package org.n52.security.service.wss;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.Enumeration;
import java.util.Iterator;
import javax.servlet.ServletException;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.n52.security.authentication.LicenseReference;
import org.n52.security.common.util.XMLUtils;
import org.n52.security.common.util.XPathHelper;
import org.n52.security.enforcement.artifact.TransferAttribute;
import org.n52.security.enforcement.artifact.Transferable;
import org.n52.security.service.base.ServiceException;
import org.n52.security.service.config.EnforcementPointConfig;
import org.n52.security.service.config.support.AbstractSecurityServiceServlet;
import org.n52.security.service.wss.wss1_1.CloseSessionGetRequest;
import org.n52.security.service.wss.wss1_1.CloseSessionPostRequest;
import org.n52.security.service.wss.wss1_1.DoServiceGetRequest;
import org.n52.security.service.wss.wss1_1.DoServicePostRequest;
import org.n52.security.service.wss.wss1_1.GetCapabilitiesGetRequest;
import org.n52.security.service.wss.wss1_1.GetCapabilitiesPostRequest;
import org.n52.security.service.wss.wss1_1.GetSessionGetRequest;
import org.n52.security.service.wss.wss1_1.GetSessionPostRequest;
import org.w3c.dom.Document;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/n52/security/service/wss/SecurityServiceServlet.class */
public class SecurityServiceServlet extends AbstractSecurityServiceServlet {
    private static final Log LOG;
    static Class class$org$n52$security$service$wss$SecurityServiceServlet;
    static Class class$org$n52$security$service$wss$PolicyEnforcementService;

    public String getServletInfo() {
        return "Web Security Service 1.1";
    }

    @Override // org.n52.security.service.config.support.AbstractSecurityServiceServlet
    public void init() throws ServletException {
        Class cls;
        super.init();
        Iterator enforcementPointConfigs = getSecurityServiceConfig().getEnforcementPointConfigs();
        while (enforcementPointConfigs.hasNext()) {
            if (!(((EnforcementPointConfig) enforcementPointConfigs.next()).getInstance() instanceof PolicyEnforcementService)) {
                StringBuffer append = new StringBuffer().append("The service instance configured with id <").append(getServletName()).append("> must implement <");
                if (class$org$n52$security$service$wss$PolicyEnforcementService == null) {
                    cls = class$("org.n52.security.service.wss.PolicyEnforcementService");
                    class$org$n52$security$service$wss$PolicyEnforcementService = cls;
                } else {
                    cls = class$org$n52$security$service$wss$PolicyEnforcementService;
                }
                throw new ServletException(append.append(cls.getName()).append(">").toString());
            }
        }
    }

    protected PolicyEnforcementService getPolicyEnforcementService(HttpServletRequest httpServletRequest) throws ServiceException {
        String enforcementPointId = getEnforcementPointId(httpServletRequest);
        EnforcementPointConfig enforcementPointConfig = getSecurityServiceConfig().getEnforcementPointConfig(enforcementPointId);
        if (enforcementPointConfig != null) {
            return (PolicyEnforcementService) enforcementPointConfig.getInstance();
        }
        if (LOG.isWarnEnabled()) {
            LOG.warn(new StringBuffer().append("No enforcementpoint configuration for id <").append(enforcementPointId).append("> found").toString());
        }
        throw new ServiceException("Wrong URL-Path", ServiceException.INVALID_FORMAT);
    }

    private String getEnforcementPointPathInfo(HttpServletRequest httpServletRequest) {
        String pathInfo = httpServletRequest.getPathInfo();
        if (pathInfo == null) {
            return "";
        }
        StringBuffer stringBuffer = new StringBuffer(pathInfo);
        int i = 0;
        while (stringBuffer.charAt(i) == '/' && i < stringBuffer.length()) {
            i++;
        }
        int indexOf = stringBuffer.indexOf("/", i + 1);
        if (indexOf <= 1) {
            return "";
        }
        if (indexOf > stringBuffer.length()) {
            return null;
        }
        return stringBuffer.substring(indexOf);
    }

