package com.google.code.plsqlgateway.servlet;

import com.google.code.eforceconfig.EntityConfig;
import com.google.code.plsqlgateway.config.Configuration;
import com.google.code.plsqlgateway.dad.DADProcedureCaller;
import com.google.code.plsqlgateway.servlet.upload.OracleFileItem;
import com.google.code.plsqlgateway.servlet.upload.OracleFileItemFactory;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.ServletConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.sql.DataSource;
import oracle.jdbc.OracleCallableStatement;
import oracle.jdbc.OracleConnection;
import org.apache.commons.fileupload.FileUpload;
import org.apache.commons.fileupload.FileUploadException;
import org.apache.commons.fileupload.RequestContext;
import org.apache.commons.fileupload.servlet.ServletFileUpload;
import org.apache.commons.fileupload.servlet.ServletRequestContext;
import org.apache.log4j.Logger;
import sun.misc.BASE64Decoder;

/* loaded from: input_file:com/google/code/plsqlgateway/servlet/PLSQLGatewayServlet.class */
public class PLSQLGatewayServlet extends HttpServlet {
    private static final long serialVersionUID = 1;
    private static final Logger logger = Logger.getLogger(PLSQLGatewayServlet.class);
    private ServletContext ctx;
    private Configuration config;
    private EntityConfig intconfig;
    private EntityConfig genconfig;

