package org.liveSense.service.guacamole;

import java.io.BufferedWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.net.URL;
import javax.jcr.Session;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sourceforge.guacamole.GuacamoleClientException;
import net.sourceforge.guacamole.GuacamoleException;
import net.sourceforge.guacamole.GuacamoleResourceNotFoundException;
import net.sourceforge.guacamole.GuacamoleSecurityException;
import net.sourceforge.guacamole.GuacamoleServerException;
import net.sourceforge.guacamole.io.GuacamoleReader;
import net.sourceforge.guacamole.io.GuacamoleWriter;
import net.sourceforge.guacamole.net.GuacamoleTunnel;
import net.sourceforge.guacamole.net.InetGuacamoleSocket;
import net.sourceforge.guacamole.protocol.ConfiguredGuacamoleSocket;
import net.sourceforge.guacamole.protocol.GuacamoleConfiguration;
import net.sourceforge.guacamole.servlet.GuacamoleHTTPTunnelServlet;
import net.sourceforge.guacamole.servlet.GuacamoleSession;
import org.apache.commons.lang.StringUtils;
import org.apache.felix.scr.annotations.Activate;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Deactivate;
import org.apache.felix.scr.annotations.Properties;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.ReferenceCardinality;
import org.apache.felix.scr.annotations.ReferencePolicy;
import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.sling.auth.core.AuthenticationSupport;
import org.apache.sling.commons.mime.MimeTypeService;
import org.apache.sling.jcr.api.SlingRepository;
import org.liveSense.service.securityManager.SecurityManagerService;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.http.HttpContext;
import org.osgi.service.http.HttpService;
import org.osgi.service.http.NamespaceException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Service
@Component(label = "%guacamole.servlet.name", description = "%guacamole.servlet.description", immediate = true, metatype = true)
@Properties({@Property(label = "%guacamole.servlet.tunnel.url", description = "%guacamole.servlet.tunnel.url.description", name = GuacamoleTunnelServletParameterProvider.PROP_TUNNEL_URL, value = {GuacamoleTunnelServletParameterProvider.DEFAULT_TUNNEL_URL}), @Property(label = "%guacamole.servlet.guacd.socket.address", description = "%guacamole.servlet.guacd.socket.address.description", name = GuacamoleTunnelServletParameterProvider.PROP_GAUCD_SOCKET_ADDRESS, value = {GuacamoleTunnelServletParameterProvider.DEFAULT_GUACD_SOCKET_ADDRESS}), @Property(label = "%guacamole.servlet.guacd.socket.port", description = "%guacamole.servlet.guacd.socket.port.description", name = GuacamoleTunnelServletParameterProvider.PROP_GAUCD_SOCKET_PORT, intValue = {GuacamoleTunnelServletParameterProvider.DEFAULT_GUACD_SOCKET_PORT})})
/* loaded from: input_file:org/liveSense/service/guacamole/GuacamoleTunnelServlet.class */
public class GuacamoleTunnelServlet extends HttpServlet {
    Logger log = LoggerFactory.getLogger(GuacamoleHTTPTunnelServlet.class);

    @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY, policy = ReferencePolicy.DYNAMIC)
    private HttpService osgiHttpService;

    @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY, policy = ReferencePolicy.DYNAMIC)
    private AuthenticationSupport slingAuthenticator;

    @Reference(policy = ReferencePolicy.DYNAMIC, cardinality = ReferenceCardinality.OPTIONAL_UNARY)
    private MimeTypeService mimeTypeService;

    @Reference(policy = ReferencePolicy.DYNAMIC, cardinality = ReferenceCardinality.MANDATORY_UNARY)
    private SecurityManagerService securityService;

