package org.imsglobal.lti2;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.TreeMap;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.codehaus.jackson.map.ObjectMapper;
import org.codehaus.jackson.map.ObjectWriter;
import org.imsglobal.basiclti.BasicLTIConstants;
import org.imsglobal.basiclti.BasicLTIUtil;
import org.imsglobal.basiclti.LtiVerificationResult;
import org.imsglobal.json.IMSJSONRequest;
import org.imsglobal.lti2.objects.Service_offered;
import org.imsglobal.lti2.objects.StandardServices;
import org.imsglobal.lti2.objects.ToolConsumer;
import org.json.simple.JSONArray;
import org.json.simple.JSONObject;
import org.json.simple.JSONValue;

/* loaded from: input_file:org/imsglobal/lti2/LTI2Servlet.class */
public class LTI2Servlet extends HttpServlet {
    private static final long serialVersionUID = 1;
    protected Service_offered LTI2ResultItem = null;
    protected Service_offered LTI2LtiLinkSettings = null;
    protected Service_offered LTI2ToolProxyBindingSettings = null;
    protected Service_offered LTI2ToolProxySettings = null;
    private static final String SVC_tc_profile = "tc_profile";
    private static final String SVC_tc_registration = "tc_registration";
    private static final String SVC_Settings = "Settings";
    private static final String SVC_Result = "Result";
    private static final String EMPTY_JSON_OBJECT = "{\n}\n";
    private static final String APPLICATION_JSON = "application/json";
    private static Log M_log = LogFactory.getLog(LTI2Servlet.class);
    private static String TEST_KEY = "42";
    private static String TEST_SECRET = "zaphod";
    private static Map<String, String> PERSIST = new TreeMap();

    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
    }

    protected void doPut(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doPost(httpServletRequest, httpServletResponse);
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doPost(httpServletRequest, httpServletResponse);
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        try {
            doRequest(httpServletRequest, httpServletResponse);
        } catch (Exception e) {
            M_log.warn("General LTI2 Failure URI=" + httpServletRequest.getRequestURI() + " IP=" + httpServletRequest.getRemoteAddr());
            e.printStackTrace();
            httpServletResponse.setStatus(500);
            doErrorJSON(httpServletRequest, httpServletResponse, null, "General failure", e);
        }
    }

    protected void doRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        System.out.println("getServiceURL=" + getServiceURL(httpServletRequest));
        System.out.println("LTI Service request from IP=" + httpServletRequest.getRemoteAddr());
        httpServletRequest.getPathInfo();
        String requestURI = httpServletRequest.getRequestURI();
        String[] split = requestURI.split("/");
        if (split.length < 4) {
            httpServletResponse.setStatus(400);
            doErrorJSON(httpServletRequest, httpServletResponse, null, "Incorrect url format", null);
            return;
        }
        String str = split[3];
        if ("register".equals(str)) {
            doRegister(httpServletRequest, httpServletResponse);
            return;
        }
        if ("launch".equals(str)) {
            doLaunch(httpServletRequest, httpServletResponse);
            return;
        }
        if (SVC_tc_profile.equals(str) && split.length == 5) {
            getToolConsumerProfile(httpServletRequest, httpServletResponse, split[4]);
            return;
        }
        if (SVC_tc_registration.equals(str) && split.length == 5) {
            registerToolProviderProfile(httpServletRequest, httpServletResponse, split[4]);
            return;
        }
        if ("Result".equals(str) && split.length == 5) {
            handleResultRequest(httpServletRequest, httpServletResponse, split[4]);
            return;
        }
        if (SVC_Settings.equals(str) && split.length >= 6) {
            handleSettingsRequest(httpServletRequest, httpServletResponse, split);
            return;
        }
        IMSJSONRequest iMSJSONRequest = new IMSJSONRequest(httpServletRequest);
        if (iMSJSONRequest.valid) {
            System.out.println(iMSJSONRequest.getPostBody());
        }
        httpServletResponse.setStatus(501);
        M_log.warn("Unknown request=" + requestURI);
        doErrorJSON(httpServletRequest, httpServletResponse, null, "Unknown request=" + requestURI, null);
    }

