package io.quarkus.amazon.common.runtime;

import io.netty.handler.ssl.SslProvider;
import io.quarkus.runtime.RuntimeValue;
import io.quarkus.runtime.annotations.Recorder;
import java.net.URI;
import java.time.Duration;
import java.util.Collections;
import java.util.HashSet;
import java.util.Optional;
import java.util.OptionalInt;
import software.amazon.awssdk.http.SdkHttpClient;
import software.amazon.awssdk.http.TlsKeyManagersProvider;
import software.amazon.awssdk.http.apache.ApacheHttpClient;
import software.amazon.awssdk.http.apache.ProxyConfiguration;
import software.amazon.awssdk.http.async.SdkAsyncHttpClient;
import software.amazon.awssdk.http.nio.netty.Http2Configuration;
import software.amazon.awssdk.http.nio.netty.NettyNioAsyncHttpClient;
import software.amazon.awssdk.http.nio.netty.ProxyConfiguration;
import software.amazon.awssdk.http.nio.netty.SdkEventLoopGroup;
import software.amazon.awssdk.http.urlconnection.UrlConnectionHttpClient;
import software.amazon.awssdk.utils.StringUtils;
import software.amazon.awssdk.utils.ThreadFactoryBuilder;

@Recorder
/* loaded from: input_file:io/quarkus/amazon/common/runtime/AmazonClientTransportRecorder.class */
public class AmazonClientTransportRecorder {
    public RuntimeValue<SdkAsyncHttpClient.Builder> configureAsync(String str, RuntimeValue<NettyHttpClientConfig> runtimeValue) {
        NettyNioAsyncHttpClient.Builder builder = NettyNioAsyncHttpClient.builder();
        NettyHttpClientConfig nettyHttpClientConfig = (NettyHttpClientConfig) runtimeValue.getValue();
        validateNettyClientConfig(str, nettyHttpClientConfig);
        builder.connectionAcquisitionTimeout(nettyHttpClientConfig.connectionAcquisitionTimeout);
        builder.connectionMaxIdleTime(nettyHttpClientConfig.connectionMaxIdleTime);
        builder.connectionTimeout(nettyHttpClientConfig.connectionTimeout);
        Optional<Duration> optional = nettyHttpClientConfig.connectionTimeToLive;
        builder.getClass();
        optional.ifPresent(builder::connectionTimeToLive);
        builder.maxConcurrency(Integer.valueOf(nettyHttpClientConfig.maxConcurrency));
        builder.maxPendingConnectionAcquires(Integer.valueOf(nettyHttpClientConfig.maxPendingConnectionAcquires));
        builder.protocol(nettyHttpClientConfig.protocol);
        builder.readTimeout(nettyHttpClientConfig.readTimeout);
        builder.writeTimeout(nettyHttpClientConfig.writeTimeout);
        Optional<SslProvider> optional2 = nettyHttpClientConfig.sslProvider;
        builder.getClass();
        optional2.ifPresent(builder::sslProvider);
