package com.aliyun.auth.credentials.provider;

import com.aliyun.auth.credentials.Credential;
import com.aliyun.auth.credentials.ICredential;
import com.aliyun.auth.credentials.exception.CredentialException;
import com.aliyun.auth.credentials.http.CompatibleUrlConnClient;
import com.aliyun.auth.credentials.http.HttpRequest;
import com.aliyun.auth.credentials.http.HttpResponse;
import com.aliyun.auth.credentials.http.MethodType;
import com.aliyun.auth.credentials.provider.HttpCredentialProvider;
import com.aliyun.auth.credentials.utils.ParameterHelper;
import com.aliyun.auth.credentials.utils.RefreshResult;
import com.aliyun.core.utils.StringUtils;
import com.aliyun.core.utils.Validate;
import com.amazonaws.auth.policy.internal.JsonDocumentFields;
import com.fasterxml.jackson.core.JsonFactory;
import com.google.gson.Gson;
import java.time.Instant;
import java.util.Map;
import org.joda.time.DateTimeConstants;

/* loaded from: input_file:BOOT-INF/lib/aliyun-java-auth-0.1.11-beta.jar:com/aliyun/auth/credentials/provider/RamRoleArnCredentialProvider.class */
public final class RamRoleArnCredentialProvider extends HttpCredentialProvider {
    private int durationSeconds;
    private String roleArn;
    private final String roleSessionName;
    private String regionId;
    private String policy;
    private int connectionTimeout;
    private int readTimeout;
    private int ramRoleArnTimeout;
    private volatile int ramRoleArnTimes;
    private Credential credential;

    /* loaded from: input_file:BOOT-INF/lib/aliyun-java-auth-0.1.11-beta.jar:com/aliyun/auth/credentials/provider/RamRoleArnCredentialProvider$Builder.class */
    public interface Builder extends HttpCredentialProvider.Builder<RamRoleArnCredentialProvider, Builder> {
        Builder roleSessionName(String str);

        Builder durationSeconds(int i);

        Builder roleArn(String str);

        Builder regionId(String str);

        Builder policy(String str);

        Builder connectionTimeout(int i);

        Builder readTimeout(int i);

        Builder ramRoleArnTimeout(int i);

        Builder credential(Credential credential);

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // com.aliyun.auth.credentials.provider.HttpCredentialProvider.Builder
        RamRoleArnCredentialProvider build();
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/lib/aliyun-java-auth-0.1.11-beta.jar:com/aliyun/auth/credentials/provider/RamRoleArnCredentialProvider$BuilderImpl.class */
    public static final class BuilderImpl extends HttpCredentialProvider.BuilderImpl<RamRoleArnCredentialProvider, Builder> implements Builder {
        private String roleSessionName;
        private int durationSeconds;
        private String roleArn;
        private String regionId;
        private String policy;
        private int connectionTimeout;
        private int readTimeout;
        private int ramRoleArnTimeout;
        private Credential credential;

        private BuilderImpl() {
            this.roleSessionName = "defaultSessionName";
            this.durationSeconds = DateTimeConstants.SECONDS_PER_HOUR;
            this.regionId = "cn-hangzhou";
            this.connectionTimeout = 1000;
            this.readTimeout = 1000;
            this.ramRoleArnTimeout = 1000;
        }

        @Override // com.aliyun.auth.credentials.provider.RamRoleArnCredentialProvider.Builder
        public Builder roleSessionName(String str) {
            if (!StringUtils.isEmpty((CharSequence) str)) {
                this.roleSessionName = str;
            }
            return this;
        }

        @Override // com.aliyun.auth.credentials.provider.RamRoleArnCredentialProvider.Builder
        public Builder durationSeconds(int i) {
            if (!StringUtils.isEmpty(Integer.valueOf(i))) {
                this.durationSeconds = i;
            }
            return this;
        }

        @Override // com.aliyun.auth.credentials.provider.RamRoleArnCredentialProvider.Builder
        public Builder roleArn(String str) {
            this.roleArn = str;
            return this;
        }

        @Override // com.aliyun.auth.credentials.provider.RamRoleArnCredentialProvider.Builder
        public Builder regionId(String str) {
            if (!StringUtils.isEmpty((CharSequence) str)) {
                this.regionId = str;
            }
            return this;
        }

        @Override // com.aliyun.auth.credentials.provider.RamRoleArnCredentialProvider.Builder
        public Builder policy(String str) {
            this.policy = str;
            return this;
        }

        @Override // com.aliyun.auth.credentials.provider.RamRoleArnCredentialProvider.Builder
        public Builder connectionTimeout(int i) {
            if (!StringUtils.isEmpty(Integer.valueOf(i))) {
                this.connectionTimeout = i;
            }
            return this;
        }

