package org.jets3t.service.utils;

import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.SimpleTimeZone;
import java.util.TreeMap;
import org.apache.felix.framework.util.FelixConstants;
import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.HttpEntityEnclosingRequest;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.entity.ByteArrayEntity;
import org.apache.http.entity.StringEntity;
import org.jets3t.service.Constants;
import org.jets3t.service.impl.rest.httpclient.RepeatableRequestEntity;
import org.jets3t.service.io.ProgressMonitoredInputStream;
import org.jets3t.service.security.ProviderCredentials;
import org.lucee.extension.resource.s3.S3;

/* loaded from: input_file:WEB-INF/lib/lucee.jar:extensions/17AB52DE-B300-A94B-E058BD978511E39E-0.9.4.154.lex:jars/org.lucee.jets3t-0.9.4.0016L.jar:org/jets3t/service/utils/SignatureUtils.class */
public class SignatureUtils {
    protected static final SimpleDateFormat awsFlavouredISO8601DateParser = new SimpleDateFormat("yyyyMMdd'T'HHmmss'Z'");

    public static String formatAwsFlavouredISO8601Date(Date date) {
        String format;
        synchronized (awsFlavouredISO8601DateParser) {
            format = awsFlavouredISO8601DateParser.format(date);
        }
        return format;
    }

    public static Date parseAwsFlavouredISO8601Date(String str) throws ParseException {
        Date parse;
        synchronized (awsFlavouredISO8601DateParser) {
            parse = awsFlavouredISO8601DateParser.parse(str);
        }
        return parse;
    }

    public static String awsRegionForRequest(URI uri) {
        String lowerCase = uri.getHost().toLowerCase();
        if (lowerCase.endsWith(S3.DEFAULT_HOST) || lowerCase.endsWith("s3-external-1.amazonaws.com")) {
            return null;
        }
        if (!lowerCase.endsWith(".amazonaws.com") && !lowerCase.contains(".amazonaws.com.")) {
            return null;
        }
        String str = null;
        boolean z = false;
        for (String str2 : lowerCase.split("\\.")) {
            if (str2.equals("amazonaws")) {
                break;
            }
            if (str2.equals("s3")) {
                z = true;
            }
            str = str2;
        }
        if (null == str) {
            return null;
        }
        if (str.startsWith("s3-")) {
            return str.substring("s3-".length());
        }
        if (z) {
            return str;
        }
        return null;
    }

    public static void awsV4SignRequestAuthorizationHeader(String str, HttpUriRequest httpUriRequest, ProviderCredentials providerCredentials, String str2, String str3) {
        if (httpUriRequest.getFirstHeader("Host") == null) {
            httpUriRequest.setHeader("Host", httpUriRequest.getURI().getHost());
        }
        String awsV4ParseAndFormatDate = awsV4ParseAndFormatDate(httpUriRequest);
        if (httpUriRequest.getFirstHeader(Constants.REST_METADATA_ALTERNATE_DATE_AMZ) == null) {
            httpUriRequest.setHeader(Constants.REST_METADATA_ALTERNATE_DATE_AMZ, awsV4ParseAndFormatDate);
        }
        String awsV4BuildCanonicalRequestString = awsV4BuildCanonicalRequestString(httpUriRequest, str2);
        httpUriRequest.setHeader("Authorization", awsV4BuildAuthorizationHeaderValue(providerCredentials.getAccessKey(), ServiceUtils.toHex(ServiceUtils.hmacSHA256(awsV4BuildSigningKey(providerCredentials.getSecretKey(), awsV4ParseAndFormatDate, str3), ServiceUtils.stringToBytes(awsV4BuildStringToSign(str, awsV4BuildCanonicalRequestString, awsV4ParseAndFormatDate, str3)))), str, awsV4BuildCanonicalRequestString, awsV4ParseAndFormatDate, str3));
    }

    public static String awsV4GetOrCalculatePayloadHash(HttpUriRequest httpUriRequest) {
        String str = null;
        Header firstHeader = httpUriRequest.getFirstHeader("x-amz-content-sha256");
        if (firstHeader != null) {
            return firstHeader.getValue();
        }
        if (httpUriRequest instanceof HttpEntityEnclosingRequest) {
            HttpEntity entity = ((HttpEntityEnclosingRequest) httpUriRequest).getEntity();
            if ((entity instanceof StringEntity) || (entity instanceof ByteArrayEntity) || (entity instanceof RepeatableRequestEntity)) {
                try {
                    InputStream content = entity.getContent();
                    while (content instanceof ProgressMonitoredInputStream) {
                        content = ((ProgressMonitoredInputStream) content).getWrappedInputStream();
                    }
                    str = ServiceUtils.toHex(ServiceUtils.hashSHA256(content, true));
                    content.reset();
                } catch (IOException e) {
                    throw new RuntimeException("Failed to automatically set required header \"x-amz-content-sha256\" for request with entity " + entity, e);
                }
            } else if (entity != null) {
                throw new RuntimeException("Header \"x-amz-content-sha256\" set to the hex-encoded SHA256 hash of the request payload is required for AWS Version 4 request signing, please set this on: " + httpUriRequest);
            }
        }
        if (str == null) {
            str = "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
        }
        return str;
    }

