package org.nuxeo.ecm.core.storage.sql;

import com.amazonaws.AmazonClientException;
import com.amazonaws.AmazonServiceException;
import com.amazonaws.ClientConfiguration;
import com.amazonaws.HttpMethod;
import com.amazonaws.auth.AWSCredentialsProvider;
import com.amazonaws.client.builder.AwsClientBuilder;
import com.amazonaws.services.s3.AmazonS3;
import com.amazonaws.services.s3.AmazonS3Builder;
import com.amazonaws.services.s3.AmazonS3ClientBuilder;
import com.amazonaws.services.s3.AmazonS3EncryptionClientBuilder;
import com.amazonaws.services.s3.model.AmazonS3Exception;
import com.amazonaws.services.s3.model.CannedAccessControlList;
import com.amazonaws.services.s3.model.CryptoConfiguration;
import com.amazonaws.services.s3.model.EncryptedPutObjectRequest;
import com.amazonaws.services.s3.model.EncryptionMaterials;
import com.amazonaws.services.s3.model.GeneratePresignedUrlRequest;
import com.amazonaws.services.s3.model.GetObjectRequest;
import com.amazonaws.services.s3.model.ObjectListing;
import com.amazonaws.services.s3.model.ObjectMetadata;
import com.amazonaws.services.s3.model.PutObjectRequest;
import com.amazonaws.services.s3.model.S3ObjectSummary;
import com.amazonaws.services.s3.model.SSEAwsKeyManagementParams;
import com.amazonaws.services.s3.model.StaticEncryptionMaterialsProvider;
import com.amazonaws.services.s3.transfer.Download;
import com.amazonaws.services.s3.transfer.TransferManager;
import com.amazonaws.services.s3.transfer.TransferManagerBuilder;
import com.google.common.base.MoreObjects;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.util.Collection;
import java.util.Date;
import java.util.HashSet;
import java.util.Set;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.nuxeo.ecm.blob.AbstractBinaryGarbageCollector;
import org.nuxeo.ecm.blob.AbstractCloudBinaryManager;
import org.nuxeo.ecm.core.api.Blob;
import org.nuxeo.ecm.core.api.NuxeoException;
import org.nuxeo.ecm.core.blob.BlobManager;
import org.nuxeo.ecm.core.blob.BlobProvider;
import org.nuxeo.ecm.core.blob.ManagedBlob;
import org.nuxeo.ecm.core.blob.binary.BinaryGarbageCollector;
import org.nuxeo.ecm.core.blob.binary.FileStorage;
import org.nuxeo.runtime.api.Framework;

/* loaded from: input_file:org/nuxeo/ecm/core/storage/sql/S3BinaryManager.class */
public class S3BinaryManager extends AbstractCloudBinaryManager {
    private static final String MD5 = "MD5";
    public static final String SYSTEM_PROPERTY_PREFIX = "nuxeo.s3storage";
    public static final String BUCKET_NAME_PROPERTY = "bucket";
    public static final String BUCKET_PREFIX_PROPERTY = "bucket_prefix";
    public static final String BUCKET_REGION_PROPERTY = "region";
    public static final String DEFAULT_BUCKET_REGION = "us-east-1";
    public static final String AWS_ID_PROPERTY = "awsid";
    public static final String AWS_ID_ENV = "AWS_ACCESS_KEY_ID";
    public static final String AWS_SECRET_PROPERTY = "awssecret";
    public static final String AWS_SECRET_ENV = "AWS_SECRET_ACCESS_KEY";
    public static final String CONNECTION_MAX_PROPERTY = "connection.max";
    public static final String CONNECTION_RETRY_PROPERTY = "connection.retry";
    public static final String CONNECTION_TIMEOUT_PROPERTY = "connection.timeout";
    public static final String SOCKET_TIMEOUT_PROPERTY = "socket.timeout";
    public static final String KEYSTORE_FILE_PROPERTY = "crypt.keystore.file";
    public static final String KEYSTORE_PASS_PROPERTY = "crypt.keystore.password";
    public static final String SERVERSIDE_ENCRYPTION_PROPERTY = "crypt.serverside";
    public static final String SERVERSIDE_ENCRYPTION_KMS_KEY_PROPERTY = "crypt.kms.key";
    public static final String PRIVKEY_ALIAS_PROPERTY = "crypt.key.alias";
    public static final String PRIVKEY_PASS_PROPERTY = "crypt.key.password";
    public static final String ENDPOINT_PROPERTY = "endpoint";
    public static final String PATHSTYLEACCESS_PROPERTY = "pathstyleaccess";
    public static final String DIRECTDOWNLOAD_PROPERTY_COMPAT = "downloadfroms3";
    public static final String DIRECTDOWNLOAD_EXPIRE_PROPERTY_COMPAT = "downloadfroms3.expire";
    protected String bucketName;
    protected String bucketNamePrefix;
    protected AWSCredentialsProvider awsCredentialsProvider;
    protected ClientConfiguration clientConfiguration;
    protected EncryptionMaterials encryptionMaterials;
    protected boolean isEncrypted;
    protected CryptoConfiguration cryptoConfiguration;
    protected boolean useServerSideEncryption;
    protected String serverSideKMSKeyID;
    protected AmazonS3 amazonS3;
    protected TransferManager transferManager;
    private static final Log log = LogFactory.getLog(S3BinaryManager.class);
    private static final Pattern MD5_RE = Pattern.compile("[0-9a-f]{32}");

