package org.owasp.passfault.web;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.nio.CharBuffer;
import java.util.Arrays;
import java.util.Collection;
import javax.servlet.ServletConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.owasp.passfault.CompositeFinder;
import org.owasp.passfault.PasswordAnalysis;
import org.owasp.passfault.PatternFinder;
import org.owasp.passfault.SecureString;
import org.owasp.passfault.finders.ExecutorFinder;
import org.owasp.passfault.io.JsonWriter;

/* loaded from: input_file:WEB-INF/lib/passfault-jsonService-0.81.jar:org/owasp/passfault/web/PassfaultServlet.class */
public class PassfaultServlet extends HttpServlet {
    private static final long serialVersionUID = 1;
    private static final int MAX_PASSWORD_SIZE = 50;
    protected Collection<PatternFinder> finders;
    private volatile CompositeFinder compositeFinder = null;
    private JsonWriter jsonWriter = new JsonWriter();

    @Override // javax.servlet.GenericServlet, javax.servlet.Servlet
    public void init(ServletConfig servletConfig) throws ServletException {
        this.finders = buildFinders(servletConfig.getServletContext());
    }

    @Override // javax.servlet.http.HttpServlet
    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (httpServletRequest.getContentLength() <= 0) {
            httpServletResponse.sendError(204, "No password was supplied");
            return;
        }
        if (httpServletRequest.getContentLength() > 50) {
            httpServletResponse.sendError(HttpServletResponse.SC_REQUEST_URI_TOO_LONG, "Password length limited to 50");
            return;
        }
        SecureString password = getPassword(httpServletRequest.getInputStream(), httpServletRequest.getContentLength());
        CompositeFinder compositeFinder = getCompositeFinder();
        try {
            try {
                PasswordAnalysis passwordAnalysis = new PasswordAnalysis(password);
                compositeFinder.blockingAnalyze(passwordAnalysis);
                writeJSON(passwordAnalysis, httpServletResponse.getWriter());
                password.clear();
                httpServletResponse.getWriter().flush();
            } catch (Exception e) {
                httpServletResponse.sendError(500);
                throw new ServletException(e);
            }
        } catch (Throwable th) {
            password.clear();
            httpServletResponse.getWriter().flush();
            throw th;
        }
    }

    protected SecureString getPassword(BufferedReader bufferedReader, int i) throws IOException, ServletException {
        char[] cArr = new char[i];
        SecureString secureString = new SecureString(cArr, 0, bufferedReader.read(CharBuffer.wrap(cArr)));
        Arrays.fill(cArr, '0');
        return secureString;
    }

    protected SecureString getPassword(InputStream inputStream, int i) throws IOException, ServletException {
        return getPassword(new BufferedReader(new InputStreamReader(inputStream, "UTF-8")), i);
    }

    protected Collection<PatternFinder> buildFinders(ServletContext servletContext) throws ServletException {
        try {
            return new BuildFinders().build(servletContext);
        } catch (IOException e) {
            throw new ServletException("An error occurred building the pattern finders", e);
        }
    }

    private void writeJSON(PasswordAnalysis passwordAnalysis, PrintWriter printWriter) throws IOException {
        this.jsonWriter.write(printWriter, passwordAnalysis.calculateHighestProbablePatterns());
    }

    protected CompositeFinder getCompositeFinder() throws ServletException {
        if (this.compositeFinder == null) {
            synchronized (this) {
                if (this.compositeFinder == null) {
                    this.compositeFinder = new ExecutorFinder(this.finders);
                }
            }
        }
        return this.compositeFinder;
    }
}