    public static String awsV4ParseAndFormatDate(HttpUriRequest httpUriRequest) {
        Header firstHeader = httpUriRequest.getFirstHeader(Constants.REST_METADATA_ALTERNATE_DATE_AMZ);
        if (firstHeader == null) {
            firstHeader = httpUriRequest.getFirstHeader("Date");
        }
        if (firstHeader == null) {
            throw new RuntimeException("Request must have a date timestamp applied before it can be signed with AWS Version 4, but no date value found in \"x-amz-date\" or \"Date\" headers");
        }
        String value = firstHeader.getValue();
        if (!value.endsWith("Z")) {
            try {
                return formatAwsFlavouredISO8601Date(ServiceUtils.parseRfc822Date(value));
            } catch (ParseException e) {
                throw new RuntimeException("Invalid date value in request: " + value, e);
            }
        }
        try {
            parseAwsFlavouredISO8601Date(value);
            return value;
        } catch (ParseException e2) {
            try {
                return formatAwsFlavouredISO8601Date(ServiceUtils.parseIso8601Date(value));
            } catch (ParseException e3) {
                throw new RuntimeException("Invalid date value in request: " + value, e3);
            }
        }
    }

    public static String awsV4BuildCanonicalRequestString(HttpUriRequest httpUriRequest, String str) {
        URI uri = httpUriRequest.getURI();
        String method = httpUriRequest.getMethod();
        HashMap hashMap = new HashMap();
        for (Header header : httpUriRequest.getAllHeaders()) {
            hashMap.put(header.getName().trim().toLowerCase(), header.getValue().trim());
        }
        return awsV4BuildCanonicalRequestString(uri, method, hashMap, str);
    }

    public static String awsV4BuildCanonicalRequestString(URI uri, String str, Map<String, String> map, String str2) {
        StringBuilder sb = new StringBuilder();
        sb.append(str).append("\n");
        String path = uri.getPath();
        if (path.length() == 0) {
            sb.append("/");
        } else {
            sb.append(awsV4EncodeURI(path, false));
        }
        sb.append("\n");
        String query = uri.getQuery();
        if (query == null || query.length() == 0) {
            sb.append("\n");
        } else {
            TreeMap treeMap = new TreeMap();
            for (String str3 : query.split("&")) {
                String[] split = str3.split(FelixConstants.ATTRIBUTE_SEPARATOR);
                String str4 = split[0];
                String str5 = "";
                if (split.length > 1) {
                    str5 = split[1];
                }
                treeMap.put(awsV4EncodeURI(str4, true), awsV4EncodeURI(str5, true));
            }
            boolean z = false;
            for (Map.Entry entry : treeMap.entrySet()) {
                if (z) {
                    sb.append("&");
                }
                sb.append((String) entry.getKey()).append(FelixConstants.ATTRIBUTE_SEPARATOR).append((String) entry.getValue());
                z = true;
            }
            sb.append("\n");
        }
        TreeMap treeMap2 = new TreeMap();
        treeMap2.putAll(map);
        for (Map.Entry entry2 : treeMap2.entrySet()) {
            sb.append((String) entry2.getKey()).append(":").append((String) entry2.getValue()).append("\n");
        }
        sb.append("\n");
        boolean z2 = false;
        for (Map.Entry entry3 : treeMap2.entrySet()) {
            if (z2) {
                sb.append(";");
            }
            sb.append((String) entry3.getKey());
            z2 = true;
        }
        sb.append("\n");
        sb.append(str2);
        return sb.toString();
    }

    public static String awsV4BuildStringToSign(String str, String str2, String str3, String str4) {
        return str + "\n" + str3 + "\n" + (str3.substring(0, 8) + "/" + str4 + "/s3/aws4_request") + "\n" + ServiceUtils.toHex(ServiceUtils.hash(str2, "SHA-256"));
    }

    public static byte[] awsV4BuildSigningKey(String str, String str2, String str3) {
        return ServiceUtils.hmacSHA256(ServiceUtils.hmacSHA256(ServiceUtils.hmacSHA256(ServiceUtils.hmacSHA256("AWS4" + str, str2.substring(0, 8)), ServiceUtils.stringToBytes(str3)), ServiceUtils.stringToBytes("s3")), ServiceUtils.stringToBytes("aws4_request"));
    }

    public static String awsV4BuildAuthorizationHeaderValue(String str, String str2, String str3, String str4, String str5, String str6) {
        String substring = str5.substring(0, 8);
        String[] split = str4.split("\n");
        return str3 + " Credential=" + str + "/" + (substring + "/" + str6 + "/s3/aws4_request") + ",SignedHeaders=" + split[split.length - 2] + ",Signature=" + str2;
    }

    public static URI awsV4CorrectHostnameForRegion(URI uri, String str) {
        String[] split = uri.getHost().split("\\.");
        if (str.equals("us-east-1")) {
            split[split.length - 3] = "s3";
        } else {
            split[split.length - 3] = "s3-" + str;
        }
        String join = ServiceUtils.join(split, ".");
        try {
            String rawPath = uri.getRawPath();
            if (uri.getRawQuery() != null) {
                rawPath = rawPath + "?" + uri.getRawQuery();
            }
            return new URL(uri.getScheme(), join, uri.getPort(), rawPath).toURI();
        } catch (MalformedURLException e) {
            throw new RuntimeException(e);
        } catch (URISyntaxException e2) {
            throw new RuntimeException(e2);
        }
    }

    public static String awsV4EncodeURI(CharSequence charSequence, boolean z) {
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < charSequence.length(); i++) {
            char charAt = charSequence.charAt(i);
            if ((charAt >= 'A' && charAt <= 'Z') || ((charAt >= 'a' && charAt <= 'z') || ((charAt >= '0' && charAt <= '9') || charAt == '_' || charAt == '-' || charAt == '~' || charAt == '.'))) {
                sb.append(charAt);
            } else if (charAt == '/') {
                sb.append(z ? "%2F" : Character.valueOf(charAt));
            } else {
                sb.append(RestUtils.encodeUrlString(String.valueOf(charAt)));
            }
        }
        return sb.toString();
    }

    static {
        awsFlavouredISO8601DateParser.setTimeZone(new SimpleTimeZone(0, "GMT"));
    }
}
