package edu.uiuc.ncsa.myproxy.oa4mp.server.servlet;

import edu.uiuc.ncsa.myproxy.MyProxyConnectable;
import edu.uiuc.ncsa.myproxy.oa4mp.server.OA4MPConfigTags;
import edu.uiuc.ncsa.myproxy.oa4mp.server.ServiceConstantKeys;
import edu.uiuc.ncsa.myproxy.oa4mp.server.ServiceEnvironment;
import edu.uiuc.ncsa.myproxy.oa4mp.server.ServiceEnvironmentImpl;
import edu.uiuc.ncsa.myproxy.oa4mp.server.util.AbstractCLIApprover;
import edu.uiuc.ncsa.myproxy.oa4mp.server.util.ExceptionEvent;
import edu.uiuc.ncsa.myproxy.oa4mp.server.util.ExceptionEventListener;
import edu.uiuc.ncsa.myproxy.oa4mp.server.util.ExceptionEventNotifier;
import edu.uiuc.ncsa.myproxy.oa4mp.server.util.NewClientNotifier;
import edu.uiuc.ncsa.myproxy.oa4mp.server.util.OA4MPIdentifierProvider;
import edu.uiuc.ncsa.security.core.Identifier;
import edu.uiuc.ncsa.security.core.Store;
import edu.uiuc.ncsa.security.core.cache.Cache;
import edu.uiuc.ncsa.security.core.cache.CachedObject;
import edu.uiuc.ncsa.security.core.cache.Cleanup;
import edu.uiuc.ncsa.security.core.exceptions.UnknownClientException;
import edu.uiuc.ncsa.security.core.util.BasicIdentifier;
import edu.uiuc.ncsa.security.core.util.HostUtil;
import edu.uiuc.ncsa.security.delegation.server.ExceptionWrapper;
import edu.uiuc.ncsa.security.delegation.server.ServiceTransaction;
import edu.uiuc.ncsa.security.delegation.server.UnapprovedClientException;
import edu.uiuc.ncsa.security.delegation.server.issuers.AGIssuer;
import edu.uiuc.ncsa.security.delegation.server.issuers.ATIssuer;
import edu.uiuc.ncsa.security.delegation.server.request.IssuerResponse;
import edu.uiuc.ncsa.security.delegation.servlet.TransactionFilter;
import edu.uiuc.ncsa.security.delegation.servlet.TransactionState;
import edu.uiuc.ncsa.security.delegation.storage.Client;
import edu.uiuc.ncsa.security.delegation.storage.TransactionStore;
import edu.uiuc.ncsa.security.delegation.storage.impl.BasicTransaction;
import edu.uiuc.ncsa.security.delegation.token.AuthorizationGrant;
import edu.uiuc.ncsa.security.servlet.AbstractServlet;
import edu.uiuc.ncsa.security.servlet.JSPUtil;
import edu.uiuc.ncsa.security.servlet.NotificationListener;
import edu.uiuc.ncsa.security.storage.sql.SQLStore;
import edu.uiuc.ncsa.security.util.mail.MailUtil;
import edu.uiuc.ncsa.security.util.pkcs.KeyPairPopulationThread;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.PrintStream;
import java.io.PrintWriter;
import java.net.URLEncoder;
import java.net.UnknownHostException;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;

/* loaded from: input_file:edu/uiuc/ncsa/myproxy/oa4mp/server/servlet/MyProxyDelegationServlet.class */
public abstract class MyProxyDelegationServlet extends AbstractServlet implements TransactionFilter {
    public static final String CLIENT_DEBUG_KEY = "oauth_debug";
    public static final String ERROR_NOTIFICATION_BODY_KEY = "oa4mp:server.error.message";
    public static final String ERROR_NOTIFICATION_SUBJECT_KEY = "oa4mp:server.error.subject";
    public static Cleanup<String, BasicTransaction> transactionCleanup;
    public static Cache myproxyConnectionCache;
    public static KeyPairPopulationThread kpt;
    static List<NotificationListener> notificationListeners = new ArrayList();
    public static Cleanup<Identifier, CachedObject> myproxyConnectionCleanup = null;
    static boolean notifiersSet = false;
    protected static boolean storeUpdatesDone = false;
    public static AbstractCLIApprover.ClientApprovalThread caThread = null;