    @Reference(policy = ReferencePolicy.DYNAMIC, cardinality = ReferenceCardinality.MANDATORY_UNARY)
    private SlingRepository repository;
    private ComponentContext context;
    private static final int UUID_LENGTH = 36;
    private static final String READ_PREFIX = "read:";
    private static final int READ_PREFIX_LENGTH = READ_PREFIX.length();
    private static final String WRITE_PREFIX = "write:";
    private static final int WRITE_PREFIX_LENGTH = WRITE_PREFIX.length();

    @Activate
    protected void activate(ComponentContext componentContext) {
        this.context = componentContext;
        HttpContext httpContext = new HttpContext() { // from class: org.liveSense.service.guacamole.GuacamoleTunnelServlet.1
            public boolean handleSecurity(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
                return true;
            }

            public URL getResource(String str) {
                return null;
            }

            public String getMimeType(String str) {
                MimeTypeService mimeTypeService = GuacamoleTunnelServlet.this.mimeTypeService;
                if (mimeTypeService != null) {
                    return mimeTypeService.getMimeType(str);
                }
                return null;
            }
        };
        this.log.info("Registering Guacamole tunnel servlet: " + GuacamoleTunnelServletParameterProvider.getTunnelUrl(componentContext));
        try {
            this.osgiHttpService.registerServlet(GuacamoleTunnelServletParameterProvider.getTunnelUrl(componentContext), this, new java.util.Properties(), httpContext);
        } catch (ServletException e) {
            this.log.error("Activate: ", e);
        } catch (NamespaceException e2) {
            this.log.error("Activate: ", e2);
        }
    }

    @Deactivate
    protected void deactivate() {
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException {
        handleTunnelRequest(httpServletRequest, httpServletResponse);
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException {
        handleTunnelRequest(httpServletRequest, httpServletResponse);
    }

    protected GuacamoleTunnel doConnect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws GuacamoleException {
        if (!this.slingAuthenticator.handleSecurity(httpServletRequest, httpServletResponse)) {
            return null;
        }
        Session session = null;
        try {
            try {
                GuacamoleConfiguration guacamoleConfiguration = new GuacamoleConfiguration();
                String str = (String) httpServletRequest.getAttribute("org.osgi.service.http.authentication.remote.user");
                if (str.equals("anonymous")) {
                    if (0 != 0 && session.isLive()) {
                        session.logout();
                    }
                    return null;
                }
                session = this.repository.loginAdministrative((String) null);
                User userByName = this.securityService.getUserByName(session, str);
                guacamoleConfiguration.setProtocol(userByName.getProperty("rdpProtocol") != null ? userByName.getProperty("rdpProtocol")[0].getString() : null);
                guacamoleConfiguration.setParameter("hostname", userByName.getProperty("rdpHost") != null ? userByName.getProperty("rdpHost")[0].getString() : null);
                guacamoleConfiguration.setParameter("port", userByName.getProperty("rdpPort") != null ? userByName.getProperty("rdpPort")[0].getString() : null);
                guacamoleConfiguration.setParameter("username", userByName.getProperty("rdpUserName") != null ? userByName.getProperty("rdpUserName")[0].getString() : null);
                guacamoleConfiguration.setParameter("password", userByName.getProperty("rdpPassword") != null ? userByName.getProperty("rdpPassword")[0].getString() : null);
                if (StringUtils.isEmpty(guacamoleConfiguration.getParameter("username"))) {
                    if (session != null && session.isLive()) {
                        session.logout();
                    }
                    return null;
                }
                this.log.info("Connecting to GUACD daemon at " + GuacamoleTunnelServletParameterProvider.getGuacdSocketAddress(this.context) + ":" + GuacamoleTunnelServletParameterProvider.getGuacdSocketPort(this.context));
                this.log.info("RDP host: " + guacamoleConfiguration.getParameter("hostname") + ":" + guacamoleConfiguration.getParameter("port") + " with user " + guacamoleConfiguration.getParameter("username"));
                GuacamoleTunnel guacamoleTunnel = new GuacamoleTunnel(new ConfiguredGuacamoleSocket(new InetGuacamoleSocket(GuacamoleTunnelServletParameterProvider.getGuacdSocketAddress(this.context), GuacamoleTunnelServletParameterProvider.getGuacdSocketPort(this.context).intValue()), guacamoleConfiguration));
                new GuacamoleSession(httpServletRequest.getSession(true)).attachTunnel(guacamoleTunnel);
                if (session != null && session.isLive()) {
                    session.logout();
                }
                return guacamoleTunnel;
            } catch (Throwable th) {
                this.log.error("Could not get tunnel", th);
                if (session == null || !session.isLive()) {
                    return null;
                }
                session.logout();
                return null;
            }
        } catch (Throwable th2) {
            if (session != null && session.isLive()) {
                session.logout();
            }
            throw th2;
        }
    }