    protected void doRegister(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String str;
        PERSIST.clear();
        String parameter = httpServletRequest.getParameter("launch_url");
        httpServletResponse.setContentType("text/html");
        if (parameter != null) {
            Properties properties = new Properties();
            properties.setProperty(BasicLTIConstants.LTI_VERSION, "LTI-2p0");
            properties.setProperty(LTI2Constants.REG_KEY, TEST_KEY);
            properties.setProperty(LTI2Constants.REG_PASSWORD, TEST_SECRET);
            properties.setProperty(BasicLTIUtil.BASICLTI_SUBMIT, "Press to Launch External Tool");
            properties.setProperty(BasicLTIConstants.LTI_MESSAGE_TYPE, BasicLTIConstants.LTI_MESSAGE_TYPE_TOOLPROXYREGISTRATIONREQUEST);
            String serviceURL = getServiceURL(httpServletRequest);
            properties.setProperty("tc_profile_url", serviceURL + SVC_tc_profile + "/" + TEST_KEY);
            properties.setProperty(BasicLTIConstants.LAUNCH_PRESENTATION_RETURN_URL, serviceURL + "launch");
            System.out.println("ltiProps=" + properties);
            str = BasicLTIUtil.postLaunchHTML(properties, parameter, true);
        } else {
            str = "<form>Register URL:<br/><input type=\"text\" name=\"launch_url\" size=\"80\"\nvalue=\"http://localhost:8888/sakai-api-test/tp.php\"><input type=\"submit\">\n";
        }
        try {
            httpServletResponse.getWriter().println(str);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    protected void doLaunch(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String postLaunchHTML;
        String str = PERSIST.get("profile");
        httpServletResponse.setContentType("text/html");
        if (str == null) {
            postLaunchHTML = "Missing profile";
        } else {
            JSONObject jSONObject = (JSONObject) JSONValue.parse(str);
            ArrayList<Properties> arrayList = new ArrayList();
            LTI2Util.parseToolProfile(arrayList, new Properties(), jSONObject);
            String str2 = null;
            String str3 = null;
            for (Properties properties : arrayList) {
                str2 = (String) properties.get("launch");
                str3 = (String) properties.get("parameter");
            }
            String str4 = (String) ((JSONObject) jSONObject.get(LTI2Constants.SECURITY_CONTRACT)).get(LTI2Constants.SHARED_SECRET);
            System.out.println("launch=" + str2);
            System.out.println("shared_secret=" + str4);
            Properties launch = LTI2SampleData.getLaunch();
            launch.setProperty(BasicLTIConstants.LTI_VERSION, "LTI-2p0");
            Properties substitution = LTI2SampleData.getSubstitution();
            String str5 = getServiceURL(httpServletRequest) + SVC_Settings + "/";
            substitution.setProperty("LtiLink.custom.url", str5 + LTI2Util.SCOPE_LtiLink + "/" + launch.getProperty(BasicLTIConstants.RESOURCE_LINK_ID));
            substitution.setProperty("ToolProxyBinding.custom.url", str5 + LTI2Util.SCOPE_ToolProxyBinding + "/" + launch.getProperty(BasicLTIConstants.CONTEXT_ID));
            substitution.setProperty("ToolProxy.custom.url", str5 + "ToolProxy/" + TEST_KEY);
            substitution.setProperty("Result.url", getServiceURL(httpServletRequest) + "Result/" + launch.getProperty(BasicLTIConstants.RESOURCE_LINK_ID));
            Properties properties2 = new Properties();
            LTI2Util.mergeLTI2Parameters(properties2, str3);
            LTI2Util.substituteCustom(properties2, substitution);
            LTI2Util.addCustomToLaunch(launch, properties2);
            postLaunchHTML = BasicLTIUtil.postLaunchHTML(BasicLTIUtil.signProperties(launch, str2, "POST", TEST_KEY, str4, null, null, null), str2, true);
        }
        try {
            httpServletResponse.getWriter().println(postLaunchHTML);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    protected void getToolConsumerProfile(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        ToolConsumer buildToolConsumerProfile = buildToolConsumerProfile(httpServletRequest, null, str);
        try {
            ObjectWriter defaultPrettyPrintingWriter = new ObjectMapper().defaultPrettyPrintingWriter();
            httpServletResponse.setContentType(APPLICATION_JSON);
            httpServletResponse.getWriter().println(defaultPrettyPrintingWriter.writeValueAsString(buildToolConsumerProfile));
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    protected ToolConsumer buildToolConsumerProfile(HttpServletRequest httpServletRequest, Map<String, Object> map, String str) {
        ToolConsumer toolConsumer = new ToolConsumer(str + "", getServiceURL(httpServletRequest), new LTI2ConfigSample());
        List<String> capability_offered = toolConsumer.getCapability_offered();
        LTI2Util.allowEmail(capability_offered);
        LTI2Util.allowName(capability_offered);
        LTI2Util.allowSettings(capability_offered);
        LTI2Util.allowResult(capability_offered);
        List<Service_offered> service_offered = toolConsumer.getService_offered();
        service_offered.add(StandardServices.LTI2Registration(getServiceURL(httpServletRequest) + SVC_tc_registration + "/" + str));
        service_offered.add(StandardServices.LTI2ResultItem(getServiceURL(httpServletRequest) + "Result/{" + BasicLTIConstants.LIS_RESULT_SOURCEDID + "}"));
        service_offered.add(StandardServices.LTI2LtiLinkSettings(getServiceURL(httpServletRequest) + SVC_Settings + "/" + LTI2Util.SCOPE_LtiLink + "/{" + BasicLTIConstants.RESOURCE_LINK_ID + "}"));
        service_offered.add(StandardServices.LTI2ToolProxySettings(getServiceURL(httpServletRequest) + SVC_Settings + "/" + LTI2Util.SCOPE_ToolProxyBinding + "/{" + BasicLTIConstants.CONTEXT_ID + "}"));
        service_offered.add(StandardServices.LTI2ToolProxySettings(getServiceURL(httpServletRequest) + SVC_Settings + "/ToolProxy/{" + LTI2Constants.TOOL_PROXY_GUID + "}"));
        return toolConsumer;
    }