    public abstract ServiceTransaction verifyAndGet(IssuerResponse issuerResponse) throws IOException;

    public static void addNotificationListener(NotificationListener notificationListener) {
        if (notificationListeners.contains(notificationListener)) {
            return;
        }
        notificationListeners.add(notificationListener);
    }

    public static boolean removeNotificationListener(NotificationListener notificationListener) {
        return notificationListeners.remove(notificationListener);
    }

    public static Cache getMyproxyConnectionCache() {
        if (myproxyConnectionCache == null) {
            myproxyConnectionCache = new Cache();
        }
        return myproxyConnectionCache;
    }

    public ServiceEnvironmentImpl loadProperties2() throws IOException {
        ServiceEnvironmentImpl serviceEnvironmentImpl = (ServiceEnvironmentImpl) getConfigurationLoader().load();
        if (serviceEnvironmentImpl.isPollingEnabled()) {
            caThread = serviceEnvironmentImpl.getClientApprovalThread();
        }
        kpt = new KeyPairPopulationThread(serviceEnvironmentImpl.getKeyPairQueue());
        return serviceEnvironmentImpl;
    }

    public void loadEnvironment() throws IOException {
        if (environment == null) {
            setEnvironment(loadProperties2());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AGIssuer getAGI() throws IOException {
        return getServiceEnvironment().getAgIssuer();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ATIssuer getATI() throws IOException {
        return getServiceEnvironment().getAtIssuer();
    }

    public static ServiceEnvironment getServiceEnvironment() {
        return getEnvironment();
    }

    String getTemplate(File file) throws IOException {
        String str = "";
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            StringBuffer stringBuffer = new StringBuffer();
            while (true) {
                int read = fileInputStream.read();
                if (read == -1) {
                    break;
                }
                stringBuffer.append((char) read);
            }
            str = stringBuffer.toString();
            fileInputStream.close();
        } catch (IOException e) {
            e.printStackTrace();
        }
        return str;
    }

    public void setupNotifiers() throws IOException {
        if (notifiersSet) {
            return;
        }
        addNotificationListener(new NewClientNotifier(getServiceEnvironment().getMailUtil(), getMyLogger()));
        MailUtil mailUtil = new MailUtil(getServiceEnvironment().getMailUtil().getMailEnvironment());
        String initParameter = getServletContext().getInitParameter(ERROR_NOTIFICATION_SUBJECT_KEY);
        if (initParameter == null) {
            info("No error notification subject set. Skipping...");
            notifiersSet = true;
            return;
        }
        info("Set error notification subject to " + initParameter);
        mailUtil.setSubjectTemplate(getTemplate(new File(initParameter)));
        String initParameter2 = getServletContext().getInitParameter(ERROR_NOTIFICATION_BODY_KEY);
        if (initParameter2 == null) {
            info("No error notification message body set. Skipping...");
            notifiersSet = true;
        } else {
            info("Set error notification message body to " + initParameter2);
            mailUtil.setMessageTemplate(getTemplate(new File(initParameter2)));
            addNotificationListener(new ExceptionEventNotifier(mailUtil, getMyLogger()));
            notifiersSet = true;
        }
    }

    public void storeUpdates() throws IOException, SQLException {
        if (storeUpdatesDone) {
            return;
        }
        storeUpdatesDone = true;
        processStoreCheck(getTransactionStore());
        processStoreCheck(getServiceEnvironment().getClientStore());
        processStoreCheck(getServiceEnvironment().getClientApprovalStore());
    }

    protected void processStoreCheck(Store store) throws SQLException {
        if (store instanceof SQLStore) {
            ((SQLStore) store).checkColumns();
        }
    }

    protected void shutdownCleanup(Cleanup cleanup) {
        if (cleanup == null || cleanup.isStopThread()) {
            return;
        }
        cleanup.setStopThread(true);
        cleanup.interrupt();
    }

