package amazon.fws.clicommando.httpbinding;

import amazon.fws.clicommando.config.CommandConfig;
import amazon.fws.clicommando.processors.service.AwsScaffoldCallProcessor;
import amazon.fws.clicommando.security.AwsSignatureHelper;
import amazon.fws.clicommando.util.DateUtils;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URLEncoder;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Iterator;
import java.util.Map;
import java.util.SortedMap;

/* loaded from: input_file:amazon/fws/clicommando/httpbinding/AwsHttpBindingSigner.class */
public class AwsHttpBindingSigner {
    private static final String AUTH_SCHEME = "AWS4-HMAC-SHA256";
    private static final String SIGNATURE_ALGORITHM = "HmacSHA256";
    public static final String HEADER_DATE = "X-Amz-Date";

    public String signRequestAndReturnAuthorizationValue(AwsHttpBindingRequest awsHttpBindingRequest) {
        String credentialScope = getCredentialScope(awsHttpBindingRequest);
        String str = "AWS4" + awsHttpBindingRequest.getSecretKey();
        try {
            return buildAuthorizationHeader(awsHttpBindingRequest.getAccessId() + "/" + credentialScope, buildSignedHeadersAuthorizationString(awsHttpBindingRequest.getHeaderParameters()), AwsSignatureHelper.toHex(AwsSignatureHelper.rawSignature(calculateStringToSignV4(awsHttpBindingRequest, credentialScope), AwsSignatureHelper.rawSignature("aws4_request", AwsSignatureHelper.rawSignature(determineServiceSignatureName(awsHttpBindingRequest), AwsSignatureHelper.rawSignature(determineRegion(awsHttpBindingRequest), AwsSignatureHelper.rawSignature(DateUtils.getToday(), str.getBytes("UTF-8"), SIGNATURE_ALGORITHM), SIGNATURE_ALGORITHM), SIGNATURE_ALGORITHM), SIGNATURE_ALGORITHM), SIGNATURE_ALGORITHM)));
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    private static String calculateStringToSignV4(AwsHttpBindingRequest awsHttpBindingRequest, String str) {
        return (("AWS4-HMAC-SHA256\n" + awsHttpBindingRequest.getHeaderParameters().get(HEADER_DATE) + "\n") + str + "\n") + sha256(canonicalRequestV4(awsHttpBindingRequest));
    }

    private static String determineRegion(AwsHttpBindingRequest awsHttpBindingRequest) {
        CommandConfig currentCommandConfig = awsHttpBindingRequest.getCommand().getCurrentCommandConfig();
        if (currentCommandConfig.doesParameterExist(AwsScaffoldCallProcessor.REGION_PARAM)) {
            String value = currentCommandConfig.getParameter(AwsScaffoldCallProcessor.REGION_PARAM).getValue();
            if (!value.isEmpty()) {
                return value;
            }
        }
        try {
            String[] split = awsHttpBindingRequest.getUrl().toURI().getHost().split("\\.");
            return split.length == 4 ? split[1] : "us-east-1";
        } catch (URISyntaxException e) {
            throw new RuntimeException("URI Syntax Exception thrown while constructing string to sign", e);
        }
    }

    private static String determineServiceSignatureName(AwsHttpBindingRequest awsHttpBindingRequest) {
        CommandConfig currentCommandConfig = awsHttpBindingRequest.getCommand().getCurrentCommandConfig();
        if (currentCommandConfig.doesParameterExist("ServiceSignatureName")) {
            String value = currentCommandConfig.getParameter("ServiceSignatureName").getValue();
            if (!value.isEmpty()) {
                return value;
            }
        }
        try {
            return awsHttpBindingRequest.getUrl().toURI().getHost().split("\\.")[0];
        } catch (URISyntaxException e) {
            throw new RuntimeException("URI Syntax Exception thrown while constructing string to sign", e);
        }
    }

    private static String canonicalRequestV4(AwsHttpBindingRequest awsHttpBindingRequest) {
        try {
            URI uri = awsHttpBindingRequest.getUrl().toURI();
            return ((((((awsHttpBindingRequest.getMethod() + "\n") + (uri.getPath().length() == 0 ? "/" : uri.getPath()) + "\n") + canonicalQueryString(awsHttpBindingRequest.getQueryParameters()) + "\n") + canonicalHeadersString(awsHttpBindingRequest.getHeaderParameters()) + "\n") + "\n") + buildSignedHeadersAuthorizationString(awsHttpBindingRequest.getHeaderParameters()) + "\n") + sha256("");
        } catch (URISyntaxException e) {
            throw new RuntimeException("URI Syntax Exception thrown while constructing string to sign", e);
        }
    }

    private static String canonicalQueryString(SortedMap<String, String> sortedMap) {
        String str = "";
        for (Map.Entry<String, String> entry : sortedMap.entrySet()) {
            str = str + urlEncode(entry.getKey(), false) + "=" + urlEncode(entry.getValue(), false) + "&";
        }
        if (!str.isEmpty() && str.charAt(str.length() - 1) == '&') {
            str = str.substring(0, str.length() - 1);
        }
        return str;
    }

    private static String canonicalHeadersString(SortedMap<String, String> sortedMap) {
        String str = "";
        for (Map.Entry<String, String> entry : sortedMap.entrySet()) {
            str = str + entry.getKey().toLowerCase().trim() + ":" + entry.getValue().trim() + "\n";
        }
        if (!str.isEmpty() && str.charAt(str.length() - 1) == '\n') {
            str = str.substring(0, str.length() - 1);
        }
        return str;
    }

    private static String sha256(String str) {
        try {
            return toHex(MessageDigest.getInstance("SHA-256").digest(str.getBytes("UTF-8")));
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException("UTF-8 encoding not supported.", e);
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException("Unable to get SHA-256 digest algorithm", e2);
        }
    }

    private static String toHex(byte[] bArr) {
        String str = "";
        for (byte b : bArr) {
            String hexString = Integer.toHexString(255 & b);
            if (hexString.length() == 1) {
                str = str + "0";
            }
            str = str + hexString;
        }
        return str;
    }

    private static String buildAuthorizationHeader(String str, String str2, String str3) {
        return AUTH_SCHEME + ",Credential=" + str + ",SignedHeaders=" + str2 + ",Signature=" + str3;
    }

    private static String getCredentialScope(AwsHttpBindingRequest awsHttpBindingRequest) {
        return DateUtils.getToday() + "/" + determineRegion(awsHttpBindingRequest) + "/" + determineServiceSignatureName(awsHttpBindingRequest) + "/aws4_request";
    }

    public static String urlEncode(String str, boolean z) {
        try {
            String replace = URLEncoder.encode(str, "UTF-8").replace("+", "%20").replace("*", "%2A").replace("%7E", "~");
            if (z) {
                replace = replace.replace("%2F", "/");
            }
            return replace;
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    private static String buildSignedHeadersAuthorizationString(SortedMap<String, String> sortedMap) {
        StringBuilder sb = new StringBuilder();
        Iterator<String> it = sortedMap.keySet().iterator();
        while (it.hasNext()) {
            sb.append(it.next().toLowerCase());
            sb.append(";");
        }
        return sb.length() != 0 ? sb.substring(0, sb.length() - 1) : sb.toString();
    }
}
