package org.jetbrains.idea.svn.auth;

import com.intellij.openapi.application.ModalityState;
import com.intellij.openapi.diagnostic.Logger;
import com.intellij.openapi.ui.MessageType;
import com.intellij.openapi.ui.popup.util.PopupUtil;
import com.intellij.openapi.util.Ref;
import com.intellij.openapi.util.text.StringUtil;
import com.intellij.util.ArrayUtilRt;
import com.intellij.util.WaitForProgressToShow;
import com.intellij.util.net.HttpConfigurable;
import com.intellij.util.net.IdeHttpClientHelpers;
import com.intellij.util.net.ssl.CertificateManager;
import com.intellij.util.proxy.CommonProxy;
import java.io.IOException;
import java.net.Authenticator;
import java.net.InetSocketAddress;
import java.net.MalformedURLException;
import java.net.PasswordAuthentication;
import java.net.Proxy;
import java.net.URI;
import java.net.URL;
import java.nio.file.Path;
import java.security.KeyManagementException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.function.Supplier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.TrustManager;
import org.apache.http.client.HttpClient;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.config.SocketConfig;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.jetbrains.annotations.Nls;
import org.jetbrains.annotations.NonNls;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.jetbrains.idea.svn.SvnBundle;
import org.jetbrains.idea.svn.SvnConfiguration;
import org.jetbrains.idea.svn.SvnVcs;
import org.jetbrains.idea.svn.api.Url;
import org.jetbrains.idea.svn.commandLine.SvnBindException;
import org.jetbrains.idea.svn.dialogs.SimpleCredentialsDialog;
import org.sqlite.core.Codes;

/* loaded from: input_file:org/jetbrains/idea/svn/auth/AuthenticationService.class */
public final class AuthenticationService {
    private static final Logger LOG = Logger.getInstance(AuthenticationService.class);

    @NonNls
    private static final String FATAL_HANDSHAKE_FAILURE_ERROR = "received fatal alert: handshake_failure";

    @NonNls
    private static final String SSL_V3_PROTOCOL = "SSLv3";

    @NonNls
    private static final String TLS_V1_PROTOCOL = "TLSv1";

    @NonNls
    private static final String TERMINAL_SSL_SERVER_AUTH_KIND = "terminal.ssl.server";

    @NotNull
    private final SvnVcs myVcs;
    private final boolean myIsActive;
    private boolean myProxyCredentialsWereReturned;

    @NotNull
    private final SvnConfiguration myConfiguration;
    private final Set<String> myRequestedCredentials;

    public AuthenticationService(@NotNull SvnVcs svnVcs, boolean z) {
        if (svnVcs == null) {
            $$$reportNull$$$0(0);
        }
        this.myVcs = svnVcs;
        this.myIsActive = z;
        this.myConfiguration = this.myVcs.getSvnConfiguration();
        this.myRequestedCredentials = new HashSet();
    }

    @NotNull
    public SvnVcs getVcs() {
        SvnVcs svnVcs = this.myVcs;
        if (svnVcs == null) {
            $$$reportNull$$$0(1);
        }
        return svnVcs;
    }

    public boolean isActive() {
        return this.myIsActive;
    }

    @Nullable
    public AuthenticationData requestCredentials(Url url, String str) {
        AuthenticationData authenticationData = null;
        if (url != null) {
            String decodedString = url.toDecodedString();
            authenticationData = (AuthenticationData) requestCredentials(decodedString, str, () -> {
                return this.myConfiguration.getInteractiveManager(this.myVcs).getProvider().requestClientAuthentication(str, url, decodedString, true);
            });
        }
        if (authenticationData == null) {
            LOG.warn("Could not get authentication. Type - " + str + ", Url - " + url);
        }
        return authenticationData;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Nullable
    private <T> T requestCredentials(@NotNull String str, @NotNull String str2, @NotNull Supplier<T> supplier) {
        if (str == null) {
            $$$reportNull$$$0(2);
        }
        if (str2 == null) {
            $$$reportNull$$$0(3);
        }
        if (supplier == null) {
            $$$reportNull$$$0(4);
        }
        T t = null;
        Object dataWithLowerCheck = SvnConfiguration.RUNTIME_AUTH_CACHE.getDataWithLowerCheck(str2, str);
        String key = SvnConfiguration.AuthStorage.getKey(str2, str);
        if (dataWithLowerCheck != 0 && !this.myRequestedCredentials.contains(key)) {
            t = dataWithLowerCheck;
            this.myRequestedCredentials.add(key);
        } else if (this.myIsActive) {
            t = supplier.get();
            if (t != null) {
                this.myConfiguration.acknowledge(str2, str, t);
                this.myRequestedCredentials.add(key);
            }
        }
        return t;
    }

