package com.xebialabs.overthere.cifs.winrm;

import com.xebialabs.overthere.cifs.WinrmHttpsCertificateTrustStrategy;
import com.xebialabs.overthere.cifs.WinrmHttpsHostnameVerificationStrategy;
import com.xebialabs.overthere.cifs.winrm.soap.Action;
import com.xebialabs.overthere.cifs.winrm.soap.BodyBuilder;
import com.xebialabs.overthere.cifs.winrm.soap.HeaderBuilder;
import com.xebialabs.overthere.cifs.winrm.soap.OptionSet;
import com.xebialabs.overthere.cifs.winrm.soap.ResourceURI;
import com.xebialabs.overthere.cifs.winrm.soap.SoapAction;
import com.xebialabs.overthere.cifs.winrm.soap.SoapMessageBuilder;
import com.xebialabs.overthere.cifs.winrm.soap.Soapy;
import com.xebialabs.overthere.util.OverthereUtils;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.StringWriter;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.UnrecoverableKeyException;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import javassist.bytecode.CodeAttribute;
import javax.security.auth.Subject;
import javax.security.auth.kerberos.KerberosPrincipal;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.IOUtils;
import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.HttpVersion;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.BasicUserPrincipal;
import org.apache.http.auth.Credentials;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.client.params.ClientPNames;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.entity.ContentType;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.params.HttpConnectionParams;
import org.apache.http.protocol.BasicHttpContext;
import org.apache.http.protocol.HttpContext;
import org.apache.http.util.EntityUtils;
import org.dom4j.Document;
import org.dom4j.DocumentHelper;
import org.dom4j.Element;
import org.dom4j.QName;
import org.dom4j.io.OutputFormat;
import org.dom4j.io.XMLWriter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:META-INF/lib/overthere-4.1.2.jar:com/xebialabs/overthere/cifs/winrm/WinRmClient.class */
public class WinRmClient {
    private final String username;
    private final boolean enableKerberos;
    private final String password;
    private final URL targetURL;
    private final String unmappedAddress;
    private final int unmappedPort;
    private String winRmTimeout;
    private int winRmEnvelopSize;
    private String winRmLocale;
    private WinrmHttpsCertificateTrustStrategy httpsCertTrustStrategy;
    private WinrmHttpsHostnameVerificationStrategy httpsHostnameVerifyStrategy;
    private boolean kerberosUseHttpSpn;
    private boolean kerberosAddPortToSpn;
    private boolean kerberosDebug;
    private boolean kerberosTicketCache;
    private int soTimeout;
    private int connectionTimeout;
    private String shellId;
    private String commandId;
    private int exitValue = -1;
    private int chunk = 0;
    private static Logger logger = LoggerFactory.getLogger(WinRmClient.class);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:META-INF/lib/overthere-4.1.2.jar:com/xebialabs/overthere/cifs/winrm/WinRmClient$PrivilegedSendMessage.class */
    public class PrivilegedSendMessage implements PrivilegedExceptionAction<Document> {
        private Document requestDocument;
        private SoapAction soapAction;

        private PrivilegedSendMessage(Document document, SoapAction soapAction) {
            this.requestDocument = document;
            this.soapAction = soapAction;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.security.PrivilegedExceptionAction
        public Document run() throws Exception {
            return WinRmClient.this.doSendRequest(this.requestDocument, this.soapAction);
        }

        public Document getRequestDocument() {
            return this.requestDocument;
        }
    }

    public WinRmClient(String str, String str2, URL url, String str3, int i) {
        int indexOf = str.indexOf(64);
        if (indexOf >= 0) {
            String substring = str.substring(0, indexOf);
            String substring2 = str.substring(indexOf + 1);
            if (substring2.toUpperCase().equals(substring2)) {
                this.username = str;
            } else {
                this.username = substring + "@" + substring2.toUpperCase();
                logger.warn("Fixing username [{}] to have an upper case domain name [{}]", str, this.username);
            }
            this.enableKerberos = true;
        } else {
            this.username = str;
            this.enableKerberos = false;
        }
        this.password = str2;
        this.targetURL = url;
        this.unmappedAddress = str3;
        this.unmappedPort = i;
    }

