package net.handle.server.servletcontainer.servlets;

import com.google.gson.Gson;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import com.google.gson.JsonParseException;
import java.io.IOException;
import java.net.InetAddress;
import java.net.UnknownHostException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.cnri.util.ServletUtil;
import net.cnri.util.StringUtils;
import net.handle.apps.servlet_proxy.HDLProxy;
import net.handle.hdllib.AbstractMessage;
import net.handle.hdllib.AbstractRequest;
import net.handle.hdllib.AbstractResponse;
import net.handle.hdllib.AuthenticationInfo;
import net.handle.hdllib.Common;
import net.handle.hdllib.ErrorResponse;
import net.handle.hdllib.GsonUtility;
import net.handle.hdllib.HSG;
import net.handle.hdllib.HandleException;
import net.handle.hdllib.HandleResolver;
import net.handle.hdllib.RequestProcessor;
import net.handle.hdllib.SecureResolver;
import net.handle.hdllib.Util;
import net.handle.server.servletcontainer.HandleServerInterface;
import net.handle.server.servletcontainer.support.PreAuthenticatedRequestProcessor;

/* loaded from: input_file:net/handle/server/servletcontainer/servlets/BaseHandleRequestProcessingServlet.class */
public class BaseHandleRequestProcessingServlet extends HttpServlet {
    HandleServerInterface handleServer;
    RequestProcessor requestHandler;
    boolean caseSensitive;
    protected String allowString = "TRACE, OPTIONS";

    public void init() throws ServletException {
        this.handleServer = (HandleServerInterface) getServletContext().getAttribute("net.handle.server.HandleServer");
        if (this.handleServer != null) {
            this.requestHandler = new PreAuthenticatedRequestProcessor(this.handleServer, null);
            this.caseSensitive = this.handleServer.isCaseSensitive();
        } else {
            this.requestHandler = (HandleResolver) getServletContext().getAttribute(HandleResolver.class.getName());
            if (this.requestHandler == null) {
                this.requestHandler = new HandleResolver();
            }
            this.caseSensitive = true;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String getPath(HttpServletRequest httpServletRequest) {
        String decodeURLIgnorePlus = StringUtils.decodeURLIgnorePlus(ServletUtil.pathExcluding(httpServletRequest.getRequestURI(), httpServletRequest.getContextPath() + httpServletRequest.getServletPath()));
        if (decodeURLIgnorePlus.startsWith("/")) {
            decodeURLIgnorePlus = decodeURLIgnorePlus.substring(1);
        }
        return decodeURLIgnorePlus;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static int[] getIndexes(HttpServletRequest httpServletRequest) throws NumberFormatException {
        String[] parameterValues = httpServletRequest.getParameterValues(SecureResolver.VALUE_INDEX_ATTRIBUTE);
        int[] iArr = null;
        if (parameterValues != null && parameterValues.length > 0) {
            iArr = new int[parameterValues.length];
            for (int i = 0; i < parameterValues.length; i++) {
                try {
                    iArr[i] = Integer.parseInt(parameterValues[i]);
                } catch (NumberFormatException e) {
                    throw e;
                }
            }
        }
        return iArr;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static AuthenticationInfo getAuthenticationInfo(HttpServletRequest httpServletRequest) {
        return (AuthenticationInfo) httpServletRequest.getAttribute(AuthenticationInfo.class.getName());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static InetAddress getRemoteInetAddress(HttpServletRequest httpServletRequest) {
        try {
            HDLProxy hDLProxy = (HDLProxy) httpServletRequest.getServletContext().getAttribute(HDLProxy.class.getName());
            return hDLProxy == null ? InetAddress.getByName(httpServletRequest.getRemoteAddr()) : hDLProxy.getRemoteInetAddress(httpServletRequest);
        } catch (UnknownHostException e) {
            return null;
        }
    }