    private String getEnforcementPointId(HttpServletRequest httpServletRequest) {
        String pathInfo = httpServletRequest.getPathInfo();
        if (pathInfo == null) {
            return "";
        }
        StringBuffer stringBuffer = new StringBuffer(pathInfo);
        while (stringBuffer.charAt(0) == '/') {
            stringBuffer.deleteCharAt(0);
        }
        int indexOf = stringBuffer.indexOf("/");
        return indexOf > 1 ? stringBuffer.substring(0, indexOf) : stringBuffer.toString();
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        ByteArrayInputStream inputStream;
        String contentType = httpServletRequest.getContentType();
        if (LOG.isInfoEnabled()) {
            LOG.info(new StringBuffer().append("Incoming POST-request: ").append(httpServletRequest.getRequestURL()).append(" contentType is ").append(contentType).toString());
        }
        if ("application/x-www-form-urlencoded".equals(contentType) || "application/x-www-form-encoded".equals(contentType)) {
            doGet(httpServletRequest, httpServletResponse);
            return;
        }
        try {
            PolicyEnforcementService policyEnforcementService = getPolicyEnforcementService(httpServletRequest);
            String str = "";
            if (LOG.isDebugEnabled()) {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                ServletInputStream inputStream2 = httpServletRequest.getInputStream();
                while (true) {
                    int read = inputStream2.read();
                    if (read == -1) {
                        break;
                    } else {
                        byteArrayOutputStream.write(read);
                    }
                }
                inputStream = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
                LOG.debug(new StringBuffer().append("Incoming post request: ").append(new String(byteArrayOutputStream.toString())).toString());
            } else {
                inputStream = httpServletRequest.getInputStream();
            }
            Document parse = httpServletRequest.getCharacterEncoding() == null ? XMLUtils.getDocumentBuilder().parse(inputStream, "UTF-8") : XMLUtils.getDocumentBuilder().parse(inputStream, httpServletRequest.getCharacterEncoding());
            XPathHelper xPathHelper = new XPathHelper(parse);
            NodeList queryXPath = xPathHelper.queryXPath("//*[count(@service)=1]");
            if (queryXPath.getLength() > 0) {
                str = queryXPath.item(0).getNodeName();
                LOG.info(new StringBuffer().append("operation: ").append(str).toString());
            }
            if (str == null || str.length() == 0) {
                throw new ServiceException("Missing REQUEST parameter", ServiceException.INVALID_FORMAT);
            }
            if ("DoService".equals(str)) {
                DoServicePostRequest doServicePostRequest = new DoServicePostRequest(parse);
                String enforcementPointPathInfo = getEnforcementPointPathInfo(httpServletRequest);
                if (enforcementPointPathInfo != null) {
                    doServicePostRequest.addParameter("request.pathinfo", enforcementPointPathInfo);
                }
                String queryString = httpServletRequest.getQueryString();
                if (queryString != null) {
                    doServicePostRequest.addParameter("request.querystring", queryString);
                }
                Enumeration headerNames = httpServletRequest.getHeaderNames();
                while (headerNames.hasMoreElements()) {
                    String str2 = (String) headerNames.nextElement();
                    doServicePostRequest.addParameter(str2, httpServletRequest.getHeader(str2));
                }
                doServicePostRequest.addParameter("request.ip", httpServletRequest.getRemoteAddr());
                String querySimpleXPath = xPathHelper.querySimpleXPath("//DoService/LicenseRef/text()");
                if (querySimpleXPath != null && querySimpleXPath.length() > 0) {
                    doServicePostRequest.addParameter("extension.licensereference", LicenseReference.createFrom(querySimpleXPath));
                }
                setFacadeUrlToServletUrl(doServicePostRequest, httpServletRequest);
                doServicePostRequest.validate();
                Transferable doService = doService(policyEnforcementService, doServicePostRequest);
                if (doService == null) {
                    throw new ServiceException("DoService request produced no response", ServiceException.SERVICE_ERROR);
                }
                writeTransferable(doService, httpServletResponse);
            } else if ("GetCapabilities".equalsIgnoreCase(str)) {
                GetCapabilitiesPostRequest getCapabilitiesPostRequest = new GetCapabilitiesPostRequest(parse);
                getCapabilitiesPostRequest.validate();
                PolicyEnforcementServiceCapabilities capabilities = policyEnforcementService.getCapabilities(getCapabilitiesPostRequest.getVersion(), getCapabilitiesPostRequest.getService());
                capabilities.setOperationsUrls(new StringBuffer().append(getServletUrlString(httpServletRequest)).append("/").append(getEnforcementPointId(httpServletRequest)).toString());
                writeTransferable(capabilities.getAsTransferable(), httpServletResponse);
            } else if ("GetSession".equalsIgnoreCase(str)) {
                GetSessionPostRequest getSessionPostRequest = new GetSessionPostRequest(parse);
                getSessionPostRequest.validate();
                writeTransferable(policyEnforcementService.getSession(getSessionPostRequest.getVersion(), getSessionPostRequest.getCredentials()).getAsTransferable(), httpServletResponse);
            } else if ("CloseSession".equalsIgnoreCase(str)) {
                CloseSessionPostRequest closeSessionPostRequest = new CloseSessionPostRequest(parse);
                closeSessionPostRequest.validate();
                policyEnforcementService.closeSession(closeSessionPostRequest.getVersion(), closeSessionPostRequest.getSessionID());
            }
        } catch (ServiceException e) {
            writeTransferable(e.getAsTransferable(), httpServletResponse);
        } catch (Exception e2) {
            if (LOG.isWarnEnabled()) {
                LOG.warn(new StringBuffer().append("Unexpected Exception occured :").append(e2).toString(), e2);
            }
            writeTransferable(new ServiceException(e2.getMessage(), ServiceException.SERVICE_ERROR).getAsTransferable(), httpServletResponse);
        }
    }