    public String createShell() {
        logger.debug("Sending WinRM Create Shell request");
        Element createElement = DocumentHelper.createElement(QName.get("Shell", Namespaces.NS_WIN_SHELL));
        createElement.addElement(QName.get("InputStreams", Namespaces.NS_WIN_SHELL)).addText("stdin");
        createElement.addElement(QName.get("OutputStreams", Namespaces.NS_WIN_SHELL)).addText("stdout stderr");
        this.shellId = getFirstElement(sendRequest(getRequestDocument(Action.WS_ACTION, ResourceURI.RESOURCE_URI_CMD, OptionSet.OPEN_SHELL, createElement), SoapAction.SHELL), ResponseExtractor.SHELL_ID);
        logger.debug("Received WinRM Create Shell response: shell with ID {} start created", this.shellId);
        return this.shellId;
    }

    public String executeCommand(String str) {
        logger.debug("Sending WinRM Execute Command request to shell {}", this.shellId);
        Element createElement = DocumentHelper.createElement(QName.get("CommandLine", Namespaces.NS_WIN_SHELL));
        createElement.addElement(QName.get("Command", Namespaces.NS_WIN_SHELL)).addText("\"" + str + "\"");
        this.commandId = getFirstElement(sendRequest(getRequestDocument(Action.WS_COMMAND, ResourceURI.RESOURCE_URI_CMD, OptionSet.RUN_COMMAND, createElement), SoapAction.COMMAND_LINE), ResponseExtractor.COMMAND_ID);
        logger.debug("Received WinRM Execute Command response to shell {}: command with ID {} was started", this.shellId, this.commandId);
        return this.commandId;
    }

    public boolean receiveOutput(OutputStream outputStream, OutputStream outputStream2) throws IOException {
        logger.debug("Sending WinRM Receive Output request for command {} in shell {}", this.commandId, this.shellId);
        Element createElement = DocumentHelper.createElement(QName.get("Receive", Namespaces.NS_WIN_SHELL));
        createElement.addElement(QName.get("DesiredStream", Namespaces.NS_WIN_SHELL)).addAttribute("CommandId", this.commandId).addText("stdout stderr");
        Document sendRequest = sendRequest(getRequestDocument(Action.WS_RECEIVE, ResourceURI.RESOURCE_URI_CMD, null, createElement), SoapAction.RECEIVE);
        logger.debug("Received WinRM Receive Output response for command {} in shell {}", this.commandId, this.shellId);
        handleStream(sendRequest, ResponseExtractor.STDOUT, outputStream);
        handleStream(sendRequest, ResponseExtractor.STDERR, outputStream2);
        if (this.chunk == 0) {
            parseExitCode(sendRequest);
        }
        this.chunk++;
        if (ResponseExtractor.STREAM_DONE.getXPath().selectNodes(sendRequest).isEmpty()) {
            logger.trace("Did not find CommandState element with State=Done, returning true.");
            return true;
        }
        logger.trace("Found CommandState element with State=Done, parsing exit code and returning false.");
        parseExitCode(sendRequest);
        return false;
    }

    public void sendInput(byte[] bArr) throws IOException {
        logger.debug("Sending WinRM Send Input request for command {} in shell {}", this.commandId, this.shellId);
        Element createElement = DocumentHelper.createElement(QName.get("Send", Namespaces.NS_WIN_SHELL));
        createElement.addElement(QName.get("Stream", Namespaces.NS_WIN_SHELL)).addAttribute("Name", "stdin").addAttribute("CommandId", this.commandId).addText(new Base64().encodeAsString(bArr));
        sendRequest(getRequestDocument(Action.WS_SEND, ResourceURI.RESOURCE_URI_CMD, null, createElement), SoapAction.SEND);
        logger.debug("Sent WinRM Send Input request for command {} in shell {}", this.commandId, this.shellId);
    }

    public void signal() {
        if (this.commandId == null) {
            logger.warn("Not sending WinRM Signal request in shell {} because there is no running command", this.shellId);
            return;
        }
        logger.debug("Sending WinRM Signal request for command {} in shell {}", this.commandId, this.shellId);
        Element addAttribute = DocumentHelper.createElement(QName.get("Signal", Namespaces.NS_WIN_SHELL)).addAttribute("CommandId", this.commandId);
        addAttribute.addElement(QName.get(CodeAttribute.tag, Namespaces.NS_WIN_SHELL)).addText("http://schemas.microsoft.com/wbem/wsman/1/windows/shell/signal/terminate");
        sendRequest(getRequestDocument(Action.WS_SIGNAL, ResourceURI.RESOURCE_URI_CMD, null, addAttribute), SoapAction.SIGNAL);
        logger.debug("Sent WinRM Signal request for command {} in shell {}", this.commandId, this.shellId);
    }

