package org.noear.solon.cloud.extend.file.s3.utils;

import com.amazonaws.ClientConfiguration;
import com.amazonaws.Protocol;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.BasicAWSCredentials;
import com.amazonaws.client.builder.AwsClientBuilder;
import com.amazonaws.services.s3.AmazonS3;
import com.amazonaws.services.s3.AmazonS3Client;
import com.amazonaws.services.s3.AmazonS3ClientBuilder;
import com.amazonaws.services.s3.model.CannedAccessControlList;
import com.amazonaws.services.s3.model.CreateBucketRequest;
import java.net.URI;
import java.util.Properties;
import org.noear.solon.Utils;
import org.noear.solon.cloud.exception.CloudFileException;

/* loaded from: input_file:org/noear/solon/cloud/extend/file/s3/utils/BucketUtils.class */
public class BucketUtils {
    public static AmazonS3 createClient(Properties properties) {
        String property = properties.getProperty("endpoint", "");
        String property2 = properties.getProperty("regionId", "");
        String property3 = properties.getProperty("accessKey");
        String property4 = properties.getProperty("secretKey");
        if (Utils.isEmpty(property2) && Utils.isEmpty(property)) {
            throw new CloudFileException("The 'regionId' and 'endpoint' configuration must have one");
        }
        return createClient(property, property2, property3, property4, properties);
    }

    public static AmazonS3 createClient(String str, String str2, String str3, String str4, Properties properties) {
        URI create;
        AWSStaticCredentialsProvider aWSStaticCredentialsProvider = new AWSStaticCredentialsProvider(new BasicAWSCredentials(str3, str4));
        ClientConfiguration clientConfiguration = new ClientConfiguration();
        if (Utils.isEmpty(str)) {
            clientConfiguration.setProtocol(Protocol.HTTPS);
            return (AmazonS3) AmazonS3ClientBuilder.standard().withRegion(str2).withClientConfiguration(clientConfiguration).withCredentials(aWSStaticCredentialsProvider).build();
        }
        if (str.contains("://")) {
            create = URI.create(str);
            str = create.getHost();
        } else {
            create = URI.create("https://" + str);
        }
        if ("http".equals(create.getScheme())) {
            clientConfiguration.setProtocol(Protocol.HTTP);
        } else {
            clientConfiguration.setProtocol(Protocol.HTTPS);
        }
        AmazonS3ClientBuilder withCredentials = AmazonS3Client.builder().withEndpointConfiguration(new AwsClientBuilder.EndpointConfiguration(str, str2)).withClientConfiguration(clientConfiguration).withCredentials(aWSStaticCredentialsProvider);
        if (properties != null && properties.size() > 0) {
            Utils.injectProperties(withCredentials, properties);
        }
        return (AmazonS3) withCredentials.build();
    }

    public static boolean createBucket(AmazonS3 amazonS3, String str, PolicyType policyType) {
        if (amazonS3.doesBucketExistV2(str)) {
            return true;
        }
        if (policyType == null) {
            policyType = PolicyType.READ;
        }
        String buildBucketPolicy = buildBucketPolicy(str, policyType);
        CreateBucketRequest createBucketRequest = new CreateBucketRequest(str);
        createBucketRequest.setCannedAcl(CannedAccessControlList.PublicRead);
        amazonS3.createBucket(createBucketRequest);
        amazonS3.setBucketPolicy(str, buildBucketPolicy);
        return true;
    }

    private static String buildBucketPolicy(String str, PolicyType policyType) {
        StringBuilder sb = new StringBuilder();
        sb.append("{\n\"Statement\": [\n{\n\"Action\": [\n");
        if (policyType == PolicyType.WRITE) {
            sb.append("\"s3:GetBucketLocation\",\n\"s3:ListBucketMultipartUploads\"\n");
        } else if (policyType == PolicyType.READ_WRITE) {
            sb.append("\"s3:GetBucketLocation\",\n\"s3:ListBucket\",\n\"s3:ListBucketMultipartUploads\"\n");
        } else {
            sb.append("\"s3:GetBucketLocation\"\n");
        }
        sb.append("],\n\"Effect\": \"Allow\",\n\"Principal\": \"*\",\n\"Resource\": \"arn:aws:s3:::");
        sb.append(str);
        sb.append("\"\n},\n");
        if (policyType == PolicyType.READ) {
            sb.append("{\n\"Action\": [\n\"s3:ListBucket\"\n],\n\"Effect\": \"Deny\",\n\"Principal\": \"*\",\n\"Resource\": \"arn:aws:s3:::");
            sb.append(str);
            sb.append("\"\n},\n");
        }
        sb.append("{\n\"Action\": ");
        switch (policyType) {
            case WRITE:
                sb.append("[\n\"s3:AbortMultipartUpload\",\n\"s3:DeleteObject\",\n\"s3:ListMultipartUploadParts\",\n\"s3:PutObject\"\n],\n");
                break;
            case READ_WRITE:
                sb.append("[\n\"s3:AbortMultipartUpload\",\n\"s3:DeleteObject\",\n\"s3:GetObject\",\n\"s3:ListMultipartUploadParts\",\n\"s3:PutObject\"\n],\n");
                break;
            default:
                sb.append("\"s3:GetObject\",\n");
                break;
        }
        sb.append("\"Effect\": \"Allow\",\n\"Principal\": \"*\",\n\"Resource\": \"arn:aws:s3:::");
        sb.append(str);
        sb.append("/*\"\n}\n],\n\"Version\": \"2012-10-17\"\n}\n");
        return sb.toString();
    }
}