    public void destroy() {
        super.destroy();
        shutdownCleanup(transactionCleanup);
        shutdownCleanup(myproxyConnectionCleanup);
        if (caThread != null) {
            caThread.setStopThread(true);
        }
        if (kpt != null) {
            kpt.setStopThread(true);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public TransactionStore getTransactionStore() throws IOException {
        return getServiceEnvironment().getTransactionStore();
    }

    public Client getClient(HttpServletRequest httpServletRequest) {
        return getClient(BasicIdentifier.newID(httpServletRequest.getParameter(CONST(ServiceConstantKeys.CONSUMER_KEY))));
    }

    public Client getClient(Identifier identifier) {
        if (identifier == null) {
            throw new UnknownClientException("no client id");
        }
        Client client = (Client) getServiceEnvironment().getClientStore().get(identifier);
        if (client == null) {
            throw new UnknownClientException("client not found", identifier);
        }
        checkClient(client);
        return client;
    }

    public ServiceTransaction newTransaction() throws IOException {
        return getServiceEnvironment().getTransactionStore().create();
    }

    protected ServiceTransaction getTransaction(AuthorizationGrant authorizationGrant) throws IOException {
        return getTransactionStore().get(authorizationGrant);
    }

    protected Client getClient(AuthorizationGrant authorizationGrant) throws IOException {
        return getTransaction(authorizationGrant).getClient();
    }

    public void checkClient(Client client) {
        if (getServiceEnvironment().getClientApprovalStore().isApproved(client.getIdentifier())) {
            return;
        }
        String str = "The client with identifier \"" + client.getIdentifier() + "\" has not been approved. Request rejected. Please contact your administrator.";
        warn(str);
        throw new UnapprovedClientException("Error: " + str, client);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isEmpty(String str) {
        return str == null || str.length() == 0;
    }

    public void preprocess(TransactionState transactionState) throws Throwable {
        transactionState.getResponse().setHeader("X-Frame-Options", "DENY");
    }

    public void postprocess(TransactionState transactionState) throws Throwable {
    }

    protected void setRedirect(Throwable th, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        if (isDebugOn()) {
            th.printStackTrace();
        }
        String uri = getServiceEnvironment().getAgIssuer().getAddress().toString();
        if (!uri.endsWith(AbstractCLIApprover.ID_DELIMITER)) {
            uri = uri + AbstractCLIApprover.ID_DELIMITER;
        }
        httpServletResponse.setHeader("X-Frame-Options", "DENY");
        Throwable th2 = th;
        String str = "";
        if (th instanceof ExceptionWrapper) {
            ExceptionWrapper exceptionWrapper = (ExceptionWrapper) th;
            th2 = exceptionWrapper.getCause();
            Client client = exceptionWrapper.getClient();
            if (client.getIdentifier() != null) {
                str = client.getIdentifierString();
            }
        }
        String simpleName = th2.getClass().getSimpleName();
        String encode = URLEncoder.encode(th2.getMessage(), "UTF-8");
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        PrintStream printStream = new PrintStream(byteArrayOutputStream);
        th2.printStackTrace(printStream);
        printStream.flush();
        printStream.close();
        String encodeBase64URLSafeString = Base64.encodeBase64URLSafeString(byteArrayOutputStream.toByteArray());
        if (th2 instanceof UnknownClientException) {
            httpServletResponse.sendRedirect(uri + "error?" + ErrorServlet.CAUSE + "=" + simpleName + "&" + ErrorServlet.STACK_TRACE + "=" + encodeBase64URLSafeString + "&identifier=" + ((UnknownClientException) th).getIdentifier().toString() + "&" + ErrorServlet.MESSAGE + "=" + encode);
        } else if (!(th2 instanceof UnapprovedClientException)) {
            httpServletResponse.sendRedirect(uri + "error?" + ErrorServlet.CAUSE + "=" + simpleName + "&identifier=" + str + "&" + ErrorServlet.STACK_TRACE + "=" + encodeBase64URLSafeString + "&" + ErrorServlet.MESSAGE + "=" + encode);
        } else {
            httpServletResponse.sendRedirect(uri + "error?" + ErrorServlet.CAUSE + "=" + simpleName + "&" + ErrorServlet.STACK_TRACE + "=" + encodeBase64URLSafeString + "&identifier=" + ((UnapprovedClientException) th).getClient().getIdentifier().toString() + "&" + ErrorServlet.MESSAGE + "=" + encode);
        }
    }

