package org.sakaiproject.access.tool;

import java.io.IOException;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Properties;
import java.util.Vector;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.sakaiproject.authz.api.SecurityAdvisor;
import org.sakaiproject.authz.api.SecurityService;
import org.sakaiproject.cheftool.VmServlet;
import org.sakaiproject.component.cover.ComponentManager;
import org.sakaiproject.entity.api.EntityAccessOverloadException;
import org.sakaiproject.entity.api.EntityCopyrightException;
import org.sakaiproject.entity.api.EntityManager;
import org.sakaiproject.entity.api.EntityNotDefinedException;
import org.sakaiproject.entity.api.EntityPermissionException;
import org.sakaiproject.entity.api.EntityProducer;
import org.sakaiproject.entity.api.HttpAccess;
import org.sakaiproject.entity.api.Reference;
import org.sakaiproject.entity.api.ResourceProperties;
import org.sakaiproject.tool.api.ActiveToolManager;
import org.sakaiproject.tool.api.Session;
import org.sakaiproject.tool.api.SessionManager;
import org.sakaiproject.tool.api.ToolException;
import org.sakaiproject.util.BaseResourceProperties;
import org.sakaiproject.util.BasicAuth;
import org.sakaiproject.util.ParameterParser;
import org.sakaiproject.util.ResourceLoader;
import org.sakaiproject.util.Validator;
import org.sakaiproject.util.Web;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/sakaiproject/access/tool/AccessServlet.class */
public class AccessServlet extends VmServlet {
    private static final Logger log = LoggerFactory.getLogger(AccessServlet.class);
    protected static ResourceLoader rb = new ResourceLoader("access");
    protected static final boolean STREAM_CONTENT = true;
    protected static final int STREAM_BUFFER_SIZE = 102400;
    protected static final String FORM_VALUE_DELIMETER = "^";
    protected static final String COPYRIGHT_PATH = "/copyright";
    protected static final String COPYRIGHT_REQUIRE = "/require";
    protected static final String COPYRIGHT_ACCEPT = "/accept";
    protected static final String COPYRIGHT_ACCEPT_REF = "ref";
    protected static final String COPYRIGHT_ACCEPT_URL = "url";
    protected static final String COPYRIGHT_ACCEPTED_REFS_ATTR = "Access.Copyright.Accepted";
    protected SecurityService securityService;
    protected EntityManager entityManager;
    protected ActiveToolManager activeToolManager;
    protected SessionManager sessionManager;
    protected boolean m_ready = false;
    protected BasicAuth basicAuth = null;

    /* loaded from: input_file:org/sakaiproject/access/tool/AccessServlet$AccessServletInfo.class */
    public class AccessServletInfo {
        protected long m_startTime = System.currentTimeMillis();
        protected Properties m_options;

        public long getStartTime() {
            return this.m_startTime;
        }

        public long getElapsedTime() {
            return System.currentTimeMillis() - this.m_startTime;
        }

        public AccessServletInfo(HttpServletRequest httpServletRequest) {
            this.m_options = null;
            this.m_options = new Properties();
            httpServletRequest.getContentType();
            Enumeration parameterNames = httpServletRequest.getParameterNames();
            while (parameterNames.hasMoreElements()) {
                String str = (String) parameterNames.nextElement();
                String[] parameterValues = httpServletRequest.getParameterValues(str);
                if (parameterValues.length == AccessServlet.STREAM_CONTENT) {
                    this.m_options.put(str, parameterValues[0]);
                } else {
                    StringBuilder sb = new StringBuilder();
                    for (int i = 0; i < parameterValues.length; i += AccessServlet.STREAM_CONTENT) {
                        sb.append(parameterValues[i] + AccessServlet.FORM_VALUE_DELIMETER);
                    }
                    this.m_options.put(str, sb.toString());
                }
            }
        }

        public String optionsString() {
            StringBuilder sb = new StringBuilder(1024);
            Enumeration keys = this.m_options.keys();
            while (keys.hasMoreElements()) {
                String str = (String) keys.nextElement();
                String property = this.m_options.getProperty(str);
                if (property instanceof String) {
                    sb.append(str);
                    sb.append("=");
                    if (str.equals("password")) {
                        sb.append("*****");
                    } else {
                        sb.append(property.toString());
                    }
                    sb.append("&");
                }
            }
            return sb.toString();
        }
    }