    public void deleteShell() {
        if (this.shellId == null) {
            logger.warn("Not sending WinRM Delete Shell request because there is no shell");
            return;
        }
        logger.debug("Sending WinRM Delete Shell request for shell {}", this.shellId);
        sendRequest(getRequestDocument(Action.WS_DELETE, ResourceURI.RESOURCE_URI_CMD, null, null), null);
        logger.debug("Sent WinRM Delete Shell request for shell {}", this.shellId);
    }

    public int exitValue() {
        return this.exitValue;
    }

    private void parseExitCode(Document document) {
        try {
            logger.trace("Parsing exit code");
            String firstElement = getFirstElement(document, ResponseExtractor.EXIT_CODE);
            logger.trace("Found exit code {}", firstElement);
            try {
                this.exitValue = Integer.parseInt(firstElement);
            } catch (NumberFormatException e) {
                logger.error("Cannot parse exit code {}, setting it to -1", e);
                this.exitValue = -1;
            }
        } catch (Exception e2) {
            logger.trace("Exit code not found,");
        }
    }

    private static void handleStream(Document document, ResponseExtractor responseExtractor, OutputStream outputStream) throws IOException {
        List selectNodes = responseExtractor.getXPath().selectNodes(document);
        if (selectNodes.isEmpty()) {
            return;
        }
        Base64 base64 = new Base64();
        Iterator it = selectNodes.iterator();
        while (it.hasNext()) {
            outputStream.write(base64.decode(((Element) it.next()).getText()));
        }
    }

    private static String getFirstElement(Document document, ResponseExtractor responseExtractor) {
        List selectNodes = responseExtractor.getXPath().selectNodes(document);
        if (selectNodes.isEmpty()) {
            throw new RuntimeException("Cannot find " + responseExtractor.getXPath() + " in " + toString(document));
        }
        return ((Element) selectNodes.iterator().next()).getText();
    }

    private Document getRequestDocument(Action action, ResourceURI resourceURI, OptionSet optionSet, Element element) {
        SoapMessageBuilder newMessage = Soapy.newMessage();
        SoapMessageBuilder.EnvelopeBuilder envelope = newMessage.envelope();
        try {
            addHeaders(envelope, action, resourceURI, optionSet);
            BodyBuilder body = envelope.body();
            if (element != null) {
                body.setContent(element);
            }
            return newMessage.getDocument();
        } catch (URISyntaxException e) {
            throw new IllegalArgumentException(e);
        }
    }

    private void addHeaders(SoapMessageBuilder.EnvelopeBuilder envelopeBuilder, Action action, ResourceURI resourceURI, OptionSet optionSet) throws URISyntaxException {
        HeaderBuilder header = envelopeBuilder.header();
        header.to(this.targetURL.toURI()).replyTo(new URI("http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous"));
        header.maxEnvelopeSize(this.winRmEnvelopSize);
        header.withId(getUUID());
        header.withLocale(this.winRmLocale);
        header.withTimeout(this.winRmTimeout);
        header.withAction(action.getUri());
        if (this.shellId != null) {
            header.withShellId(this.shellId);
        }
        header.withResourceURI(resourceURI.getUri());
        if (optionSet != null) {
            header.withOptionSet(optionSet.getKeyValuePairs());
        }
    }

    private static String getUUID() {
        return "uuid:" + UUID.randomUUID().toString().toUpperCase();
    }

    private Document sendRequest(Document document, SoapAction soapAction) {
        return this.enableKerberos ? runPrivileged(new PrivilegedSendMessage(document, soapAction)) : doSendRequest(document, soapAction);
    }