    /* loaded from: input_file:org/nuxeo/ecm/core/storage/sql/S3BinaryManager$S3BinaryGarbageCollector.class */
    public static class S3BinaryGarbageCollector extends AbstractBinaryGarbageCollector<S3BinaryManager> {
        protected S3BinaryGarbageCollector(S3BinaryManager s3BinaryManager) {
            super(s3BinaryManager);
        }

        public String getId() {
            return "s3:" + this.binaryManager.bucketName;
        }

        public Set<String> getUnmarkedBlobs() {
            HashSet hashSet = new HashSet();
            ObjectListing objectListing = null;
            do {
                objectListing = objectListing == null ? this.binaryManager.amazonS3.listObjects(this.binaryManager.bucketName, this.binaryManager.bucketNamePrefix) : this.binaryManager.amazonS3.listNextBatchOfObjects(objectListing);
                int length = this.binaryManager.bucketNamePrefix.length();
                for (S3ObjectSummary s3ObjectSummary : objectListing.getObjectSummaries()) {
                    String substring = s3ObjectSummary.getKey().substring(length);
                    if (S3BinaryManager.isMD5(substring)) {
                        long size = s3ObjectSummary.getSize();
                        if (this.marked.contains(substring)) {
                            this.status.numBinaries++;
                            this.status.sizeBinaries += size;
                        } else {
                            this.status.numBinariesGC++;
                            this.status.sizeBinariesGC += size;
                            hashSet.add(substring);
                            this.marked.remove(substring);
                        }
                    }
                }
            } while (objectListing.isTruncated());
            return hashSet;
        }
    }

    /* loaded from: input_file:org/nuxeo/ecm/core/storage/sql/S3BinaryManager$S3FileStorage.class */
    public class S3FileStorage implements FileStorage {
        public S3FileStorage() {
        }