    public void init(ServletConfig servletConfig) throws ServletException {
        this.ctx = servletConfig.getServletContext();
        this.config = Configuration.getInstance(this.ctx);
        this.intconfig = this.config.getInternal();
        this.genconfig = this.config.getGeneral();
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String contextPath;
        String pathInfo;
        String substring;
        Connection connection;
        String[][] cgiEnv;
        long currentTimeMillis = System.currentTimeMillis();
        httpServletRequest.setCharacterEncoding("UTF-8");
        if (this.genconfig.getBooleanParameter("embedded")) {
            contextPath = httpServletRequest.getContextPath() + httpServletRequest.getServletPath();
            if (this.genconfig.getBooleanParameter("multiple-dad")) {
                String pathInfo2 = httpServletRequest.getPathInfo();
                int indexOf = pathInfo2.indexOf(47, 1);
                contextPath = contextPath + pathInfo2.substring(0, indexOf);
                substring = pathInfo2.substring(1, indexOf);
                pathInfo = pathInfo2.substring(indexOf);
            } else {
                substring = "embedded";
                pathInfo = httpServletRequest.getPathInfo();
            }
        } else if (this.genconfig.getBooleanParameter("multiple-dad")) {
            String pathInfo3 = httpServletRequest.getPathInfo();
            int indexOf2 = pathInfo3.indexOf(47, 1);
            contextPath = httpServletRequest.getContextPath() + pathInfo3.substring(0, indexOf2);
            substring = pathInfo3.substring(1, indexOf2);
            pathInfo = pathInfo3.substring(indexOf2);
        } else {
            contextPath = httpServletRequest.getContextPath();
            pathInfo = httpServletRequest.getPathInfo();
            substring = contextPath.substring(1);
        }
        if (logger.isDebugEnabled()) {
            logger.debug("dadPath: " + contextPath + " pathInfo: " + pathInfo + " dadName: " + substring);
        }
        DataSource dADDataSource = getDADDataSource(substring);
        if (dADDataSource == null) {
            httpServletResponse.sendError(404);
            return;
        }
        EntityConfig dADConfig = this.config.getDADConfig(substring);
        if (pathInfo.equals("/")) {
            httpServletResponse.sendRedirect(contextPath + "/" + (dADConfig.getParameter("default-page") != null ? dADConfig.getParameter("default-page") : "home"));
            return;
        }
        if (pathInfo.equals("/_monitor")) {
            doMonitor(httpServletRequest, httpServletResponse, dADDataSource, dADConfig);
            return;
        }
        try {
            try {
                connection = (OracleConnection) dADDataSource.getConnection();
                connection.setAutoCommit(false);
                if (dADConfig.getBooleanParameter("timed-statistics")) {
                    logger.fatal((System.currentTimeMillis() - currentTimeMillis) + "ms: got connection");
                }
                cgiEnv = getCgiEnv(httpServletRequest, substring, pathInfo, contextPath, dADConfig, this.ctx);
            } catch (SQLInjectionException e) {
                logger.error(e.getMessage() + " uri: " + httpServletRequest.getRequestURI());
                httpServletResponse.sendError(400);
                if (0 != 0) {
                    try {
                        closeConnection(null, dADConfig);
                    } catch (SQLException e2) {
                    }
                }
            } catch (Exception e3) {
                logger.error("error uri: " + httpServletRequest.getRequestURI(), e3);
                throw new ServletException(e3);
            }
            if (!authorize(httpServletRequest, httpServletResponse, connection, pathInfo, dADConfig, cgiEnv)) {
                closeConnection(connection, dADConfig);
                if (connection != null) {
                    try {
                        closeConnection(connection, dADConfig);
                        return;
                    } catch (SQLException e4) {
                        return;
                    }
                }
                return;
            }
            ServletRequestContext servletRequestContext = new ServletRequestContext(httpServletRequest);
            Map parameterMap = httpServletRequest.getParameterMap();
            if (FileUpload.isMultipartContent(servletRequestContext)) {
                try {
                    parameterMap = processMultipart(httpServletRequest, servletRequestContext, connection, dADConfig);
                } catch (Exception e5) {
                    throw new ServletException(e5);
                }
            }
            DADProcedureCaller dADProcedureCaller = new DADProcedureCaller(pathInfo, parameterMap, httpServletRequest, dADConfig, cgiEnv, this.intconfig, this.genconfig);
            dADProcedureCaller.call(connection);
            OutputStream outputStream = null;
            PrintWriter printWriter = null;
            boolean z = false;
            while (dADProcedureCaller.fetch(connection) > 0) {
                String str = "";
                for (String str2 : dADProcedureCaller.getLines()) {
                    if (z) {
                        printWriter.write(str2);
                    } else if (str2.equals("\n")) {
                        z = true;
                        httpServletResponse.setCharacterEncoding("UTF-8");
                        outputStream = httpServletResponse.getOutputStream();
                        printWriter = new PrintWriter(outputStream);
                    } else if (str2.endsWith("\n")) {
                        str = str + str2;
                        String[] split = str.split("\\: ");
                        if (split.length == 2) {
                            httpServletResponse.addHeader(split[0], split[1].substring(0, split[1].length() - 1));
                            if (split[0].equals("Location")) {
                                httpServletResponse.setStatus(302);
                            }
                            str = "";
                        }
                    } else {
                        str = str + str2;
                    }
                }
                if (printWriter != null) {
                    printWriter.flush();
                }
            }
            if (dADProcedureCaller.isDocument()) {
                InputStream document = dADProcedureCaller.getDocument(connection);
                byte[] bArr = new byte[httpServletResponse.getBufferSize()];
                while (true) {
                    int read = document.read(bArr);
                    if (read <= 0) {
                        break;
                    } else {
                        outputStream.write(bArr, 0, read);
                    }
                }
                document.close();
                outputStream.flush();
                outputStream.close();
            }
            if (connection != null) {
                try {
                    closeConnection(connection, dADConfig);
                } catch (SQLException e6) {
                }
            }
            long currentTimeMillis2 = System.currentTimeMillis();
            if (dADConfig.getBooleanParameter("timed-statistics")) {
                logger.fatal((currentTimeMillis2 - currentTimeMillis) + "ms: " + ((Object) httpServletRequest.getRequestURL()));
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    closeConnection(null, dADConfig);
                } catch (SQLException e7) {
                }
            }
            throw th;
        }
    }