    private Document runPrivileged(PrivilegedSendMessage privilegedSendMessage) {
        try {
            LoginContext loginContext = new LoginContext("", (Subject) null, new ProvidedAuthCallback(this.username, this.password), new KerberosJaasConfiguration(this.kerberosDebug, this.kerberosTicketCache));
            loginContext.login();
            return (Document) Subject.doAs(loginContext.getSubject(), privilegedSendMessage);
        } catch (PrivilegedActionException e) {
            throw new WinRmRuntimeIOException("Failure sending message on " + this.targetURL + " error: " + e.getMessage(), privilegedSendMessage.getRequestDocument(), null, e.getException());
        } catch (LoginException e2) {
            throw new WinRmRuntimeIOException("Login failure sending message on " + this.targetURL + " error: " + e2.getMessage(), privilegedSendMessage.getRequestDocument(), null, e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Document doSendRequest(Document document, SoapAction soapAction) {
        DefaultHttpClient defaultHttpClient = new DefaultHttpClient();
        try {
            try {
                try {
                    configureHttpClient(defaultHttpClient);
                    HttpContext basicHttpContext = new BasicHttpContext();
                    HttpPost httpPost = new HttpPost(this.targetURL.toURI());
                    if (soapAction != null) {
                        httpPost.setHeader("SOAPAction", soapAction.getValue());
                    }
                    String winRmClient = toString(document);
                    logger.trace("Request:\nPOST {}\n{}", this.targetURL, winRmClient);
                    httpPost.setEntity(createEntity(winRmClient));
                    CloseableHttpResponse execute = defaultHttpClient.execute((HttpUriRequest) httpPost, basicHttpContext);
                    logResponseHeaders(execute);
                    if (execute.getStatusLine().getStatusCode() != 200) {
                        throw new WinRmRuntimeIOException(String.format("Unexpected HTTP response on %s:  %s (%s)", this.targetURL, execute.getStatusLine().getReasonPhrase(), Integer.valueOf(execute.getStatusLine().getStatusCode())));
                    }
                    Document parseText = DocumentHelper.parseText(handleResponse(execute, basicHttpContext));
                    logDocument("Response body:", parseText);
                    defaultHttpClient.getConnectionManager().shutdown();
                    return parseText;
                } catch (WinRmRuntimeIOException e) {
                    throw e;
                }
            } catch (Exception e2) {
                throw new WinRmRuntimeIOException("Error when sending request to " + this.targetURL, document, null, e2);
            }
        } catch (Throwable th) {
            defaultHttpClient.getConnectionManager().shutdown();
            throw th;
        }
    }

    private void configureHttpClient(DefaultHttpClient defaultHttpClient) throws GeneralSecurityException {
        configureTrust(defaultHttpClient);
        configureAuthentication(defaultHttpClient, "Basic", new BasicUserPrincipal(this.username));
        if (this.enableKerberos) {
            String str = this.kerberosUseHttpSpn ? HttpVersion.HTTP : "WSMAN";
            defaultHttpClient.getAuthSchemes().register("Kerberos", new WsmanKerberosSchemeFactory(!this.kerberosAddPortToSpn, str, this.unmappedAddress, this.unmappedPort));
            defaultHttpClient.getAuthSchemes().register("Negotiate", new WsmanSPNegoSchemeFactory(!this.kerberosAddPortToSpn, str, this.unmappedAddress, this.unmappedPort));
            configureAuthentication(defaultHttpClient, "Kerberos", new KerberosPrincipal(this.username));
            configureAuthentication(defaultHttpClient, "Negotiate", new KerberosPrincipal(this.username));
        }
        defaultHttpClient.getParams().setBooleanParameter(ClientPNames.HANDLE_AUTHENTICATION, true);
        HttpConnectionParams.setSoTimeout(defaultHttpClient.getParams(), this.soTimeout);
        HttpConnectionParams.setConnectionTimeout(defaultHttpClient.getParams(), this.connectionTimeout);
    }

    private void configureTrust(DefaultHttpClient defaultHttpClient) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        if ("https".equalsIgnoreCase(this.targetURL.getProtocol())) {
            defaultHttpClient.getConnectionManager().getSchemeRegistry().register(new Scheme("https", 443, new SSLSocketFactory(this.httpsCertTrustStrategy.getStrategy(), this.httpsHostnameVerifyStrategy.getVerifier())));
        }
    }

    private void configureAuthentication(DefaultHttpClient defaultHttpClient, String str, final Principal principal) {
        defaultHttpClient.getCredentialsProvider().setCredentials(new AuthScope(AuthScope.ANY_HOST, -1, AuthScope.ANY_REALM, str), new Credentials() { // from class: com.xebialabs.overthere.cifs.winrm.WinRmClient.1
            @Override // org.apache.http.auth.Credentials
            public Principal getUserPrincipal() {
                return principal;
            }

