package pl.edu.icm.unity.webui;

import com.vaadin.server.VaadinServlet;
import eu.unicore.util.configuration.ConfigurationException;
import java.io.IOException;
import java.io.StringReader;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.EnumSet;
import java.util.List;
import java.util.Properties;
import javax.servlet.DispatcherType;
import javax.servlet.Servlet;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.logging.log4j.Logger;
import org.eclipse.jetty.servlet.FilterHolder;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.servlet.ServletHolder;
import org.springframework.context.ApplicationContext;
import pl.edu.icm.unity.MessageSource;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.engine.api.authn.AuthenticationFlow;
import pl.edu.icm.unity.engine.api.authn.RememberMeProcessor;
import pl.edu.icm.unity.engine.api.authn.sandbox.SandboxAuthnRouter;
import pl.edu.icm.unity.engine.api.config.UnityServerConfiguration;
import pl.edu.icm.unity.engine.api.endpoint.AbstractWebEndpoint;
import pl.edu.icm.unity.engine.api.endpoint.WebAppEndpointInstance;
import pl.edu.icm.unity.engine.api.server.AdvertisedAddressProvider;
import pl.edu.icm.unity.engine.api.server.NetworkServer;
import pl.edu.icm.unity.engine.api.session.LoginToHttpSessionBinder;
import pl.edu.icm.unity.engine.api.session.SessionManagement;
import pl.edu.icm.unity.engine.api.utils.HiddenResourcesFilter;
import pl.edu.icm.unity.webui.authn.AuthenticationFilter;
import pl.edu.icm.unity.webui.authn.InvocationContextSetupFilter;
import pl.edu.icm.unity.webui.authn.ProxyAuthenticationFilter;
import pl.edu.icm.unity.webui.authn.remote.RemoteRedirectedAuthnResponseProcessingFilter;
import pl.edu.icm.unity.webui.sandbox.AccountAssociationSandboxUI;
import pl.edu.icm.unity.webui.sandbox.SandboxAuthnRouterImpl;
import pl.edu.icm.unity.webui.sandbox.TranslationProfileSandboxUI;

/* loaded from: input_file:pl/edu/icm/unity/webui/VaadinEndpoint.class */
public class VaadinEndpoint extends AbstractWebEndpoint implements WebAppEndpointInstance {
    private static final Logger log = Log.getLogger("unity.server.web", VaadinEndpoint.class);
    public static final String DEFAULT_THEME = "unityThemeValo";
    public static final int DEFAULT_HEARTBEAT = 10;
    public static final int LONG_SESSION = 3600;
    public static final int LONG_HEARTBEAT = 300;
    public static final String AUTHENTICATION_PATH = "/authentication";
    public static final String SANDBOX_PATH_TRANSLATION = "/sandbox-translation";
    public static final String SANDBOX_PATH_ASSOCIATION = "/sandbox-association";
    public static final String VAADIN_RESOURCES = "/VAADIN/*";
    public static final String SESSION_TIMEOUT_PARAM = "session-timeout";
    public static final String PRODUCTION_MODE_PARAM = "productionMode";
    protected ApplicationContext applicationContext;
    protected String uiBeanName;
    protected String uiServletPath;
    protected VaadinEndpointProperties genericEndpointProperties;
    protected ServletContextHandler context;
    protected UnityVaadinServlet theServlet;
    protected UnityVaadinServlet authenticationServlet;
    protected AuthenticationFilter authnFilter;
    protected ProxyAuthenticationFilter proxyAuthnFilter;
    protected InvocationContextSetupFilter contextSetupFilter;
    protected UnityServerConfiguration serverConfig;
    protected MessageSource msg;
    protected final RemoteRedirectedAuthnResponseProcessingFilter remoteAuthnResponseProcessingFilter;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:pl/edu/icm/unity/webui/VaadinEndpoint$ForwadSerlvet.class */
    public class ForwadSerlvet extends HttpServlet {
        private ForwadSerlvet() {
        }

        protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
            ServletContext servletContext = httpServletRequest.getServletContext();
            String pathInfo = httpServletRequest.getPathInfo();
            if (pathInfo == null) {
                pathInfo = "";
            }
            String str = VaadinEndpoint.this.uiServletPath + pathInfo;
            VaadinEndpoint.log.trace("Forward from " + httpServletRequest.getRequestURI() + " -> " + httpServletRequest.getContextPath() + str);
            servletContext.getRequestDispatcher(str).forward(httpServletRequest, httpServletResponse);
        }
    }

    public VaadinEndpoint(NetworkServer networkServer, AdvertisedAddressProvider advertisedAddressProvider, MessageSource messageSource, ApplicationContext applicationContext, String str, String str2, RemoteRedirectedAuthnResponseProcessingFilter remoteRedirectedAuthnResponseProcessingFilter) {
        super(networkServer, advertisedAddressProvider);
        this.context = null;
        this.msg = messageSource;
        this.applicationContext = applicationContext;
        this.uiBeanName = str;
        this.uiServletPath = str2;
        this.remoteAuthnResponseProcessingFilter = remoteRedirectedAuthnResponseProcessingFilter;
        this.serverConfig = (UnityServerConfiguration) applicationContext.getBean(UnityServerConfiguration.class);
    }