    public void registerToolProviderProfile(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        if (!TEST_KEY.equals(str)) {
            httpServletResponse.setStatus(404);
            return;
        }
        String str2 = TEST_KEY;
        String str3 = TEST_SECRET;
        IMSJSONRequest iMSJSONRequest = new IMSJSONRequest(httpServletRequest);
        if (!iMSJSONRequest.valid) {
            httpServletResponse.setStatus(400);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "Request is not in a valid format", null);
            return;
        }
        System.out.println(iMSJSONRequest.getPostBody());
        if (str2 == null || str3 == null) {
            httpServletResponse.setStatus(403);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "Deployment is missing credentials", null);
            return;
        }
        iMSJSONRequest.validateRequest(str2, str3, httpServletRequest);
        if (!iMSJSONRequest.valid) {
            httpServletResponse.setStatus(403);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "OAuth signature failure", null);
            return;
        }
        JSONObject jSONObject = (JSONObject) JSONValue.parse(iMSJSONRequest.getPostBody());
        if (jSONObject == null) {
            httpServletResponse.setStatus(400);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "JSON parse failed", null);
            return;
        }
        JSONObject jSONObject2 = (JSONObject) jSONObject.get(LTI2Constants.SECURITY_CONTRACT);
        if (jSONObject2 == null) {
            httpServletResponse.setStatus(400);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "JSON missing security_contract", null);
            return;
        }
        String str4 = (String) jSONObject2.get(LTI2Constants.SHARED_SECRET);
        System.out.println("shared_secret=" + str4);
        if (str4 == null) {
            httpServletResponse.setStatus(400);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "JSON missing shared_secret", null);
            return;
        }
        ToolConsumer buildToolConsumerProfile = buildToolConsumerProfile(httpServletRequest, null, str);
        String validateServices = LTI2Util.validateServices(buildToolConsumerProfile, jSONObject);
        if (validateServices != null) {
            httpServletResponse.setStatus(400);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, validateServices, null);
            return;
        }
        String validateCapabilities = LTI2Util.validateCapabilities(buildToolConsumerProfile, jSONObject);
        if (validateCapabilities != null) {
            httpServletResponse.setStatus(400);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, validateCapabilities, null);
            return;
        }
        PERSIST.put("profile", jSONObject.toString());
        TreeMap treeMap = new TreeMap();
        treeMap.put(LTI2Constants.CONTEXT, StandardServices.TOOLPROXY_ID_CONTEXT);
        treeMap.put(LTI2Constants.TYPE, "ToolProxy");
        treeMap.put(LTI2Constants.JSONLD_ID, getServiceURL(httpServletRequest) + SVC_tc_registration + "/" + str);
        treeMap.put(LTI2Constants.TOOL_PROXY_GUID, str);
        treeMap.put(LTI2Constants.CUSTOM_URL, getServiceURL(httpServletRequest) + SVC_Settings + "/ToolProxy/" + str);
        httpServletResponse.setContentType(StandardServices.TOOLPROXY_ID_FORMAT);
        httpServletResponse.setStatus(201);
        String jSONString = JSONValue.toJSONString(treeMap);
        M_log.debug(jSONString);
        httpServletResponse.getWriter().println(jSONString);
    }

