package org.n52.security.service.enforcement;

import java.io.BufferedInputStream;
import java.io.IOException;
import java.net.URL;
import java.util.Enumeration;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.n52.security.authentication.AuthenticationContextUtil;
import org.n52.security.common.artifact.HttpHeaderAttribute;
import org.n52.security.common.artifact.Payload;
import org.n52.security.common.artifact.QueryStringPayload;
import org.n52.security.common.artifact.ServiceException;
import org.n52.security.common.artifact.SimpleTransferAttribute;
import org.n52.security.common.artifact.TextualPayload;
import org.n52.security.common.util.TransferableServletWriter;
import org.n52.security.enforcement.chain.SecuredServiceRequest;
import org.n52.security.enforcement.chain.impl.HttpGetRequestForward;
import org.n52.security.enforcement.chain.impl.HttpPostRequestForward;
import org.n52.security.enforcement.chain.impl.SecuredServiceHttpRequest;
import org.n52.security.service.authentication.servlet.SecurityRequest;
import org.n52.security.service.config.SecurityConfig;
import org.n52.security.service.config.SecurityConfigListener;
import org.n52.security.service.config.ServiceConfig;
import org.n52.security.service.config.support.AbstractSecurityServiceServlet;
import org.n52.security.service.wss.PolicyEnforcementServiceImpl;
import org.n52.security.service.wss.PolicyEnforcementServiceLocator;
import org.n52.security.service.wss.SecurityConfigPolicyEnforcementServiceLocator;

/* loaded from: input_file:org/n52/security/service/enforcement/EnforcementServiceServlet.class */
public class EnforcementServiceServlet extends AbstractSecurityServiceServlet implements SecurityConfigListener {
    private static final long serialVersionUID = 9085866663075970881L;
    private static final Log LOG = LogFactory.getLog(EnforcementServiceServlet.class);
    private PolicyEnforcementServiceLocator m_pesLocator;

    protected void init(ServletConfig servletConfig, ServiceConfig serviceConfig, SecurityConfig securityConfig) {
        if (serviceConfig.getInstance() instanceof PolicyEnforcementServiceLocator) {
            this.m_pesLocator = (PolicyEnforcementServiceLocator) serviceConfig.getInstance();
        }
        if (this.m_pesLocator == null) {
            this.m_pesLocator = (PolicyEnforcementServiceLocator) serviceConfig.getProperties().get("policyEnforcementServiceLocator");
        }
        if (this.m_pesLocator == null) {
            SecurityConfigPolicyEnforcementServiceLocator securityConfigPolicyEnforcementServiceLocator = new SecurityConfigPolicyEnforcementServiceLocator();
            securityConfigPolicyEnforcementServiceLocator.setServiceConfig(serviceConfig);
            this.m_pesLocator = securityConfigPolicyEnforcementServiceLocator;
        }
    }

    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        SecurityRequest securityRequest = new SecurityRequest(httpServletRequest);
        String enforcementPointId = securityRequest.getEnforcementPointId();
        String authenticationScheme = securityRequest.getAuthenticationScheme();
        try {
            PolicyEnforcementServiceImpl locate = this.m_pesLocator.locate(enforcementPointId, authenticationScheme);
            if (locate == null) {
                httpServletResponse.sendError(404, String.format("No enforcement point configuration for id <%s> and authentication scheme <%s> found", enforcementPointId, authenticationScheme));
                return;
            }
            SecuredServiceRequest buildSecuredServiceRequest = buildSecuredServiceRequest(securityRequest, httpServletRequest, locate);
            addPathinfoAttribute(securityRequest, buildSecuredServiceRequest);
            addQueryStringAttribute(httpServletRequest, buildSecuredServiceRequest);
            addWSSLicenseReferenceAttribute(securityRequest, buildSecuredServiceRequest);
            addAllHttpHeadersAttrributes(httpServletRequest, buildSecuredServiceRequest);
            addRedirectionUrlAttribute(securityRequest, locate, buildSecuredServiceRequest);
            addRequestIpAttribute(httpServletRequest, buildSecuredServiceRequest);
            addCookiesAttribute(httpServletRequest, buildSecuredServiceRequest);
            buildSecuredServiceRequest.addAttribute(new SimpleTransferAttribute("request.httpservletrequest", securityRequest));
            buildSecuredServiceRequest.addAttribute(new SimpleTransferAttribute("request.httpservletresponse", httpServletResponse));
            buildSecuredServiceRequest.addAttribute(new SimpleTransferAttribute("request.httpservletcontext", getServletContext()));
            buildSecuredServiceRequest.addAttribute(new SimpleTransferAttribute("request.service.baseurl", securityRequest.buildServiceUrl()));
            addReferrerHeaderAttribute(httpServletRequest, buildSecuredServiceRequest);
            addContentTypeHeaderAttribute(httpServletRequest, buildSecuredServiceRequest);
            addContentCharsetHeaderAttribute(httpServletRequest, buildSecuredServiceRequest);
            addXForwardedForHeaderAttribute(httpServletRequest, buildSecuredServiceRequest);
            new TransferableServletWriter(locate.doService(buildSecuredServiceRequest, AuthenticationContextUtil.getCurrentAuthenticationContext())).write(httpServletResponse);
        } catch (ServiceException e) {
            new TransferableServletWriter(e.getAsTransferable()).write(httpServletResponse);
        } catch (Exception e2) {
            if (LOG.isWarnEnabled()) {
                LOG.warn("Unexpected Exception occured :" + e2, e2);
            }
            new TransferableServletWriter(new ServiceException(e2.getMessage(), "ServiceError").getAsTransferable()).write(httpServletResponse);
        }
    }

