package org.logevents.extend.servlets;

import java.io.IOException;
import java.io.InputStreamReader;
import java.security.GeneralSecurityException;
import java.time.Instant;
import java.time.ZoneId;
import java.util.Base64;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Optional;
import java.util.Random;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.spec.SecretKeySpec;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.logevents.LogEvent;
import org.logevents.LogEventFactory;
import org.logevents.observers.WebLogEventObserver;
import org.logevents.status.LogEventStatus;
import org.logevents.util.JsonParser;
import org.logevents.util.JsonUtil;
import org.logevents.util.LogEventConfigurationException;
import org.logevents.util.openid.OpenIdConfiguration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.Marker;
import org.slf4j.MarkerFactory;

/* loaded from: input_file:org/logevents/extend/servlets/LogEventsServlet.class */
public class LogEventsServlet extends HttpServlet {
    private static final String LOGEVENTS_API = "/org/logevents/swagger.json";
    private Cipher encryptCipher;
    private Cipher decryptCipher;
    private static final String CHARS = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) LogEventsServlet.class);
    private static final Marker AUDIT = MarkerFactory.getMarker("AUDIT");
    private static final Random random = new Random();

    public void init() throws ServletException {
        setupEncryption(getObserver().getCookieEncryptionKey());
    }

    void setupEncryption(Optional<String> optional) {
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(optional.orElseGet(() -> {
                return randomString(40);
            }).getBytes(), "Blowfish");
            this.encryptCipher = Cipher.getInstance("Blowfish");
            this.encryptCipher.init(1, secretKeySpec);
            this.decryptCipher = Cipher.getInstance("Blowfish");
            this.decryptCipher.init(2, secretKeySpec);
        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        if (httpServletRequest.getPathInfo() == null) {
            httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + httpServletRequest.getServletPath() + "/" + (httpServletRequest.getQueryString() != null ? "?" + httpServletRequest.getQueryString() : ""));
            return;
        }
        if (httpServletRequest.getPathInfo().equals("/")) {
            if (httpServletRequest.getParameter("time") != null || httpServletRequest.getParameter("instant") == null) {
                httpServletResponse.setContentType("text/html");
                copyResource(httpServletResponse, getObserver().getLogEventsHtml());
                return;
            } else {
                Instant parse = Instant.parse(httpServletRequest.getParameter("instant"));
                httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + httpServletRequest.getServletPath() + "/?time=" + parse.atZone(ZoneId.systemDefault()).toLocalTime() + "&date=" + parse.atZone(ZoneId.systemDefault()).toLocalDate() + "&" + httpServletRequest.getQueryString());
                return;
            }
        }
        if (httpServletRequest.getPathInfo().equals("/swagger.json")) {
            httpServletResponse.setContentType("application/json");
            Map<String, Object> parseObject = JsonParser.parseObject(getClass().getResourceAsStream(LOGEVENTS_API));
            HashMap hashMap = new HashMap();
            hashMap.put("url", httpServletRequest.getContextPath() + httpServletRequest.getServletPath());
            parseObject.put("servers", Collections.singletonList(hashMap));
            httpServletResponse.getWriter().write(JsonUtil.toIndentedJson(parseObject));
            return;
        }
        if (httpServletRequest.getPathInfo().equals("/login")) {
            String randomString = randomString(50);
            Cookie cookie = new Cookie("logevents.query", httpServletRequest.getQueryString());
            cookie.setMaxAge(300);
            httpServletResponse.addCookie(cookie);
            httpServletResponse.sendRedirect(getOpenIdConfiguration().getAuthorizationUrl(randomString, getServletUrl(httpServletRequest)));
            return;
        }
        if (httpServletRequest.getPathInfo().equals("/oauth2callback")) {
            if (httpServletRequest.getParameter("error_description") != null) {
                httpServletResponse.getWriter().write("Login failed\n\n");
                httpServletResponse.getWriter().write(httpServletRequest.getParameter("error_description"));
                return;
            }
            Map<String, Object> fetchIdToken = getOpenIdConfiguration().fetchIdToken(httpServletRequest.getParameter("code"), getServletUrl(httpServletRequest) + "/oauth2callback");
            logger.warn(AUDIT, "User logged in {}", fetchIdToken);
            LogEventStatus.getInstance().addInfo(this, "User logged in " + fetchIdToken);
            httpServletResponse.addCookie(createSessionCookie(fetchIdToken));
            String str = httpServletRequest.getContextPath() + httpServletRequest.getServletPath() + "/";
            httpServletResponse.sendRedirect((String) findCookie(httpServletRequest.getCookies(), "logevents.query").map(str2 -> {
                return str + "?" + str2;
            }).orElse(str));
            return;
        }
        if (!authenticated(httpServletResponse, httpServletRequest.getCookies())) {
            httpServletResponse.sendError(401, "Please log in");
            return;
        }
        if (!httpServletRequest.getPathInfo().equals("/events")) {
            httpServletResponse.sendError(404, "Not found " + httpServletRequest.getPathInfo());
            return;
        }
        LogEventFilter logEventFilter = new LogEventFilter(httpServletRequest.getParameterMap());
        Collection<LogEvent> collectMessages = logEventFilter.collectMessages(getObserver().getLogEventBuffer());
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("facets", logEventFilter.collectFacets(collectMessages));
        Stream<LogEvent> filter = collectMessages.stream().filter(logEventFilter);
        WebLogEventObserver observer = getObserver();
        observer.getClass();
        linkedHashMap.put("events", filter.map(observer::format).collect(Collectors.toList()));
        httpServletResponse.setContentType("application/json");
        httpServletResponse.getWriter().write(JsonUtil.toIndentedJson(linkedHashMap));
    }

