package org.duracloud.s3task.streaming;

import com.amazonaws.services.s3.AmazonS3Client;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.duracloud.common.util.SerializationUtil;
import org.duracloud.s3storage.S3StorageProvider;
import org.duracloud.storage.provider.StorageProvider;
import org.jets3t.service.CloudFrontService;
import org.jets3t.service.CloudFrontServiceException;
import org.jets3t.service.model.cloudfront.LoggingStatus;
import org.jets3t.service.model.cloudfront.Origin;
import org.jets3t.service.model.cloudfront.OriginAccessIdentity;
import org.jets3t.service.model.cloudfront.S3Origin;
import org.jets3t.service.model.cloudfront.StreamingDistribution;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/duracloud/s3task/streaming/EnableStreamingTaskRunner.class */
public class EnableStreamingTaskRunner extends BaseStreamingTaskRunner {
    private final Logger log = LoggerFactory.getLogger(EnableStreamingTaskRunner.class);
    public static final String TASK_NAME = "enable-streaming";

    public EnableStreamingTaskRunner(StorageProvider storageProvider, S3StorageProvider s3StorageProvider, AmazonS3Client amazonS3Client, CloudFrontService cloudFrontService) {
        this.s3Provider = storageProvider;
        this.unwrappedS3Provider = s3StorageProvider;
        this.s3Client = amazonS3Client;
        this.cfService = cloudFrontService;
    }

    @Override // org.duracloud.s3task.streaming.BaseStreamingTaskRunner
    public String getName() {
        return TASK_NAME;
    }

    @Override // org.duracloud.s3task.streaming.BaseStreamingTaskRunner
    public String performTask(String str) {
        String str2;
        String spaceId = getSpaceId(str);
        this.log.info("Performing enable-streaming task on space " + spaceId);
        String bucketName = this.unwrappedS3Provider.getBucketName(spaceId);
        String str3 = null;
        String str4 = null;
        String str5 = null;
        try {
            StreamingDistribution existingDistribution = getExistingDistribution(bucketName);
            if (existingDistribution != null) {
                str4 = existingDistribution.getId();
                str5 = getDistributionOriginAccessId(str4);
                if (str5 != null) {
                    if (!existingDistribution.isEnabled()) {
                        this.cfService.updateStreamingDistributionConfig(str4, (Origin) null, (String[]) null, (String) null, true, (LoggingStatus) null);
                    }
                    str3 = existingDistribution.getDomainName();
                } else {
                    str4 = null;
                }
            }
            if (str4 == null) {
                str5 = getOriginAccessId();
                CloudFrontService cloudFrontService = this.cfService;
                StreamingDistribution createStreamingDistribution = this.cfService.createStreamingDistribution(new S3Origin(CloudFrontService.sanitizeS3BucketName(bucketName), str5), (String) null, (String[]) null, (String) null, true, (LoggingStatus) null, false, (String[]) null);
                str3 = createStreamingDistribution.getDomainName();
                createStreamingDistribution.getId();
            }
            setBucketAccessPolicy(bucketName, str5);
            Map spaceProperties = this.s3Provider.getSpaceProperties(spaceId);
            spaceProperties.put(BaseStreamingTaskRunner.STREAMING_HOST_PROP, str3);
            this.unwrappedS3Provider.setNewSpaceProperties(spaceId, spaceProperties);
            str2 = "Enable Streaming Task completed successfully";
        } catch (CloudFrontServiceException e) {
            this.log.warn("Error encountered running enable-streaming task: " + e.getMessage(), e);
            str2 = "Enable Streaming Task failed due to: " + e.getMessage();
        }
        HashMap hashMap = new HashMap();
        hashMap.put("domain-name", str3);
        hashMap.put("results", str2);
        String serializeMap = SerializationUtil.serializeMap(hashMap);
        this.log.debug("Result of enable-streaming task: " + serializeMap);
        return serializeMap;
    }

    private String getOriginAccessId() throws CloudFrontServiceException {
        String existingOriginAccessId = getExistingOriginAccessId();
        return existingOriginAccessId != null ? existingOriginAccessId : this.cfService.createOriginAccessIdentity((String) null, "id").getId();
    }

    private String getExistingOriginAccessId() throws CloudFrontServiceException {
        OriginAccessIdentity originAccessIdentity;
        List originAccessIdentityList = this.cfService.getOriginAccessIdentityList();
        if (originAccessIdentityList == null || originAccessIdentityList.size() <= 0 || (originAccessIdentity = (OriginAccessIdentity) originAccessIdentityList.iterator().next()) == null) {
            return null;
        }
        return originAccessIdentity.getId();
    }

    private void setBucketAccessPolicy(String str, String str2) throws CloudFrontServiceException {
        String s3CanonicalUserId = this.cfService.getOriginAccessIdentity(StringUtils.removeStart(str2, "origin-access-identity/cloudfront/")).getS3CanonicalUserId();
        StringBuilder sb = new StringBuilder();
        sb.append("{\"Version\":\"2012-10-17\",");
        sb.append("\"Id\":\"PolicyForCloudFrontPrivateContent\",");
        sb.append("\"Statement\":[{");
        sb.append("\"Sid\":\"Grant CloudFront access to private content\",");
        sb.append("\"Effect\":\"Allow\",");
        sb.append("\"Principal\":{\"CanonicalUser\":\"" + s3CanonicalUserId + "\"},");
        sb.append("\"Action\":\"s3:GetObject\",");
        sb.append("\"Resource\":\"arn:aws:s3:::" + str + "/*\"");
        sb.append("}]}");
        this.s3Client.setBucketPolicy(str, sb.toString());
    }
}