    private void setFacadeUrlToServletUrl(DoServiceRequest doServiceRequest, HttpServletRequest httpServletRequest) {
        String servletUrlString = getServletUrlString(httpServletRequest);
        String stringBuffer = new StringBuffer().append(servletUrlString).append("/").append(getEnforcementPointId(httpServletRequest)).toString();
        if (doServiceRequest.getFacadeUrl() == null || doServiceRequest.getFacadeUrl().length() == 0) {
            doServiceRequest.setFacadeUrl(stringBuffer);
        }
        doServiceRequest.addParameter("request.service.baseurl", stringBuffer);
    }

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (LOG.isDebugEnabled()) {
            LOG.debug(new StringBuffer().append("processing GET request: ").append(httpServletRequest.getQueryString()).toString());
        }
        try {
            PolicyEnforcementService policyEnforcementService = getPolicyEnforcementService(httpServletRequest);
            String parameterValueEqualIgnoreCase = getParameterValueEqualIgnoreCase(httpServletRequest, "REQUEST");
            if (LOG.isDebugEnabled()) {
                LOG.debug(new StringBuffer().append("operation: ").append(parameterValueEqualIgnoreCase).toString());
            }
            if (parameterValueEqualIgnoreCase == null || parameterValueEqualIgnoreCase.length() == 0) {
                writeTransferable(new ServiceException("Missing REQUEST parameter", ServiceException.INVALID_FORMAT).getAsTransferable(), httpServletResponse);
            } else if ("GetCapabilities".equalsIgnoreCase(parameterValueEqualIgnoreCase)) {
                GetCapabilitiesGetRequest getCapabilitiesGetRequest = new GetCapabilitiesGetRequest(httpServletRequest);
                getCapabilitiesGetRequest.validate();
                PolicyEnforcementServiceCapabilities capabilities = policyEnforcementService.getCapabilities(getCapabilitiesGetRequest.getVersion(), getCapabilitiesGetRequest.getService());
                capabilities.setOperationsUrls(new StringBuffer().append(getServletUrlString(httpServletRequest)).append("/").append(getEnforcementPointId(httpServletRequest)).toString());
                writeTransferable(capabilities.getAsTransferable(), httpServletResponse);
            } else if ("GetSession".equalsIgnoreCase(parameterValueEqualIgnoreCase)) {
                GetSessionGetRequest getSessionGetRequest = new GetSessionGetRequest(httpServletRequest);
                getSessionGetRequest.validate();
                writeTransferable(policyEnforcementService.getSession(getSessionGetRequest.getVersion(), getSessionGetRequest.getCredentials()).getAsTransferable(), httpServletResponse);
            } else if ("CloseSession".equalsIgnoreCase(parameterValueEqualIgnoreCase)) {
                CloseSessionGetRequest closeSessionGetRequest = new CloseSessionGetRequest(httpServletRequest);
                closeSessionGetRequest.validate();
                policyEnforcementService.closeSession(closeSessionGetRequest.getVersion(), closeSessionGetRequest.getSessionID());
            } else if ("DoService".equalsIgnoreCase(parameterValueEqualIgnoreCase)) {
                DoServiceGetRequest doServiceGetRequest = new DoServiceGetRequest(httpServletRequest);
                doServiceGetRequest.getParameters().put("request.ip", httpServletRequest.getRemoteAddr());
                String enforcementPointPathInfo = getEnforcementPointPathInfo(httpServletRequest);
                if (enforcementPointPathInfo != null) {
                    doServiceGetRequest.addParameter("request.pathinfo", enforcementPointPathInfo);
                }
                String parameter = httpServletRequest.getParameter("LICENSEREF");
                if (parameter != null) {
                    doServiceGetRequest.addParameter("extension.licensereference", LicenseReference.createFrom(new String(Base64.decodeBase64(parameter.getBytes("UTF-8")), "UTF-8")));
                }
                Enumeration headerNames = httpServletRequest.getHeaderNames();
                while (headerNames.hasMoreElements()) {
                    String str = (String) headerNames.nextElement();
                    doServiceGetRequest.addParameter(str, httpServletRequest.getHeader(str));
                }
                setFacadeUrlToServletUrl(doServiceGetRequest, httpServletRequest);
                doServiceGetRequest.validate();
                Transferable doService = doService(policyEnforcementService, doServiceGetRequest);
                if (doService == null) {
                    throw new ServiceException("DoService request produced no response", ServiceException.SERVICE_ERROR);
                }
                writeTransferable(doService, httpServletResponse);
            }
        } catch (ServiceException e) {
            writeTransferable(e.getAsTransferable(), httpServletResponse);
        } catch (Exception e2) {
            if (LOG.isWarnEnabled()) {
                LOG.warn(new StringBuffer().append("Unexpected Exception occured :").append(e2).toString(), e2);
            }
            writeTransferable(new ServiceException(e2.getMessage(), ServiceException.SERVICE_ERROR).getAsTransferable(), httpServletResponse);
        }
    }