            @Override // org.apache.http.auth.Credentials
            public String getPassword() {
                return WinRmClient.this.password;
            }
        });
    }

    private static void logResponseHeaders(HttpResponse httpResponse) {
        if (logger.isTraceEnabled()) {
            StringBuilder sb = new StringBuilder();
            for (Header header : httpResponse.getAllHeaders()) {
                sb.append(header.getName()).append(": ").append(header.getValue()).append(IOUtils.LINE_SEPARATOR_UNIX);
            }
            logger.trace("Response headers:\n{}", sb);
        }
    }

    private static void logDocument(String str, Document document) {
        if (logger.isTraceEnabled()) {
            StringWriter stringWriter = new StringWriter();
            try {
                XMLWriter xMLWriter = new XMLWriter(stringWriter, OutputFormat.createPrettyPrint());
                xMLWriter.write(document);
                xMLWriter.close();
            } catch (IOException e) {
                logger.trace("{}\n{}", str, e);
            }
            logger.trace("{}\n{}", str, stringWriter);
        }
    }

    protected String handleResponse(HttpResponse httpResponse, HttpContext httpContext) throws IOException {
        HttpEntity entity = httpResponse.getEntity();
        if (null == entity.getContentType() || !entity.getContentType().getValue().startsWith("application/soap+xml")) {
            throw new WinRmRuntimeIOException("Error when sending request to " + this.targetURL + "; Unexpected content-type: " + entity.getContentType());
        }
        InputStream content = entity.getContent();
        StringWriter stringWriter = new StringWriter();
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(content, "UTF-8"));
        try {
            char[] cArr = new char[1024];
            while (true) {
                int read = bufferedReader.read(cArr);
                if (read == -1) {
                    return stringWriter.toString();
                }
                stringWriter.write(cArr, 0, read);
            }
        } finally {
            OverthereUtils.closeQuietly(bufferedReader);
            OverthereUtils.closeQuietly(content);
            EntityUtils.consume(httpResponse.getEntity());
        }
    }

    private static String toString(Document document) {
        StringWriter stringWriter = new StringWriter();
        XMLWriter xMLWriter = new XMLWriter(stringWriter, OutputFormat.createPrettyPrint());
        try {
            xMLWriter.write(document);
            xMLWriter.close();
            return stringWriter.toString();
        } catch (IOException e) {
            throw new WinRmRuntimeIOException("Cannnot convert XML to String ", e);
        }
    }

    protected HttpEntity createEntity(String str) {
        return new StringEntity(str, ContentType.create("application/soap+xml", "UTF-8"));
    }

    public void setWinRmTimeout(String str) {
        this.winRmTimeout = str;
    }

    public void setWinRmEnvelopSize(int i) {
        this.winRmEnvelopSize = i;
    }

    public void setWinRmLocale(String str) {
        this.winRmLocale = str;
    }

    public void setHttpsCertTrustStrategy(WinrmHttpsCertificateTrustStrategy winrmHttpsCertificateTrustStrategy) {
        this.httpsCertTrustStrategy = winrmHttpsCertificateTrustStrategy;
    }

    public void setHttpsHostnameVerifyStrategy(WinrmHttpsHostnameVerificationStrategy winrmHttpsHostnameVerificationStrategy) {
        this.httpsHostnameVerifyStrategy = winrmHttpsHostnameVerificationStrategy;
    }

    public void setKerberosUseHttpSpn(boolean z) {
        this.kerberosUseHttpSpn = z;
    }

    public void setKerberosAddPortToSpn(boolean z) {
        this.kerberosAddPortToSpn = z;
    }

    public void setKerberosDebug(boolean z) {
        this.kerberosDebug = z;
    }

    public void setKerberosTicketCache(boolean z) {
        this.kerberosTicketCache = z;
    }

    public int getConnectionTimeout() {
        return this.connectionTimeout;
    }

    public void setConnectionTimeout(int i) {
        this.connectionTimeout = i;
    }

    public int getSoTimeout() {
        return this.soTimeout;
    }

    public void setSoTimeout(int i) {
        this.soTimeout = i;
    }
}