    private static Gson getGsonForRequest(HttpServletRequest httpServletRequest) {
        return getBooleanParameter(httpServletRequest, "pretty") ? GsonUtility.getNewGsonBuilder().setPrettyPrinting().disableHtmlEscaping().create() : GsonUtility.getGson();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean getBooleanParameter(HttpServletRequest httpServletRequest, String str) {
        String parameter = httpServletRequest.getParameter(str);
        if (parameter == null) {
            return false;
        }
        return parameter.isEmpty() || HSG.YES.equalsIgnoreCase(parameter) || "true".equalsIgnoreCase(parameter);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractResponse processRequest(HttpServletRequest httpServletRequest, AbstractRequest abstractRequest) {
        abstractRequest.certify = getBooleanParameter(httpServletRequest, "cert");
        abstractRequest.doNotRefer = getBooleanParameter(httpServletRequest, "doNotRefer");
        try {
            return this.requestHandler.processRequest(abstractRequest, getRemoteInetAddress(httpServletRequest));
        } catch (HandleException e) {
            return HandleException.toErrorResponse(abstractRequest, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static AbstractResponse errorResponseFromException(Exception exc) {
        return new ErrorResponse(0, 4, Util.encodeString(exc.toString()));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void processResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AbstractRequest abstractRequest, AbstractResponse abstractResponse) throws IOException {
        processResponse(httpServletRequest, httpServletResponse, statusCodeFromResponse(abstractResponse), GsonUtility.serializeResponseToRequest(abstractRequest, abstractResponse));
        logAccess(httpServletRequest, abstractRequest, abstractResponse);
    }

    private void logAccess(HttpServletRequest httpServletRequest, AbstractRequest abstractRequest, AbstractResponse abstractResponse) {
        if (this.handleServer != null) {
            if (this.handleServer.logHttpAccesses()) {
                this.handleServer.logAccess("HTTP:HDLApi", getRemoteInetAddress(httpServletRequest), abstractResponse.opCode, abstractResponse.responseCode, Util.getAccessLogString(abstractRequest, abstractResponse), System.currentTimeMillis() - ((Long) httpServletRequest.getAttribute("recvTime")).longValue());
                return;
            }
            return;
        }
        HDLProxy hDLProxy = (HDLProxy) getServletContext().getAttribute(HDLProxy.class.getName());
        if (hDLProxy == null) {
            return;
        }
        long j = 0;
        try {
            j = System.currentTimeMillis() - ((Long) httpServletRequest.getAttribute("recvTime")).longValue();
        } catch (Exception e) {
        }
        String header = httpServletRequest.getHeader("Referer");
        if (header == null) {
            header = "";
        }
        hDLProxy.logAccess("HTTP:HDLApi", abstractResponse.opCode, abstractResponse.responseCode, Util.decodeString(abstractRequest == null ? Common.BLANK_HANDLE : abstractRequest.handle), hDLProxy.getRemoteAddr(httpServletRequest), header, httpServletRequest.getHeader("user-agent"), j, null, null);
    }

    static String scrubCallbackParameter(String str) {
        StringBuilder sb = null;
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            if (charAt != '_' && charAt != '$' && ((charAt < 'a' || charAt > 'z') && ((charAt < 'A' || charAt > 'Z') && ((i <= 0 || charAt < '0' || charAt > '9') && charAt < 160)))) {
                if (sb == null) {
                    sb = new StringBuilder(str);
                }
                sb.setCharAt(i, '_');
            }
        }
        return sb == null ? str : sb.toString();
    }

    public static void processResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, int i, JsonElement jsonElement) throws IOException {
        String parameter = httpServletRequest.getParameter("callback");
        if (parameter != null) {
            parameter = scrubCallbackParameter(parameter);
        }
        httpServletResponse.setStatus(i);
        if (parameter == null) {
            httpServletResponse.setContentType("application/json");
        } else {
            httpServletResponse.setContentType("application/javascript");
        }
        httpServletResponse.setCharacterEncoding("UTF-8");
        if (parameter != null) {
            httpServletResponse.getWriter().append((CharSequence) parameter).append((CharSequence) "(");
        }
        getGsonForRequest(httpServletRequest).toJson(jsonElement, httpServletResponse.getWriter());
        if (parameter != null) {
            httpServletResponse.getWriter().append((CharSequence) ");");
        }
    }