        /* JADX WARN: Finally extract failed */
        public void storeFile(String str, File file) throws IOException {
            PutObjectRequest encryptedPutObjectRequest;
            long j = 0;
            if (S3BinaryManager.log.isDebugEnabled()) {
                j = System.currentTimeMillis();
                S3BinaryManager.log.debug("storing blob " + str + " to S3");
            }
            String str2 = S3BinaryManager.this.bucketNamePrefix + str;
            try {
                S3BinaryManager.this.amazonS3.getObjectMetadata(S3BinaryManager.this.bucketName, str2);
                if (S3BinaryManager.log.isDebugEnabled()) {
                    S3BinaryManager.log.debug("blob " + str + " is already in S3");
                }
            } catch (AmazonClientException e) {
                if (!S3BinaryManager.isMissingKey(e)) {
                    throw new IOException((Throwable) e);
                }
                if (S3BinaryManager.this.isEncrypted) {
                    encryptedPutObjectRequest = new EncryptedPutObjectRequest(S3BinaryManager.this.bucketName, str2, file);
                } else {
                    encryptedPutObjectRequest = new PutObjectRequest(S3BinaryManager.this.bucketName, str2, file);
                    if (S3BinaryManager.this.useServerSideEncryption) {
                        ObjectMetadata objectMetadata = new ObjectMetadata();
                        if (StringUtils.isNotBlank(S3BinaryManager.this.serverSideKMSKeyID)) {
                            encryptedPutObjectRequest = encryptedPutObjectRequest.withSSEAwsKeyManagementParams(new SSEAwsKeyManagementParams(S3BinaryManager.this.serverSideKMSKeyID));
                        } else {
                            objectMetadata.setSSEAlgorithm(ObjectMetadata.AES_256_SERVER_SIDE_ENCRYPTION);
                        }
                        encryptedPutObjectRequest.setMetadata(objectMetadata);
                    }
                }
                try {
                    try {
                        try {
                            S3BinaryManager.this.transferManager.upload(encryptedPutObjectRequest).waitForUploadResult();
                            if (S3BinaryManager.log.isDebugEnabled()) {
                                S3BinaryManager.log.debug("stored blob " + str + " to S3 in " + (System.currentTimeMillis() - j) + "ms");
                            }
                        } catch (InterruptedException e2) {
                            Thread.currentThread().interrupt();
                            throw new RuntimeException(e2);
                        }
                    } catch (AmazonClientException e3) {
                        throw new IOException((Throwable) e3);
                    }
                } catch (Throwable th) {
                    if (S3BinaryManager.log.isDebugEnabled()) {
                        S3BinaryManager.log.debug("stored blob " + str + " to S3 in " + (System.currentTimeMillis() - j) + "ms");
                    }
                    throw th;
                }
            }
        }

        public boolean fetchFile(String str, File file) throws IOException {
            long j = 0;
            if (S3BinaryManager.log.isDebugEnabled()) {
                j = System.currentTimeMillis();
                S3BinaryManager.log.debug("fetching blob " + str + " from S3");
            }
            try {
                try {
                    Download download = S3BinaryManager.this.transferManager.download(new GetObjectRequest(S3BinaryManager.this.bucketName, S3BinaryManager.this.bucketNamePrefix + str), file);
                    download.waitForCompletion();
                    if (!S3BinaryManager.this.isEncrypted && !str.equals(download.getObjectMetadata().getETag())) {
                        FileInputStream fileInputStream = new FileInputStream(file);
                        Throwable th = null;
                        try {
                            try {
                                String md5Hex = DigestUtils.md5Hex(fileInputStream);
                                if (fileInputStream != null) {
                                    if (0 != 0) {
                                        try {
                                            fileInputStream.close();
                                        } catch (Throwable th2) {
                                            th.addSuppressed(th2);
                                        }
                                    } else {
                                        fileInputStream.close();
                                    }
                                }
                                if (!md5Hex.equals(str)) {
                                    S3BinaryManager.log.error("Invalid ETag in S3, currentDigest=" + md5Hex + " expectedDigest=" + str);
                                    throw new IOException("Invalid S3 object, it is corrupted expected digest is " + str + " got " + md5Hex);
                                }
                            } finally {
                            }
                        } catch (Throwable th3) {
                            if (fileInputStream != null) {
                                if (th != null) {
                                    try {
                                        fileInputStream.close();
                                    } catch (Throwable th4) {
                                        th.addSuppressed(th4);
                                    }
                                } else {
                                    fileInputStream.close();
                                }
                            }
                            throw th3;
                        }
                    }
                    if (S3BinaryManager.log.isDebugEnabled()) {
                        S3BinaryManager.log.debug("fetched blob " + str + " from S3 in " + (System.currentTimeMillis() - j) + "ms");
                    }
                    return true;
                } catch (AmazonClientException e) {
                    if (!S3BinaryManager.isMissingKey(e)) {
                        throw new IOException((Throwable) e);
                    }
                    if (S3BinaryManager.log.isDebugEnabled()) {
                        S3BinaryManager.log.debug("fetched blob " + str + " from S3 in " + (System.currentTimeMillis() - j) + "ms");
                    }
                    return false;
                } catch (InterruptedException e2) {
                    Thread.currentThread().interrupt();
                    throw new RuntimeException(e2);
                }
            } catch (Throwable th5) {
                if (S3BinaryManager.log.isDebugEnabled()) {
                    S3BinaryManager.log.debug("fetched blob " + str + " from S3 in " + (System.currentTimeMillis() - j) + "ms");
                }
                throw th5;
            }
        }
    }