    private void sendError(HttpServletResponse httpServletResponse, int i) throws ServletException {
        try {
            if (!httpServletResponse.isCommitted()) {
                httpServletResponse.sendError(i);
            }
        } catch (IOException e) {
            throw new ServletException(e);
        }
    }

    protected void handleTunnelRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException {
        try {
            String queryString = httpServletRequest.getQueryString();
            if (queryString == null) {
                throw new GuacamoleClientException("No query string provided.");
            }
            if (queryString.equals("connect")) {
                GuacamoleTunnel doConnect = doConnect(httpServletRequest, httpServletResponse);
                if (doConnect != null) {
                    new GuacamoleSession(httpServletRequest.getSession(true)).attachTunnel(doConnect);
                    this.log.info("Connection from {} succeeded.", httpServletRequest.getRemoteAddr());
                    try {
                        httpServletResponse.setHeader("Cache-Control", "no-cache");
                        httpServletResponse.getWriter().print(doConnect.getUUID().toString());
                    } catch (IOException e) {
                        throw new GuacamoleServerException(e);
                    }
                }
            } else if (queryString.startsWith(READ_PREFIX)) {
                doRead(httpServletRequest, httpServletResponse, queryString.substring(READ_PREFIX_LENGTH, READ_PREFIX_LENGTH + UUID_LENGTH));
            } else {
                if (!queryString.startsWith(WRITE_PREFIX)) {
                    throw new GuacamoleClientException("Invalid tunnel operation: " + queryString);
                }
                doWrite(httpServletRequest, httpServletResponse, queryString.substring(WRITE_PREFIX_LENGTH, WRITE_PREFIX_LENGTH + UUID_LENGTH));
            }
        } catch (GuacamoleResourceNotFoundException e2) {
            this.log.debug("Resource not found.", e2);
            sendError(httpServletResponse, 404);
        } catch (GuacamoleSecurityException e3) {
            this.log.warn("Authorization failed.", e3);
            sendError(httpServletResponse, 403);
        } catch (GuacamoleClientException e4) {
            this.log.warn("Error in client request.", e4);
            sendError(httpServletResponse, 400);
        } catch (GuacamoleException e5) {
            this.log.error("Server error in tunnel", e5);
            sendError(httpServletResponse, 500);
        }
    }