    /* loaded from: input_file:org/sakaiproject/access/tool/AccessServlet$AccessServletInit.class */
    public class AccessServletInit extends Thread {
        public AccessServletInit() {
            AccessServlet.this.m_ready = false;
            start();
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            AccessServlet.this.m_ready = true;
        }
    }

    /* loaded from: input_file:org/sakaiproject/access/tool/AccessServlet$SimpleSecurityAdvisor.class */
    public class SimpleSecurityAdvisor implements SecurityAdvisor {
        protected String m_userId;
        protected String m_function;
        protected String m_reference;

        public SimpleSecurityAdvisor(String str, String str2, String str3) {
            this.m_userId = str;
            this.m_function = str2;
            this.m_reference = str3;
        }

        public SecurityAdvisor.SecurityAdvice isAllowed(String str, String str2, String str3) {
            SecurityAdvisor.SecurityAdvice securityAdvice = SecurityAdvisor.SecurityAdvice.PASS;
            if (this.m_userId.equals(str) && this.m_function.equals(str2) && this.m_reference.equals(str3)) {
                securityAdvice = SecurityAdvisor.SecurityAdvice.ALLOWED;
            }
            return securityAdvice;
        }
    }

    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        startInit();
        this.basicAuth = new BasicAuth();
        this.basicAuth.init();
        this.securityService = (SecurityService) ComponentManager.get(SecurityService.class);
        this.entityManager = (EntityManager) ComponentManager.get(EntityManager.class);
        this.activeToolManager = (ActiveToolManager) ComponentManager.get(ActiveToolManager.class);
        this.sessionManager = (SessionManager) ComponentManager.get(SessionManager.class);
    }

    public void startInit() {
        new AccessServletInit();
    }

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        this.basicAuth.doLogin(httpServletRequest);
        String[] split = httpServletRequest.getPathInfo().split("/");
        if (split.length == 2 && split[STREAM_CONTENT].equals("login")) {
            doLogin(httpServletRequest, httpServletResponse, null);
        } else {
            dispatch(httpServletRequest, httpServletResponse);
        }
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        this.basicAuth.doLogin(httpServletRequest);
        String[] split = httpServletRequest.getPathInfo().split("/");
        if (split.length == 2 && split[STREAM_CONTENT].equals("login")) {
            doLogin(httpServletRequest, httpServletResponse, null);
        } else {
            sendError(httpServletResponse, 404);
        }
    }