    public static int statusCodeFromResponse(AbstractResponse abstractResponse) {
        switch (abstractResponse.responseCode) {
            case 1:
                if (abstractResponse.overwriteWhenExists) {
                    return 200;
                }
                return (abstractResponse.opCode == 100 || abstractResponse.opCode == 102) ? 201 : 200;
            case 3:
            case 7:
                return AbstractMessage.RC_NEED_RSAKEY_FOR_SESSIONEXCHANGE;
            case 4:
            case 102:
            case AbstractMessage.RC_INVALID_VALUE /* 202 */:
                return 400;
            case 5:
                return AbstractMessage.RC_SESSION_FAILED;
            case 100:
                return AbstractMessage.RC_INVALID_CREDENTIAL;
            case 101:
            case 201:
                return 409;
            case 200:
                return abstractResponse.opCode == 1 ? 200 : 400;
            case 301:
                return 400;
            case 302:
            case AbstractMessage.RC_PREFIX_REFERRAL /* 303 */:
                return 300;
            case 400:
            case 401:
            case AbstractMessage.RC_AUTHENTICATION_FAILED /* 403 */:
            case AbstractMessage.RC_INVALID_CREDENTIAL /* 404 */:
                return AbstractMessage.RC_AUTHENTICATION_FAILED;
            case 402:
                return 401;
            default:
                return AbstractMessage.RC_SESSION_TIMEOUT;
        }
    }

    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletRequest.setAttribute("recvTime", Long.valueOf(System.currentTimeMillis()));
        String method = httpServletRequest.getMethod();
        if ("GET".equals(method)) {
            doGet(httpServletRequest, httpServletResponse);
            return;
        }
        if ("HEAD".equals(method)) {
            doHead(httpServletRequest, httpServletResponse);
            return;
        }
        if ("POST".equals(method)) {
            doPost(httpServletRequest, httpServletResponse);
            return;
        }
        if ("PUT".equals(method)) {
            doPut(httpServletRequest, httpServletResponse);
            return;
        }
        if ("DELETE".equals(method)) {
            doDelete(httpServletRequest, httpServletResponse);
            return;
        }
        if ("OPTIONS".equals(method)) {
            doOptions(httpServletRequest, httpServletResponse);
            return;
        }
        if ("TRACE".equals(method)) {
            doTrace(httpServletRequest, httpServletResponse);
            return;
        }
        JsonObject jsonObject = new JsonObject();
        jsonObject.addProperty("responseCode", 4);
        jsonObject.addProperty("message", "Unknown method " + method);
        processResponse(httpServletRequest, httpServletResponse, AbstractMessage.RC_SESSION_FAILED, (JsonElement) jsonObject);
    }

    protected void doOptions(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletResponse.setHeader("Allow", this.allowString);
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        methodNotAllowed(httpServletRequest, httpServletResponse);
    }

    protected void doPut(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        methodNotAllowed(httpServletRequest, httpServletResponse);
    }

    protected void doDelete(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        methodNotAllowed(httpServletRequest, httpServletResponse);
    }

    private void methodNotAllowed(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        JsonObject jsonObject = new JsonObject();
        jsonObject.addProperty("responseCode", 4);
        jsonObject.addProperty("message", "Unknown HTTP API endpoint " + httpServletRequest.getMethod() + " " + httpServletRequest.getRequestURI());
        processResponse(httpServletRequest, httpServletResponse, AbstractMessage.RC_AUTHEN_TIMEOUT, (JsonElement) jsonObject);
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (!hasJsonEntity(httpServletRequest)) {
            doGet(httpServletRequest, httpServletResponse);
            return;
        }
        try {
            doGet(new JsonParameterServletReq(httpServletRequest), httpServletResponse);
        } catch (JsonParseException e) {
            processResponse(httpServletRequest, httpServletResponse, (AbstractRequest) null, errorResponseFromException(e));
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean hasJsonEntity(HttpServletRequest httpServletRequest) {
        String contentType = httpServletRequest.getContentType();
        if (contentType == null) {
            return false;
        }
        String lowerCase = contentType.trim().toLowerCase();
        return lowerCase.equals("application/json") || lowerCase.matches("^application/json\\s*;.*");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static int getIntegerParameter(HttpServletRequest httpServletRequest, String str, int i) throws NumberFormatException {
        String parameter = httpServletRequest.getParameter(str);
        return parameter == null ? i : Integer.parseInt(parameter);
    }
}
