package com.qiniu.util;

import com.qiniu.http.Client;
import com.qiniu.util.StringMap;
import java.net.URI;
import java.security.GeneralSecurityException;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:com/qiniu/util/Auth.class */
public final class Auth {
    private static final String[] policyFields = {"callbackUrl", "callbackBody", "callbackHost", "callbackBodyType", "callbackFetchKey", "returnUrl", "returnBody", "endUser", "saveKey", "insertOnly", "isPrefixalScope", "detectMime", "mimeLimit", "fsizeLimit", "fsizeMin", "persistentOps", "persistentNotifyUrl", "persistentPipeline", "deleteAfterDays", "fileType"};
    private static final String[] deprecatedPolicyFields = {"asyncOps"};
    public final String accessKey;
    private final SecretKeySpec secretKey;

    private Auth(String str, SecretKeySpec secretKeySpec) {
        this.accessKey = str;
        this.secretKey = secretKeySpec;
    }

    public static Auth create(String str, String str2) {
        if (StringUtils.isNullOrEmpty(str) || StringUtils.isNullOrEmpty(str2)) {
            throw new IllegalArgumentException("empty key");
        }
        return new Auth(str, new SecretKeySpec(StringUtils.utf8Bytes(str2), "HmacSHA1"));
    }

    private static void copyPolicy(final StringMap stringMap, StringMap stringMap2, final boolean z) {
        if (stringMap2 == null) {
            return;
        }
        stringMap2.forEach(new StringMap.Consumer() { // from class: com.qiniu.util.Auth.1
            @Override // com.qiniu.util.StringMap.Consumer
            public void accept(String str, Object obj) {
                if (StringUtils.inStringArray(str, Auth.deprecatedPolicyFields)) {
                    throw new IllegalArgumentException(str + " is deprecated!");
                }
                if (!z || StringUtils.inStringArray(str, Auth.policyFields)) {
                    stringMap.put(str, obj);
                }
            }
        });
    }

    private Mac createMac() {
        try {
            Mac mac = Mac.getInstance("HmacSHA1");
            mac.init(this.secretKey);
            return mac;
        } catch (GeneralSecurityException e) {
            e.printStackTrace();
            throw new IllegalArgumentException(e);
        }
    }

    public String sign(byte[] bArr) {
        return this.accessKey + ":" + UrlSafeBase64.encodeToString(createMac().doFinal(bArr));
    }

    public String sign(String str) {
        return sign(StringUtils.utf8Bytes(str));
    }

    public String signWithData(byte[] bArr) {
        String encodeToString = UrlSafeBase64.encodeToString(bArr);
        return sign(StringUtils.utf8Bytes(encodeToString)) + ":" + encodeToString;
    }

    public String signWithData(String str) {
        return signWithData(StringUtils.utf8Bytes(str));
    }

    public String signRequest(String str, byte[] bArr, String str2) {
        URI create = URI.create(str);
        String rawPath = create.getRawPath();
        String rawQuery = create.getRawQuery();
        Mac createMac = createMac();
        createMac.update(StringUtils.utf8Bytes(rawPath));
        if (rawQuery != null && rawQuery.length() != 0) {
            createMac.update((byte) 63);
            createMac.update(StringUtils.utf8Bytes(rawQuery));
        }
        createMac.update((byte) 10);
        if (bArr != null && Client.FormMime.equalsIgnoreCase(str2)) {
            createMac.update(bArr);
        }
        return this.accessKey + ":" + UrlSafeBase64.encodeToString(createMac.doFinal());
    }

    public boolean isValidCallback(String str, String str2, byte[] bArr, String str3) {
        return ("QBox " + signRequest(str2, bArr, str3)).equals(str);
    }

    public String privateDownloadUrl(String str) {
        return privateDownloadUrl(str, 3600L);
    }

    public String privateDownloadUrl(String str, long j) {
        return privateDownloadUrlWithDeadline(str, (System.currentTimeMillis() / 1000) + j);
    }

    public String privateDownloadUrlWithDeadline(String str, long j) {
        StringBuilder sb = new StringBuilder();
        sb.append(str);
        if (str.indexOf("?") > 0) {
            sb.append("&e=");
        } else {
            sb.append("?e=");
        }
        sb.append(j);
        String sign = sign(StringUtils.utf8Bytes(sb.toString()));
        sb.append("&token=");
        sb.append(sign);
        return sb.toString();
    }

    public String uploadToken(String str) {
        return uploadToken(str, null, 3600L, null, true);
    }

    public String uploadToken(String str, String str2) {
        return uploadToken(str, str2, 3600L, null, true);
    }

    public String uploadToken(String str, String str2, long j, StringMap stringMap) {
        return uploadToken(str, str2, j, stringMap, true);
    }

    public String uploadToken(String str, String str2, long j, StringMap stringMap, boolean z) {
        return uploadTokenWithDeadline(str, str2, (System.currentTimeMillis() / 1000) + j, stringMap, z);
    }

    public String uploadTokenWithDeadline(String str, String str2, long j, StringMap stringMap, boolean z) {
        String str3 = str;
        if (str2 != null) {
            str3 = str + ":" + str2;
        }
        StringMap stringMap2 = new StringMap();
        copyPolicy(stringMap2, stringMap, z);
        stringMap2.put("scope", str3);
        stringMap2.put("deadline", Long.valueOf(j));
        return signWithData(StringUtils.utf8Bytes(Json.encode(stringMap2)));
    }

    public String uploadTokenWithPolicy(Object obj) {
        return signWithData(StringUtils.utf8Bytes(Json.encode(obj)));
    }

    public StringMap authorization(String str, byte[] bArr, String str2) {
        return new StringMap().put("Authorization", "QBox " + signRequest(str, bArr, str2));
    }

    public StringMap authorization(String str) {
        return authorization(str, null, null);
    }

    public String signRequestV2(String str, String str2, byte[] bArr, String str3) {
        URI create = URI.create(str);
        Mac createMac = createMac();
        StringBuilder sb = new StringBuilder();
        sb.append(String.format("%s %s", str2, create.getPath()));
        if (create.getQuery() != null) {
            sb.append(String.format("?%s", create.getQuery()));
        }
        sb.append(String.format("\nHost: %s", create.getHost()));
        if (create.getPort() > 0) {
            sb.append(String.format(":%d", Integer.valueOf(create.getPort())));
        }
        if (str3 != null) {
            sb.append(String.format("\nContent-Type: %s", str3));
        }
        sb.append("\n\n");
        if (bArr != null && bArr.length > 0 && !StringUtils.isNullOrEmpty(str3) && (str3.equals(Client.FormMime) || str3.equals(Client.JsonMime))) {
            sb.append(new String(bArr));
        }
        System.out.println(sb.toString());
        createMac.update(StringUtils.utf8Bytes(sb.toString()));
        return this.accessKey + ":" + UrlSafeBase64.encodeToString(createMac.doFinal());
    }

    public StringMap authorizationV2(String str, String str2, byte[] bArr, String str3) {
        return new StringMap().put("Authorization", "Qiniu " + signRequestV2(str, str2, bArr, str3));
    }

    public StringMap authorizationV2(String str) {
        return authorizationV2(str, "GET", null, null);
    }
}