    public Transferable doService(PolicyEnforcementService policyEnforcementService, DoServiceRequest doServiceRequest) throws ServiceException {
        if (doServiceRequest.getServiceRequest() == null) {
            throw new ServiceException("Missing SERVICEREQUEST parameter", ServiceException.INVALID_FORMAT);
        }
        if (doServiceRequest.getCredentials() == null) {
            throw new ServiceException("Either (SESSIONID) or (CREDENTIALS and METHOD) must be provided.", ServiceException.INVALID_FORMAT);
        }
        return policyEnforcementService.doService(doServiceRequest.getVersion(), doServiceRequest.getSecureServiceRequest(null), doServiceRequest.getCredentials());
    }

    private void writeTransferable(Transferable transferable, HttpServletResponse httpServletResponse) {
        addHeader(httpServletResponse, transferable.getAttribute("Content-Type"));
        addHeader(httpServletResponse, transferable.getAttribute("Content-Encoding"));
        addHeader(httpServletResponse, transferable.getAttribute("Cookie"));
        writeStream(httpServletResponse, transferable);
    }

    private void addHeader(HttpServletResponse httpServletResponse, TransferAttribute transferAttribute) {
        if (transferAttribute == null) {
            return;
        }
        httpServletResponse.addHeader(transferAttribute.getName(), (String) transferAttribute.getValue());
    }

    private void writeStream(HttpServletResponse httpServletResponse, Transferable transferable) {
        OutputStream outputStream = null;
        InputStream inputStream = null;
        try {
            try {
                outputStream = httpServletResponse.getOutputStream();
                inputStream = transferable.getPayload().getAsStream();
                byte[] bArr = new byte[256];
                while (true) {
                    int read = inputStream.read(bArr);
                    if (read == -1) {
                        break;
                    } else {
                        outputStream.write(bArr, 0, read);
                    }
                }
                try {
                    outputStream.flush();
                    outputStream.close();
                } catch (IOException e) {
                }
                try {
                    inputStream.close();
                } catch (IOException e2) {
                }
            } catch (IOException e3) {
                LOG.error("Error !!!", e3);
                try {
                    outputStream.flush();
                    outputStream.close();
                } catch (IOException e4) {
                }
                try {
                    inputStream.close();
                } catch (IOException e5) {
                }
            }
        } catch (Throwable th) {
            try {
                outputStream.flush();
                outputStream.close();
            } catch (IOException e6) {
            }
            try {
                inputStream.close();
            } catch (IOException e7) {
            }
            throw th;
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$n52$security$service$wss$SecurityServiceServlet == null) {
            cls = class$("org.n52.security.service.wss.SecurityServiceServlet");
            class$org$n52$security$service$wss$SecurityServiceServlet = cls;
        } else {
            cls = class$org$n52$security$service$wss$SecurityServiceServlet;
        }
        LOG = LogFactory.getLog(cls);
    }
}