    public void setSerializedConfiguration(String str) {
        this.properties = new Properties();
        try {
            this.properties.load(new StringReader(str));
            if (this.serverConfig.isSet(VaadinEndpointProperties.DEF_THEME)) {
                this.properties.setProperty("unity.endpoint.web.defaultTheme", this.serverConfig.getValue(VaadinEndpointProperties.DEF_THEME));
            }
            this.genericEndpointProperties = new VaadinEndpointProperties(this.properties);
        } catch (Exception e) {
            throw new ConfigurationException("Can't initialize the the generic web endpoint's configuration", e);
        }
    }

    protected ServletContextHandler getServletContextHandlerOverridable() {
        if (this.context != null) {
            return this.context;
        }
        ServletContextHandler servletContextHandler = new ServletContextHandler(1);
        servletContextHandler.setContextPath(this.description.getEndpoint().getContextAddress());
        SessionManagement sessionManagement = (SessionManagement) this.applicationContext.getBean(SessionManagement.class);
        LoginToHttpSessionBinder loginToHttpSessionBinder = (LoginToHttpSessionBinder) this.applicationContext.getBean(LoginToHttpSessionBinder.class);
        RememberMeProcessor rememberMeProcessor = (RememberMeProcessor) this.applicationContext.getBean(RememberMeProcessor.class);
        servletContextHandler.addFilter(new FilterHolder(this.remoteAuthnResponseProcessingFilter), "/*", EnumSet.of(DispatcherType.REQUEST));
        servletContextHandler.addFilter(new FilterHolder(new HiddenResourcesFilter(Collections.unmodifiableList(Arrays.asList(AUTHENTICATION_PATH)))), "/*", EnumSet.of(DispatcherType.REQUEST));
        this.authnFilter = new AuthenticationFilter(new ArrayList(Arrays.asList(this.uiServletPath)), AUTHENTICATION_PATH, this.description.getRealm(), sessionManagement, loginToHttpSessionBinder, rememberMeProcessor);
        servletContextHandler.addFilter(new FilterHolder(this.authnFilter), "/*", EnumSet.of(DispatcherType.REQUEST, DispatcherType.FORWARD));
        this.proxyAuthnFilter = new ProxyAuthenticationFilter(this.authenticationFlows, this.description.getEndpoint().getContextAddress(), this.genericEndpointProperties.getBooleanValue(VaadinEndpointProperties.AUTO_LOGIN).booleanValue(), this.description.getRealm());
        servletContextHandler.addFilter(new FilterHolder(this.proxyAuthnFilter), "/authentication/*", EnumSet.of(DispatcherType.REQUEST, DispatcherType.FORWARD));
        this.contextSetupFilter = new InvocationContextSetupFilter(this.serverConfig, this.description.getRealm(), getServletUrl(this.uiServletPath), getAuthenticationFlows());
        servletContextHandler.addFilter(new FilterHolder(this.contextSetupFilter), "/*", EnumSet.of(DispatcherType.REQUEST, DispatcherType.FORWARD));
        EndpointRegistrationConfiguration registrationConfiguration = this.genericEndpointProperties.getRegistrationConfiguration();
        this.authenticationServlet = new AuthenticationVaadinServlet(this.applicationContext, this.description, this.authenticationFlows, registrationConfiguration, this.properties, getBootstrapHandler4Authn(this.uiServletPath));
        ServletHolder createVaadinServletHolder = createVaadinServletHolder(this.authenticationServlet, true);
        servletContextHandler.addServlet(createVaadinServletHolder, "/authentication/*");
        servletContextHandler.addServlet(createVaadinServletHolder, VAADIN_RESOURCES);
        this.theServlet = new UnityVaadinServlet(this.applicationContext, this.uiBeanName, this.description, this.authenticationFlows, registrationConfiguration, this.properties, getBootstrapHandler(this.uiServletPath));
        servletContextHandler.addServlet(createVaadinServletHolder(this.theServlet, false), this.uiServletPath + "/*");
        servletContextHandler.addServlet(new ServletHolder(new ForwadSerlvet()), "/*");
        return servletContextHandler;
    }

    protected UnityBootstrapHandler getBootstrapHandler(String str) {
        return getBootstrapHandlerGeneric(str, getHeartbeatInterval(this.description.getRealm().getMaxInactivity()), this.genericEndpointProperties.getEffectiveMainTheme());
    }

    protected UnityBootstrapHandler getBootstrapHandler4Authn(String str) {
        return getBootstrapHandlerGeneric(str, LONG_HEARTBEAT, this.genericEndpointProperties.getEffectiveAuthenticationTheme());
    }

