package io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient;

import io.quarkus.rest.client.reactive.runtime.ProxyAddressUtil;
import io.quarkus.tls.TlsConfiguration;
import io.vertx.core.net.KeyCertOptions;
import io.vertx.core.net.SSLOptions;
import io.vertx.core.net.TrustOptions;
import jakarta.ws.rs.client.Client;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.InvocationTargetException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.time.Duration;
import java.util.Optional;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import org.jboss.resteasy.reactive.client.TlsConfig;
import org.jboss.resteasy.reactive.client.impl.ClientBuilderImpl;
import software.amazon.awssdk.http.SdkHttpConfigurationOption;
import software.amazon.awssdk.utils.AttributeMap;
import software.amazon.awssdk.utils.NumericUtils;
import software.amazon.awssdk.utils.Validate;

/* loaded from: input_file:io/quarkiverse/langchain4j/bedrock/runtime/jaxrsclient/DefaultJaxRsSdkClientBuilder.class */
public class DefaultJaxRsSdkClientBuilder implements JaxRsSdkClientBuilder {
    private static final String NONE = "none";
    private final AttributeMap.Builder standardOptions = AttributeMap.builder();
    private String proxyAddress;
    private String proxyUser;
    private String proxyPassword;
    private String nonProxyHosts;
    private Boolean disableContextualErrorMessages;
    private Boolean verifyHost;
    private String hostnameVerifier;
    private String trustStore;
    private String trustStorePassword;
    private String trustStoreType;
    private String keyStore;
    private String keyStorePassword;
    private String keyStoreType;
    private TlsConfiguration tlsConfig;

    @Override // io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient.JaxRsSdkClientBuilder
    public JaxRsSdkClientBuilder connectionTimeout(Duration duration) {
        Validate.isPositive(duration, "connectionTimeout");
        this.standardOptions.put(SdkHttpConfigurationOption.CONNECTION_TIMEOUT, duration);
        return this;
    }

    @Override // io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient.JaxRsSdkClientBuilder
    public JaxRsSdkClientBuilder readTimeout(Duration duration) {
        Validate.isNotNegative(duration, "readTimeout");
        this.standardOptions.put(SdkHttpConfigurationOption.READ_TIMEOUT, duration);
        return this;
    }

    @Override // io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient.JaxRsSdkClientBuilder
    public JaxRsSdkClientBuilder proxyAddress(String str) {
        this.proxyAddress = str;
        return this;
    }

    @Override // io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient.JaxRsSdkClientBuilder
    public JaxRsSdkClientBuilder proxyUser(String str) {
        this.proxyUser = str;
        return this;
    }

    @Override // io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient.JaxRsSdkClientBuilder
    public JaxRsSdkClientBuilder proxyPassword(String str) {
        this.proxyPassword = str;
        return this;
    }

    @Override // io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient.JaxRsSdkClientBuilder
    public JaxRsSdkClientBuilder nonProxyHosts(String str) {
        this.nonProxyHosts = str;
        return this;
    }

    @Override // io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient.JaxRsSdkClientBuilder
    public JaxRsSdkClientBuilder disableContextualErrorMessages(Boolean bool) {
        this.disableContextualErrorMessages = bool;
        return this;
    }

    @Override // io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient.JaxRsSdkClientBuilder
    public JaxRsSdkClientBuilder connectionTTL(int i) {
        Validate.isNotNegative(i, "connectionTTL");
        this.standardOptions.put(SdkHttpConfigurationOption.CONNECTION_TIME_TO_LIVE, Duration.ofMillis(i));
        return this;
    }

    @Override // io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient.JaxRsSdkClientBuilder
    public JaxRsSdkClientBuilder connectionPoolSize(int i) {
        Validate.isNotNegative(i, "connectionPoolSize");
        this.standardOptions.put(SdkHttpConfigurationOption.MAX_CONNECTIONS, Integer.valueOf(i));
        return this;
    }

    @Override // io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient.JaxRsSdkClientBuilder
    public JaxRsSdkClientBuilder keepAliveEnabled(boolean z) {
        this.standardOptions.put(SdkHttpConfigurationOption.TCP_KEEPALIVE, Boolean.valueOf(z));
        return this;
    }

    @Override // io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient.JaxRsSdkClientBuilder
    public JaxRsSdkClientBuilder hostnameVerifier(String str) {
        this.hostnameVerifier = str;
        return this;
    }

    @Override // io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient.JaxRsSdkClientBuilder
    public JaxRsSdkClientBuilder verifyHost(boolean z) {
        this.verifyHost = Boolean.valueOf(z);
        return this;
    }

    @Override // io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient.JaxRsSdkClientBuilder
    public JaxRsSdkClientBuilder trustStore(String str) {
        this.trustStore = str;
        return this;
    }