    private void doMonitor(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, DataSource dataSource, EntityConfig entityConfig) {
        OracleConnection oracleConnection = null;
        PrintWriter printWriter = null;
        httpServletResponse.setContentType("text/xml");
        try {
            try {
                printWriter = httpServletResponse.getWriter();
                printWriter.println("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
                oracleConnection = dataSource.getConnection();
                PreparedStatement prepareStatement = oracleConnection.prepareStatement("select * from dual");
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (executeQuery.next()) {
                    printWriter.println("<ok/>");
                } else {
                    printWriter.println("<ko/>");
                }
                executeQuery.close();
                prepareStatement.close();
                if (oracleConnection != null) {
                    try {
                        closeConnection(oracleConnection, entityConfig);
                    } catch (SQLException e) {
                        logger.error("closing monitor connection", e);
                    }
                }
                if (printWriter != null) {
                    printWriter.flush();
                }
            } catch (Exception e2) {
                logger.error("monitor service", e2);
                if (printWriter != null) {
                    printWriter.println("<ko><![CDATA[" + e2.getMessage() + "]]></ko>");
                }
                if (oracleConnection != null) {
                    try {
                        closeConnection(oracleConnection, entityConfig);
                    } catch (SQLException e3) {
                        logger.error("closing monitor connection", e3);
                    }
                }
                if (printWriter != null) {
                    printWriter.flush();
                }
            }
        } catch (Throwable th) {
            if (oracleConnection != null) {
                try {
                    closeConnection(oracleConnection, entityConfig);
                } catch (SQLException e4) {
                    logger.error("closing monitor connection", e4);
                }
            }
            if (printWriter != null) {
                printWriter.flush();
            }
            throw th;
        }
    }

    private boolean authorize(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Connection connection, String str, EntityConfig entityConfig, String[][] strArr) throws Exception {
        String str2;
        int indexOf;
        if (!"PerPackageOwa".equals(entityConfig.getParameter("authentication-mode"))) {
            return true;
        }
        String header = httpServletRequest.getHeader("Authorization");
        String str3 = null;
        String str4 = null;
        if (header != null) {
            String[] split = header.split(" ");
            if (split.length == 2 && split[0].equalsIgnoreCase("Basic") && (indexOf = (str2 = new String(new BASE64Decoder().decodeBuffer(split[1]))).indexOf(58)) != -1) {
                str3 = str2.substring(0, indexOf);
                str4 = str2.substring(indexOf + 1);
            }
        }
        String str5 = null;
        String[] split2 = str.substring(1).split("\\.");
        if (split2.length == 1) {
            return false;
        }
        if (split2.length == 2) {
            str5 = split2[0];
        } else if (split2.length == 3) {
            str5 = split2[0] + "." + split2[1];
        }
        OracleCallableStatement oracleCallableStatement = (OracleCallableStatement) connection.prepareCall(this.intconfig.getSQLstmt("AUTHORIZE").replaceFirst("#pkg#", str5.replaceFirst("^!", "")));
        oracleCallableStatement.setInt(1, strArr[0].length);
        setVcArr(oracleCallableStatement, 2, strArr[0]);
        setVcArr(oracleCallableStatement, 3, strArr[1]);
        oracleCallableStatement.setString(4, str3);
        oracleCallableStatement.setString(5, str4);
        if (entityConfig.getBooleanParameter("x-forwarded-for")) {
            oracleCallableStatement.setString(6, httpServletRequest.getHeader("X-Forwarded-For"));
        } else {
            oracleCallableStatement.setString(6, httpServletRequest.getRemoteAddr());
        }
        oracleCallableStatement.setString(7, httpServletRequest.getRemoteHost());
        oracleCallableStatement.registerOutParameter(8, 2);
        oracleCallableStatement.registerOutParameter(9, 12);
        oracleCallableStatement.execute();
        int i = oracleCallableStatement.getInt(8);
        String string = oracleCallableStatement.getString(9);
        oracleCallableStatement.close();
        if (i != 0) {
            return true;
        }
        httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"" + string + "\"");
        httpServletResponse.sendError(401);
        return false;
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doGet(httpServletRequest, httpServletResponse);
    }

