package org.n52.security.service.enforcement;

import java.io.BufferedInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.util.Iterator;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.n52.security.authentication.AuthenticationContext;
import org.n52.security.authentication.AuthenticationContextUtil;
import org.n52.security.common.artifact.HttpHeaderAttribute;
import org.n52.security.common.artifact.QueryStringPayload;
import org.n52.security.common.artifact.ServiceException;
import org.n52.security.common.artifact.SimpleTransferAttribute;
import org.n52.security.common.artifact.TextualPayload;
import org.n52.security.common.util.KeyMatcher;
import org.n52.security.common.util.KeyValuePair;
import org.n52.security.common.util.KeyValuePairCollection;
import org.n52.security.common.util.StringUtils;
import org.n52.security.common.util.TransferableServletWriter;
import org.n52.security.enforcement.chain.SecuredServiceRequest;
import org.n52.security.enforcement.chain.impl.HttpGetRequestForward;
import org.n52.security.enforcement.chain.impl.HttpPostRequestForward;
import org.n52.security.enforcement.chain.impl.SecuredServiceHttpRequest;
import org.n52.security.licensing.LicenseReference;
import org.n52.security.service.authentication.RequestContext;
import org.n52.security.service.config.SecurityConfig;
import org.n52.security.service.config.SecurityConfigListener;
import org.n52.security.service.config.ServiceConfig;
import org.n52.security.service.config.support.AbstractSecurityServiceServlet;
import org.n52.security.service.wss.PolicyEnforcementServiceImpl;

/* loaded from: input_file:org/n52/security/service/enforcement/EnforcementServiceServlet.class */
public class EnforcementServiceServlet extends AbstractSecurityServiceServlet implements SecurityConfigListener {
    private static final long serialVersionUID = 9085866663075970881L;
    private static final Log LOG = LogFactory.getLog(EnforcementServiceServlet.class);

    protected void init(ServletConfig servletConfig, ServiceConfig serviceConfig, SecurityConfig securityConfig) {
    }

    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        RequestContext requestContext = (RequestContext) httpServletRequest.getAttribute("request.enforcement.context");
        if (requestContext == null) {
            throw new ServletException("Missing request context.");
        }
        String stringProperty = requestContext.getStringProperty("service.redirectionurl");
        try {
            PolicyEnforcementServiceImpl policyEnforcementServiceImpl = (PolicyEnforcementServiceImpl) requestContext.getProperty(EnforcementRequestContext.POLICY_ENFORCEMENT_SERVICE);
            if (policyEnforcementServiceImpl == null) {
                return;
            }
            AuthenticationContext currentAuthenticationContext = AuthenticationContextUtil.getCurrentAuthenticationContext();
            SecuredServiceRequest buildSecuredServiceRequest = buildSecuredServiceRequest(requestContext, policyEnforcementServiceImpl);
            if (stringProperty != null) {
                buildSecuredServiceRequest.addAttribute(new SimpleTransferAttribute("noauth.url", stringProperty));
            }
            new TransferableServletWriter(policyEnforcementServiceImpl.doService(buildSecuredServiceRequest, currentAuthenticationContext)).write(httpServletResponse);
        } catch (Exception e) {
            if (LOG.isWarnEnabled()) {
                LOG.warn("Unexpected Exception occured :" + e, e);
            }
            new TransferableServletWriter(new ServiceException(e.getMessage(), "ServiceError").getAsTransferable()).write(httpServletResponse);
        } catch (ServiceException e2) {
            new TransferableServletWriter(e2.getAsTransferable()).write(httpServletResponse);
        }
    }