        builder.useIdleConnectionReaper(Boolean.valueOf(nettyHttpClientConfig.useIdleConnectionReaper));
        if (nettyHttpClientConfig.http2.initialWindowSize.isPresent() || nettyHttpClientConfig.http2.maxStreams.isPresent()) {
            Http2Configuration.Builder builder2 = Http2Configuration.builder();
            OptionalInt optionalInt = nettyHttpClientConfig.http2.initialWindowSize;
            builder2.getClass();
            optionalInt.ifPresent((v1) -> {
                r1.initialWindowSize(v1);
            });
            Optional<Long> optional3 = nettyHttpClientConfig.http2.maxStreams;
            builder2.getClass();
            optional3.ifPresent(builder2::maxStreams);
            Optional<Duration> optional4 = nettyHttpClientConfig.http2.healthCheckPingPeriod;
            builder2.getClass();
            optional4.ifPresent(builder2::healthCheckPingPeriod);
            builder.http2Configuration((Http2Configuration) builder2.build());
        }
        if (nettyHttpClientConfig.proxy.enabled && nettyHttpClientConfig.proxy.endpoint.isPresent()) {
            ProxyConfiguration.Builder nonProxyHosts = ProxyConfiguration.builder().scheme(nettyHttpClientConfig.proxy.endpoint.get().getScheme()).host(nettyHttpClientConfig.proxy.endpoint.get().getHost()).nonProxyHosts(new HashSet(nettyHttpClientConfig.proxy.nonProxyHosts.orElse(Collections.emptyList())));
            if (nettyHttpClientConfig.proxy.endpoint.get().getPort() != -1) {
                nonProxyHosts.port(nettyHttpClientConfig.proxy.endpoint.get().getPort());
            }
            builder.proxyConfiguration((ProxyConfiguration) nonProxyHosts.build());
        }
        Optional<TlsKeyManagersProvider> tlsKeyManagersProvider = getTlsKeyManagersProvider(nettyHttpClientConfig.tlsManagersProvider);
        builder.getClass();
        tlsKeyManagersProvider.ifPresent(builder::tlsKeyManagersProvider);
        if (nettyHttpClientConfig.eventLoop.override) {
            SdkEventLoopGroup.Builder builder3 = SdkEventLoopGroup.builder();
            OptionalInt optionalInt2 = nettyHttpClientConfig.eventLoop.numberOfThreads;
            builder3.getClass();
            optionalInt2.ifPresent((v1) -> {
                r1.numberOfThreads(v1);
            });
            if (nettyHttpClientConfig.eventLoop.threadNamePrefix.isPresent()) {
                builder3.threadFactory(new ThreadFactoryBuilder().threadNamePrefix(nettyHttpClientConfig.eventLoop.threadNamePrefix.get()).build());
            }
            builder.eventLoopGroupBuilder(builder3);
        }
        return new RuntimeValue<>(builder);
    }