    @Override // io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient.JaxRsSdkClientBuilder
    public JaxRsSdkClientBuilder trustStorePassword(String str) {
        this.trustStorePassword = str;
        return this;
    }

    @Override // io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient.JaxRsSdkClientBuilder
    public JaxRsSdkClientBuilder trustStoreType(String str) {
        this.trustStoreType = str;
        return this;
    }

    @Override // io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient.JaxRsSdkClientBuilder
    public JaxRsSdkClientBuilder keyStore(String str) {
        this.keyStore = str;
        return this;
    }

    @Override // io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient.JaxRsSdkClientBuilder
    public JaxRsSdkClientBuilder keyStorePassword(String str) {
        this.keyStorePassword = str;
        return this;
    }

    @Override // io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient.JaxRsSdkClientBuilder
    public JaxRsSdkClientBuilder keyStoreType(String str) {
        this.keyStoreType = str;
        return this;
    }

    @Override // io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient.JaxRsSdkClientBuilder
    public JaxRsSdkClientBuilder tlsConfig(TlsConfiguration tlsConfiguration) {
        this.tlsConfig = tlsConfiguration;
        return this;
    }

    public Client buildClientWithDefaults(AttributeMap attributeMap) {
        ClientBuilderImpl clientBuilderImpl = new ClientBuilderImpl();
        AttributeMap merge = this.standardOptions.build().merge(attributeMap);
        clientBuilderImpl.connectTimeout(NumericUtils.saturatedCast(((Duration) merge.get(SdkHttpConfigurationOption.CONNECTION_TIMEOUT)).toMillis()), TimeUnit.MILLISECONDS);
        clientBuilderImpl.readTimeout(NumericUtils.saturatedCast(((Duration) merge.get(SdkHttpConfigurationOption.READ_TIMEOUT)).toMillis()), TimeUnit.MILLISECONDS);
        configureProxy(clientBuilderImpl);
        if (this.disableContextualErrorMessages != null) {
            clientBuilderImpl.property("io.quarkus.rest.client.disable-contextual-error-messages", this.disableContextualErrorMessages);
        }
        Duration duration = (Duration) merge.get(SdkHttpConfigurationOption.CONNECTION_TIME_TO_LIVE);
        if (duration != null) {
            clientBuilderImpl.property("io.quarkus.rest.client.connection-ttl", Integer.valueOf(NumericUtils.saturatedCast(duration.toMillis())));
        }
        Integer num = (Integer) merge.get(SdkHttpConfigurationOption.MAX_CONNECTIONS);
        if (num != null) {
            clientBuilderImpl.property("io.quarkus.rest.client.connection-pool-size", num);
        }
        Boolean bool = (Boolean) merge.get(SdkHttpConfigurationOption.TCP_KEEPALIVE);
        if (bool != null) {
            clientBuilderImpl.property("io.quarkus.rest.client.keep-alive-enabled", bool);
        }
        if (this.tlsConfig != null) {
            clientBuilderImpl.tlsConfig(new TlsConfig() { // from class: io.quarkiverse.langchain4j.bedrock.runtime.jaxrsclient.DefaultJaxRsSdkClientBuilder.1
                public KeyStore getKeyStore() {
                    return DefaultJaxRsSdkClientBuilder.this.tlsConfig.getKeyStore();
                }

                public KeyCertOptions getKeyStoreOptions() {
                    return DefaultJaxRsSdkClientBuilder.this.tlsConfig.getKeyStoreOptions();
                }

                public KeyStore getTrustStore() {
                    return DefaultJaxRsSdkClientBuilder.this.tlsConfig.getTrustStore();
                }

                public TrustOptions getTrustStoreOptions() {
                    return DefaultJaxRsSdkClientBuilder.this.tlsConfig.getTrustStoreOptions();
                }

                public SSLOptions getSSLOptions() {
                    return DefaultJaxRsSdkClientBuilder.this.tlsConfig.getSSLOptions();
                }

                public SSLContext createSSLContext() throws Exception {
                    return DefaultJaxRsSdkClientBuilder.this.tlsConfig.createSSLContext();
                }

                public Optional<String> getHostnameVerificationAlgorithm() {
                    return DefaultJaxRsSdkClientBuilder.this.tlsConfig.getHostnameVerificationAlgorithm();
                }

                public boolean usesSni() {
                    return DefaultJaxRsSdkClientBuilder.this.tlsConfig.usesSni();
                }

                public boolean isTrustAll() {
                    return DefaultJaxRsSdkClientBuilder.this.tlsConfig.isTrustAll();
                }

                public Optional<String> getName() {
                    throw new IllegalStateException("this should not be called");
                }
            });
        } else {
            configureTLSFromProperties(clientBuilderImpl);
        }
        return clientBuilderImpl.build();
    }