    public String getServiceURL(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getScheme() + "://" + httpServletRequest.getServerName() + ":" + httpServletRequest.getServerPort() + httpServletRequest.getContextPath() + httpServletRequest.getServletPath() + "/";
    }

    public void handleResultRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        String str2;
        IMSJSONRequest iMSJSONRequest = null;
        if (!"GET".equals(httpServletRequest.getMethod())) {
            if ("PUT".equals(httpServletRequest.getMethod())) {
                try {
                    iMSJSONRequest = new IMSJSONRequest(httpServletRequest);
                    JSONObject jSONObject = (JSONObject) JSONValue.parse(iMSJSONRequest.getPostBody());
                    String str3 = (String) jSONObject.get(LTI2Constants.COMMENT);
                    Double d = new Double((String) ((JSONObject) jSONObject.get(LTI2Constants.RESULTSCORE)).get(LTI2Constants.VALUE));
                    PERSIST.put(LTI2Constants.COMMENT, str3);
                    PERSIST.put(LTI2Constants.GRADE, d + "");
                    httpServletResponse.setStatus(200);
                    return;
                } catch (Exception e) {
                    str2 = "Error: " + e.getMessage();
                }
            } else {
                str2 = "Unsupported operation:" + httpServletRequest.getMethod();
            }
            httpServletResponse.setStatus(400);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, str2, null);
            return;
        }
        String str4 = PERSIST.get(LTI2Constants.GRADE);
        String str5 = PERSIST.get(LTI2Constants.COMMENT);
        TreeMap treeMap = new TreeMap();
        TreeMap treeMap2 = new TreeMap();
        treeMap.put(LTI2Constants.CONTEXT, StandardServices.RESULT_CONTEXT);
        treeMap.put(LTI2Constants.TYPE, "Result");
        treeMap2.put(LTI2Constants.TYPE, LTI2Constants.GRADE_TYPE_DECIMAL);
        treeMap.put(LTI2Constants.COMMENT, str4);
        treeMap2.put(LTI2Constants.VALUE, str5);
        treeMap.put(LTI2Constants.RESULTSCORE, treeMap2);
        httpServletResponse.setContentType(StandardServices.RESULT_FORMAT);
        httpServletResponse.setStatus(200);
        String jSONString = JSONValue.toJSONString(treeMap);
        M_log.debug(jSONString);
        httpServletResponse.getWriter().println(jSONString);
    }

