package org.purl.sword.server;

import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.PrintWriter;
import java.security.NoSuchAlgorithmException;
import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.Date;
import java.util.StringTokenizer;
import java.util.concurrent.atomic.AtomicInteger;
import javax.servlet.ServletException;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
import org.purl.sword.atom.Summary;
import org.purl.sword.atom.Title;
import org.purl.sword.base.ChecksumUtils;
import org.purl.sword.base.Deposit;
import org.purl.sword.base.DepositResponse;
import org.purl.sword.base.ErrorCodes;
import org.purl.sword.base.HttpHeaders;
import org.purl.sword.base.SWORDAuthenticationException;
import org.purl.sword.base.SWORDErrorDocument;
import org.purl.sword.base.SWORDErrorException;
import org.purl.sword.base.SWORDException;

/* loaded from: input_file:WEB-INF/classes/org/purl/sword/server/DepositServlet.class */
public class DepositServlet extends HttpServlet {
    protected transient SWORDServer myRepository;
    private String authN;
    private int maxUploadSize;
    private String tempDirectory;
    private static final AtomicInteger counter = new AtomicInteger(0);
    private static final Logger log = Logger.getLogger(DepositServlet.class);

    public void init() throws ServletException {
        String initParameter = getServletContext().getInitParameter("sword-server-class");
        if (initParameter == null) {
            log.fatal("Unable to read value of 'sword-server-class' from Servlet context");
            throw new ServletException("Unable to read value of 'sword-server-class' from Servlet context");
        }
        try {
            this.myRepository = (SWORDServer) Class.forName(initParameter).newInstance();
            log.info("Using " + initParameter + " as the SWORDServer");
            this.authN = getServletContext().getInitParameter("authentication-method");
            if (this.authN == null || this.authN.equals("")) {
                this.authN = "None";
            }
            log.info("Authentication type set to: " + this.authN);
            String initParameter2 = getServletContext().getInitParameter("maxUploadSize");
            if (initParameter2 == null || initParameter2.equals("") || initParameter2.equals("-1")) {
                this.maxUploadSize = -1;
                log.warn("No maxUploadSize set, so setting max file upload size to unlimited.");
            } else {
                try {
                    this.maxUploadSize = Integer.parseInt(initParameter2);
                    log.info("Setting max file upload size to " + this.maxUploadSize);
                } catch (NumberFormatException e) {
                    this.maxUploadSize = -1;
                    log.warn("maxUploadSize not a number, so setting max file upload size to unlimited.");
                }
            }
            this.tempDirectory = getServletContext().getInitParameter("upload-temp-directory");
            if (this.tempDirectory == null || this.tempDirectory.equals("")) {
                this.tempDirectory = System.getProperty("java.io.tmpdir");
            }
            if (!this.tempDirectory.endsWith(System.getProperty("file.separator"))) {
                this.tempDirectory += System.getProperty("file.separator");
            }
            File file = new File(this.tempDirectory);
            log.info("Upload temporary directory set to: " + file);
            if (!file.exists() && !file.mkdirs()) {
                throw new ServletException("Upload directory did not exist and I can't create it. " + file);
            }
            if (!file.isDirectory()) {
                log.fatal("Upload temporary directory is not a directory: " + file);
                throw new ServletException("Upload temporary directory is not a directory: " + file);
            }
            if (file.canWrite()) {
                return;
            }
            log.fatal("Upload temporary directory cannot be written to: " + file);
            throw new ServletException("Upload temporary directory cannot be written to: " + file);
        } catch (ClassNotFoundException | IllegalAccessException | InstantiationException e2) {
            log.fatal("Unable to instantiate class from 'sword-server-class': " + initParameter);
            throw new ServletException("Unable to instantiate class from 'sword-server-class': " + initParameter, e2);
        }
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletResponse.sendError(501);
    }

    /* JADX WARN: Finally extract failed */
    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        File file;
        File file2;
        File file3;
        File file4;
        File file5;
        File file6;
        File file7;
        File file8;
        Deposit deposit = new Deposit();
        log.debug("Starting deposit processing at " + new Date().toString() + " by " + httpServletRequest.getRemoteAddr());
        String usernamePassword = getUsernamePassword(httpServletRequest);
        if (usernamePassword != null && !usernamePassword.equals("")) {
            int indexOf = usernamePassword.indexOf(58);
            if (indexOf != -1) {
                deposit.setUsername(usernamePassword.substring(0, indexOf));
                deposit.setPassword(usernamePassword.substring(indexOf + 1));
            }
        } else if (authenticateWithBasic()) {
            httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"SWORD\"");
            httpServletResponse.setStatus(401);
            return;
        }
        try {
            try {
                try {
                    try {
                        String str = this.tempDirectory + "SWORD-" + httpServletRequest.getRemoteAddr() + "-" + counter.addAndGet(1);
