package com.jz.aliyun.tools;

import com.aliyun.oss.OSSClient;
import com.aliyun.oss.common.utils.BinaryUtil;
import com.aliyun.oss.model.MatchMode;
import com.aliyun.oss.model.PolicyConditions;
import com.aliyuncs.DefaultAcsClient;
import com.aliyuncs.exceptions.ClientException;
import com.aliyuncs.exceptions.ServerException;
import com.aliyuncs.http.MethodType;
import com.aliyuncs.http.ProtocolType;
import com.aliyuncs.profile.DefaultProfile;
import com.aliyuncs.sts.model.v20150401.AssumeRoleRequest;
import com.aliyuncs.sts.model.v20150401.AssumeRoleResponse;
import com.jz.aliyun.beans.AliyunConfig;
import com.jz.aliyun.beans.StsTokenConfig;
import com.jz.aliyun.beans.StsUploadInfo;
import com.jz.common.utils.json.GsonTools;
import com.jz.common.utils.jz.IdTools;
import com.jz.common.utils.security.EncryptionTools;
import com.jz.common.utils.text.StringTools;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import org.apache.commons.codec.binary.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/jz/aliyun/tools/StsTools.class */
public class StsTools {
    private static final Logger logger = LoggerFactory.getLogger(StsTools.class);
    private static final String REGION_CN_BEIJING = "cn-beijing";
    private static final String STS_API_VERSION = "2015-04-01";
    private static final String roleArn = "acs:ram::1651426276585947:role/ramonlyupload";
    private AliyunConfig config;

    private StsTools(AliyunConfig aliyunConfig) {
        this.config = aliyunConfig;
    }

    public static StsTools getInstance(AliyunConfig aliyunConfig) {
        return new StsTools(aliyunConfig);
    }

    private String getFileId(String str, String str2, StsTokenConfig stsTokenConfig) {
        return stsTokenConfig.isUseSourceName() ? str2 : StringTools.ternary(stsTokenConfig.getPrefix()) + IdTools.encode(str + StringTools.RandomString.random(10)) + StringTools.ternary(stsTokenConfig.getSuffix());
    }

    private String getCallbackBody(String str, String str2, String str3, String str4, String str5) throws UnsupportedEncodingException {
        if (StringTools.isNotEmptyAndBlank(str2)) {
            str = str + "&host=" + str2;
        }
        return ((str + "&fileId=" + str3 + "&path=" + URLEncoder.encode(str4, "UTF-8")) + "&mimeType=${mimeType}&imageInfo.format=${imageInfo.format}&imgHeight=${imageInfo.height}&imgWidth=${imageInfo.width}") + "&data=" + str5;
    }

    public StsUploadInfo getTemporaryUploadToken(String str, String str2, StsTokenConfig stsTokenConfig) throws Exception {
        String fileId = getFileId(str, str2, stsTokenConfig);
        String saveDir = stsTokenConfig.getSaveDir();
        if (!saveDir.startsWith(stsTokenConfig.getBasePath())) {
            saveDir = stsTokenConfig.getBasePath() + "/" + saveDir;
        }
        if (!saveDir.endsWith("/")) {
            saveDir = saveDir + "/";
        }
        String str3 = saveDir + fileId + "." + stsTokenConfig.getExt();
        StsUploadInfo of = StsUploadInfo.of();
        AssumeRoleResponse assumeRole = assumeRole(this.config.getAccessKeyId(), this.config.getAccessKeySecret(), roleArn, EncryptionTools.MD5(str), buildPolicy(stsTokenConfig.getBasePath(), this.config.getBucketName()), ProtocolType.HTTPS, stsTokenConfig.getTokenExpireSeconds());
        StringBuilder append = new StringBuilder(this.config.getBucketName()).append(".");
        if (stsTokenConfig.isEnableHttps()) {
            append.append("https://");
        }
        append.append(this.config.getEndpoint());
        of.setAccessKeyId(assumeRole.getCredentials().getAccessKeyId()).setSecret(assumeRole.getCredentials().getAccessKeySecret()).setHost(append.toString()).setKey(str3).setSignature(assumeRole.getCredentials().getSecurityToken()).setExpire((System.currentTimeMillis() / 1000) + stsTokenConfig.getTokenExpireSeconds());
        if (StringTools.isNotEmpty(stsTokenConfig.getCallback())) {
            String callbackBody = getCallbackBody(stsTokenConfig.getCallbackBody(), stsTokenConfig.getCdnHost(), fileId, str3, stsTokenConfig.getData());
            logger.info("set callback {}, {}", stsTokenConfig.getCallback(), callbackBody);
            of.setCallback(genCallback(stsTokenConfig.getCallback(), callbackBody));
        }
        return of;
    }