    public void dispatch(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException {
        ParameterParser parameterParser = (ParameterParser) httpServletRequest.getAttribute("sakai.wrapper.params");
        String path = parameterParser.getPath();
        if (path == null) {
            path = "";
        }
        if (!this.m_ready) {
            sendError(httpServletResponse, 503);
            return;
        }
        if (COPYRIGHT_PATH.equals(path)) {
            respondCopyrightAlertDemo(httpServletRequest, httpServletResponse);
            return;
        }
        if (COPYRIGHT_REQUIRE.equals(path)) {
            String parameter = httpServletRequest.getParameter(COPYRIGHT_ACCEPT_REF);
            String parameter2 = httpServletRequest.getParameter(COPYRIGHT_ACCEPT_URL);
            Reference newReference = this.entityManager.newReference(parameter);
            this.securityService.pushAdvisor(new SecurityAdvisor() { // from class: org.sakaiproject.access.tool.AccessServlet.1
                public SecurityAdvisor.SecurityAdvice isAllowed(String str, String str2, String str3) {
                    return SecurityAdvisor.SecurityAdvice.ALLOWED;
                }
            });
            ResourceProperties properties = newReference.getProperties();
            this.securityService.popAdvisor();
            if (properties == null) {
                sendError(httpServletResponse, 404);
            }
            setVmReference("validator", new Validator(), httpServletRequest);
            setVmReference("props", properties, httpServletRequest);
            setVmReference("tlang", rb, httpServletRequest);
            setVmReference("accept", Web.returnUrl(httpServletRequest, "/accept?ref=" + Validator.escapeUrl(newReference.getReference()) + "&" + COPYRIGHT_ACCEPT_URL + "=" + Validator.escapeUrl(parameter2)), httpServletRequest);
            httpServletResponse.setContentType("text/html; charset=UTF-8");
            includeVm("vm/access/copyrightAlert.vm", httpServletRequest, httpServletResponse);
            return;
        }
        Collection collection = (Collection) this.sessionManager.getCurrentSession().getAttribute(COPYRIGHT_ACCEPTED_REFS_ATTR);
        if (collection == null) {
            collection = new Vector();
            this.sessionManager.getCurrentSession().setAttribute(COPYRIGHT_ACCEPTED_REFS_ATTR, collection);
        }
        if (COPYRIGHT_ACCEPT.equals(path)) {
            collection.add(this.entityManager.newReference(httpServletRequest.getParameter(COPYRIGHT_ACCEPT_REF)).getReference());
            try {
                httpServletResponse.sendRedirect(Web.returnUrl(httpServletRequest, Validator.escapeUrl(httpServletRequest.getParameter(COPYRIGHT_ACCEPT_URL))));
                return;
            } catch (IOException e) {
                sendError(httpServletResponse, 404);
                return;
            }
        }
        String str = path;
        Reference newReference2 = this.entityManager.newReference(preProcessPath(path, httpServletRequest));
        AccessServletInfo newInfo = newInfo(httpServletRequest);
        try {
            try {
                try {
                    try {
                        EntityProducer entityProducer = newReference2.getEntityProducer();
                        if (entityProducer == null) {
                            throw new EntityNotDefinedException(newReference2.getReference());
                        }
                        HttpAccess httpAccess = entityProducer.getHttpAccess();
                        if (httpAccess == null) {
                            throw new EntityNotDefinedException(newReference2.getReference());
                        }
                        httpAccess.handleAccess(httpServletRequest, httpServletResponse, newReference2, collection);
                        if (log.isDebugEnabled()) {
                            log.debug("from:" + httpServletRequest.getRemoteAddr() + " path:" + parameterParser.getPath() + " options: " + newInfo.optionsString() + " time: " + newInfo.getElapsedTime());
                        }
                    } catch (Throwable th) {
                        if (log.isDebugEnabled()) {
                            log.debug("from:" + httpServletRequest.getRemoteAddr() + " path:" + parameterParser.getPath() + " options: " + newInfo.optionsString() + " time: " + newInfo.getElapsedTime());
                        }
                        throw th;
                    }
                } catch (EntityPermissionException e2) {
                    if (this.sessionManager.getCurrentSessionUserId() == null) {
                        try {
                            doLogin(httpServletRequest, httpServletResponse, str);
                        } catch (IOException e3) {
                        }
                        if (log.isDebugEnabled()) {
                            log.debug("from:" + httpServletRequest.getRemoteAddr() + " path:" + parameterParser.getPath() + " options: " + newInfo.optionsString() + " time: " + newInfo.getElapsedTime());
                            return;
                        }
                        return;
                    }
                    log.debug("dispatch(): ref: " + newReference2.getReference(), e2);
                    sendError(httpServletResponse, 403);
                    if (log.isDebugEnabled()) {
                        log.debug("from:" + httpServletRequest.getRemoteAddr() + " path:" + parameterParser.getPath() + " options: " + newInfo.optionsString() + " time: " + newInfo.getElapsedTime());
                    }
                }
            } catch (EntityCopyrightException e4) {
                try {
                    httpServletResponse.sendRedirect(Web.returnUrl(httpServletRequest, "/require?ref=" + Validator.escapeUrl(e4.getReference()) + "&" + COPYRIGHT_ACCEPT_URL + "=" + Validator.escapeUrl(httpServletRequest.getPathInfo())));
                } catch (IOException e5) {
                }
                if (log.isDebugEnabled()) {
                    log.debug("from:" + httpServletRequest.getRemoteAddr() + " path:" + parameterParser.getPath() + " options: " + newInfo.optionsString() + " time: " + newInfo.getElapsedTime());
                }
            } catch (Throwable th2) {
                log.warn("dispatch(): exception: ", th2);
                sendError(httpServletResponse, 500);
                if (log.isDebugEnabled()) {
                    log.debug("from:" + httpServletRequest.getRemoteAddr() + " path:" + parameterParser.getPath() + " options: " + newInfo.optionsString() + " time: " + newInfo.getElapsedTime());
                }
            }
        } catch (EntityAccessOverloadException e6) {
            log.info("dispatch(): ref: " + newReference2.getReference(), e6);
            sendError(httpServletResponse, 503);
            if (log.isDebugEnabled()) {
                log.debug("from:" + httpServletRequest.getRemoteAddr() + " path:" + parameterParser.getPath() + " options: " + newInfo.optionsString() + " time: " + newInfo.getElapsedTime());
            }
        } catch (EntityNotDefinedException e7) {
            log.debug("dispatch(): ref: " + newReference2.getReference(), e7);
            sendError(httpServletResponse, 404);
            if (log.isDebugEnabled()) {
                log.debug("from:" + httpServletRequest.getRemoteAddr() + " path:" + parameterParser.getPath() + " options: " + newInfo.optionsString() + " time: " + newInfo.getElapsedTime());
            }
        }
    }

