package org.n52.security.service.enforcement;

import java.io.BufferedInputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.util.Enumeration;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.n52.security.common.artifact.HttpHeaderAttribute;
import org.n52.security.common.artifact.Payload;
import org.n52.security.common.artifact.QueryStringPayload;
import org.n52.security.common.artifact.SimpleTransferAttribute;
import org.n52.security.common.artifact.TextualPayload;
import org.n52.security.common.artifact.Transferable;
import org.n52.security.enforcement.chain.SecuredServiceRequest;
import org.n52.security.enforcement.chain.impl.HttpGetRequestForward;
import org.n52.security.enforcement.chain.impl.HttpPostRequestForward;
import org.n52.security.enforcement.chain.impl.HttpRequestForward;
import org.n52.security.enforcement.chain.impl.SecuredServiceHttpRequest;
import org.n52.security.licensing.LicenseReference;

/* loaded from: input_file:org/n52/security/service/enforcement/ForwardingSecuredServiceRequestBuilder.class */
public class ForwardingSecuredServiceRequestBuilder extends SecuredServiceRequestBuilder {
    public static final String LICENSEREFERENCE_ATTRIBUTE_NAME = "licensereference";
    public static final String FACADEURL_ATTRIBUTE_NAME = "facadeurl";
    private String m_redirectionAuthenticationUrl;
    private URL m_protectedServiceEndpoint;
    private final EnforcementServiceRequest m_wssRequestUrl;

    public ForwardingSecuredServiceRequestBuilder(EnforcementServiceRequest enforcementServiceRequest) {
        this.m_wssRequestUrl = enforcementServiceRequest;
    }

    public SecuredServiceRequest build(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        SecuredServiceRequest buildSecuredServiceRequest = buildSecuredServiceRequest(httpServletRequest);
        addPathinfoAttribute(buildSecuredServiceRequest);
        addQueryStringAttribute(httpServletRequest, buildSecuredServiceRequest);
        addWSSLicenseReferenceAttribute(httpServletRequest, buildSecuredServiceRequest);
        addAllHttpHeadersAttrributes(httpServletRequest, buildSecuredServiceRequest);
        addRedirectionUrlAttribute(buildSecuredServiceRequest);
        addRequestIpAttribute(httpServletRequest, buildSecuredServiceRequest);
        addCookiesAttribute(httpServletRequest, buildSecuredServiceRequest);
        buildSecuredServiceRequest.addAttribute(new SimpleTransferAttribute("request.httpservletrequest", httpServletRequest));
        buildSecuredServiceRequest.addAttribute(new SimpleTransferAttribute("request.httpservletresponse", httpServletResponse));
        buildSecuredServiceRequest.addAttribute(new SimpleTransferAttribute("request.service.baseurl", this.m_wssRequestUrl.buildServiceUrl()));
        addReferrerHeaderAttribute(httpServletRequest, buildSecuredServiceRequest);
        addContentTypeHeaderAttribute(httpServletRequest, buildSecuredServiceRequest);
        addContentCharsetHeaderAttribute(httpServletRequest, buildSecuredServiceRequest);
        addXForwardedForHeaderAttribute(httpServletRequest, buildSecuredServiceRequest);
        return buildSecuredServiceRequest;
    }

    private SecuredServiceRequest buildSecuredServiceRequest(HttpServletRequest httpServletRequest) throws IOException {
        return new SecuredServiceHttpRequest(getPayload(httpServletRequest), getForward(httpServletRequest));
    }

    private HttpRequestForward getForward(HttpServletRequest httpServletRequest) {
        String facadeUrl = getFacadeUrl(httpServletRequest);
        if (isHttpPost(httpServletRequest)) {
            return new HttpPostRequestForward(getProtectedServiceEndpoint(), facadeUrl);
        }
        if (isHttpGet(httpServletRequest)) {
            return new HttpGetRequestForward(getProtectedServiceEndpoint(), facadeUrl);
        }
        throw new IllegalArgumentException("HTTP method of request must either be 'POST' or 'GET'");
    }

    public Payload getPayload(HttpServletRequest httpServletRequest) throws IOException {
        if (isHttpPost(httpServletRequest)) {
            return buildPayloadFromPost(httpServletRequest);
        }
        if (isHttpGet(httpServletRequest)) {
            return getFullQueryString(httpServletRequest);
        }
        throw new IllegalArgumentException("HTTP method of request must either be 'POST' or 'GET'");
    }

    private void addQueryStringAttribute(HttpServletRequest httpServletRequest, SecuredServiceRequest securedServiceRequest) {
        if ((securedServiceRequest.getPayload() instanceof QueryStringPayload) || httpServletRequest.getMethod().equalsIgnoreCase("GET")) {
            return;
        }
        securedServiceRequest.addAttribute(new SimpleTransferAttribute("request.querystring", httpServletRequest.getQueryString()));
    }

    private void addWSSLicenseReferenceAttribute(HttpServletRequest httpServletRequest, SecuredServiceRequest securedServiceRequest) {
        if (hasLicenseReference(httpServletRequest)) {
            securedServiceRequest.addAttribute(new SimpleTransferAttribute("extension.licensereference", getLicenseReference(httpServletRequest)));
        }
    }

    private void addAllHttpHeadersAttrributes(HttpServletRequest httpServletRequest, SecuredServiceRequest securedServiceRequest) {
        Enumeration headerNames = httpServletRequest.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String str = (String) headerNames.nextElement();
            securedServiceRequest.addAttribute(new SimpleTransferAttribute(str, httpServletRequest.getHeader(str)));
        }
    }

