package org.n52.security.enforcement.interceptors.wms.simplepermission;

import java.io.ByteArrayInputStream;
import java.io.StringReader;
import java.io.StringWriter;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.Subject;
import org.apache.log4j.Logger;
import org.jdom.JDOMException;
import org.jdom.input.SAXBuilder;
import org.n52.security.common.xml.DOMParser;
import org.n52.security.common.xml.DOMSerializer;
import org.n52.security.common.xml.DocumentTraverser;
import org.n52.security.common.xml.DocumentVisitorAdapter;
import org.n52.security.decision.PDPRequest;
import org.n52.security.decision.PDPRequestCollection;
import org.n52.security.decision.PDPResponse;
import org.n52.security.decision.Target;
import org.n52.security.enforcement.artifact.Payload;
import org.n52.security.enforcement.artifact.QueryStringPayload;
import org.n52.security.enforcement.artifact.TextualPayload;
import org.n52.security.enforcement.artifact.Transferable;
import org.n52.security.enforcement.chain.AuthzInterceptor;
import org.n52.security.enforcement.chain.InterceptorException;
import org.n52.security.enforcement.chain.InterceptorRequest;
import org.n52.security.enforcement.chain.InterceptorResponse;
import org.n52.security.enforcement.chain.SecuredServiceRequest;
import org.n52.security.enforcement.exception.EnforcementServiceException;
import org.n52.security.service.pdp.xacml.functions.URLEqualsWildcardFunction;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;

/* loaded from: input_file:org/n52/security/enforcement/interceptors/wms/simplepermission/FilterLayerFromCapabilitiesInterceptor.class */
public class FilterLayerFromCapabilitiesInterceptor extends AuthzInterceptor {
    private static Logger sLogger;
    static Class class$org$n52$security$enforcement$interceptors$wms$simplepermission$FilterLayerFromCapabilitiesInterceptor;

    @Override // org.n52.security.enforcement.chain.Interceptor
    public SecuredServiceRequest doRequest(Subject subject, InterceptorRequest interceptorRequest) throws InterceptorException, EnforcementServiceException {
        return interceptorRequest.getRequest();
    }

    private boolean isGetCapabilitiesRequest(SecuredServiceRequest securedServiceRequest) {
        Payload payload = securedServiceRequest.getPayload();
        if (!(payload instanceof QueryStringPayload)) {
            try {
                payload = new QueryStringPayload(payload.toString());
            } catch (Exception e) {
                return false;
            }
        }
        String parameterValue = ((QueryStringPayload) payload).getParameterValue("REQUEST");
        return parameterValue != null && parameterValue.equalsIgnoreCase("GetCapabilities");
    }

    @Override // org.n52.security.enforcement.chain.Interceptor
    public Transferable doResponse(Subject subject, InterceptorResponse interceptorResponse) throws InterceptorException, EnforcementServiceException {
        sLogger.debug("intercepting response");
        if (!isGetCapabilitiesRequest(interceptorResponse.getRequest())) {
            return interceptorResponse.getResponse();
        }
        Transferable response = interceptorResponse.getResponse();
        String str = (String) response.getAttributeValue("Content-Type");
        if (str.indexOf("text") != -1 || str.indexOf("xml") != -1) {
            sLogger.debug("Intercepting GetCapabilites response");
            response.setPayload(new TextualPayload(tranformCapabilitiesDocument(subject, response.getPayload().toString(), interceptorResponse), (String) response.getAttributeValue("Content-Encoding")));
        }
        return response;
    }

    private String tranformCapabilitiesDocument(Subject subject, String str, InterceptorResponse interceptorResponse) {
        try {
            Document parse = DOMParser.createNew().parse(new InputSource(new StringReader(str)));
            String str2 = (String) interceptorResponse.getRequest().getAttributeValue("request.service.baseurl");
            String stringBuffer = str2.endsWith("/") ? str2 : new StringBuffer().append(str2).append("/").toString();
            String stringBuffer2 = new StringBuffer(stringBuffer).append("operations/GetCapabilities").toString();
            TargetItemCollection targetItemCollection = new TargetItemCollection();
            new DocumentTraverser().traverseDepthFirst(parse, new DocumentVisitorAdapter(this, stringBuffer, targetItemCollection) { // from class: org.n52.security.enforcement.interceptors.wms.simplepermission.FilterLayerFromCapabilitiesInterceptor.1
                private final String val$checkedBaseUrl;
                private final TargetItemCollection val$availableLayers;
                private final FilterLayerFromCapabilitiesInterceptor this$0;