                        log.debug("Package temporarily stored as: " + str);
                        ServletInputStream inputStream = httpServletRequest.getInputStream();
                        FileOutputStream fileOutputStream = new FileOutputStream(new File(str));
                        try {
                            byte[] bArr = new byte[1024];
                            while (true) {
                                int read = inputStream.read(bArr);
                                if (read <= 0) {
                                    break;
                                } else {
                                    fileOutputStream.write(bArr, 0, read);
                                }
                            }
                            inputStream.close();
                            fileOutputStream.close();
                            File file9 = new File(str);
                            long length = file9.length() / 1024;
                            if (this.maxUploadSize != -1 && length > this.maxUploadSize) {
                                makeErrorDocument(ErrorCodes.MAX_UPLOAD_SIZE_EXCEEDED, 413, "The uploaded file exceeded the maximum file size this server will accept (the file is " + length + "kB but the server will only accept files as large as " + this.maxUploadSize + "kB)", httpServletRequest, httpServletResponse);
                                if (str == null || (file8 = new File(str)) == null || file8.delete()) {
                                    return;
                                }
                                log.error("Unable to delete file: " + str);
                                return;
                            }
                            String generateMD5 = ChecksumUtils.generateMD5(str);
                            log.debug("Received filechecksum: " + generateMD5);
                            deposit.setMd5(generateMD5);
                            String header = httpServletRequest.getHeader(HttpHeaders.CONTENT_MD5);
                            log.debug("Received file checksum header: " + header);
                            if (header != null && !header.equals(generateMD5)) {
                                makeErrorDocument(ErrorCodes.ERROR_CHECKSUM_MISMATCH, 412, "The received MD5 checksum for the deposited file did not match the checksum sent by the deposit client", httpServletRequest, httpServletResponse);
                                log.debug("Bad MD5 for file. Aborting with appropriate error message");
                                if (str == null || (file7 = new File(str)) == null || file7.delete()) {
                                    return;
                                }
                                log.error("Unable to delete file: " + str);
                                return;
                            }
                            deposit.setFile(file9);
                            String header2 = httpServletRequest.getHeader(HttpHeaders.X_ON_BEHALF_OF);
                            if (header2 != null && header2.equals("reject")) {
                                throw new SWORDErrorException(ErrorCodes.TARGET_OWNER_UKNOWN, "unknown user \"reject\"");
                            }
                            deposit.setOnBehalfOf(header2);
                            deposit.setPackaging(httpServletRequest.getHeader(HttpHeaders.X_PACKAGING));
                            String header3 = httpServletRequest.getHeader(HttpHeaders.X_NO_OP);
                            log.error("X_NO_OP value is " + header3);
                            if (header3 != null && header3.equals("true")) {
                                deposit.setNoOp(true);
                            } else if (header3 != null && header3.equals("false")) {
                                deposit.setNoOp(false);
                            } else {
                                if (header3 != null) {
                                    throw new SWORDErrorException(ErrorCodes.ERROR_BAD_REQUEST, "Bad no-op");
                                }
                                deposit.setNoOp(false);
                            }
                            String header4 = httpServletRequest.getHeader(HttpHeaders.X_VERBOSE);
                            if (header4 != null && header4.equals("true")) {
                                deposit.setVerbose(true);
                            } else if (header4 != null && header4.equals("false")) {
                                deposit.setVerbose(false);
                            } else {
                                if (header4 != null) {
                                    throw new SWORDErrorException(ErrorCodes.ERROR_BAD_REQUEST, "Bad verbose");
                                }
                                deposit.setVerbose(false);
                            }
                            String header5 = httpServletRequest.getHeader(HttpHeaders.SLUG);
                            if (header5 != null) {
                                deposit.setSlug(header5);
                            }
                            deposit.setContentDisposition(httpServletRequest.getHeader(HttpHeaders.CONTENT_DISPOSITION));
                            deposit.setIPAddress(httpServletRequest.getRemoteAddr());
                            deposit.setLocation(getUrl(httpServletRequest));
                            deposit.setContentType(httpServletRequest.getContentType());
                            String header6 = httpServletRequest.getHeader(HttpHeaders.CONTENT_LENGTH);
                            if (header6 != null && !header6.equals("")) {
                                deposit.setContentLength(Integer.parseInt(header6));
                            }
                            DepositResponse doDeposit = this.myRepository.doDeposit(deposit);