    public void addWSSLicenseReferenceAttribute(SecurityRequest securityRequest, SecuredServiceRequest securedServiceRequest) {
        if (securityRequest.hasLicenseReference()) {
            securedServiceRequest.addAttribute(new SimpleTransferAttribute("extension.licensereference", securityRequest.getLicenseReference()));
        }
    }

    private String buildRedirectionUrl(SecurityRequest securityRequest, PolicyEnforcementServiceImpl policyEnforcementServiceImpl) {
        String redirectionAuthenticationScheme = policyEnforcementServiceImpl.getRedirectionAuthenticationScheme();
        if (redirectionAuthenticationScheme == null || !existsEnforcementPointForAuthenticationScheme(securityRequest.getEnforcementPointId(), redirectionAuthenticationScheme)) {
            return null;
        }
        return securityRequest.buildServiceUrl(redirectionAuthenticationScheme);
    }

    private boolean existsEnforcementPointForAuthenticationScheme(String str, String str2) {
        return this.m_pesLocator.locate(str, str2) != null;
    }

    private SecuredServiceRequest buildSecuredServiceRequest(SecurityRequest securityRequest, HttpServletRequest httpServletRequest, PolicyEnforcementServiceImpl policyEnforcementServiceImpl) throws IOException {
        Payload fullQueryString;
        HttpPostRequestForward httpGetRequestForward;
        String facadeUrl = securityRequest.getFacadeUrl();
        if (securityRequest.isHttpPost()) {
            fullQueryString = buildPayloadFromPost(securityRequest, httpServletRequest);
            httpGetRequestForward = new HttpPostRequestForward(new URL(policyEnforcementServiceImpl.getEndpoint()), facadeUrl);
        } else {
            if (!securityRequest.isHttpGet()) {
                throw new IllegalArgumentException("HTTP method of request must either be 'POST' or 'GET'");
            }
            fullQueryString = getFullQueryString(httpServletRequest);
            httpGetRequestForward = new HttpGetRequestForward(new URL(policyEnforcementServiceImpl.getEndpoint()), facadeUrl);
        }
        return new SecuredServiceHttpRequest(fullQueryString, httpGetRequestForward);
    }

    public void addXForwardedForHeaderAttribute(HttpServletRequest httpServletRequest, SecuredServiceRequest securedServiceRequest) {
        securedServiceRequest.addAttribute(HttpHeaderAttribute.createHttpHeaderAttribute("X-Forwarded-For", httpServletRequest.getRemoteAddr()));
    }

    public void addContentCharsetHeaderAttribute(HttpServletRequest httpServletRequest, SecuredServiceRequest securedServiceRequest) {
        securedServiceRequest.addAttribute(HttpHeaderAttribute.createHttpHeaderAttribute("Content-Charset", getNullSafeEncoding(httpServletRequest)));
    }

