package com.obs.services.internal.security;

import com.obs.log.ILogger;
import com.obs.log.LoggerBuilder;
import com.obs.services.AbstractClient;
import com.obs.services.internal.Constants;
import com.obs.services.internal.utils.PropertyManager;
import com.obs.services.model.HttpMethodEnum;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import okhttp3.Cache;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;

/* loaded from: input_file:com/obs/services/internal/security/EcsSecurityUtils.class */
public class EcsSecurityUtils {
    private static final String OPENSTACK_METADATA_ROOT = "/openstack/latest";
    private static final String METADATA_ROOT = "/meta-data/latest";
    private static final String EC2_METADATA_SERVICE_OVERRIDE_URL = "ecsMetadataServiceOverrideEndpoint";
    private static final String METADATA_TOKEN_HEADER_KEY = "X-Metadata-Token";
    private static final String METADATA_TOKEN_TTL = "X-Metadata-Token-Ttl-Seconds";
    public static final int DEFAULT_METADATA_TOKEN_TTL_SECONDS = 21600;
    private static final String METADATA_TOKEN_RESOURCE_PATH = "/meta-data/latest/api/token";
    private static final String OPENSTACK_SECURITY_KEY_RESOURCE_PATH = "/openstack/latest/securitykey";
    private static final String ECS_METADATA_SERVICE_URL = PropertyManager.getInstance(Constants.PROPERTY_NAME_OBS).getFormattedString("ecs.metadata.service.url", new Object[0]);
    private static final long HTTP_CONNECT_TIMEOUT_VALUE = 30000;
    private static OkHttpClient httpClient = new OkHttpClient.Builder().followRedirects(false).retryOnConnectionFailure(true).cache((Cache) null).connectTimeout(HTTP_CONNECT_TIMEOUT_VALUE, TimeUnit.MILLISECONDS).writeTimeout(HTTP_CONNECT_TIMEOUT_VALUE, TimeUnit.MILLISECONDS).readTimeout(HTTP_CONNECT_TIMEOUT_VALUE, TimeUnit.MILLISECONDS).build();
    private static final ILogger ILOG = LoggerBuilder.getLogger((Class<?>) AbstractClient.class);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/obs/services/internal/security/EcsSecurityUtils$ECSResult.class */
    public static class ECSResult {
        public final int code;
        public final String header;
        public final String content;

        public ECSResult(int i, String str, String str2) {
            this.code = i;
            this.header = str;
            this.content = str2;
        }

        public String toString() {
            return " Code : " + this.code + "; Headers : " + this.header + "; Content : " + this.content;
        }
    }

    public static String getSecurityKeyInfoWithDetail() throws IOException {
        return getSecurityKeyInfoWithDetail(DEFAULT_METADATA_TOKEN_TTL_SECONDS);
    }

    public static String getSecurityKeyInfoWithDetail(int i) throws IOException {
        String metadataApiToken = getMetadataApiToken(i);
        String str = getEndpointForECSMetadataService() + OPENSTACK_SECURITY_KEY_RESOURCE_PATH;
        return metadataApiToken.isEmpty() ? getResourceWithDetail(str) : getResourceWithDetailWithMetaDataToken(str, metadataApiToken);
    }

    public static String getEndpointForECSMetadataService() {
        String property = System.getProperty(EC2_METADATA_SERVICE_OVERRIDE_URL);
        return property != null ? property : ECS_METADATA_SERVICE_URL;
    }

    /* JADX WARN: Finally extract failed */
    private static String getResourceWithDetail(String str) throws IOException {
        Request.Builder builder = new Request.Builder();
        builder.header("Accept", "*/*");
        Response response = null;
        try {
            response = httpClient.newCall(builder.url(str).get().build()).execute();
            String headers = response.headers() != null ? response.headers().toString() : "";
            String string = response.body() != null ? response.body().string() : "";
            if (response.code() < 200 || response.code() >= 300) {
                throw new IllegalArgumentException("Get securityKey from ECS failed, Code : " + response.code() + "; Headers : " + headers + "; Content : " + string);
            }
            String str2 = string;
            if (response != null) {
                response.close();
            }
            return str2;
        } catch (Throwable th) {
            if (response != null) {
                response.close();
            }
            throw th;
        }
    }

    private static String getMetadataApiToken(int i) throws IOException {
        HashMap hashMap = new HashMap();
        hashMap.put(METADATA_TOKEN_TTL, String.valueOf(i));
        ECSResult executeEcsRequest = executeEcsRequest(getEndpointForECSMetadataService() + METADATA_TOKEN_RESOURCE_PATH, hashMap, HttpMethodEnum.PUT, "", null);
        if (executeEcsRequest.code == 404 || executeEcsRequest.code == 405) {
            ILOG.debug((CharSequence) ("X-Metadata-Token not supported," + executeEcsRequest));
            return "";
        }
        if (executeEcsRequest.code >= 200 && executeEcsRequest.code < 300) {
            ILOG.debug((CharSequence) "X-Metadata-Token refreshed succeeded.");
            return executeEcsRequest.content;
        }
        String str = "Get X-Metadata-Token with X-Metadata-Token-Ttl-Seconds:" + i + " from ECS failed," + executeEcsRequest;
        ILOG.error((CharSequence) str);
        throw new IllegalArgumentException(str);
    }

    private static String getResourceWithDetailWithMetaDataToken(String str, String str2) throws IOException {
        HashMap hashMap = new HashMap();
        hashMap.put(METADATA_TOKEN_HEADER_KEY, str2);
        ECSResult executeEcsRequest = executeEcsRequest(str, hashMap, HttpMethodEnum.GET, "", null);
        if (executeEcsRequest.code >= 200 && executeEcsRequest.code < 300) {
            ILOG.debug((CharSequence) "getResourceWithDetailWithMetaDataToken succeeded.");
            return executeEcsRequest.content;
        }
        String str3 = "Get securityKey by X-Metadata-Token from ECS failed," + executeEcsRequest;
        ILOG.error((CharSequence) str3);
        throw new IllegalArgumentException(str3);
    }

    private static ECSResult executeEcsRequest(String str, Map<String, String> map, HttpMethodEnum httpMethodEnum, String str2, MediaType mediaType) throws IOException, IllegalArgumentException {
        Request.Builder builder = new Request.Builder();
        builder.header("Accept", "*/*");
        builder.getClass();
        map.forEach(builder::header);
        Response execute = httpClient.newCall(httpMethodEnum == HttpMethodEnum.PUT ? builder.url(str).put(RequestBody.create(str2, mediaType)).build() : builder.url(str).get().build()).execute();
        Throwable th = null;
        try {
            try {
                ECSResult eCSResult = new ECSResult(execute.code(), execute.headers() != null ? execute.headers().toString() : "", execute.body() != null ? execute.body().string() : "");
                if (execute != null) {
                    if (0 != 0) {
                        try {
                            execute.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        execute.close();
                    }
                }
                return eCSResult;
            } finally {
            }
        } catch (Throwable th3) {
            if (execute != null) {
                if (th != null) {
                    try {
                        execute.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    execute.close();
                }
            }
            throw th3;
        }
    }
}