    public RuntimeValue<SdkHttpClient.Builder> configureSyncUrlConnectionHttpClient(String str, RuntimeValue<SyncHttpClientConfig> runtimeValue) {
        SyncHttpClientConfig syncHttpClientConfig = (SyncHttpClientConfig) runtimeValue.getValue();
        validateTlsManagersProvider(str, syncHttpClientConfig.tlsManagersProvider, "sync");
        UrlConnectionHttpClient.Builder builder = UrlConnectionHttpClient.builder();
        builder.connectionTimeout(syncHttpClientConfig.connectionTimeout);
        builder.socketTimeout(syncHttpClientConfig.socketTimeout);
        Optional<TlsKeyManagersProvider> tlsKeyManagersProvider = getTlsKeyManagersProvider(syncHttpClientConfig.tlsManagersProvider);
        builder.getClass();
        tlsKeyManagersProvider.ifPresent(builder::tlsKeyManagersProvider);
        return new RuntimeValue<>(builder);
    }

    public RuntimeValue<SdkHttpClient.Builder> configureSyncApacheHttpClient(String str, RuntimeValue<SyncHttpClientConfig> runtimeValue) {
        SyncHttpClientConfig syncHttpClientConfig = (SyncHttpClientConfig) runtimeValue.getValue();
        validateTlsManagersProvider(str, syncHttpClientConfig.tlsManagersProvider, "sync");
        ApacheHttpClient.Builder builder = ApacheHttpClient.builder();
        validateApacheClientConfig(str, syncHttpClientConfig);
        builder.connectionTimeout(syncHttpClientConfig.connectionTimeout);
        builder.connectionAcquisitionTimeout(syncHttpClientConfig.apache.connectionAcquisitionTimeout);
        builder.connectionMaxIdleTime(syncHttpClientConfig.apache.connectionMaxIdleTime);
        Optional<Duration> optional = syncHttpClientConfig.apache.connectionTimeToLive;
        builder.getClass();
        optional.ifPresent(builder::connectionTimeToLive);
        builder.expectContinueEnabled(Boolean.valueOf(syncHttpClientConfig.apache.expectContinueEnabled));
        builder.maxConnections(Integer.valueOf(syncHttpClientConfig.apache.maxConnections));
        builder.socketTimeout(syncHttpClientConfig.socketTimeout);
        builder.useIdleConnectionReaper(Boolean.valueOf(syncHttpClientConfig.apache.useIdleConnectionReaper));
        if (syncHttpClientConfig.apache.proxy.enabled && syncHttpClientConfig.apache.proxy.endpoint.isPresent()) {
            ProxyConfiguration.Builder endpoint = software.amazon.awssdk.http.apache.ProxyConfiguration.builder().endpoint(syncHttpClientConfig.apache.proxy.endpoint.get());
            Optional<String> optional2 = syncHttpClientConfig.apache.proxy.username;
            endpoint.getClass();
            optional2.ifPresent(endpoint::username);
            Optional<String> optional3 = syncHttpClientConfig.apache.proxy.password;
            endpoint.getClass();
            optional3.ifPresent(endpoint::password);
            syncHttpClientConfig.apache.proxy.nonProxyHosts.ifPresent(list -> {
                endpoint.getClass();
                list.forEach(endpoint::addNonProxyHost);
            });
            Optional<String> optional4 = syncHttpClientConfig.apache.proxy.ntlmDomain;
            endpoint.getClass();
            optional4.ifPresent(endpoint::ntlmDomain);
            Optional<String> optional5 = syncHttpClientConfig.apache.proxy.ntlmWorkstation;
            endpoint.getClass();
            optional5.ifPresent(endpoint::ntlmWorkstation);
            Optional<Boolean> optional6 = syncHttpClientConfig.apache.proxy.preemptiveBasicAuthenticationEnabled;
            endpoint.getClass();
            optional6.ifPresent(endpoint::preemptiveBasicAuthenticationEnabled);
            builder.proxyConfiguration((software.amazon.awssdk.http.apache.ProxyConfiguration) endpoint.build());
        }
        Optional<TlsKeyManagersProvider> tlsKeyManagersProvider = getTlsKeyManagersProvider(syncHttpClientConfig.tlsManagersProvider);
        builder.getClass();
        tlsKeyManagersProvider.ifPresent(builder::tlsKeyManagersProvider);
        return new RuntimeValue<>(builder);
    }

    private Optional<TlsKeyManagersProvider> getTlsKeyManagersProvider(TlsManagersProviderConfig tlsManagersProviderConfig) {
        return (tlsManagersProviderConfig.fileStore != null && tlsManagersProviderConfig.fileStore.path.isPresent() && tlsManagersProviderConfig.fileStore.type.isPresent()) ? Optional.of(tlsManagersProviderConfig.type.create(tlsManagersProviderConfig)) : Optional.empty();
    }

    private void validateApacheClientConfig(String str, SyncHttpClientConfig syncHttpClientConfig) {
        if (syncHttpClientConfig.apache.maxConnections <= 0) {
            throw new RuntimeConfigurationError(String.format("quarkus.%s.sync-client.max-connections may not be negative or zero.", str));
        }
        if (syncHttpClientConfig.apache.proxy.enabled) {
            syncHttpClientConfig.apache.proxy.endpoint.ifPresent(uri -> {
                validateProxyEndpoint(str, uri, "sync");
            });
        }
    }