    protected String preProcessPath(String str, HttpServletRequest httpServletRequest) {
        return str;
    }

    protected void respondCopyrightAlertDemo(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException {
        setVmReference("props", new BaseResourceProperties(), httpServletRequest);
        setVmReference("validator", new Validator(), httpServletRequest);
        setVmReference("sample", Boolean.TRUE.toString(), httpServletRequest);
        setVmReference("tlang", rb, httpServletRequest);
        httpServletResponse.setContentType("text/html; charset=UTF-8");
        includeVm("vm/access/copyrightAlert.vm", httpServletRequest, httpServletResponse);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void doLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws ToolException, IOException {
        if (this.basicAuth.doAuth(httpServletRequest, httpServletResponse)) {
            log.info("BASIC Auth Request Sent to the Browser ");
            return;
        }
        if (httpServletRequest.getHeader("Range") != null) {
            sendError(httpServletResponse, 403);
            return;
        }
        Session currentSession = this.sessionManager.getCurrentSession();
        if (str != null) {
            currentSession.setAttribute("sakai.tool.helper.done.url", Web.returnUrl(httpServletRequest, Validator.escapeUrl(str)));
        }
        if (currentSession.getAttribute("sakai.tool.helper.done.url") == null) {
            log.warn("doLogin - proceeding with null HELPER_DONE_URL");
        }
        this.activeToolManager.getActiveTool("sakai.login").help(httpServletRequest, httpServletResponse, httpServletRequest.getContextPath() + httpServletRequest.getServletPath() + "/login", "/login");
    }

    protected AccessServletInfo newInfo(HttpServletRequest httpServletRequest) {
        return new AccessServletInfo(httpServletRequest);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void sendError(HttpServletResponse httpServletResponse, int i) {
        try {
            httpServletResponse.sendError(i);
        } catch (Throwable th) {
            log.warn("sendError: " + th);
        }
    }
}