    protected void fireExceptionCaught(Throwable th, Map<String, String> map) {
        for (NotificationListener notificationListener : notificationListeners) {
            if (notificationListener instanceof ExceptionEventListener) {
                ((ExceptionEventListener) notificationListener).fireExceptionCaught(new ExceptionEvent(this, th, map));
            }
        }
    }

    protected void handleException(Throwable th, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        th.printStackTrace();
        if (getServiceEnvironment().isDebugOn()) {
            th.printStackTrace();
        }
        getMyLogger().error("Error!", th);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        PrintWriter printWriter = new PrintWriter(byteArrayOutputStream);
        th.printStackTrace(printWriter);
        printWriter.flush();
        printWriter.close();
        String str = new String(byteArrayOutputStream.toByteArray());
        error("INTERNAL ERROR: " + (th.getMessage() == null ? "(no message)" : th.getMessage()));
        error(str);
        String parameter = httpServletRequest.getParameter(CLIENT_DEBUG_KEY);
        boolean z = parameter != null && Boolean.parseBoolean(parameter);
        httpServletRequest.setAttribute(ErrorServlet.MESSAGE, th.getMessage() + "\n");
        httpServletRequest.setAttribute("clientIP", httpServletRequest.getRemoteAddr() + "\n");
        try {
            httpServletRequest.setAttribute("clientHost", HostUtil.reverseLookup(httpServletRequest.getRemoteAddr()) + "\n");
        } catch (UnknownHostException e) {
            httpServletRequest.setAttribute("clientHost", "could not resolve client IP to a host\n");
        }
        if (!z) {
            JSPUtil.fwd(httpServletRequest, httpServletResponse, "/oops.jsp");
            return;
        }
        HashMap hashMap = new HashMap();
        hashMap.put("servletEngine", getServletContext().getServerInfo() + " ");
        hashMap.put(OA4MPConfigTags.MYPROXY_HOST, httpServletRequest.getServerName() + ":" + httpServletRequest.getServerPort() + "\n");
        hashMap.put(OA4MPIdentifierProvider.CLIENT_ID, httpServletRequest.getRemoteHost() + "\n");
        hashMap.put("servlet", getServletName() + "\n");
        hashMap.put("url", httpServletRequest.getRequestURI() + "\n");
        Cookie[] cookies = httpServletRequest.getCookies();
        String str2 = "";
        if (cookies == null) {
            str2 = "(none)";
        } else {
            for (Cookie cookie : cookies) {
                str2 = str2 + cookie.getName() + " : " + cookie.getValue() + "\n";
            }
        }
        hashMap.put("cookies", str2);
        hashMap.put(ErrorServlet.MESSAGE, th.getMessage() + "\n");
        hashMap.put(ErrorServlet.STACK_TRACE, str);
        fireExceptionCaught(th, hashMap);
        setRedirect(th, httpServletRequest, httpServletResponse);
    }

    protected boolean hasMPConnection(Identifier identifier) {
        return getMyproxyConnectionCache().containsKey(identifier);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean hasMPConnection(ServiceTransaction serviceTransaction) {
        return hasMPConnection(serviceTransaction.getIdentifier());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public MyProxyConnectable getMPConnection(ServiceTransaction serviceTransaction) {
        return getMPConnection(serviceTransaction.getIdentifier());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public MyProxyConnectable getMPConnection(Identifier identifier) {
        return (MyProxyConnectable) getMyproxyConnectionCache().get(identifier).getValue();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Map<String, String> getFirstParameters(HttpServletRequest httpServletRequest) {
        HashMap hashMap = new HashMap();
        for (Object obj : httpServletRequest.getParameterMap().keySet()) {
            hashMap.put(obj.toString(), getFirstParameterValue(httpServletRequest, obj.toString()));
        }
        return hashMap;
    }
}
