package org.restheart.mongodb.exchange;

import io.undertow.server.HttpServerExchange;
import io.undertow.server.handlers.form.FormData;
import io.undertow.server.handlers.form.FormDataParser;
import io.undertow.server.handlers.form.FormParserFactory;
import io.undertow.util.HeaderValues;
import io.undertow.util.Headers;
import java.io.File;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Path;
import java.util.HashSet;
import java.util.Iterator;
import org.apache.tika.Tika;
import org.bson.BsonDocument;
import org.bson.BsonString;
import org.bson.BsonValue;
import org.bson.json.JsonParseException;
import org.restheart.exchange.BufferedByteArrayRequest;
import org.restheart.exchange.MongoRequest;
import org.restheart.exchange.MongoResponse;
import org.restheart.utils.ChannelReader;
import org.restheart.utils.JsonUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/restheart/mongodb/exchange/BsonRequestContentInjector.class */
public class BsonRequestContentInjector {
    private static final String CONTENT_TYPE = "contentType";
    private static final String ERROR_INVALID_CONTENTTYPE = "Content-Type must be either: application/hal+json or application/json";
    private static final String ERROR_INVALID_CONTENTTYPE_FILE = "Content-Type must be either: application/x-www-form-urlencoded or multipart/form-data";
    static final Logger LOGGER = LoggerFactory.getLogger(BsonRequestContentInjector.class);
    private static final FormParserFactory FORM_PARSER = FormParserFactory.builder().build();

    private static boolean isHalOrJson(HeaderValues headerValues) {
        return headerValues == null || headerValues.isEmpty() || headerValues.stream().anyMatch(str -> {
            return str.startsWith("application/hal+json") || str.startsWith("application/json");
        });
    }

    private static boolean isFormOrMultipart(HeaderValues headerValues) {
        return (headerValues == null || headerValues.isEmpty() || !headerValues.stream().anyMatch(str -> {
            return str.startsWith("application/x-www-form-urlencoded") || str.startsWith("multipart/form-data");
        })) ? false : true;
    }

    public static String checkReservedId(BsonValue bsonValue) {
        if (bsonValue == null) {
            return null;
        }
        if (bsonValue.isDocument()) {
            BsonValue bsonValue2 = bsonValue.asDocument().get("_id");
            if (bsonValue2 == null || !bsonValue2.isString()) {
                return null;
            }
            String value = bsonValue2.asString().getValue();
            if ("_MaxKey".equalsIgnoreCase(value) || "_MinKey".equalsIgnoreCase(value) || "_null".equalsIgnoreCase(value) || "_true".equalsIgnoreCase(value) || "_false".equalsIgnoreCase(value)) {
                return value;
            }
            return null;
        }
        if (!bsonValue.isArray()) {
            LOGGER.warn("content is not an object nor an array");
            return null;
        }
        String str = null;
        for (BsonValue bsonValue3 : bsonValue.asArray().getValues()) {
            if (bsonValue3.isDocument()) {
                str = checkReservedId(bsonValue3);
                if (str != null) {
                    break;
                }
            } else {
                LOGGER.warn("element of content array is not an object");
            }
        }
        return str;
    }

    private static void filterJsonContent(BsonDocument bsonDocument, MongoResponse mongoResponse) {
        filterOutReservedKeys(bsonDocument, mongoResponse);
    }

    private static void filterOutReservedKeys(BsonDocument bsonDocument, MongoResponse mongoResponse) {
        HashSet hashSet = new HashSet();
        bsonDocument.keySet().stream().filter(str -> {
            return str.startsWith("_") && !str.equals("_id");
        }).forEach(str2 -> {
            hashSet.add(str2);
        });
        hashSet.stream().map(str3 -> {
            bsonDocument.remove(str3);
            return str3;
        }).forEach(str4 -> {
            mongoResponse.addWarning("Reserved field " + str4 + " was filtered out from the request");
        });
    }

    private static void injectContentTypeFromFile(BsonDocument bsonDocument, File file) throws IOException {
        String detectMediaType;
        if (bsonDocument.get(CONTENT_TYPE) != null || file == null || (detectMediaType = detectMediaType(file)) == null) {
            return;
        }
        bsonDocument.append(CONTENT_TYPE, new BsonString(detectMediaType));
    }

    protected static BsonDocument extractMetadata(FormData formData) throws JsonParseException {
        BsonDocument bsonDocument = new BsonDocument();
        String value = formData.getFirst("metadata") != null ? formData.getFirst("metadata").getValue() : formData.getFirst("properties") != null ? formData.getFirst("properties").getValue() : null;
        if (value != null) {
            bsonDocument = BsonDocument.parse(value);
        }
        return bsonDocument;
    }

    private static String extractFileField(FormData formData) {
        String str = null;
        Iterator it = formData.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            String str2 = (String) it.next();
            if (formData.getFirst(str2) != null && formData.getFirst(str2).isFileItem()) {
                str = str2;
                break;
            }
        }
        return str;
    }