    private void validateNettyClientConfig(String str, NettyHttpClientConfig nettyHttpClientConfig) {
        if (nettyHttpClientConfig.maxConcurrency <= 0) {
            throw new RuntimeConfigurationError(String.format("quarkus.%s.async-client.max-concurrency may not be negative or zero.", str));
        }
        if (nettyHttpClientConfig.http2.maxStreams.isPresent() && nettyHttpClientConfig.http2.maxStreams.get().longValue() <= 0) {
            throw new RuntimeConfigurationError(String.format("quarkus.%s.async-client.http2.max-streams may not be negative.", str));
        }
        if (nettyHttpClientConfig.http2.initialWindowSize.isPresent() && nettyHttpClientConfig.http2.initialWindowSize.getAsInt() <= 0) {
            throw new RuntimeConfigurationError(String.format("quarkus.%s.async-client.http2.initial-window-size may not be negative.", str));
        }
        if (nettyHttpClientConfig.maxPendingConnectionAcquires <= 0) {
            throw new RuntimeConfigurationError(String.format("quarkus.%s.async-client.max-pending-connection-acquires may not be negative or zero.", str));
        }
        if (nettyHttpClientConfig.eventLoop.override && nettyHttpClientConfig.eventLoop.numberOfThreads.isPresent() && nettyHttpClientConfig.eventLoop.numberOfThreads.getAsInt() <= 0) {
            throw new RuntimeConfigurationError(String.format("quarkus.%s.async-client.event-loop.number-of-threads may not be negative or zero.", str));
        }
        if (nettyHttpClientConfig.proxy.enabled) {
            nettyHttpClientConfig.proxy.endpoint.ifPresent(uri -> {
                validateProxyEndpoint(str, uri, "async");
            });
        }
        validateTlsManagersProvider(str, nettyHttpClientConfig.tlsManagersProvider, "async");
    }

    private void validateProxyEndpoint(String str, URI uri, String str2) {
        if (StringUtils.isBlank(uri.getScheme())) {
            throw new RuntimeConfigurationError(String.format("quarkus.%s.%s-client.proxy.endpoint (%s) - scheme must be specified", str, str2, uri.toString()));
        }
        if (StringUtils.isBlank(uri.getHost())) {
            throw new RuntimeConfigurationError(String.format("quarkus.%s.%s-client.proxy.endpoint (%s) - host must be specified", str, str2, uri.toString()));
        }
        if (StringUtils.isNotBlank(uri.getUserInfo())) {
            throw new RuntimeConfigurationError(String.format("quarkus.%s.%s-client.proxy.endpoint (%s) - user info is not supported.", str, str2, uri.toString()));
        }
        if (StringUtils.isNotBlank(uri.getPath())) {
            throw new RuntimeConfigurationError(String.format("quarkus.%s.%s-client.proxy.endpoint (%s) - path is not supported.", str, str2, uri.toString()));
        }
        if (StringUtils.isNotBlank(uri.getQuery())) {
            throw new RuntimeConfigurationError(String.format("quarkus.%s.%s-client.proxy.endpoint (%s) - query is not supported.", str, str2, uri.toString()));
        }
        if (StringUtils.isNotBlank(uri.getFragment())) {
            throw new RuntimeConfigurationError(String.format("quarkus.%s.%s-client.proxy.endpoint (%s) - fragment is not supported.", str, str2, uri.toString()));
        }
    }

    private void validateTlsManagersProvider(String str, TlsManagersProviderConfig tlsManagersProviderConfig, String str2) {
        if (tlsManagersProviderConfig == null || tlsManagersProviderConfig.type != TlsManagersProviderType.FILE_STORE) {
            return;
        }
        if (tlsManagersProviderConfig.fileStore == null) {
            throw new RuntimeConfigurationError(String.format("quarkus.%s.%s-client.tls-managers-provider.file-store must be specified if 'FILE_STORE' provider type is used", str, str2));
        }
        if (!tlsManagersProviderConfig.fileStore.password.isPresent()) {
            throw new RuntimeConfigurationError(String.format("quarkus.%s.%s-client.tls-managers-provider.file-store.path should not be empty if 'FILE_STORE' provider is used.", str, str2));
        }
        if (!tlsManagersProviderConfig.fileStore.type.isPresent()) {
            throw new RuntimeConfigurationError(String.format("quarkus.%s.%s-client.tls-managers-provider.file-store.type should not be empty if 'FILE_STORE' provider is used.", str, str2));
        }
        if (!tlsManagersProviderConfig.fileStore.password.isPresent()) {
            throw new RuntimeConfigurationError(String.format("quarkus.%s.%s-client.tls-managers-provider.file-store.password should not be empty if 'FILE_STORE' provider is used.", str, str2));
        }
    }
}