    private SecuredServiceRequest buildSecuredServiceRequest(RequestContext requestContext, PolicyEnforcementServiceImpl policyEnforcementServiceImpl) throws IOException {
        TextualPayload convertToQueryStringPayload;
        HttpPostRequestForward httpGetRequestForward;
        HttpProxyRequest httpProxyRequest = (HttpProxyRequest) requestContext.getProperty("request.proxy");
        String proxyUrl = httpProxyRequest.getProxyUrl();
        String proxyPathInfo = httpProxyRequest.getProxyPathInfo();
        KeyValuePairCollection<KeyValuePair> headers = httpProxyRequest.getHeaders();
        KeyValuePair unique = headers.getUnique(KeyMatcher.ignoringCase("Content-Type"));
        String str = null;
        String str2 = null;
        if (unique != null) {
            str = unique.getValue();
            str2 = StringUtils.getCharsetFromContentType(str);
            if (str2 == null || str2.equals("")) {
                str2 = "iso-8859-1";
            }
        }
        String querystring = httpProxyRequest.getQuerystring();
        URL url = new URL(policyEnforcementServiceImpl.getEndpoint());
        String method = httpProxyRequest.getMethod();
        InputStream body = httpProxyRequest.getBody();
        KeyValuePairCollection formParameters = httpProxyRequest.getFormParameters();
        if ("POST".equalsIgnoreCase(method)) {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(body);
            bufferedInputStream.mark(2);
            if (bufferedInputStream != null && bufferedInputStream.read() > -1) {
                bufferedInputStream.reset();
                convertToQueryStringPayload = new TextualPayload(bufferedInputStream, str2);
            } else if (str == null || str.contains("x-www-form-urlencoded") || str.contains("x-www-form-encoded")) {
                querystring = null;
                convertToQueryStringPayload = convertToQueryStringPayload(formParameters);
            } else {
                convertToQueryStringPayload = new TextualPayload("", str2);
            }
            httpGetRequestForward = new HttpPostRequestForward(url, proxyUrl);
        } else {
            if (!"GET".equalsIgnoreCase(method)) {
                throw new IllegalArgumentException("HTTP method of request must either be 'POST' or 'GET'");
            }
            convertToQueryStringPayload = convertToQueryStringPayload(formParameters);
            httpGetRequestForward = new HttpGetRequestForward(url, proxyUrl);
        }
        if (httpGetRequestForward.getFacadeUrl() == null || httpGetRequestForward.getFacadeUrl().length() == 0) {
            httpGetRequestForward.setFacadeUrl(proxyUrl);
        }
        SecuredServiceHttpRequest securedServiceHttpRequest = new SecuredServiceHttpRequest(convertToQueryStringPayload, httpGetRequestForward);
        if (proxyPathInfo != null) {
            securedServiceHttpRequest.addAttribute(new SimpleTransferAttribute("request.pathinfo", proxyPathInfo));
        }
        if (querystring != null && !"GET".equalsIgnoreCase(method)) {
            securedServiceHttpRequest.addAttribute(new SimpleTransferAttribute("request.querystring", querystring));
        }
        String stringProperty = requestContext.getStringProperty(WSSRequestContext.PARAM_LICENSEREF);
        if (stringProperty != null) {
            securedServiceHttpRequest.addAttribute(new SimpleTransferAttribute("extension.licensereference", LicenseReference.createFrom(new String(Base64.decodeBase64(stringProperty.getBytes("UTF-8")), "UTF-8"))));
        }
        for (KeyValuePair keyValuePair : headers) {
            securedServiceHttpRequest.addAttribute(new SimpleTransferAttribute(keyValuePair.getKey(), keyValuePair.getValue()));
        }
        KeyValuePair unique2 = headers.getUnique(KeyMatcher.ignoringCase("Referer"));
        if (unique2 != null && !unique2.isValueEmpty()) {
            securedServiceHttpRequest.addAttribute(HttpHeaderAttribute.createHttpHeaderAttribute("Referer", unique2.getValue()));
        }
        if (str != null) {
            securedServiceHttpRequest.addAttribute(HttpHeaderAttribute.createHttpHeaderAttribute("Content-Type", str));
        }
        securedServiceHttpRequest.addAttribute(HttpHeaderAttribute.createHttpHeaderAttribute("Content-Charset", str2));
        String remoteAddress = httpProxyRequest.getRemoteAddress();
        securedServiceHttpRequest.addAttribute(new SimpleTransferAttribute("request.ip", remoteAddress));
        securedServiceHttpRequest.addAttribute(HttpHeaderAttribute.createHttpHeaderAttribute("X-Forwarded-For", remoteAddress));
        securedServiceHttpRequest.addAttribute(new SimpleTransferAttribute("request.service.baseurl", requestContext.getProperty("service.baseurl")));
        Cookie[] createCookies = createCookies(httpProxyRequest.getCookies());
        if (createCookies.length > 0) {
            securedServiceHttpRequest.addAttribute(new SimpleTransferAttribute("request.cookies", createCookies));
        }
        securedServiceHttpRequest.addAttribute(new SimpleTransferAttribute("request.httpservletrequest", requestContext.getProperty("request.servletrequest")));
        securedServiceHttpRequest.addAttribute(new SimpleTransferAttribute("request.httpservletresponse", requestContext.getProperty("request.servletresponse")));
        securedServiceHttpRequest.addAttribute(new SimpleTransferAttribute("request.httpservletcontext", getServletContext()));
        return securedServiceHttpRequest;
    }

    private Cookie[] createCookies(KeyValuePairCollection keyValuePairCollection) {
        Cookie[] cookieArr = new Cookie[keyValuePairCollection.size()];
        int i = 0;
        Iterator it = keyValuePairCollection.iterator();
        while (it.hasNext()) {
            KeyValuePair keyValuePair = (KeyValuePair) it.next();
            int i2 = i;
            i++;
            cookieArr[i2] = new Cookie(keyValuePair.getKey(), keyValuePair.getValue());
        }
        return cookieArr;
    }

    private QueryStringPayload convertToQueryStringPayload(KeyValuePairCollection keyValuePairCollection) {
        QueryStringPayload queryStringPayload = new QueryStringPayload();
        Iterator it = keyValuePairCollection.iterator();
        while (it.hasNext()) {
            KeyValuePair keyValuePair = (KeyValuePair) it.next();
            queryStringPayload.addParameter(keyValuePair.getKey(), keyValuePair.getValue());
        }
        return queryStringPayload;
    }

    public void destroy() {
        super.destroy();
    }
}