    public static String detectMediaType(File file) throws IOException {
        return new Tika().detect(file);
    }

    public static void inject(HttpServerExchange httpServerExchange) {
        BsonValue bsonValue;
        MongoRequest of = MongoRequest.of(httpServerExchange);
        MongoResponse of2 = MongoResponse.of(httpServerExchange);
        if (of.isInError() || of.isGet() || of.isOptions() || of.isDelete()) {
            return;
        }
        HeaderValues headerValues = httpServerExchange.getRequestHeaders().get(Headers.CONTENT_TYPE);
        if (isFormOrMultipart(headerValues)) {
            if ((!of.isPost() || !of.isFilesBucket()) && (!of.isPut() || !of.isFile())) {
                of2.setIError(415, ERROR_INVALID_CONTENTTYPE_FILE);
                return;
            }
            FormDataParser createParser = FORM_PARSER.createParser(httpServerExchange);
            if (createParser == null) {
                of2.setIError(406, "There is no form parser registered for the request content type");
                return;
            }
            try {
                FormData parseBlocking = createParser.parseBlocking();
                try {
                    bsonValue = extractMetadata(parseBlocking);
                    String extractFileField = extractFileField(parseBlocking);
                    if (extractFileField == null) {
                        of2.setIError(406, "This request does not contain any binary file");
                        return;
                    }
                    Path file = parseBlocking.getFirst(extractFileField).getFileItem().getFile();
                    of.setFilePath(file);
                    try {
                        injectContentTypeFromFile(bsonValue.asDocument(), file.toFile());
                    } catch (IOException e) {
                        of2.addWarning("error detecting content type");
                        LOGGER.warn("error detecting content type of file", e);
                        return;
                    }
                } catch (JsonParseException | IllegalArgumentException e2) {
                    of2.setInError(406, "Invalid data: 'properties' field is not a valid JSON", e2);
                    return;
                }
            } catch (IOException e3) {
                of2.setInError(406, "Error parsing the multipart form: data could not be read", e3);
                return;
            }
        } else if (isHalOrJson(headerValues)) {
            BufferedByteArrayRequest of3 = BufferedByteArrayRequest.of(httpServerExchange);
            try {
                String str = of3.isContentAvailable() ? new String(of3.readContent(), StandardCharsets.UTF_8) : ChannelReader.read(httpServerExchange.getRequestChannel());
                if (str == null || str.isEmpty()) {
                    bsonValue = null;
                } else {
                    try {
                        bsonValue = JsonUtils.parse(str);
                        if (bsonValue != null && !bsonValue.isDocument() && !bsonValue.isArray()) {
                            throw new IllegalArgumentException("request data must be either a json object or an array, got " + bsonValue.getBsonType().name());
                        }
                    } catch (JsonParseException | IllegalArgumentException e4) {
                        of2.setInError(406, "Invalid JSON. " + e4.getMessage(), e4);
                        return;
                    }
                }
            } catch (IOException e5) {
                LOGGER.error("Error reading request content", e5);
                of2.setIError(406, "Error reading request content");
                return;
            }
        } else {
            if (headerValues != null) {
                of2.setIError(415, ERROR_INVALID_CONTENTTYPE);
                return;
            }
            bsonValue = null;
        }
        if (bsonValue == null) {
            bsonValue = new BsonDocument();
        } else if (bsonValue.isArray()) {
            if (!of.isCollection() || !of.isPost()) {
                of2.setIError(406, "request data can be an array only for POST to collection resources (bulk post)");
                return;
            } else if (!bsonValue.asArray().stream().anyMatch(bsonValue2 -> {
                if (!bsonValue2.isDocument()) {
                    of2.setIError(406, "request data must be either an json object or an array of objects");
                    return false;
                }
                BsonValue bsonValue2 = bsonValue2.asDocument().get("_id");
                if (bsonValue2 == null || !bsonValue2.isArray()) {
                    filterJsonContent(bsonValue2.asDocument(), of2);
                    return true;
                }
                of2.setIError(406, "the type of _id in request data is not supported: " + (bsonValue2 == null ? "" : bsonValue2.getBsonType().name()));
                return false;
            })) {
                return;
            }
        } else if (bsonValue.isDocument()) {
            BsonDocument asDocument = bsonValue.asDocument();
            BsonValue bsonValue3 = asDocument.get("_id");
            if (bsonValue3 != null && bsonValue3.isArray()) {
                of2.setIError(406, "the type of _id in request data is not supported: " + bsonValue3.getBsonType().name());
                return;
            }
            filterJsonContent(asDocument, of2);
        }
        if (of.isPost() || of.isPut()) {
            if (JsonUtils.containsUpdateOperators(bsonValue, true)) {
                of2.setIError(400, "update operators (but $currentDate) cannot be used on POST and PUT requests");
                return;
            }
            bsonValue = JsonUtils.unflatten(bsonValue);
        }
        of.setContent(bsonValue);
    }
}