        @Override // com.aliyun.auth.credentials.provider.RamRoleArnCredentialProvider.Builder
        public Builder readTimeout(int i) {
            if (!StringUtils.isEmpty(Integer.valueOf(i))) {
                this.readTimeout = i;
            }
            return this;
        }

        @Override // com.aliyun.auth.credentials.provider.RamRoleArnCredentialProvider.Builder
        public Builder ramRoleArnTimeout(int i) {
            if (!StringUtils.isEmpty(Integer.valueOf(i))) {
                this.ramRoleArnTimeout = i;
            }
            return this;
        }

        @Override // com.aliyun.auth.credentials.provider.RamRoleArnCredentialProvider.Builder
        public Builder credential(Credential credential) {
            this.credential = credential;
            return this;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // com.aliyun.auth.credentials.provider.HttpCredentialProvider.Builder
        public RamRoleArnCredentialProvider build() {
            return new RamRoleArnCredentialProvider(this);
        }
    }

    private RamRoleArnCredentialProvider(BuilderImpl builderImpl) {
        super(builderImpl);
        this.ramRoleArnTimes = 0;
        this.roleSessionName = builderImpl.roleSessionName;
        this.durationSeconds = builderImpl.durationSeconds;
        this.roleArn = builderImpl.roleArn;
        this.regionId = builderImpl.regionId;
        this.policy = builderImpl.policy;
        this.connectionTimeout = builderImpl.connectionTimeout;
        this.readTimeout = builderImpl.readTimeout;
        this.ramRoleArnTimeout = builderImpl.ramRoleArnTimeout;
        this.credential = (Credential) Validate.notNull(builderImpl.credential, "Credentials must not be null.", new Object[0]);
        buildRefreshCache();
    }

    public static RamRoleArnCredentialProvider create(Credential credential) {
        return builder().credential(credential).build();
    }

    public static Builder builder() {
        return new BuilderImpl();
    }

    @Override // com.aliyun.auth.credentials.provider.HttpCredentialProvider
    public RefreshResult<ICredential> refreshCredentials() {
        CompatibleUrlConnClient compatibleUrlConnClient = new CompatibleUrlConnClient();
        ParameterHelper parameterHelper = new ParameterHelper();
        HttpRequest httpRequest = new HttpRequest();
        httpRequest.setUrlParameter(JsonDocumentFields.ACTION, "AssumeRole");
        httpRequest.setUrlParameter("Format", JsonFactory.FORMAT_NAME_JSON);
        httpRequest.setUrlParameter(JsonDocumentFields.VERSION, "2015-04-01");
        httpRequest.setUrlParameter("DurationSeconds", String.valueOf(this.durationSeconds));
        httpRequest.setUrlParameter("RoleArn", this.roleArn);
        httpRequest.setUrlParameter("AccessKeyId", this.credential.accessKeyId());
        httpRequest.setUrlParameter("RegionId", this.regionId);
        httpRequest.setUrlParameter("RoleSessionName", this.roleSessionName);
        if (this.policy != null) {
            httpRequest.setUrlParameter("Policy", this.policy);
        }
        httpRequest.setSysMethod(MethodType.GET);
        httpRequest.setSysConnectTimeout(Integer.valueOf(this.connectionTimeout));
        httpRequest.setSysReadTimeout(Integer.valueOf(this.readTimeout));
        httpRequest.setUrlParameter("Signature", parameterHelper.signString(parameterHelper.composeStringToSign(MethodType.GET, httpRequest.getUrlParameters()), this.credential.accessKeySecret() + "&"));
        httpRequest.setSysUrl(parameterHelper.composeUrl("sts.aliyuncs.com", httpRequest.getUrlParameters(), "https"));
        HttpResponse syncInvoke = compatibleUrlConnClient.syncInvoke(httpRequest);
        Gson gson = new Gson();
        Map map = (Map) gson.fromJson(syncInvoke.getHttpContentString(), Map.class);
        if (!map.containsKey("Credentials")) {
            throw new CredentialException(gson.toJson(map));
        }
        Map map2 = (Map) map.get("Credentials");
        Instant instant = ParameterHelper.getUTCDate((String) map2.get("Expiration")).toInstant();
        return RefreshResult.builder(Credential.builder().accessKeyId((String) map2.get("AccessKeyId")).accessKeySecret((String) map2.get("AccessKeySecret")).securityToken((String) map2.get("SecurityToken")).build()).staleTime(getStaleTime(instant)).prefetchTime(getPrefetchTime(instant)).build();
    }
}
