package com.huawei.paas.foundation.auth;

import com.huawei.paas.foundation.auth.credentials.AKSKManager;
import com.huawei.paas.foundation.auth.credentials.AKSKOption;
import com.huawei.paas.foundation.auth.credentials.Credentials;
import com.huawei.paas.foundation.auth.signer.utils.SignerUtils;
import com.netflix.config.DynamicPropertyFactory;
import java.io.InputStream;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.apache.servicecomb.foundation.auth.AuthHeaderProvider;
import org.apache.servicecomb.foundation.auth.SignRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/huawei/paas/foundation/auth/AuthHeaderProviderImpl.class */
public class AuthHeaderProviderImpl implements AuthHeaderProvider {
    private Map<String, String> aksk = new HashMap();
    private static final Logger LOGGER = LoggerFactory.getLogger(AuthHeaderProviderImpl.class);
    private static boolean isFirst = true;

    public Map<String, String> authHeaders() {
        return AuthHeaderUtils.getInstance().genAuthHeaders();
    }

    public Map<String, String> getSignAuthHeaders(SignRequest signRequest) {
        if (signRequest != null) {
            try {
                if (signRequest.getEndpoint() != null && StringUtils.isNotBlank(signRequest.getHttpMethod())) {
                    Credentials credential = AKSKManager.getCredential();
                    if (credential != null && credential.getAccessKey().length >= 1 && credential.getSecretKey().length >= 1) {
                        HashMap hashMap = new HashMap();
                        addAKSKHeader(credential, hashMap);
                        return hashMap;
                    }
                    if (isFirst) {
                        LOGGER.info("ak/sk is missing, now load the secrets of cluster in the Public Cloud!");
                        isFirst = false;
                    }
                    return authHeaders();
                }
            } catch (Exception e) {
                LOGGER.error("sign request failed, uri is {}, message: {}", signRequest.getEndpoint().toString(), e.getMessage());
            }
        }
        return new HashMap(0);
    }

    private void addAKSKHeader(Credentials credentials, Map<String, String> map) {
        String str = new String(credentials.getAccessKey());
        map.put("X-Service-AK", str);
        map.put("X-Service-ShaAKSK", this.aksk.computeIfAbsent(str, str2 -> {
            try {
                return "ShaAKSKCipher".equalsIgnoreCase(DynamicPropertyFactory.getInstance().getStringProperty(AKSKOption.CIPHER_OPTION, AKSKOption.DEFAULT_PROJECT).get()) ? new String(credentials.getSecretKey()) : SignerUtils.sha256Encode(new String(credentials.getSecretKey()), str2);
            } catch (Exception e) {
                LOGGER.error("sha sk error");
                return null;
            }
        }));
        map.put("X-Service-Project", credentials.getProject());
    }

    public static SignRequest createSignRequest(String str, String str2, Map<String, String> map, InputStream inputStream) {
        String substring;
        SignRequest signRequest = new SignRequest();
        try {
            signRequest.setEndpoint(new URI(str2));
        } catch (URISyntaxException e) {
            LOGGER.warn("set uri failed, uri is {}, message: {}", str2.toString(), e.getMessage());
        }
        HashMap hashMap = new HashMap();
        if (str2.contains("?") && null != (substring = str2.substring(str2.indexOf("?") + 1)) && !"".equals(substring)) {
            for (String str3 : substring.split("&")) {
                String str4 = str3.split("=")[0];
                String str5 = str3.split("=")[1];
                if (hashMap.containsKey(str4)) {
                    ArrayList arrayList = new ArrayList(Arrays.asList((Object[]) hashMap.get(str4)));
                    arrayList.add(str5);
                    hashMap.put(str4, arrayList.toArray(new String[arrayList.size()]));
                } else {
                    hashMap.put(str4, new String[]{str5});
                }
            }
        }
        signRequest.setQueryParams(hashMap);
        signRequest.setHeaders(map);
        signRequest.setHttpMethod(str);
        signRequest.setContent(inputStream);
        return signRequest;
    }
}