    private void setVcArr(OracleCallableStatement oracleCallableStatement, int i, String[] strArr) throws Exception {
        oracleCallableStatement.setPlsqlIndexTable(i, strArr, strArr.length, strArr.length, 12, 32767);
    }

    private void addParamValue(Map map, String str, String str2) {
        Object obj = map.get(str);
        if (obj == null) {
            map.put(str, str2);
            return;
        }
        if (!(obj instanceof String[])) {
            map.put(str, new String[]{(String) obj, str2});
            return;
        }
        String[] strArr = (String[]) obj;
        String[] strArr2 = new String[strArr.length + 1];
        int i = 0;
        while (i < strArr.length) {
            strArr2[i] = strArr[i];
            i++;
        }
        strArr2[i] = str2;
        map.put(str, strArr2);
    }

    private Map processMultipart(HttpServletRequest httpServletRequest, RequestContext requestContext, OracleConnection oracleConnection, EntityConfig entityConfig) throws FileUploadException {
        List<OracleFileItem> parseRequest = new ServletFileUpload(new OracleFileItemFactory(oracleConnection, this.intconfig, entityConfig)).parseRequest(requestContext);
        HashMap hashMap = new HashMap(parseRequest.size());
        for (OracleFileItem oracleFileItem : parseRequest) {
            if (oracleFileItem.isFormField()) {
                addParamValue(hashMap, oracleFileItem.getFieldName(), oracleFileItem.getString());
            } else {
                addParamValue(hashMap, oracleFileItem.getFieldName(), oracleFileItem.getDocumentId());
            }
        }
        return hashMap;
    }

    private DataSource getDADDataSource(String str) {
        return (DataSource) this.ctx.getAttribute("dad-data-source|" + str);
    }