    @Nullable
    public String requestSshCredentials(@NotNull String str, @NotNull SimpleCredentialsDialog.Mode mode, @NotNull String str2) {
        if (str == null) {
            $$$reportNull$$$0(5);
        }
        if (mode == null) {
            $$$reportNull$$$0(6);
        }
        if (str2 == null) {
            $$$reportNull$$$0(7);
        }
        return (String) requestCredentials(str, StringUtil.toLowerCase(mode.toString()), () -> {
            Ref ref = new Ref();
            WaitForProgressToShow.runOrInvokeAndWaitAboveProgress(() -> {
                SimpleCredentialsDialog simpleCredentialsDialog = new SimpleCredentialsDialog(this.myVcs.getProject());
                simpleCredentialsDialog.setup(mode, str, str2, true);
                simpleCredentialsDialog.setTitle(SvnBundle.message("dialog.title.authentication.required", new Object[0]));
                simpleCredentialsDialog.setSaveEnabled(false);
                if (simpleCredentialsDialog.showAndGet()) {
                    ref.set(simpleCredentialsDialog.getPassword());
                }
            }, ModalityState.any());
            return (String) ref.get();
        });
    }

    @NotNull
    public AcceptResult acceptCertificate(@NotNull Url url, @NotNull String str) {
        AcceptResult acceptServerAuthentication;
        if (url == null) {
            $$$reportNull$$$0(8);
        }
        if (str == null) {
            $$$reportNull$$$0(9);
        }
        String decodedString = url.toDecodedString();
        Object dataWithLowerCheck = SvnConfiguration.RUNTIME_AUTH_CACHE.getDataWithLowerCheck(TERMINAL_SSL_SERVER_AUTH_KIND, decodedString);
        if (dataWithLowerCheck != null) {
            acceptServerAuthentication = (AcceptResult) dataWithLowerCheck;
        } else {
            acceptServerAuthentication = getAuthenticationManager().getProvider().acceptServerAuthentication(url, decodedString, str, true);
            if (!AcceptResult.REJECTED.equals(acceptServerAuthentication)) {
                this.myConfiguration.acknowledge(TERMINAL_SSL_SERVER_AUTH_KIND, decodedString, acceptServerAuthentication);
            }
        }
        AcceptResult acceptResult = acceptServerAuthentication;
        if (acceptResult == null) {
            $$$reportNull$$$0(10);
        }
        return acceptResult;
    }

    public boolean acceptSSLServerCertificate(@Nullable Url url) throws SvnBindException {
        if (url == null) {
            return false;
        }
        try {
            getClient(url).execute(new HttpGet(url.toDecodedString()));
            return true;
        } catch (IOException e) {
            throw new SvnBindException(fixMessage(e), e);
        }
    }

    @Nls
    @Nullable
    private static String fixMessage(@NotNull IOException iOException) {
        if (iOException == null) {
            $$$reportNull$$$0(11);
        }
        String str = null;
        if (iOException instanceof SSLHandshakeException) {
            if (StringUtil.containsIgnoreCase(iOException.getMessage(), FATAL_HANDSHAKE_FAILURE_ERROR)) {
                str = iOException.getMessage() + ". " + SvnBundle.message("label.specify.ssl.protocol.manually", new Object[0]);
            } else if (iOException.getCause() != null) {
                str = iOException.getCause().getMessage();
            }
        }
        return str;
    }

    @NotNull
    private HttpClient getClient(@NotNull Url url) {
        if (url == null) {
            $$$reportNull$$$0(12);
        }
        SSLConnectionSocketFactory sSLConnectionSocketFactory = new SSLConnectionSocketFactory(createSslContext(url), ArrayUtilRt.toStringArray(getSupportedSslProtocols()), (String[]) null, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        RequestConfig.Builder custom = RequestConfig.custom();
        BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
        if (haveDataForTmpConfig()) {
            IdeHttpClientHelpers.ApacheHttpClient4.setProxyIfEnabled(custom);
            IdeHttpClientHelpers.ApacheHttpClient4.setProxyCredentialsIfEnabled(basicCredentialsProvider);
        }
        CloseableHttpClient build = HttpClients.custom().setSSLSocketFactory(sSLConnectionSocketFactory).setDefaultSocketConfig(SocketConfig.custom().setSoTimeout(getAuthenticationManager().getReadTimeout(url)).build()).setDefaultRequestConfig(custom.setConnectTimeout(getAuthenticationManager().getConnectTimeout(url)).build()).setDefaultCredentialsProvider(basicCredentialsProvider).build();
        if (build == null) {
            $$$reportNull$$$0(13);
        }
        return build;
    }