                {
                    this.this$0 = this;
                    this.val$checkedBaseUrl = stringBuffer;
                    this.val$availableLayers = targetItemCollection;
                }

                public void visit(Element element) {
                    NodeList elementsByTagNameNS = element.getElementsByTagNameNS(URLEqualsWildcardFunction.Path.WILDCARD, "Name");
                    int length = elementsByTagNameNS.getLength();
                    for (int i = 0; i < length; i++) {
                        String textContent = elementsByTagNameNS.item(i).getTextContent();
                        try {
                            textContent = URLEncoder.encode(textContent, "UTF-8");
                            this.val$availableLayers.addItem(new TargetItem(textContent, new StringBuffer(this.val$checkedBaseUrl).append("layers/").append(textContent).toString()));
                        } catch (UnsupportedEncodingException e) {
                            throw new RuntimeException(new StringBuffer().append("Could not encode layer ").append(textContent).toString(), e);
                        }
                    }
                }

                public short acceptNode(Node node) {
                    return (node.getNodeType() == 1 && "Layer".equals(node.getLocalName())) ? (short) 1 : (short) 3;
                }
            });
            PDPRequestCollection pDPRequestCollection = new PDPRequestCollection();
            Iterator it = targetItemCollection.getItems().iterator();
            while (it.hasNext()) {
                pDPRequestCollection.add(new PDPRequest(new Target(subject, ((TargetItem) it.next()).getTargetId(), stringBuffer2)));
            }
            Iterator it2 = getDecisionService().request(pDPRequestCollection).iterator();
            HashSet hashSet = new HashSet();
            while (it2.hasNext()) {
                PDPResponse pDPResponse = (PDPResponse) it2.next();
                PDPRequest request = pDPResponse.getRequest();
                if (pDPResponse.isPermit()) {
                    hashSet.add((String) targetItemCollection.getItem(request.getTarget().getResource()).getAppItem());
                }
            }
            new DocumentTraverser().traverseDepthFirst(parse, new DocumentVisitorAdapter(this, hashSet) { // from class: org.n52.security.enforcement.interceptors.wms.simplepermission.FilterLayerFromCapabilitiesInterceptor.2
                private final Set val$allowedLayers;
                private final FilterLayerFromCapabilitiesInterceptor this$0;

                {
                    this.this$0 = this;
                    this.val$allowedLayers = hashSet;
                }

                public void visit(Element element) {
                    if (this.val$allowedLayers.contains(element.getTextContent())) {
                        return;
                    }
                    Node parentNode = element.getParentNode();
                    parentNode.getParentNode().removeChild(parentNode);
                }

                public short acceptNode(Node node) {
                    return (node.getNodeType() == 1 && "Name".equals(node.getLocalName()) && node.getParentNode().getLocalName().equals("Layer")) ? (short) 1 : (short) 3;
                }
            });
            StringWriter stringWriter = new StringWriter();
            DOMSerializer.createNew().serialize(parse, stringWriter);
            return stringWriter.getBuffer().toString();
        } catch (Exception e) {
            throw new InterceptorException("Error analyzing capabilities. Request rejected", e);
        }
    }

    private static org.jdom.Document readStringToJDOM(String str, String str2) throws Exception {
        sLogger.debug(new StringBuffer().append("readStringToJDOM(xmlString[], pFailOverEncoding[").append(str2).append("])").toString());
        SAXBuilder sAXBuilder = new SAXBuilder(false);
        sAXBuilder.setFeature("http://xml.org/sax/features/validation", false);
        sAXBuilder.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false);
        try {
            String encodingDeclaration = getEncodingDeclaration(str);
            sLogger.debug(new StringBuffer().append("guessed lDeclaredEncoding is: ").append(encodingDeclaration).toString());
            if (null == encodingDeclaration) {
                sLogger.debug("using failoverencoding");
                encodingDeclaration = str2;
            }
            try {
                return sAXBuilder.build(new ByteArrayInputStream(str.getBytes(encodingDeclaration)));
            } catch (JDOMException e) {
                sLogger.error(new StringBuffer().append("JDOMException w�hrend Konvertierung in JDOM: ").append(e.getMessage()).toString(), e);
                throw new Exception(new StringBuffer().append("JDOMException w�hrend Konvertierung in JDOM: ").append(e.getMessage()).toString());
            }
        } catch (UnsupportedEncodingException e2) {
            sLogger.error(new StringBuffer().append("UnsupportedEncodingException w�hrend Konvertierung in JDOM: ").append(e2.getMessage()).toString(), e2);
            throw new Exception(new StringBuffer().append("UnsupportedEncodingException w�hrend Konvertierung in JDOM: ").append(e2.getMessage()).toString());
        }
    }

    public static String getEncodingDeclaration(String str) {
        int indexOf = str.indexOf("encoding");
        if (indexOf == -1) {
            return null;
        }
        int length = indexOf + "encoding".length() + 2;
        int indexOf2 = str.indexOf("\"", length + 3);
        if (length == -1) {
            return null;
        }
        return str.substring(length, indexOf2);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$n52$security$enforcement$interceptors$wms$simplepermission$FilterLayerFromCapabilitiesInterceptor == null) {
            cls = class$("org.n52.security.enforcement.interceptors.wms.simplepermission.FilterLayerFromCapabilitiesInterceptor");
            class$org$n52$security$enforcement$interceptors$wms$simplepermission$FilterLayerFromCapabilitiesInterceptor = cls;
        } else {
            cls = class$org$n52$security$enforcement$interceptors$wms$simplepermission$FilterLayerFromCapabilitiesInterceptor;
        }
        sLogger = Logger.getLogger(cls);
    }
}