    public void addContentTypeHeaderAttribute(HttpServletRequest httpServletRequest, SecuredServiceRequest securedServiceRequest) {
        if (httpServletRequest.getContentType() != null) {
            securedServiceRequest.addAttribute(HttpHeaderAttribute.createHttpHeaderAttribute("Content-Type", httpServletRequest.getContentType()));
        }
    }

    public void addReferrerHeaderAttribute(HttpServletRequest httpServletRequest, SecuredServiceRequest securedServiceRequest) {
        String header = httpServletRequest.getHeader("Referer");
        if (header == null || header.length() <= 0) {
            return;
        }
        securedServiceRequest.addAttribute(HttpHeaderAttribute.createHttpHeaderAttribute("Referer", header));
    }

    public void addCookiesAttribute(HttpServletRequest httpServletRequest, SecuredServiceRequest securedServiceRequest) {
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null || cookies.length <= 0) {
            return;
        }
        securedServiceRequest.addAttribute(new SimpleTransferAttribute("request.cookies", cookies));
    }

    public void addRequestIpAttribute(HttpServletRequest httpServletRequest, SecuredServiceRequest securedServiceRequest) {
        securedServiceRequest.addAttribute(new SimpleTransferAttribute("request.ip", httpServletRequest.getRemoteAddr()));
    }

    public void addRedirectionUrlAttribute(SecurityRequest securityRequest, PolicyEnforcementServiceImpl policyEnforcementServiceImpl, SecuredServiceRequest securedServiceRequest) {
        String buildRedirectionUrl = buildRedirectionUrl(securityRequest, policyEnforcementServiceImpl);
        if (buildRedirectionUrl != null) {
            securedServiceRequest.addAttribute(new SimpleTransferAttribute("noauth.url", buildRedirectionUrl));
        }
    }

    public void addQueryStringAttribute(HttpServletRequest httpServletRequest, SecuredServiceRequest securedServiceRequest) {
        if ((securedServiceRequest.getPayload() instanceof QueryStringPayload) || httpServletRequest.getMethod().equalsIgnoreCase("GET")) {
            return;
        }
        securedServiceRequest.addAttribute(new SimpleTransferAttribute("request.querystring", httpServletRequest.getQueryString()));
    }

    public Payload buildPayloadFromPost(SecurityRequest securityRequest, HttpServletRequest httpServletRequest) throws IOException {
        QueryStringPayload textualPayload;
        if (httpServletRequest.getContentType() == null || !httpServletRequest.getContentType().contains("x-www-form")) {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(httpServletRequest.getInputStream());
            textualPayload = securityRequest.isInputStreamAvailable(bufferedInputStream) ? new TextualPayload(bufferedInputStream, getNullSafeEncoding(httpServletRequest)) : httpServletRequest.getContentType() == null ? getFullQueryString(httpServletRequest) : new TextualPayload("", getNullSafeEncoding(httpServletRequest));
        } else {
            textualPayload = getFullQueryString(httpServletRequest);
        }
        return textualPayload;
    }

    public String getNullSafeEncoding(HttpServletRequest httpServletRequest) {
        String characterEncoding = httpServletRequest.getCharacterEncoding();
        if (characterEncoding == null || characterEncoding.equals("")) {
            characterEncoding = "utf-8";
        }
        return characterEncoding;
    }

    public void addPathinfoAttribute(SecurityRequest securityRequest, SecuredServiceRequest securedServiceRequest) {
        String effectivePathInfo = securityRequest.getEffectivePathInfo();
        if (effectivePathInfo != null) {
            securedServiceRequest.addAttribute(new SimpleTransferAttribute("request.pathinfo", effectivePathInfo));
        }
    }

    public void addAllHttpHeadersAttrributes(HttpServletRequest httpServletRequest, SecuredServiceRequest securedServiceRequest) {
        Enumeration headerNames = httpServletRequest.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String str = (String) headerNames.nextElement();
            securedServiceRequest.addAttribute(new SimpleTransferAttribute(str, httpServletRequest.getHeader(str)));
        }
    }

    private QueryStringPayload getFullQueryString(HttpServletRequest httpServletRequest) {
        QueryStringPayload queryStringPayload = new QueryStringPayload();
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            queryStringPayload.addParameter(str, httpServletRequest.getParameter(str));
        }
        return queryStringPayload;
    }

    public void destroy() {
        super.destroy();
    }
}
