package org.owasp.webgoat;

import com.gargoylesoftware.htmlunit.html.HtmlSource;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.owasp.webgoat.lessons.AbstractLesson;
import org.owasp.webgoat.session.Course;
import org.owasp.webgoat.session.WebSession;

/* loaded from: input_file:WebGoat.war:WEB-INF/classes/org/owasp/webgoat/LessonSource.class */
public class LessonSource extends HammerHead {
    private static final long serialVersionUID = 2588430536196446145L;
    public static final String START_SOURCE_SKIP = "START_OMIT_SOURCE";
    public static final String END_SOURCE_SKIP = "END_OMIT_SOURCE";

    @Override // org.owasp.webgoat.HammerHead, javax.servlet.http.HttpServlet
    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        String str = null;
        try {
            try {
                WebSession webSession = (WebSession) httpServletRequest.getSession(true).getAttribute(WebSession.SESSION);
                webSession.update(httpServletRequest, httpServletResponse, getServletName());
                boolean booleanParameter = webSession.getParser().getBooleanParameter("solution", false);
                boolean booleanParameter2 = webSession.getParser().getBooleanParameter(HtmlSource.TAG_NAME, false);
                if (booleanParameter) {
                    str = getSolution(webSession);
                    webSession.getCourse().getLesson(webSession, webSession.getCurrentScreen(), "user").getLessonTracker(webSession).setViewedSolution(true);
                } else if (booleanParameter2) {
                    str = getSource(webSession);
                    webSession.getCourse().getLesson(webSession, webSession.getCurrentScreen(), "user").getLessonTracker(webSession).setViewedSource(true);
                }
                try {
                    writeSource(str, httpServletResponse);
                } catch (Throwable th) {
                    th.printStackTrace();
                    log(httpServletRequest, "Could not write error screen: " + th.getMessage());
                }
            } catch (Throwable th2) {
                th2.printStackTrace();
                log("ERROR: " + th2);
                try {
                    writeSource(null, httpServletResponse);
                } catch (Throwable th3) {
                    th3.printStackTrace();
                    log(httpServletRequest, "Could not write error screen: " + th3.getMessage());
                }
            }
        } catch (Throwable th4) {
            try {
                writeSource(null, httpServletResponse);
            } catch (Throwable th5) {
                th5.printStackTrace();
                log(httpServletRequest, "Could not write error screen: " + th5.getMessage());
            }
            throw th4;
        }
    }

    protected String getSource(WebSession webSession) {
        AbstractLesson lesson;
        String str = null;
        int currentScreen = webSession.getCurrentScreen();
        Course course = webSession.getCourse();
        if ((webSession.isUser() || webSession.isChallenge()) && (lesson = course.getLesson(webSession, currentScreen, "user")) != null) {
            str = lesson.getSource(webSession);
        }
        return str == null ? "Source code is not available. Contact " + webSession.getWebgoatContext().getFeedbackAddressHTML() : str.replaceAll("(?s)START_OMIT_SOURCE.*END_OMIT_SOURCE", "Code Section Deliberately Omitted");
    }

    protected String getSolution(WebSession webSession) {
        AbstractLesson lesson;
        String str = null;
        int currentScreen = webSession.getCurrentScreen();
        Course course = webSession.getCourse();
        if ((webSession.isUser() || webSession.isChallenge()) && (lesson = course.getLesson(webSession, currentScreen, "user")) != null) {
            str = lesson.getSolution(webSession);
        }
        return str == null ? "Solution  is not available. Contact " + webSession.getWebgoatContext().getFeedbackAddressHTML() : str;
    }

    protected void writeSource(String str, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setContentType("text/html");
        PrintWriter writer = httpServletResponse.getWriter();
        if (str == null) {
            str = new String();
        }
        writer.print(str);
        writer.close();
    }
}
