package gov.nist.secauto.swid.swidval.controller;

import gov.nist.secauto.decima.core.assessment.AssessmentException;
import gov.nist.secauto.decima.core.assessment.AssessmentExecutor;
import gov.nist.secauto.decima.core.assessment.result.AssessmentResultBuilder;
import gov.nist.secauto.decima.core.assessment.result.AssessmentResults;
import gov.nist.secauto.decima.core.assessment.result.ResultStatus;
import gov.nist.secauto.decima.core.document.DocumentException;
import gov.nist.secauto.decima.xml.assessment.result.ReportGenerator;
import gov.nist.secauto.decima.xml.assessment.result.XMLResultBuilder;
import gov.nist.secauto.decima.xml.assessment.schematron.SchematronAssessment;
import gov.nist.secauto.decima.xml.document.JDOMDocument;
import gov.nist.secauto.decima.xml.document.XMLDocument;
import gov.nist.secauto.swid.swidval.SWIDAssessmentResultBuilderFactory;
import gov.nist.secauto.swid.swidval.SWIDRequirementsManager;
import gov.nist.secauto.swid.swidval.SWIDTagCharacteristics;
import gov.nist.secauto.swid.swidval.TagType;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.HashMap;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.transform.TransformerException;
import javax.xml.transform.stream.StreamResult;
import javax.xml.xpath.XPathExpressionException;
import javax.xml.xpath.XPathFactoryConfigurationException;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.jdom2.Document;
import org.jdom2.transform.JDOMSource;
import org.springframework.http.HttpHeaders;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.multipart.MultipartFile;
import org.springframework.web.servlet.ModelAndView;

@RestController
@Controller
/* loaded from: input_file:WEB-INF/classes/gov/nist/secauto/swid/swidval/controller/SWIDValController.class */
public class SWIDValController {
    public static final String MODEL_KEY_ASSESSMENT_RESULT = "assessment";
    public static final String MODEL_KEY_FILENAME = "filename";
    private static final boolean TAG_AUTHORITATIVE_DEFAULT = true;
    private final SWIDAssessmentManager manager = new SWIDAssessmentManager();
    private static final Logger log = LogManager.getLogger((Class<?>) SchematronAssessment.class);
    private static final TagType TAG_TYPE_DEFAULT = TagType.PRIMARY;

    @RequestMapping(name = "/validate", method = {RequestMethod.POST})
    public void validate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AssessmentException, DocumentException, IOException, TransformerException, URISyntaxException {
        JDOMDocument jDOMDocument = new JDOMDocument((InputStream) httpServletRequest.getInputStream(), (String) null);
        AssessmentResults performAssessment = performAssessment(jDOMDocument, getSWIDTagCharacteristics(jDOMDocument));
        String header = httpServletRequest.getHeader(HttpHeaders.ACCEPT);
        if (header == null) {
            header = "application/xml";
        }
        XMLResultBuilder xMLResultBuilder = new XMLResultBuilder();
        if (header.equals("application/xml")) {
            xMLResultBuilder.write(performAssessment, httpServletResponse.getOutputStream());
            return;
        }
        if (header.equals("text/html")) {
            Document newDocument = xMLResultBuilder.newDocument(performAssessment);
            ReportGenerator reportGenerator = new ReportGenerator();
            reportGenerator.setIgnoreNotTestedResults(true);
            reportGenerator.setIgnoreOutOfScopeResults(true);
            reportGenerator.setXslTemplateExtension(new URI("classpath:xsl/swid-result.xsl"));
            reportGenerator.generate(new JDOMSource(newDocument), new StreamResult((OutputStream) httpServletResponse.getOutputStream()));
        }
    }

    @RequestMapping({"/validate-form"})
    public ModelAndView validateForm(@RequestParam("file") MultipartFile multipartFile, @RequestParam("tag-type") String str) throws AssessmentException, UnrecognizedContentException, DocumentException, IOException {
        TagType lookup;
        if (multipartFile.isEmpty()) {
            throw new UnrecognizedContentException("A valid SWID tag was not provided.");
        }
        JDOMDocument jDOMDocument = new JDOMDocument(multipartFile.getInputStream(), (String) null);
        SWIDTagCharacteristics sWIDTagCharacteristics = getSWIDTagCharacteristics(jDOMDocument);
        if (str != null && (lookup = TagType.lookup(str)) != null) {
            sWIDTagCharacteristics = new SWIDTagCharacteristics(lookup, sWIDTagCharacteristics.isAuthoritative());
        }
        AssessmentResults performAssessment = performAssessment(jDOMDocument, sWIDTagCharacteristics);
        if (!ResultStatus.PASS.equals(performAssessment.getBaseRequirementResult("GEN-1").getStatus())) {
            throw new UnrecognizedContentException("The provided file was not a schema valid SWID tag.");
        }
        HashMap hashMap = new HashMap();
        hashMap.put(MODEL_KEY_ASSESSMENT_RESULT, performAssessment);
        hashMap.put(MODEL_KEY_FILENAME, multipartFile.getOriginalFilename());
        return new ModelAndView(new DecimaResultView(), hashMap);
    }

    @ExceptionHandler({Exception.class})
    public void handleError(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Exception exc) throws IOException {
        log.error("Requested URL '" + httpServletRequest.getRequestURL() + "' raised an exception:", (Throwable) exc);
        httpServletResponse.sendError(400, exc.getMessage());
    }

    private SWIDTagCharacteristics getSWIDTagCharacteristics(XMLDocument xMLDocument) {
        SWIDTagCharacteristics sWIDTagCharacteristics;
        try {
            sWIDTagCharacteristics = SWIDTagCharacteristics.getSWIDTagCharacteristics(xMLDocument);
            log.debug("Based on the tag contents, the tag appears to be {} {} tag", sWIDTagCharacteristics.isAuthoritative() ? "an authoritative" : "a non-authoritative", sWIDTagCharacteristics.getTagType().getName());
        } catch (XPathExpressionException | XPathFactoryConfigurationException e) {
            log.debug("Unable to determine the type and authoritativeness of the tag", e);
            sWIDTagCharacteristics = new SWIDTagCharacteristics(TAG_TYPE_DEFAULT, true);
        }
        return sWIDTagCharacteristics;
    }

    private AssessmentResults performAssessment(XMLDocument xMLDocument, SWIDTagCharacteristics sWIDTagCharacteristics) throws AssessmentException {
        AssessmentExecutor<XMLDocument> assessmentExecutor = this.manager.getAssessmentExecutor(sWIDTagCharacteristics.getTagType(), sWIDTagCharacteristics.isAuthoritative());
        AssessmentResultBuilder newAssessmentResultBuilder = SWIDAssessmentResultBuilderFactory.newAssessmentResultBuilder(sWIDTagCharacteristics.getTagType(), sWIDTagCharacteristics.isAuthoritative());
        assessmentExecutor.execute(xMLDocument, newAssessmentResultBuilder);
        return newAssessmentResultBuilder.end().build(SWIDRequirementsManager.getInstance());
    }
}