    public void handleSettingsRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String[] strArr) throws IOException {
        String postBody;
        JSONArray jSONArray;
        String stringBuffer = httpServletRequest.getRequestURL().toString();
        System.out.println("URL=" + stringBuffer);
        String str = strArr[4];
        System.out.println("scope=" + str);
        String header = httpServletRequest.getHeader("Accept");
        httpServletRequest.getContentType();
        boolean z = header == null || header.indexOf(StandardServices.TOOLSETTINGS_FORMAT) >= 0;
        System.out.println("accept=" + header + " ac=" + z);
        IMSJSONRequest iMSJSONRequest = null;
        JSONObject jSONObject = null;
        if ("PUT".equals(httpServletRequest.getMethod())) {
            try {
                iMSJSONRequest = new IMSJSONRequest(httpServletRequest);
                jSONObject = (JSONObject) JSONValue.parse(iMSJSONRequest.getPostBody());
            } catch (Exception e) {
                httpServletResponse.setStatus(400);
                doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "Could not parse JSON", e);
                return;
            }
        }
        String str2 = TEST_KEY;
        LtiVerificationResult validateMessage = BasicLTIUtil.validateMessage(httpServletRequest, stringBuffer, (String) ((JSONObject) ((JSONObject) JSONValue.parse(PERSIST.get("profile"))).get(LTI2Constants.SECURITY_CONTRACT)).get(LTI2Constants.SHARED_SECRET));
        if (!validateMessage.getSuccess().booleanValue()) {
            httpServletResponse.setStatus(403);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, validateMessage.getMessage(), null);
            return;
        }
        String str3 = getServiceURL(httpServletRequest) + SVC_Settings;
        String str4 = str3 + "/ToolProxy/" + str2;
        String str5 = str3 + "/" + LTI2Util.SCOPE_ToolProxyBinding + "/TBD";
        String str6 = str3 + "/" + LTI2Util.SCOPE_LtiLink + "/TBD";
        JSONObject parseSettings = LTI2Util.parseSettings(PERSIST.get(LTI2Util.SCOPE_LtiLink));
        JSONObject parseSettings2 = LTI2Util.parseSettings(PERSIST.get(LTI2Util.SCOPE_ToolProxyBinding));
        JSONObject parseSettings3 = LTI2Util.parseSettings(PERSIST.get("ToolProxy"));
        if ("GET".equals(httpServletRequest.getMethod())) {
            Object settings = LTI2Util.getSettings(httpServletRequest, str, parseSettings, parseSettings2, parseSettings3, str6, str5, str4);
            if (settings instanceof String) {
                httpServletResponse.setStatus(400);
                doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, (String) settings, null);
                return;
            }
            if (z) {
                httpServletResponse.setContentType(StandardServices.TOOLSETTINGS_FORMAT);
            } else {
                httpServletResponse.setContentType(StandardServices.TOOLSETTINGS_SIMPLE_FORMAT);
            }
            JSONObject jSONObject2 = (JSONObject) settings;
            httpServletResponse.setStatus(200);
            PrintWriter writer = httpServletResponse.getWriter();
            System.out.println("jsonResponse=" + jSONObject2);
            writer.println(jSONObject2.toString());
            return;
        }
        if (!"PUT".equals(httpServletRequest.getMethod())) {
            httpServletResponse.setStatus(400);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "Method not handled=" + httpServletRequest.getMethod(), null);
            return;
        }
        try {
            jSONArray = (JSONArray) jSONObject.get(LTI2Constants.GRAPH);
        } catch (Exception e2) {
            postBody = iMSJSONRequest.getPostBody();
        }
        if (jSONArray.size() != 1) {
            httpServletResponse.setStatus(400);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "Only one graph entry allowed", null);
            return;
        }
        postBody = ((JSONObject) ((JSONObject) jSONArray.get(0)).get(LTI2Constants.CUSTOM)).toString();
        PERSIST.put(str, postBody);
        System.out.println("Stored settings scope=" + str);
        System.out.println("settings=" + postBody);
        httpServletResponse.setStatus(200);
    }

    public void doErrorJSON(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, IMSJSONRequest iMSJSONRequest, String str, Exception exc) throws IOException {
        if (exc != null) {
            M_log.error(exc.getLocalizedMessage(), exc);
        }
        M_log.info(str);
        System.out.println(IMSJSONRequest.doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, str, exc));
    }

    public void destroy() {
    }
}
