
        }
        clientConfig.property("jersey.config.client.request.entity.processing", RequestEntityProcessing.BUFFERED);
        return clientConfig;
    }

    private Client createClient() {
        HttpClientConnectionManager connectionManager = getConnectionManager(this.uri, getSchemeRegistry(this.uri, this.dockerCertificatesStore), this.connectionPoolSize);
        RequestConfig build = RequestConfig.custom().setConnectionRequestTimeout(Timeout.of(Duration.ofMillis(this.connectTimeoutMillis))).setResponseTimeout(Timeout.of(Duration.ofMillis(this.readTimeoutMillis))).build();
        ClientConfig clientConfig = new ClientConfig(new Class[]{JacksonFeature.class});
        if (this.useProxy) {
            clientConfig = updateProxy(clientConfig);
        }
        clientConfig.connectorProvider(new Apache5ConnectorProvider()).property("jersey.config.apache5.client.connectionManager", connectionManager).property("jersey.config.apache5.client.connectionManagerShared", "true").property("jersey.config.apache5.client.requestConfig", build).property("jersey.config.apache5.client.retryStrategy", new DefaultHttpRequestRetryStrategy(0, TimeValue.ZERO_MILLISECONDS));
        if (this.entityProcessing != null) {
            switch (this.entityProcessing) {
                case CHUNKED:
                    clientConfig.property("jersey.config.client.request.entity.processing", RequestEntityProcessing.CHUNKED);
                    break;
                case BUFFERED:
                    clientConfig.property("jersey.config.client.request.entity.processing", RequestEntityProcessing.BUFFERED);
                    break;
                default:
                    throw new IllegalArgumentException("Invalid entity processing mode " + String.valueOf(this.entityProcessing));
            }
        }
        return ClientBuilder.newBuilder().withConfig(clientConfig).build();
    }

    public static DockerClientBuilder fromEnv() throws DockerCertificateException {
        URI uri;
        String endpointFromEnv = DockerHost.endpointFromEnv();
        Optional<DockerCertificatesStore> build = DockerCertificates.builder().dockerCertPath(Paths.get((String) Arrays.asList(DockerHost.certPathFromEnv(), DockerHost.configPathFromEnv(), DockerHost.defaultCertPath()).stream().filter(str -> {
            return str != null;
        }).findFirst().orElseThrow(() -> {
            return new NoSuchElementException("Cannot find docker certificated path");
        }), new String[0])).build();
        if (endpointFromEnv.startsWith(UNIX_SCHEME + "://")) {
            uri = URI.create(endpointFromEnv);
        } else if (endpointFromEnv.startsWith(NPIPE_SCHEME + "://")) {
            uri = URI.create(endpointFromEnv);
        } else {
            String replaceAll = endpointFromEnv.replaceAll(".*://", "");
            String str2 = build.isPresent() ? "https" : "http";
            URI create = URI.create(str2 + "://" + replaceAll);
            if (create.getPort() == -1 && create.getHost() == null) {
                create = URI.create(str2 + "://" + DockerHost.defaultAddress() + ":" + DockerHost.defaultPort());
            } else if (create.getHost() == null) {
                create = URI.create(str2 + "://" + DockerHost.defaultAddress() + ":" + create.getPort());
            } else if (create.getPort() == -1) {
                create = URI.create(str2 + "://" + create.getHost() + ":" + DockerHost.defaultPort());
            }
            uri = create;
        }
        return build.isPresent() ? new DockerClientBuilder(uri, build.get()) : new DockerClientBuilder(uri);
    }

    private DockerClientBuilder(URI uri) {
        this(uri, null);
    }

    private DockerClientBuilder(URI uri, DockerCertificatesStore dockerCertificatesStore) {
        this.DEFAULT_CONNECT_TIMEOUT_MILLIS = TimeUnit.SECONDS.toMillis(5L);
        this.DEFAULT_READ_TIMEOUT_MILLIS = TimeUnit.SECONDS.toMillis(30L);
        this.DEFAULT_CONNECTION_POOL_SIZE = 100;
        this.ERROR_MESSAGE = "LOGIC ERROR: DefaultDockerClient does not support being built with both `registryAuth` and `registryAuthSupplier`. Please build with at most one of these options.";
        this.connectTimeoutMillis = this.DEFAULT_CONNECT_TIMEOUT_MILLIS;
        this.readTimeoutMillis = this.DEFAULT_READ_TIMEOUT_MILLIS;
        this.connectionPoolSize = this.DEFAULT_CONNECTION_POOL_SIZE;
        this.useProxy = true;
        this.headers = new HashMap();
        this.uri = uri;
        this.dockerCertificatesStore = dockerCertificatesStore;
    }

    public DockerClientBuilder uri(URI uri) {
        this.uri = uri;
        return this;
    }

    public DockerClientBuilder uri(String str) {
        return uri(URI.create(str));
    }

    public DockerClientBuilder apiVersion(String str) {
        this.apiVersion = str;
        return this;
    }

    public DockerClientBuilder connectTimeoutMillis(long j) {
        this.connectTimeoutMillis = j;
        return this;
    }