    private static final String[][] getCgiEnv(HttpServletRequest httpServletRequest, String str, String str2, String str3, EntityConfig entityConfig, ServletContext servletContext) throws IOException {
        HashMap hashMap = new HashMap(32);
        int i = 32;
        hashMap.put("PLSQL_GATEWAY", "com.google.code.plsqlgateway");
        hashMap.put("GATEWAY_VERSION", String.valueOf(serialVersionUID));
        hashMap.put("SERVER_SOFTWARE", servletContext.getServerInfo());
        hashMap.put("GATEWAY_INTERFACE", "CGI/1.1");
        hashMap.put("SERVER_PORT", String.valueOf(httpServletRequest.getServerPort()));
        hashMap.put("SERVER_NAME", httpServletRequest.getServerName());
        hashMap.put("REQUEST_METHOD", httpServletRequest.getMethod());
        hashMap.put("PATH_INFO", str2);
        hashMap.put("SCRIPT_NAME", str3);
        if (entityConfig.getBooleanParameter("x-forwarded-for")) {
            hashMap.put("REMOTE_ADDR", httpServletRequest.getHeader("X-Forwarded-For"));
        } else {
            hashMap.put("REMOTE_ADDR", httpServletRequest.getRemoteAddr());
        }
        hashMap.put("REMOTE_HOST", httpServletRequest.getRemoteHost());
        hashMap.put("SERVER_PROTOCOL", httpServletRequest.getProtocol());
        hashMap.put("REQUEST_PROTOCOL", httpServletRequest.getScheme());
        hashMap.put("REMOTE_USER", httpServletRequest.getUserPrincipal() == null ? httpServletRequest.getRemoteUser() : httpServletRequest.getUserPrincipal().getName());
        hashMap.put("HTTP_CONTENT_LENGTH", String.valueOf(httpServletRequest.getContentLength()));
        hashMap.put("HTTP_CONTENT_TYPE", httpServletRequest.getContentType());
        hashMap.put("HTTP_USER_AGENT", httpServletRequest.getHeader("User-Agent"));
        hashMap.put("HTTP_HOST", httpServletRequest.getServerName() + ":" + httpServletRequest.getServerPort());
        hashMap.put("HTTP_ACCEPT", httpServletRequest.getHeader("Accept"));
        hashMap.put("HTTP_ACCEPT_ENCODING", httpServletRequest.getHeader("Accept-Encoding"));
        hashMap.put("HTTP_ACCEPT_LANGUAGE", httpServletRequest.getHeader("Accept-Language"));
        hashMap.put("HTTP_ACCEPT_CHARSET", httpServletRequest.getHeader("Accept-Charset"));
        hashMap.put("HTTP_COOKIE", httpServletRequest.getHeader("Cookie"));
        hashMap.put("HTTP_REFERER", httpServletRequest.getHeader("Referer"));
        hashMap.put("WEB_AUTHENT_PREFIX", "");
        hashMap.put("DAD_NAME", str);
        hashMap.put("DOC_ACCESS_PATH", entityConfig.getParameter("document-path"));
        hashMap.put("DOCUMENT_TABLE", entityConfig.getParameter("document-table-name"));
        hashMap.put("PATH_ALIAS", entityConfig.getParameter("path-alias"));
        hashMap.put("REQUEST_CHARSET", "AL32UTF8");
        hashMap.put("REQUEST_IANA_CHARSET", "UTF-8");
        hashMap.put("SCRIPT_PREFIX", "");
        if (httpServletRequest.getHeader("SOAPAction") != null) {
            hashMap.put("HTTP_SOAPACTION", httpServletRequest.getHeader("SOAPAction"));
            String[] soapBody = getSoapBody(httpServletRequest);
            i = 32 + 2;
            if (soapBody.length == 1) {
                hashMap.put("SOAP_BODY", soapBody[0]);
            } else {
                hashMap.put("SOAP_BODY_LENGTH", soapBody.length + "");
                for (int i2 = 0; i2 < soapBody.length; i2++) {
                    hashMap.put("SOAP_BODY_" + (i2 + 1), soapBody[i2]);
                }
                i += soapBody.length;
            }
        }
        String[][] strArr = new String[2][i];
        int i3 = 0;
        for (Map.Entry entry : hashMap.entrySet()) {
            strArr[0][i3] = (String) entry.getKey();
            int i4 = i3;
            i3++;
            strArr[1][i4] = (String) entry.getValue();
        }
        return strArr;
    }

    private static final String[] getSoapBody(HttpServletRequest httpServletRequest) throws IOException {
        String[] strArr;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ServletInputStream inputStream = httpServletRequest.getInputStream();
        byte[] bArr = new byte[1024];
        while (true) {
            int read = inputStream.read(bArr);
            if (read <= 0) {
                break;
            }
            byteArrayOutputStream.write(bArr, 0, read);
        }
        byteArrayOutputStream.flush();
        inputStream.close();
        String str = new String(byteArrayOutputStream.toByteArray(), httpServletRequest.getCharacterEncoding());
        byteArrayOutputStream.close();
        if (str.length() < 32000) {
            strArr = new String[]{str};
        } else {
            strArr = new String[(int) Math.ceil(str.length() / 32000)];
            int i = 0;
            for (int i2 = 0; i2 < strArr.length - 1; i2++) {
                strArr[i2] = str.substring(i, i + 32000);
                i += 32000;
            }
            strArr[strArr.length - 1] = str.substring(i);
        }
        return strArr;
    }

    private void closeConnection(Connection connection, EntityConfig entityConfig) throws SQLException {
        if (entityConfig.getBooleanParameter("reset-packages")) {
            resetPackages(connection);
        }
        connection.close();
    }

    private void resetPackages(Connection connection) throws SQLException {
        connection.prepareCall(this.intconfig.getSQLstmt("RESET_PACKAGES")).execute();
    }
}