    protected OpenIdConfiguration getOpenIdConfiguration() throws ServletException {
        return getObserver().getOpenIdConfiguration();
    }

    private Optional<String> findCookie(Cookie[] cookieArr, String str) {
        return Optional.ofNullable(cookieArr).flatMap(cookieArr2 -> {
            return Stream.of((Object[]) cookieArr2).filter(cookie -> {
                return cookie.getName().equals(str);
            }).map((v0) -> {
                return v0.getValue();
            }).findAny();
        });
    }

    private String getServletUrl(HttpServletRequest httpServletRequest) {
        return getServerUrl(httpServletRequest) + httpServletRequest.getContextPath() + httpServletRequest.getServletPath();
    }

    Cookie createSessionCookie(Map<String, Object> map) {
        return new Cookie("logevents.session", encrypt("subject=" + map.get("sub") + "\nsessionTime=" + Instant.ofEpochSecond(Long.parseLong(map.get("iat").toString()))));
    }

    private String encrypt(String str) {
        try {
            return Base64.getEncoder().encodeToString(this.encryptCipher.doFinal(str.getBytes()));
        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

    String decrypt(String str) throws BadPaddingException, IllegalBlockSizeException {
        return new String(this.decryptCipher.doFinal(Base64.getDecoder().decode(str)));
    }

    private String randomString(int i) {
        StringBuilder sb = new StringBuilder(i);
        for (int i2 = 0; i2 < i; i2++) {
            sb.append(CHARS.charAt(random.nextInt(CHARS.length())));
        }
        return sb.toString();
    }

    boolean authenticated(HttpServletResponse httpServletResponse, Cookie[] cookieArr) {
        if (cookieArr == null) {
            return false;
        }
        for (Cookie cookie : cookieArr) {
            if (cookie.getName().equals("logevents.session")) {
                try {
                    Map map = (Map) Stream.of((Object[]) decrypt(cookie.getValue()).split("\n")).collect(Collectors.toMap(str -> {
                        return str.split("=")[0];
                    }, str2 -> {
                        return str2.split("=")[1];
                    }));
                    if (map.containsKey("sessionTime")) {
                        if (Instant.now().isBefore(Instant.parse((CharSequence) map.get("sessionTime")).plusSeconds(3600L))) {
                            return true;
                        }
                    }
                } catch (ArrayIndexOutOfBoundsException | IllegalArgumentException | GeneralSecurityException e) {
                    LogEventStatus.getInstance().addError(this, "Decoding session failed", e);
                }
                cookie.setValue("");
                cookie.setMaxAge(0);
                httpServletResponse.addCookie(cookie);
                return false;
            }
        }
        return false;
    }

    private void copyResource(HttpServletResponse httpServletResponse, String str) throws IOException {
        InputStreamReader inputStreamReader = new InputStreamReader(getClass().getResourceAsStream(str));
        Throwable th = null;
        while (true) {
            try {
                try {
                    int read = inputStreamReader.read();
                    if (read == -1) {
                        break;
                    } else {
                        httpServletResponse.getWriter().write((char) read);
                    }
                } catch (Throwable th2) {
                    th = th2;
                    throw th2;
                }
            } catch (Throwable th3) {
                if (inputStreamReader != null) {
                    if (th != null) {
                        try {
                            inputStreamReader.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        inputStreamReader.close();
                    }
                }
                throw th3;
            }
        }
        if (inputStreamReader != null) {
            if (0 == 0) {
                inputStreamReader.close();
                return;
            }
            try {
                inputStreamReader.close();
            } catch (Throwable th5) {
                th.addSuppressed(th5);
            }
        }
    }

    private String getServerUrl(HttpServletRequest httpServletRequest) {
        String str = (String) Optional.ofNullable(httpServletRequest.getHeader("X-Forwarded-Proto")).orElse(httpServletRequest.getScheme());
        int intValue = ((Integer) Optional.ofNullable(httpServletRequest.getHeader("X-Forwarded-Port")).map(Integer::parseInt).orElse(Integer.valueOf(httpServletRequest.getServerPort()))).intValue();
        String serverName = httpServletRequest.getServerName();
        int i = str.equals("https") ? 443 : 80;
        StringBuilder sb = new StringBuilder();
        sb.append(str).append("://").append(serverName);
        if (intValue != i) {
            sb.append(":").append(intValue);
        }
        return sb.toString();
    }

    public WebLogEventObserver getObserver() throws ServletException {
        try {
            return (WebLogEventObserver) LogEventFactory.getInstance().getObserver("servlet");
        } catch (LogEventConfigurationException e) {
            throw new ServletException("logevents.properties must contain observer.servlet=WebLogEventObserver to use " + this);
        }
    }
}