    protected String getDefaultDigestAlgorithm() {
        return MD5;
    }

    public void close() {
        this.transferManager.shutdownNow();
        super.close();
    }

    protected void abortOldUploads() throws IOException {
        try {
            this.transferManager.abortMultipartUploads(this.bucketName, new Date(System.currentTimeMillis() - 86400000));
        } catch (AmazonS3Exception e) {
            if (e.getStatusCode() != 400 && e.getStatusCode() != 404) {
                throw new IOException("Failed to abort old uploads", e);
            }
            log.error("Your cloud provider does not support aborting old uploads");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setupCloudClient() throws IOException {
        this.bucketName = getProperty("bucket");
        this.bucketNamePrefix = (String) MoreObjects.firstNonNull(getProperty(BUCKET_PREFIX_PROPERTY), "");
        String property = getProperty("region");
        if (StringUtils.isBlank(property)) {
            property = DEFAULT_BUCKET_REGION;
        }
        String property2 = getProperty(AWS_ID_PROPERTY);
        String property3 = getProperty(AWS_SECRET_PROPERTY);
        String property4 = Framework.getProperty("nuxeo.http.proxy.host");
        String property5 = Framework.getProperty("nuxeo.http.proxy.port");
        String property6 = Framework.getProperty("nuxeo.http.proxy.login");
        String property7 = Framework.getProperty("nuxeo.http.proxy.password");
        int intProperty = getIntProperty(CONNECTION_MAX_PROPERTY);
        int intProperty2 = getIntProperty(CONNECTION_RETRY_PROPERTY);
        int intProperty3 = getIntProperty(CONNECTION_TIMEOUT_PROPERTY);
        int intProperty4 = getIntProperty(SOCKET_TIMEOUT_PROPERTY);
        String property8 = getProperty(KEYSTORE_FILE_PROPERTY);
        String property9 = getProperty(KEYSTORE_PASS_PROPERTY);
        String property10 = getProperty(PRIVKEY_ALIAS_PROPERTY);
        String property11 = getProperty(PRIVKEY_PASS_PROPERTY);
        String property12 = getProperty(ENDPOINT_PROPERTY);
        boolean booleanProperty = getBooleanProperty(PATHSTYLEACCESS_PROPERTY);
        String property13 = getProperty(SERVERSIDE_ENCRYPTION_PROPERTY);
        if (StringUtils.isNotBlank(property13)) {
            this.useServerSideEncryption = Boolean.parseBoolean(property13);
            this.serverSideKMSKeyID = getProperty(SERVERSIDE_ENCRYPTION_KMS_KEY_PROPERTY);
        }
        if (StringUtils.isBlank(property2)) {
            property2 = System.getenv(AWS_ID_ENV);
        }
        if (StringUtils.isBlank(property3)) {
            property3 = System.getenv(AWS_SECRET_ENV);
        }
        if (StringUtils.isBlank(this.bucketName)) {
            throw new RuntimeException("Missing conf: bucket");
        }
        if (!StringUtils.isBlank(this.bucketNamePrefix) && !this.bucketNamePrefix.endsWith("/")) {
            log.warn(String.format("%s %s S3 bucket prefix should end with '/' : added automatically.", BUCKET_PREFIX_PROPERTY, this.bucketNamePrefix));
            this.bucketNamePrefix += "/";
        }
        this.awsCredentialsProvider = S3Utils.getAWSCredentialsProvider(property2, property3);
        this.clientConfiguration = new ClientConfiguration();
        if (StringUtils.isNotBlank(property4)) {
            this.clientConfiguration.setProxyHost(property4);
        }
        if (StringUtils.isNotBlank(property5)) {
            this.clientConfiguration.setProxyPort(Integer.parseInt(property5));
        }
        if (StringUtils.isNotBlank(property6)) {
            this.clientConfiguration.setProxyUsername(property6);
        }
        if (property7 != null) {
            this.clientConfiguration.setProxyPassword(property7);
        }
        if (intProperty > 0) {
            this.clientConfiguration.setMaxConnections(intProperty);
        }
        if (intProperty2 >= 0) {
            this.clientConfiguration.setMaxErrorRetry(intProperty2);
        }
        if (intProperty3 >= 0) {