    @NotNull
    private List<String> getSupportedSslProtocols() {
        ArrayList arrayList = new ArrayList();
        switch (this.myConfiguration.getSslProtocols()) {
            case sslv3:
                arrayList.add(SSL_V3_PROTOCOL);
                break;
            case tlsv1:
                arrayList.add(TLS_V1_PROTOCOL);
                break;
        }
        if (arrayList == null) {
            $$$reportNull$$$0(14);
        }
        return arrayList;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @NotNull
    private SSLContext createSslContext(@NotNull Url url) {
        if (url == null) {
            $$$reportNull$$$0(15);
        }
        SSLContext systemSslContext = CertificateManager.getSystemSslContext();
        try {
            systemSslContext.init(CertificateManager.getDefaultKeyManagers(), new TrustManager[]{new CertificateTrustManager(this, url)}, null);
        } catch (KeyManagementException e) {
            LOG.error(e);
        }
        if (systemSslContext == null) {
            $$$reportNull$$$0(16);
        }
        return systemSslContext;
    }

    @NotNull
    public SvnAuthenticationManager getAuthenticationManager() {
        SvnAuthenticationManager interactiveManager = isActive() ? this.myConfiguration.getInteractiveManager(this.myVcs) : this.myConfiguration.getPassiveAuthenticationManager(this.myVcs);
        if (interactiveManager == null) {
            $$$reportNull$$$0(17);
        }
        return interactiveManager;
    }

    public boolean haveDataForTmpConfig() {
        HttpConfigurable httpConfigurable = HttpConfigurable.getInstance();
        return this.myConfiguration.isUseDefaultProxy() && (httpConfigurable.USE_HTTP_PROXY || httpConfigurable.USE_PROXY_PAC);
    }

    @Nullable
    public static Proxy getIdeaDefinedProxy(@NotNull Url url) {
        if (url == null) {
            $$$reportNull$$$0(18);
        }
        CommonProxy.getInstance().removeNoProxy(url.getProtocol(), url.getHost(), url.getPort());
        List<Proxy> select = CommonProxy.getInstance().select(URI.create(url.toString()));
        if (select.isEmpty()) {
            return null;
        }
        for (Proxy proxy : select) {
            if (HttpConfigurable.isRealProxy(proxy) && Proxy.Type.HTTP.equals(proxy.type())) {
                return proxy;
            }
        }
        return null;
    }

    @Nullable
    public PasswordAuthentication getProxyAuthentication(@NotNull Url url) {
        if (url == null) {
            $$$reportNull$$$0(19);
        }
        Proxy ideaDefinedProxy = getIdeaDefinedProxy(url);
        PasswordAuthentication passwordAuthentication = null;
        if (ideaDefinedProxy != null) {
            if (this.myProxyCredentialsWereReturned) {
                showFailedAuthenticateProxy();
            } else {
                passwordAuthentication = getProxyAuthentication(ideaDefinedProxy, url);
                this.myProxyCredentialsWereReturned = passwordAuthentication != null;
            }
        }
        return passwordAuthentication;
    }

    private static void showFailedAuthenticateProxy() {
        HttpConfigurable httpConfigurable = HttpConfigurable.getInstance();
        PopupUtil.showBalloonForActiveComponent((httpConfigurable.USE_HTTP_PROXY || httpConfigurable.USE_PROXY_PAC) ? SvnBundle.message("popup.content.failed.to.authenticate.to.proxy.change.credentials", new Object[0]) : SvnBundle.message("popup.content.failed.to.authenticate.to.proxy", new Object[0]), MessageType.ERROR);
    }

    @Nullable
    private static PasswordAuthentication getProxyAuthentication(@NotNull Proxy proxy, @NotNull Url url) {
        if (proxy == null) {
            $$$reportNull$$$0(20);
        }
        if (url == null) {
            $$$reportNull$$$0(21);
        }
        PasswordAuthentication passwordAuthentication = null;
        try {
            passwordAuthentication = Authenticator.requestPasswordAuthentication(url.getHost(), ((InetSocketAddress) proxy.address()).getAddress(), url.getPort(), url.getProtocol(), url.getHost(), url.getProtocol(), new URL(url.toString()), Authenticator.RequestorType.PROXY);
        } catch (MalformedURLException e) {
            LOG.info(e);
        }
        return passwordAuthentication;
    }

    public void reset() {
    }

    @NotNull
    public Path getSpecialConfigDir() {
        Path configurationPath = this.myConfiguration.getConfigurationPath();
        if (configurationPath == null) {
            $$$reportNull$$$0(22);
        }
        return configurationPath;
    }