    private void addRedirectionUrlAttribute(SecuredServiceRequest securedServiceRequest) {
        String redirectionAuthenticationUrl = getRedirectionAuthenticationUrl();
        if (redirectionAuthenticationUrl != null) {
            securedServiceRequest.addAttribute(new SimpleTransferAttribute("noauth.url", redirectionAuthenticationUrl));
        }
    }

    private void addRequestIpAttribute(HttpServletRequest httpServletRequest, SecuredServiceRequest securedServiceRequest) {
        securedServiceRequest.addAttribute(new SimpleTransferAttribute("request.ip", httpServletRequest.getRemoteAddr()));
    }

    private void addCookiesAttribute(HttpServletRequest httpServletRequest, SecuredServiceRequest securedServiceRequest) {
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null || cookies.length <= 0) {
            return;
        }
        securedServiceRequest.addAttribute(new SimpleTransferAttribute("request.cookies", cookies));
    }

    private boolean isHttpPost(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getMethod().equalsIgnoreCase("POST");
    }

    private boolean isHttpGet(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getMethod().equalsIgnoreCase("GET");
    }

    private Payload buildPayloadFromPost(HttpServletRequest httpServletRequest) throws IOException {
        QueryStringPayload textualPayload;
        if (httpServletRequest.getContentType() == null || !httpServletRequest.getContentType().contains("x-www-form")) {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(httpServletRequest.getInputStream());
            textualPayload = isInputStreamAvailable(bufferedInputStream) ? new TextualPayload(bufferedInputStream, getNullSafeEncoding(httpServletRequest)) : httpServletRequest.getContentType() == null ? getFullQueryString(httpServletRequest) : new TextualPayload("", getNullSafeEncoding(httpServletRequest));
        } else {
            textualPayload = getFullQueryString(httpServletRequest);
        }
        return textualPayload;
    }

    private boolean isInputStreamAvailable(BufferedInputStream bufferedInputStream) {
        try {
            bufferedInputStream.mark(2);
            if (bufferedInputStream == null || bufferedInputStream.read() <= -1) {
                return false;
            }
            bufferedInputStream.reset();
            return true;
        } catch (IOException e) {
            return false;
        }
    }

    private QueryStringPayload getFullQueryString(HttpServletRequest httpServletRequest) {
        QueryStringPayload queryStringPayload = new QueryStringPayload();
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            queryStringPayload.addParameter(str, httpServletRequest.getParameter(str));
        }
        return queryStringPayload;
    }

    private String getNullSafeEncoding(HttpServletRequest httpServletRequest) {
        String characterEncoding = httpServletRequest.getCharacterEncoding();
        if (characterEncoding == null || characterEncoding.equals("")) {
            characterEncoding = "utf-8";
        }
        return characterEncoding;
    }

    private void addPathinfoAttribute(Transferable transferable) {
        String effectivePathInfo = this.m_wssRequestUrl.getEffectivePathInfo();
        if (effectivePathInfo != null) {
            transferable.addAttribute(new SimpleTransferAttribute("request.pathinfo", effectivePathInfo));
        }
    }

    private String getFacadeUrl(HttpServletRequest httpServletRequest) {
        String str = (String) httpServletRequest.getAttribute(FACADEURL_ATTRIBUTE_NAME);
        if (str == null) {
            str = this.m_wssRequestUrl.buildServiceUrl();
        }
        return str;
    }

    private LicenseReference getLicenseReference(HttpServletRequest httpServletRequest) {
        String str = (String) httpServletRequest.getAttribute(LICENSEREFERENCE_ATTRIBUTE_NAME);
        if (str == null) {
            return null;
        }
        try {
            return LicenseReference.createFrom(new String(Base64.decodeBase64(str.getBytes("UTF-8")), "UTF-8"));
        } catch (UnsupportedEncodingException e) {
            throw new IllegalStateException("Error decoding license reference", e);
        }
    }

    private boolean hasLicenseReference(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getAttribute(LICENSEREFERENCE_ATTRIBUTE_NAME) != null;
    }

    private void addReferrerHeaderAttribute(HttpServletRequest httpServletRequest, SecuredServiceRequest securedServiceRequest) {
        String header = httpServletRequest.getHeader("Referer");
        if (header == null || header.length() <= 0) {
            return;
        }
        securedServiceRequest.addAttribute(HttpHeaderAttribute.createHttpHeaderAttribute("Referer", header));
    }

    private void addContentTypeHeaderAttribute(HttpServletRequest httpServletRequest, SecuredServiceRequest securedServiceRequest) {
        if (httpServletRequest.getContentType() != null) {
            securedServiceRequest.addAttribute(HttpHeaderAttribute.createHttpHeaderAttribute("Content-Type", httpServletRequest.getContentType()));
        }
    }

    private void addContentCharsetHeaderAttribute(HttpServletRequest httpServletRequest, SecuredServiceRequest securedServiceRequest) {
        securedServiceRequest.addAttribute(HttpHeaderAttribute.createHttpHeaderAttribute("Content-Charset", getNullSafeEncoding(httpServletRequest)));
    }

    private void addXForwardedForHeaderAttribute(HttpServletRequest httpServletRequest, SecuredServiceRequest securedServiceRequest) {
        securedServiceRequest.addAttribute(HttpHeaderAttribute.createHttpHeaderAttribute("X-Forwarded-For", httpServletRequest.getRemoteAddr()));
    }

    public void setProtectedServiceEndpoint(URL url) {
        this.m_protectedServiceEndpoint = url;
    }

    public URL getProtectedServiceEndpoint() {
        return this.m_protectedServiceEndpoint;
    }

    public void setRedirectionAuthenticationUrl(String str) {
        this.m_redirectionAuthenticationUrl = str;
    }

    public String getRedirectionAuthenticationUrl() {
        return this.m_redirectionAuthenticationUrl;
    }
}