            this.clientConfiguration.setConnectionTimeout(intProperty3);
        }
        if (intProperty4 >= 0) {
            this.clientConfiguration.setSocketTimeout(intProperty4);
        }
        this.encryptionMaterials = null;
        if (StringUtils.isNotBlank(property8)) {
            boolean z = true;
            if (property9 == null) {
                log.error("Keystore password missing");
                z = false;
            }
            if (StringUtils.isBlank(property10)) {
                log.error("Key alias missing");
                z = false;
            }
            if (property11 == null) {
                log.error("Key password missing");
                z = false;
            }
            if (!z) {
                throw new RuntimeException("S3 Crypto configuration incomplete");
            }
            try {
                FileInputStream fileInputStream = new FileInputStream(new File(property8));
                Throwable th = null;
                try {
                    try {
                        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                        keyStore.load(fileInputStream, property9.toCharArray());
                        if (fileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileInputStream.close();
                            }
                        }
                        if (!keyStore.isKeyEntry(property10)) {
                            throw new RuntimeException("Alias " + property10 + " is missing or not a key alias");
                        }
                        this.encryptionMaterials = new EncryptionMaterials(new KeyPair(keyStore.getCertificate(property10).getPublicKey(), (PrivateKey) keyStore.getKey(property10, property11.toCharArray())));
                        this.cryptoConfiguration = new CryptoConfiguration();
                    } finally {
                    }
                } finally {
                }
            } catch (IOException | GeneralSecurityException e) {
                throw new RuntimeException("Could not read keystore: " + property8 + ", alias: " + property10, e);
            }
        }
        this.isEncrypted = this.encryptionMaterials != null;
        AmazonS3Builder withEncryptionMaterials = !this.isEncrypted ? (AmazonS3Builder) AmazonS3ClientBuilder.standard().withCredentials(this.awsCredentialsProvider).withClientConfiguration(this.clientConfiguration) : AmazonS3EncryptionClientBuilder.standard().withClientConfiguration(this.clientConfiguration).withCryptoConfiguration(this.cryptoConfiguration).withCredentials(this.awsCredentialsProvider).withEncryptionMaterials(new StaticEncryptionMaterialsProvider(this.encryptionMaterials));
        if (booleanProperty) {
            log.debug("Path-style access enabled");
            withEncryptionMaterials.enablePathStyleAccess();
        }
        this.amazonS3 = (AmazonS3) (StringUtils.isNotBlank(property12) ? (AmazonS3Builder) withEncryptionMaterials.withEndpointConfiguration(new AwsClientBuilder.EndpointConfiguration(property12, property)) : withEncryptionMaterials.withRegion(property)).build();
        try {
            if (!this.amazonS3.doesBucketExist(this.bucketName)) {
                this.amazonS3.createBucket(this.bucketName);
                this.amazonS3.setBucketAcl(this.bucketName, CannedAccessControlList.Private);
            }
            String property14 = getProperty(DIRECTDOWNLOAD_PROPERTY_COMPAT);
            if (property14 != null) {
                this.directDownload = Boolean.parseBoolean(property14);
            }
            int intProperty5 = getIntProperty(DIRECTDOWNLOAD_EXPIRE_PROPERTY_COMPAT);
            if (intProperty5 >= 0) {
                this.directDownloadExpire = intProperty5;
            }
            this.transferManager = TransferManagerBuilder.standard().withS3Client(this.amazonS3).build();
            abortOldUploads();
        } catch (AmazonClientException e2) {
            throw new IOException((Throwable) e2);
        }
    }