    private void configureProxy(ClientBuilderImpl clientBuilderImpl) {
        if (this.proxyAddress != null) {
            if (this.proxyAddress.equals(NONE)) {
                clientBuilderImpl.proxy(NONE, 0);
                return;
            }
            ProxyAddressUtil.HostAndPort parseAddress = ProxyAddressUtil.parseAddress(this.proxyAddress);
            clientBuilderImpl.proxy(parseAddress.host, parseAddress.port);
            if (this.proxyUser != null) {
                clientBuilderImpl.proxyUser(this.proxyUser);
            }
            if (this.proxyPassword != null) {
                clientBuilderImpl.proxyPassword(this.proxyPassword);
            }
            if (this.nonProxyHosts != null) {
                clientBuilderImpl.nonProxyHosts(this.nonProxyHosts);
            }
        }
    }

    private void configureTLSFromProperties(ClientBuilderImpl clientBuilderImpl) {
        if (this.trustStore != null && !NONE.equals(this.trustStore)) {
            registerTrustStore(clientBuilderImpl, this.trustStore, this.trustStorePassword, this.trustStoreType);
        }
        if (this.keyStore != null && !NONE.equals(this.keyStore)) {
            registerKeyStore(clientBuilderImpl, this.keyStore, this.keyStorePassword, this.keyStoreType);
        }
        if (this.hostnameVerifier != null) {
            registerHostnameVerifier(clientBuilderImpl, this.hostnameVerifier);
        }
        if (this.verifyHost != null) {
            clientBuilderImpl.verifyHost(this.verifyHost.booleanValue());
        }
    }

    private void registerHostnameVerifier(ClientBuilderImpl clientBuilderImpl, String str) {
        try {
            clientBuilderImpl.hostnameVerifier((HostnameVerifier) Thread.currentThread().getContextClassLoader().loadClass(str).getDeclaredConstructor(new Class[0]).newInstance(new Object[0]));
        } catch (ClassCastException e) {
            throw new IllegalArgumentException("The provided hostname verifier " + str + " is not an instance of HostnameVerifier", e);
        } catch (ClassNotFoundException e2) {
            throw new IllegalArgumentException("Could not find hostname verifier class " + str, e2);
        } catch (IllegalAccessException | InstantiationException | InvocationTargetException e3) {
            throw new IllegalArgumentException("Failed to instantiate hostname verifier class " + str + ". Make sure it has a public, no-argument constructor", e3);
        } catch (NoSuchMethodException e4) {
            throw new IllegalArgumentException("Could not find a public, no-argument constructor for the hostname verifier class " + str, e4);
        }
    }

    private void registerKeyStore(ClientBuilderImpl clientBuilderImpl, String str, String str2, String str3) {
        try {
            clientBuilderImpl.keyStore(loadKeyStore(str, str2, str3, "keystore"), str2);
        } catch (KeyStoreException e) {
            throw new IllegalArgumentException("Failed to initialize trust store from " + str, e);
        }
    }

    private void registerTrustStore(ClientBuilderImpl clientBuilderImpl, String str, String str2, String str3) {
        try {
            clientBuilderImpl.trustStore(loadKeyStore(str, str2, str3, "truststore"), str2.toCharArray());
        } catch (KeyStoreException e) {
            throw new IllegalArgumentException("Failed to initialize trust store from " + str, e);
        }
    }

    private KeyStore loadKeyStore(String str, String str2, String str3, String str4) throws KeyStoreException {
        KeyStore keyStore = KeyStore.getInstance((String) Optional.ofNullable(str3).orElse("JKS"));
        if (str2 == null) {
            throw new IllegalArgumentException("No password provided for " + str4);
        }
        try {
            InputStream locateStream = locateStream(str);
            try {
                keyStore.load(locateStream, str2.toCharArray());
                if (locateStream != null) {
                    locateStream.close();
                }
                return keyStore;
            } finally {
            }
        } catch (IOException | NoSuchAlgorithmException | CertificateException e) {
            throw new IllegalArgumentException("Failed to initialize " + str4 + " from classpath resource " + str, e);
        }
    }

    private InputStream locateStream(String str) throws FileNotFoundException {
        if (!str.startsWith("classpath:")) {
            if (str.startsWith("file:")) {
                str = str.replaceFirst("file:", "");
            }
            File file = new File(str);
            if (file.isFile()) {
                return new FileInputStream(file);
            }
            throw new IllegalArgumentException("Certificate file: " + str + " not found for MicroProfile Rest Client SSL configuration");
        }
        String replaceFirst = str.replaceFirst("classpath:", "");
        InputStream resourceAsStream = Thread.currentThread().getContextClassLoader().getResourceAsStream(replaceFirst);
        if (resourceAsStream == null) {
            resourceAsStream = getClass().getResourceAsStream(replaceFirst);
        }
        if (resourceAsStream == null) {
            throw new IllegalArgumentException("Classpath resource " + replaceFirst + " not found for MicroProfile Rest Client SSL configuration");
        }
        return resourceAsStream;
    }
}