    public StsUploadInfo getSignUploadTask(String str, String str2, StsTokenConfig stsTokenConfig) throws UnsupportedEncodingException {
        OSSClient oSSClient = new OSSClient(this.config.getEndpoint(), this.config.getAccessKeyId(), this.config.getAccessKeySecret());
        String str3 = (stsTokenConfig.isEnableHttps() ? "https://" : "http://") + (this.config.getBucketName() + "." + this.config.getEndpoint());
        long currentTimeMillis = System.currentTimeMillis() + (stsTokenConfig.getTokenExpireSeconds() * 1000);
        Date date = new Date(currentTimeMillis);
        PolicyConditions policyConditions = new PolicyConditions();
        policyConditions.addConditionItem("content-length-range", 0L, 1048576000L);
        policyConditions.addConditionItem(MatchMode.StartWith, "key", stsTokenConfig.getSaveDir());
        String generatePostPolicy = oSSClient.generatePostPolicy(date, policyConditions);
        String base64String = BinaryUtil.toBase64String(generatePostPolicy.getBytes("UTF-8"));
        String calculatePostSignature = oSSClient.calculatePostSignature(generatePostPolicy);
        String fileId = getFileId(str, str2, stsTokenConfig);
        String str4 = fileId + "." + stsTokenConfig.getExt();
        String str5 = stsTokenConfig.getSaveDir() + "/" + str4;
        StsUploadInfo expire = StsUploadInfo.of().setAccessKeyId(this.config.getAccessKeyId()).setHost(str3).setPolicy(base64String).setSignature(calculatePostSignature).setKey(str5).setFileName(str4).setExpire(currentTimeMillis / 1000);
        if (StringTools.isNotEmpty(stsTokenConfig.getCallback())) {
            String callbackBody = getCallbackBody(stsTokenConfig.getCallbackBody(), StringTools.ternary(stsTokenConfig.getCdnHost(), str3), fileId, str5, stsTokenConfig.getData());
            logger.info("set callback {}, {}", stsTokenConfig.getCallback(), callbackBody);
            expire.setCallback(genCallback(stsTokenConfig.getCallback(), callbackBody));
        }
        return expire;
    }

    private String buildPolicy(String str, String str2) {
        ArrayList arrayList = new ArrayList();
        arrayList.add("oss:PutObject");
        arrayList.add("oss:InitMultipartUpload");
        arrayList.add("oss:UploadPart");
        arrayList.add("oss:ListParts");
        arrayList.add("oss:CompleteMultipartUpload");
        arrayList.add("oss:DeleteMultipartUpload");
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add("acs:oss:*:*:" + str2);
        if ("/".equals(str)) {
            arrayList2.add("acs:oss:*:*:" + str2 + "/*");
        } else {
            arrayList2.add("acs:oss:*:*:" + str2 + "/" + str + "/*");
        }
        HashMap hashMap = new HashMap();
        hashMap.put("Action", arrayList);
        hashMap.put("Resource", arrayList2);
        hashMap.put("Effect", "Allow");
        HashMap hashMap2 = new HashMap();
        hashMap2.put("Statement", Arrays.asList(hashMap));
        hashMap2.put("Version", "1");
        return GsonTools.gson.toJson(hashMap2);
    }

    private AssumeRoleResponse assumeRole(String str, String str2, String str3, String str4, String str5, ProtocolType protocolType, long j) throws ServerException, ClientException {
        DefaultAcsClient defaultAcsClient = new DefaultAcsClient(DefaultProfile.getProfile(REGION_CN_BEIJING, str, str2));
        AssumeRoleRequest assumeRoleRequest = new AssumeRoleRequest();
        assumeRoleRequest.setVersion(STS_API_VERSION);
        assumeRoleRequest.setMethod(MethodType.POST);
        assumeRoleRequest.setProtocol(protocolType);
        assumeRoleRequest.setRoleArn(str3);
        assumeRoleRequest.setRoleSessionName(str4);
        assumeRoleRequest.setPolicy(str5);
        assumeRoleRequest.setDurationSeconds(Long.valueOf(j));
        return defaultAcsClient.getAcsResponse(assumeRoleRequest);
    }

    private String genCallback(String str, String str2) throws UnsupportedEncodingException {
        HashMap hashMap = new HashMap();
        hashMap.put("callbackUrl", str);
        hashMap.put("callbackBody", str2);
        hashMap.put("callbackBodyType", "application/x-www-form-urlencoded");
        return new String(Base64.encodeBase64(GsonTools.gson.toJson(hashMap).getBytes()));
    }
}