    protected void removeBinary(String str) {
        this.amazonS3.deleteObject(this.bucketName, this.bucketNamePrefix + str);
    }

    protected String getSystemPropertyPrefix() {
        return SYSTEM_PROPERTY_PREFIX;
    }

    protected BinaryGarbageCollector instantiateGarbageCollector() {
        return new S3BinaryGarbageCollector(this);
    }

    public void removeBinaries(Collection<String> collection) {
        collection.forEach(this::removeBinary);
    }

    protected static boolean isMissingKey(AmazonClientException amazonClientException) {
        if (!(amazonClientException instanceof AmazonServiceException)) {
            return false;
        }
        AmazonServiceException amazonServiceException = (AmazonServiceException) amazonClientException;
        return amazonServiceException.getStatusCode() == 404 || "NoSuchKey".equals(amazonServiceException.getErrorCode()) || "Not Found".equals(amazonClientException.getMessage());
    }

    public static boolean isMD5(String str) {
        return MD5_RE.matcher(str).matches();
    }

    public boolean canAccessBucket() {
        return this.transferManager != null && this.transferManager.getAmazonS3Client().doesBucketExist(this.bucketName);
    }

    protected FileStorage getFileStorage() {
        return new S3FileStorage();
    }

    public AWSCredentialsProvider getAwsCredentialsProvider() {
        return this.awsCredentialsProvider;
    }

    public AmazonS3 getAmazonS3() {
        return this.amazonS3;
    }

    public String writeBlob(Blob blob) throws IOException {
        String copyBlob;
        if (blob instanceof ManagedBlob) {
            ManagedBlob managedBlob = (ManagedBlob) blob;
            BlobProvider blobProvider = ((BlobManager) Framework.getService(BlobManager.class)).getBlobProvider(managedBlob.getProviderId());
            if ((blobProvider instanceof S3BinaryManager) && blobProvider != this && (copyBlob = copyBlob((S3BinaryManager) blobProvider, managedBlob.getKey())) != null) {
                return copyBlob;
            }
        }
        return super.writeBlob(blob);
    }

    protected String copyBlob(S3BinaryManager s3BinaryManager, String str) throws IOException {
        String str2 = str;
        int indexOf = str2.indexOf(58);
        if (indexOf >= 0) {
            str2 = str2.substring(indexOf + 1);
        }
        String str3 = s3BinaryManager.bucketName;
        String str4 = s3BinaryManager.bucketNamePrefix + str2;
        String str5 = this.bucketNamePrefix + str2;
        long j = 0;
        if (log.isDebugEnabled()) {
            j = System.currentTimeMillis();
            log.debug("copying blob " + str4 + " to " + str5);
        }
        try {
            this.amazonS3.getObjectMetadata(this.bucketName, str5);
            if (log.isDebugEnabled()) {
                log.debug("blob " + str5 + " is already in S3");
            }
            return str2;
        } catch (AmazonServiceException e) {
            if (!isMissingKey(e)) {
                throw new IOException((Throwable) e);
            }
            try {
                ObjectMetadata objectMetadata = this.amazonS3.getObjectMetadata(str3, str4);
                try {
                    if (objectMetadata.getContentLength() > S3Utils.NON_MULTIPART_COPY_MAX_SIZE) {
                        S3Utils.copyFileMultipart(this.amazonS3, objectMetadata, str3, str4, this.bucketName, str5, true);
                    } else {
                        S3Utils.copyFile(this.amazonS3, objectMetadata, str3, str4, this.bucketName, str5, true);
                    }
                    if (log.isDebugEnabled()) {
                        log.debug("copied blob " + str4 + " to " + str5 + " in " + (System.currentTimeMillis() - j) + "ms");
                    }
                    return str2;
                } catch (AmazonServiceException e2) {
                    log.warn("direct S3 copy not supported, please check your keys and policies", e2);
                    return null;
                }
            } catch (AmazonServiceException e3) {
                throw new NuxeoException("Source blob does not exists: s3://" + str3 + "/" + str4, e3);
            }
        }
    }

    protected URI getRemoteUri(String str, ManagedBlob managedBlob, HttpServletRequest httpServletRequest) throws IOException {
        String str2 = this.bucketNamePrefix + str;
        Date date = new Date();
        date.setTime(date.getTime() + (this.directDownloadExpire * 1000));
        GeneratePresignedUrlRequest generatePresignedUrlRequest = new GeneratePresignedUrlRequest(this.bucketName, str2, HttpMethod.GET);
        generatePresignedUrlRequest.addRequestParameter("response-content-type", getContentTypeHeader(managedBlob));
        generatePresignedUrlRequest.addRequestParameter("response-content-disposition", getContentDispositionHeader(managedBlob, null));
        generatePresignedUrlRequest.setExpiration(date);
        try {
            return this.amazonS3.generatePresignedUrl(generatePresignedUrlRequest).toURI();
        } catch (URISyntaxException e) {
            throw new IOException(e);
        }
    }
}