                            if (httpServletRequest.getHeader(HttpHeaders.USER_AGENT) != null) {
                                doDeposit.getEntry().setUserAgent(httpServletRequest.getHeader(HttpHeaders.USER_AGENT));
                            }
                            if (httpServletRequest.getHeader(HttpHeaders.X_PACKAGING) != null) {
                                doDeposit.getEntry().setPackaging(httpServletRequest.getHeader(HttpHeaders.X_PACKAGING));
                            }
                            httpServletResponse.setStatus(doDeposit.getHttpResponse());
                            if (doDeposit.getLocation() != null && !doDeposit.getLocation().equals("")) {
                                httpServletResponse.setHeader("Location", doDeposit.getLocation());
                            }
                            httpServletResponse.setContentType("application/atom+xml; charset=UTF-8");
                            PrintWriter writer = httpServletResponse.getWriter();
                            writer.write(doDeposit.marshall());
                            writer.flush();
                            if (str == null || (file6 = new File(str)) == null || file6.delete()) {
                                return;
                            }
                            log.error("Unable to delete file: " + str);
                        } catch (Throwable th) {
                            inputStream.close();
                            fileOutputStream.close();
                            throw th;
                        }
                    } catch (SWORDException e) {
                        httpServletResponse.sendError(500);
                        log.error(e.toString());
                        if (0 == 0 || (file4 = new File((String) null)) == null || file4.delete()) {
                            return;
                        }
                        log.error("Unable to delete file: " + ((String) null));
                    }
                } catch (SWORDErrorException e2) {
                    log.error(e2.toString());
                    makeErrorDocument(e2.getErrorURI(), e2.getStatus(), e2.getDescription(), httpServletRequest, httpServletResponse);
                    if (0 == 0 || (file3 = new File((String) null)) == null || file3.delete()) {
                        return;
                    }
                    log.error("Unable to delete file: " + ((String) null));
                }
            } catch (NoSuchAlgorithmException e3) {
                httpServletResponse.sendError(500);
                log.error(e3.toString());
                if (0 == 0 || (file2 = new File((String) null)) == null || file2.delete()) {
                    return;
                }
                log.error("Unable to delete file: " + ((String) null));
            } catch (SWORDAuthenticationException e4) {
                if (this.authN.equals("Basic")) {
                    httpServletResponse.setHeader("WWW-Authenticate", "Basic realm=\"SWORD\"");
                    httpServletResponse.setStatus(401);
                }
                if (0 == 0 || (file = new File((String) null)) == null || file.delete()) {
                    return;
                }
                log.error("Unable to delete file: " + ((String) null));
            }
        } catch (Throwable th2) {
            if (0 != 0 && (file5 = new File((String) null)) != null && !file5.delete()) {
                log.error("Unable to delete file: " + ((String) null));
            }
            throw th2;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void makeErrorDocument(String str, int i, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        SWORDErrorDocument sWORDErrorDocument = new SWORDErrorDocument(str);
        Title title = new Title();
        title.setContent("ERROR");
        sWORDErrorDocument.setTitle(title);
        sWORDErrorDocument.setUpdated(new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'").format(Calendar.getInstance().getTime()));
        Summary summary = new Summary();
        summary.setContent(str2);
        sWORDErrorDocument.setSummary(summary);
        if (httpServletRequest.getHeader(HttpHeaders.USER_AGENT) != null) {
            sWORDErrorDocument.setUserAgent(httpServletRequest.getHeader(HttpHeaders.USER_AGENT));
        }
        httpServletResponse.setStatus(i);
        httpServletResponse.setContentType("application/atom+xml; charset=UTF-8");
        PrintWriter writer = httpServletResponse.getWriter();
        writer.write(sWORDErrorDocument.marshall().toXML());
        writer.flush();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getUsernamePassword(HttpServletRequest httpServletRequest) {
        try {
            String header = httpServletRequest.getHeader("Authorization");
            if (header == null) {
                return null;
            }
            StringTokenizer stringTokenizer = new StringTokenizer(header);
            if (stringTokenizer.hasMoreTokens() && stringTokenizer.nextToken().equalsIgnoreCase("Basic")) {
                return new String(Base64.decodeBase64(stringTokenizer.nextToken().getBytes()));
            }
            return null;
        } catch (Exception e) {
            log.debug(e.toString());
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean authenticateWithBasic() {
        return this.authN.equalsIgnoreCase("Basic");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String getUrl(HttpServletRequest httpServletRequest) {
        String stringBuffer = httpServletRequest.getRequestURL().toString();
        String queryString = httpServletRequest.getQueryString();
        if (queryString != null) {
            stringBuffer = stringBuffer + "?" + queryString;
        }
        return stringBuffer;
    }
}