    private static /* synthetic */ void $$$reportNull$$$0(int i) {
        String str;
        int i2;
        switch (i) {
            case 0:
            case 2:
            case 3:
            case 4:
            case 5:
            case Codes.SQLITE_LOCKED /* 6 */:
            case Codes.SQLITE_NOMEM /* 7 */:
            case Codes.SQLITE_READONLY /* 8 */:
            case Codes.SQLITE_INTERRUPT /* 9 */:
            case Codes.SQLITE_CORRUPT /* 11 */:
            case Codes.SQLITE_NOTFOUND /* 12 */:
            case Codes.SQLITE_PROTOCOL /* 15 */:
            case Codes.SQLITE_TOOBIG /* 18 */:
            case Codes.SQLITE_CONSTRAINT /* 19 */:
            case Codes.SQLITE_MISMATCH /* 20 */:
            case Codes.SQLITE_MISUSE /* 21 */:
            default:
                str = "Argument for @NotNull parameter '%s' of %s.%s must not be null";
                break;
            case 1:
            case 10:
            case Codes.SQLITE_FULL /* 13 */:
            case Codes.SQLITE_CANTOPEN /* 14 */:
            case Codes.SQLITE_EMPTY /* 16 */:
            case Codes.SQLITE_SCHEMA /* 17 */:
            case Codes.SQLITE_NOLFS /* 22 */:
                str = "@NotNull method %s.%s must not return null";
                break;
        }
        switch (i) {
            case 0:
            case 2:
            case 3:
            case 4:
            case 5:
            case Codes.SQLITE_LOCKED /* 6 */:
            case Codes.SQLITE_NOMEM /* 7 */:
            case Codes.SQLITE_READONLY /* 8 */:
            case Codes.SQLITE_INTERRUPT /* 9 */:
            case Codes.SQLITE_CORRUPT /* 11 */:
            case Codes.SQLITE_NOTFOUND /* 12 */:
            case Codes.SQLITE_PROTOCOL /* 15 */:
            case Codes.SQLITE_TOOBIG /* 18 */:
            case Codes.SQLITE_CONSTRAINT /* 19 */:
            case Codes.SQLITE_MISMATCH /* 20 */:
            case Codes.SQLITE_MISUSE /* 21 */:
            default:
                i2 = 3;
                break;
            case 1:
            case 10:
            case Codes.SQLITE_FULL /* 13 */:
            case Codes.SQLITE_CANTOPEN /* 14 */:
            case Codes.SQLITE_EMPTY /* 16 */:
            case Codes.SQLITE_SCHEMA /* 17 */:
            case Codes.SQLITE_NOLFS /* 22 */:
                i2 = 2;
                break;
        }
        Object[] objArr = new Object[i2];
        switch (i) {
            case 0:
            default:
                objArr[0] = "vcs";
                break;
            case 1:
            case 10:
            case Codes.SQLITE_FULL /* 13 */:
            case Codes.SQLITE_CANTOPEN /* 14 */:
            case Codes.SQLITE_EMPTY /* 16 */:
            case Codes.SQLITE_SCHEMA /* 17 */:
            case Codes.SQLITE_NOLFS /* 22 */:
                objArr[0] = "org/jetbrains/idea/svn/auth/AuthenticationService";
                break;
            case 2:
            case 5:
                objArr[0] = "realm";
                break;
            case 3:
                objArr[0] = "type";
                break;
            case 4:
                objArr[0] = "fromUserProvider";
                break;
            case Codes.SQLITE_LOCKED /* 6 */:
                objArr[0] = "mode";
                break;
            case Codes.SQLITE_NOMEM /* 7 */:
                objArr[0] = "key";
                break;
            case Codes.SQLITE_READONLY /* 8 */:
            case Codes.SQLITE_PROTOCOL /* 15 */:
            case Codes.SQLITE_TOOBIG /* 18 */:
                objArr[0] = "url";
                break;
            case Codes.SQLITE_INTERRUPT /* 9 */:
                objArr[0] = "certificateInfo";
                break;
            case Codes.SQLITE_CORRUPT /* 11 */:
                objArr[0] = "e";
                break;
            case Codes.SQLITE_NOTFOUND /* 12 */:
            case Codes.SQLITE_CONSTRAINT /* 19 */:
            case Codes.SQLITE_MISUSE /* 21 */:
                objArr[0] = "repositoryUrl";
                break;
            case Codes.SQLITE_MISMATCH /* 20 */:
                objArr[0] = "proxy";
                break;
        }
        switch (i) {
            case 0:
            case 2:
            case 3:
            case 4:
            case 5:
            case Codes.SQLITE_LOCKED /* 6 */:
            case Codes.SQLITE_NOMEM /* 7 */:
            case Codes.SQLITE_READONLY /* 8 */:
            case Codes.SQLITE_INTERRUPT /* 9 */:
            case Codes.SQLITE_CORRUPT /* 11 */:
            case Codes.SQLITE_NOTFOUND /* 12 */:
            case Codes.SQLITE_PROTOCOL /* 15 */:
            case Codes.SQLITE_TOOBIG /* 18 */:
            case Codes.SQLITE_CONSTRAINT /* 19 */:
            case Codes.SQLITE_MISMATCH /* 20 */:
            case Codes.SQLITE_MISUSE /* 21 */:
            default:
                objArr[1] = "org/jetbrains/idea/svn/auth/AuthenticationService";
                break;
            case 1:
                objArr[1] = "getVcs";
                break;
            case 10:
                objArr[1] = "acceptCertificate";
                break;
            case Codes.SQLITE_FULL /* 13 */:
                objArr[1] = "getClient";
                break;
            case Codes.SQLITE_CANTOPEN /* 14 */:
                objArr[1] = "getSupportedSslProtocols";
                break;
            case Codes.SQLITE_EMPTY /* 16 */:
                objArr[1] = "createSslContext";
                break;
            case Codes.SQLITE_SCHEMA /* 17 */:
                objArr[1] = "getAuthenticationManager";
                break;
            case Codes.SQLITE_NOLFS /* 22 */:
                objArr[1] = "getSpecialConfigDir";
                break;
        }
        switch (i) {
            case 0:
            default:
                objArr[2] = "<init>";
                break;
            case 1:
            case 10:
            case Codes.SQLITE_FULL /* 13 */:
            case Codes.SQLITE_CANTOPEN /* 14 */:
            case Codes.SQLITE_EMPTY /* 16 */:
            case Codes.SQLITE_SCHEMA /* 17 */:
            case Codes.SQLITE_NOLFS /* 22 */:
                break;
            case 2:
            case 3:
            case 4:
                objArr[2] = "requestCredentials";
                break;
            case 5:
            case Codes.SQLITE_LOCKED /* 6 */:
            case Codes.SQLITE_NOMEM /* 7 */:
                objArr[2] = "requestSshCredentials";
                break;
            case Codes.SQLITE_READONLY /* 8 */:
            case Codes.SQLITE_INTERRUPT /* 9 */:
                objArr[2] = "acceptCertificate";
                break;
            case Codes.SQLITE_CORRUPT /* 11 */:
                objArr[2] = "fixMessage";
                break;
            case Codes.SQLITE_NOTFOUND /* 12 */:
                objArr[2] = "getClient";
                break;
            case Codes.SQLITE_PROTOCOL /* 15 */:
                objArr[2] = "createSslContext";
                break;
            case Codes.SQLITE_TOOBIG /* 18 */:
                objArr[2] = "getIdeaDefinedProxy";
                break;
            case Codes.SQLITE_CONSTRAINT /* 19 */:
            case Codes.SQLITE_MISMATCH /* 20 */:
            case Codes.SQLITE_MISUSE /* 21 */:
                objArr[2] = "getProxyAuthentication";
                break;
        }
        String format = String.format(str, objArr);
        switch (i) {
            case 0:
            case 2:
            case 3:
            case 4:
            case 5:
            case Codes.SQLITE_LOCKED /* 6 */:
            case Codes.SQLITE_NOMEM /* 7 */:
            case Codes.SQLITE_READONLY /* 8 */:
            case Codes.SQLITE_INTERRUPT /* 9 */:
            case Codes.SQLITE_CORRUPT /* 11 */:
            case Codes.SQLITE_NOTFOUND /* 12 */:
            case Codes.SQLITE_PROTOCOL /* 15 */:
            case Codes.SQLITE_TOOBIG /* 18 */:
            case Codes.SQLITE_CONSTRAINT /* 19 */:
            case Codes.SQLITE_MISMATCH /* 20 */:
            case Codes.SQLITE_MISUSE /* 21 */:
            default:
                throw new IllegalArgumentException(format);
            case 1:
            case 10:
            case Codes.SQLITE_FULL /* 13 */:
            case Codes.SQLITE_CANTOPEN /* 14 */:
            case Codes.SQLITE_EMPTY /* 16 */:
            case Codes.SQLITE_SCHEMA /* 17 */:
            case Codes.SQLITE_NOLFS /* 22 */:
                throw new IllegalStateException(format);
        }
    }
}