    public DockerClientBuilder readTimeoutMillis(long j) {
        this.readTimeoutMillis = j;
        return this;
    }

    public DockerClientBuilder dockerCertificates(DockerCertificatesStore dockerCertificatesStore) {
        this.dockerCertificatesStore = dockerCertificatesStore;
        return this;
    }

    public DockerClientBuilder connectionPoolSize(int i) {
        this.connectionPoolSize = i;
        return this;
    }

    public DockerClientBuilder useProxy(boolean z) {
        this.useProxy = z;
        return this;
    }

    public DockerClientBuilder registryAuthSupplier(RegistryAuthSupplier registryAuthSupplier) {
        if (this.registryAuthSupplier != null) {
            throw new IllegalStateException(this.ERROR_MESSAGE);
        }
        this.registryAuthSupplier = registryAuthSupplier;
        return this;
    }

    public DockerClientBuilder header(String str, Object obj) {
        this.headers.put(str, obj);
        return this;
    }

    public URI uri() {
        return this.uri;
    }

    public DockerClientBuilder entityProcessing(EntityProcessing entityProcessing) {
        this.entityProcessing = entityProcessing;
        return this;
    }

    private String toRegExp(String str) {
        return str.replace(".", "\\.").replace("*", ".*");
    }

    private ProxyConfiguration proxyFromEnv() {
        String property = System.getProperty("http.proxyHost");
        if (property == null) {
            return null;
        }
        String property2 = System.getProperty("http.nonProxyHosts");
        if (property2 != null) {
            String[] split = property2.replaceAll("^\\s*\"", "").replaceAll("\\s*\"$", "").split("\\|");
            String str = (String) Optional.ofNullable(this.uri.getHost()).orElse("localhost");
            for (String str2 : split) {
                if (str.matches(toRegExp(str2))) {
                    return null;
                }
            }
        }
        return ProxyConfiguration.builder().host(property).port(System.getProperty("http.proxyPort")).username(System.getProperty("http.proxyUser")).password(System.getProperty("http.proxyPassword")).build();
    }

    public DefaultDockerClient build() {
        Objects.requireNonNull(this.uri, "uri");
        Objects.requireNonNull(this.uri.getScheme(), "url has null scheme");
        if (this.dockerCertificatesStore != null && !this.uri.getScheme().equals("https")) {
            throw new IllegalArgumentException("An HTTPS URI for DOCKER_HOST must be provided to use Docker client certificates");
        }
        if (this.uri.getScheme().startsWith(UNIX_SCHEME) || this.uri.getScheme().startsWith(NPIPE_SCHEME)) {
            this.useProxy = false;
        }
        this.client = createClient().register(ObjectMapperProvider.class);
        if (this.uri.getScheme().equals(UNIX_SCHEME)) {
            this.uri = UnixConnectionSocketFactory.sanitizeUri(this.uri);
        } else if (this.uri.getScheme().equals(NPIPE_SCHEME)) {
            this.uri = NpipeConnectionSocketFactory.sanitizeUri(this.uri);
        }
        if (this.registryAuthSupplier == null) {
            registryAuthSupplier(new ConfigFileRegistryAuthSupplier());
        }
        return new DefaultDockerClient(this.apiVersion, this.registryAuthSupplier, this.uri, this.client, this.headers);
    }

    private HttpClientConnectionManager getConnectionManager(URI uri, Registry<ConnectionSocketFactory> registry, int i) {
        if (uri.getScheme().equals(NPIPE_SCHEME)) {
            return new BasicHttpClientConnectionManager(registry);
        }
        ConnectionConfig build = ConnectionConfig.custom().setConnectTimeout(Timeout.of(Duration.ofMillis(this.connectTimeoutMillis))).build();
        PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager(registry);
        poolingHttpClientConnectionManager.setMaxTotal(i);
        poolingHttpClientConnectionManager.setConnectionConfigResolver(httpRoute -> {
            return build;
        });
        poolingHttpClientConnectionManager.setDefaultMaxPerRoute(poolingHttpClientConnectionManager.getMaxTotal());
        return poolingHttpClientConnectionManager;
    }

    private Registry<ConnectionSocketFactory> getSchemeRegistry(URI uri, DockerCertificatesStore dockerCertificatesStore) {
        RegistryBuilder register = RegistryBuilder.create().register("https", this.dockerCertificatesStore == null ? SSLConnectionSocketFactory.getSocketFactory() : new SSLConnectionSocketFactory(this.dockerCertificatesStore.sslContext(), this.dockerCertificatesStore.hostnameVerifier())).register("http", PlainConnectionSocketFactory.getSocketFactory());
        if (uri.getScheme().equals(UNIX_SCHEME)) {
            register.register(UNIX_SCHEME, new UnixConnectionSocketFactory(uri));
        }
        if (uri.getScheme().equals(NPIPE_SCHEME)) {
            register.register(NPIPE_SCHEME, new NpipeConnectionSocketFactory(uri));
        }
        return register.build();
    }
}