    protected void doRead(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws GuacamoleException {
        char[] read;
        GuacamoleSession guacamoleSession = new GuacamoleSession(httpServletRequest.getSession(false));
        GuacamoleTunnel tunnel = guacamoleSession.getTunnel(str);
        if (tunnel == null) {
            throw new GuacamoleResourceNotFoundException("No such tunnel.");
        }
        if (!tunnel.isOpen()) {
            throw new GuacamoleResourceNotFoundException("Tunnel is closed.");
        }
        GuacamoleReader acquireReader = tunnel.acquireReader();
        try {
            try {
                httpServletResponse.setContentType("application/octet-stream");
                httpServletResponse.setHeader("Cache-Control", "no-cache");
                BufferedWriter bufferedWriter = new BufferedWriter(new OutputStreamWriter((OutputStream) httpServletResponse.getOutputStream(), "UTF-8"));
                char[] read2 = acquireReader.read();
                if (read2 == null) {
                    throw new GuacamoleResourceNotFoundException("Tunnel reached end of stream.");
                }
                do {
                    bufferedWriter.write(read2, 0, read2.length);
                    if (!acquireReader.available()) {
                        bufferedWriter.flush();
                        httpServletResponse.flushBuffer();
                    }
                    if (tunnel.hasQueuedReaderThreads() || !tunnel.isOpen()) {
                        break;
                    }
                    read = acquireReader.read();
                    read2 = read;
                } while (read != null);
                if (read2 == null) {
                    tunnel.close();
                }
                bufferedWriter.write("0.;");
                bufferedWriter.flush();
                httpServletResponse.flushBuffer();
                tunnel.releaseReader();
            } catch (IOException e) {
                this.log.debug("Error writing to servlet output stream", e);
                guacamoleSession.detachTunnel(tunnel);
                tunnel.close();
                tunnel.releaseReader();
            } catch (GuacamoleException e2) {
                guacamoleSession.detachTunnel(tunnel);
                tunnel.close();
                throw e2;
            }
        } catch (Throwable th) {
            tunnel.releaseReader();
            throw th;
        }
    }

    protected void doWrite(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws GuacamoleException {
        int read;
        GuacamoleSession guacamoleSession = new GuacamoleSession(httpServletRequest.getSession(false));
        GuacamoleTunnel tunnel = guacamoleSession.getTunnel(str);
        if (tunnel == null) {
            throw new GuacamoleResourceNotFoundException("No such tunnel.");
        }
        httpServletResponse.setContentType("application/octet-stream");
        httpServletResponse.setHeader("Cache-Control", "no-cache");
        httpServletResponse.setContentLength(0);
        try {
            try {
                GuacamoleWriter acquireWriter = tunnel.acquireWriter();
                InputStreamReader inputStreamReader = new InputStreamReader((InputStream) httpServletRequest.getInputStream(), "UTF-8");
                char[] cArr = new char[8192];
                while (tunnel.isOpen() && (read = inputStreamReader.read(cArr, 0, cArr.length)) != -1) {
                    acquireWriter.write(cArr, 0, read);
                }
            } catch (IOException e) {
                guacamoleSession.detachTunnel(tunnel);
                tunnel.close();
                throw new GuacamoleServerException("I/O Error sending data to server: " + e.getMessage(), e);
            }
        } finally {
            tunnel.releaseWriter();
        }
    }

    protected void bindOsgiHttpService(HttpService httpService) {
        this.osgiHttpService = httpService;
    }

    protected void unbindOsgiHttpService(HttpService httpService) {
        if (this.osgiHttpService == httpService) {
            this.osgiHttpService = null;
        }
    }

    protected void bindSlingAuthenticator(AuthenticationSupport authenticationSupport) {
        this.slingAuthenticator = authenticationSupport;
    }

    protected void unbindSlingAuthenticator(AuthenticationSupport authenticationSupport) {
        if (this.slingAuthenticator == authenticationSupport) {
            this.slingAuthenticator = null;
        }
    }

    protected void bindMimeTypeService(MimeTypeService mimeTypeService) {
        this.mimeTypeService = mimeTypeService;
    }

    protected void unbindMimeTypeService(MimeTypeService mimeTypeService) {
        if (this.mimeTypeService == mimeTypeService) {
            this.mimeTypeService = null;
        }
    }

    protected void bindSecurityService(SecurityManagerService securityManagerService) {
        this.securityService = securityManagerService;
    }

    protected void unbindSecurityService(SecurityManagerService securityManagerService) {
        if (this.securityService == securityManagerService) {
            this.securityService = null;
        }
    }

    protected void bindRepository(SlingRepository slingRepository) {
        this.repository = slingRepository;
    }

    protected void unbindRepository(SlingRepository slingRepository) {
        if (this.repository == slingRepository) {
            this.repository = null;
        }
    }
}