    private UnityBootstrapHandler getBootstrapHandlerGeneric(String str, int i, String str2) {
        return new UnityBootstrapHandler(getWebContentsDir(), this.genericEndpointProperties.getValue(VaadinEndpointProperties.TEMPLATE), this.msg, str2, !this.genericEndpointProperties.getBooleanValue("productionMode").booleanValue(), i, str);
    }

    public final synchronized ServletContextHandler getServletContextHandler() {
        this.context = getServletContextHandlerOverridable();
        String webContentsDir = getWebContentsDir();
        if (webContentsDir != null) {
            this.context.setResourceBase(webContentsDir);
        }
        SandboxAuthnRouterImpl sandboxAuthnRouterImpl = new SandboxAuthnRouterImpl();
        addSandboxUI(SANDBOX_PATH_ASSOCIATION, AccountAssociationSandboxUI.class.getSimpleName(), sandboxAuthnRouterImpl);
        addProtectedSandboxUI(SANDBOX_PATH_TRANSLATION, TranslationProfileSandboxUI.class.getSimpleName(), sandboxAuthnRouterImpl);
        this.theServlet.setSandboxRouter(sandboxAuthnRouterImpl);
        this.authenticationServlet.setSandboxRouter(sandboxAuthnRouterImpl);
        return this.context;
    }

    protected String getWebContentsDir() {
        if (this.genericEndpointProperties.isSet(VaadinEndpointProperties.WEB_CONTENT_PATH)) {
            return this.genericEndpointProperties.getValue(VaadinEndpointProperties.WEB_CONTENT_PATH);
        }
        if (this.serverConfig.isSet("defaultWebContentDirectory")) {
            return this.serverConfig.getValue("defaultWebContentDirectory");
        }
        return null;
    }

    protected int getHeartbeatInterval(int i) {
        if (i >= 30) {
            return 10;
        }
        int i2 = i / 3;
        if (i2 < 2) {
            return 2;
        }
        return i2;
    }

    protected ServletHolder createServletHolder(Servlet servlet, boolean z) {
        ServletHolder servletHolder = new ServletHolder(servlet);
        servletHolder.setInitParameter("closeIdleSessions", "true");
        if (z) {
            servletHolder.setInitParameter(SESSION_TIMEOUT_PARAM, String.valueOf(LONG_SESSION));
        } else {
            int maxInactivity = this.description.getRealm().getMaxInactivity();
            int heartbeatInterval = maxInactivity - getHeartbeatInterval(maxInactivity);
            if (heartbeatInterval < 2) {
                heartbeatInterval = 2;
            }
            servletHolder.setInitParameter(SESSION_TIMEOUT_PARAM, String.valueOf(heartbeatInterval));
        }
        return servletHolder;
    }

    protected ServletHolder createVaadinServletHolder(VaadinServlet vaadinServlet, boolean z) {
        ServletHolder createServletHolder = createServletHolder(vaadinServlet, z);
        int heartbeatInterval = z ? LONG_HEARTBEAT : getHeartbeatInterval(this.description.getRealm().getMaxInactivity());
        log.debug("Servlet " + vaadinServlet.toString() + " - heartBeat=" + heartbeatInterval);
        boolean booleanValue = this.genericEndpointProperties.getBooleanValue("productionMode").booleanValue();
        createServletHolder.setInitParameter("heartbeatInterval", String.valueOf(heartbeatInterval));
        createServletHolder.setInitParameter("sendUrlsAsParameters", "false");
        createServletHolder.setInitParameter("productionMode", String.valueOf(booleanValue));
        createServletHolder.setInitParameter("org.atmosphere.cpr.broadcasterCacheClass", "org.atmosphere.cache.UUIDBroadcasterCache");
        createServletHolder.setInitParameter("widgetset", "pl.edu.icm.unity.webui.customWidgetset");
        return createServletHolder;
    }

    private void addSandboxUI(String str, String str2, SandboxAuthnRouter sandboxAuthnRouter) {
        UnityVaadinServlet unityVaadinServlet = new UnityVaadinServlet(this.applicationContext, str2, this.description, this.authenticationFlows, null, this.properties, getBootstrapHandler(str));
        unityVaadinServlet.setSandboxRouter(sandboxAuthnRouter);
        ServletHolder createVaadinServletHolder = createVaadinServletHolder(unityVaadinServlet, true);
        createVaadinServletHolder.setInitParameter("closeIdleSessions", "true");
        this.context.addServlet(createVaadinServletHolder, str + "/*");
    }

    private void addProtectedSandboxUI(String str, String str2, SandboxAuthnRouter sandboxAuthnRouter) {
        this.authnFilter.addProtectedPath(str);
        addSandboxUI(str, str2, sandboxAuthnRouter);
    }

    public final synchronized void updateAuthenticationFlows(List<AuthenticationFlow> list) {
        setAuthenticators(list);
        if (this.authenticationServlet != null) {
            this.authenticationServlet.updateAuthenticationFlows(list);
            this.theServlet.updateAuthenticationFlows(list);
            this.proxyAuthnFilter.updateAuthenticators(list);
        }
    }
}
