package org.webswing.server;

import com.google.common.net.HttpHeaders;
import com.google.inject.Inject;
import com.google.inject.Singleton;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintStream;
import java.net.URL;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import org.apache.commons.lang.StringUtils;
import org.apache.http.cookie.ClientCookie;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.webswing.Constants;
import org.webswing.model.s2c.ApplicationInfoMsg;
import org.webswing.server.base.PrimaryUrlHandler;
import org.webswing.server.base.UrlHandler;
import org.webswing.server.common.model.SecuredPathConfig;
import org.webswing.server.common.model.admin.ApplicationInfo;
import org.webswing.server.common.model.admin.InstanceManagerStatus;
import org.webswing.server.common.model.meta.MetaObject;
import org.webswing.server.common.model.rest.LogRequest;
import org.webswing.server.common.model.rest.LogResponse;
import org.webswing.server.common.util.CommonUtil;
import org.webswing.server.model.exception.WsException;
import org.webswing.server.services.config.ConfigurationChangeEvent;
import org.webswing.server.services.config.ConfigurationChangeListener;
import org.webswing.server.services.config.ConfigurationService;
import org.webswing.server.services.resources.ResourceHandlerService;
import org.webswing.server.services.security.api.BuiltInModules;
import org.webswing.server.services.security.api.WebswingAction;
import org.webswing.server.services.security.api.WebswingSecurityConfig;
import org.webswing.server.services.security.login.LoginHandlerService;
import org.webswing.server.services.security.login.SecuredPathHandler;
import org.webswing.server.services.security.modules.SecurityModuleService;
import org.webswing.server.services.swinginstance.SwingInstance;
import org.webswing.server.services.swingmanager.SwingInstanceHolder;
import org.webswing.server.services.swingmanager.SwingInstanceManager;
import org.webswing.server.services.swingmanager.SwingInstanceManagerService;
import org.webswing.server.services.websocket.WebSocketService;
import org.webswing.server.util.LogReaderUtil;

@Singleton
/* loaded from: input_file:WEB-INF/classes/org/webswing/server/GlobalUrlHandler.class */
public class GlobalUrlHandler extends PrimaryUrlHandler implements SwingInstanceHolder, SecuredPathHandler {
    private static final Logger log = LoggerFactory.getLogger(GlobalUrlHandler.class);
    private static final String SERVERNAME = System.getProperty(Constants.BRANDING_PREFIX, "webswing.org");
    private final WebSocketService websocket;
    private final ConfigurationService configService;
    private final SwingInstanceManagerService appFactory;
    private final ResourceHandlerService resourceService;
    private final LoginHandlerService loginService;
    private ServletContext servletContext;
    private Map<String, SwingInstanceManager> instanceManagers;
    private final ConfigurationChangeListener changeListener;

    @Inject
    public GlobalUrlHandler(WebSocketService webSocketService, ConfigurationService configurationService, SwingInstanceManagerService swingInstanceManagerService, ResourceHandlerService resourceHandlerService, SecurityModuleService securityModuleService, LoginHandlerService loginHandlerService, ServletContext servletContext) {
        super(null, securityModuleService, configurationService);
        this.instanceManagers = new LinkedHashMap();
        this.changeListener = new ConfigurationChangeListener() { // from class: org.webswing.server.GlobalUrlHandler.1
            @Override // org.webswing.server.services.config.ConfigurationChangeListener
            public void onConfigChanged(ConfigurationChangeEvent configurationChangeEvent) {
                if ("/".equals(configurationChangeEvent.getPath())) {
                    GlobalUrlHandler.this.initConfiguration();
                    return;
                }
                SwingInstanceManager swingInstanceManager = (SwingInstanceManager) GlobalUrlHandler.this.instanceManagers.get(configurationChangeEvent.getPath());
                if (swingInstanceManager == null) {
                    GlobalUrlHandler.this.installApplication(configurationChangeEvent.getNewConfig()).init();
                } else if (swingInstanceManager.isEnabled()) {
                    swingInstanceManager.initConfiguration();
                }
            }

            @Override // org.webswing.server.services.config.ConfigurationChangeListener
            public void onConfigDeleted(ConfigurationChangeEvent configurationChangeEvent) {
                if ("/".equals(configurationChangeEvent.getPath())) {
                    GlobalUrlHandler.this.initConfiguration();
                    return;
                }
                SwingInstanceManager swingInstanceManager = (SwingInstanceManager) GlobalUrlHandler.this.instanceManagers.get(configurationChangeEvent.getPath());
                if (swingInstanceManager != null) {
                    GlobalUrlHandler.this.uninstallApplication(swingInstanceManager);
                }
            }
        };
        this.websocket = webSocketService;
        this.configService = configurationService;
        this.appFactory = swingInstanceManagerService;
        this.resourceService = resourceHandlerService;
        this.loginService = loginHandlerService;
        this.servletContext = servletContext;
    }

    @Override // org.webswing.server.base.PrimaryUrlHandler, org.webswing.server.base.AbstractUrlHandler, org.webswing.server.base.UrlHandler
    public void init() {
        registerChildUrlHandler(this.websocket.createPlaybackWebSocketHandler(this));
        registerChildUrlHandler(this.loginService.createLoginHandler(this));
        registerChildUrlHandler(this.loginService.createLogoutHandler(this));
        registerChildUrlHandler(this.resourceService.create(this, this));
        loadApplications();
        super.init();
        this.configService.registerChangeListener(this.changeListener);
        if (!InstanceManagerStatus.Status.Running.equals(getStatus().getStatus())) {
            throw new RuntimeException("Failed to start primary handler.");
        }
    }

    @Override // org.webswing.server.base.PrimaryUrlHandler, org.webswing.server.base.AbstractUrlHandler, org.webswing.server.base.UrlHandler
    public void destroy() {
        this.configService.removeChangeListener(this.changeListener);
        this.instanceManagers.clear();
        super.destroy();
    }

    @Override // org.webswing.server.base.PrimaryUrlHandler, org.webswing.server.base.AbstractUrlHandler, org.webswing.server.base.UrlHandler
    public boolean serve(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            setSecurityHeaders(httpServletRequest, httpServletResponse);
            if (super.serve(httpServletRequest, httpServletResponse)) {
                return true;
            }
            throw new WsException("Not Found.", 404);
        } catch (Exception e) {
            handleException(e, httpServletRequest, httpServletResponse);
            return true;
        }
    }

    private void setSecurityHeaders(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        httpServletResponse.addHeader("Server", SERVERNAME);
        if (Boolean.getBoolean(Constants.DISABLE_HTTP_SECURITY_HEADERS)) {
            return;
        }
        httpServletResponse.addHeader(HttpHeaders.X_FRAME_OPTIONS, "SAMEORIGIN");
        httpServletResponse.addHeader(HttpHeaders.X_CONTENT_TYPE_OPTIONS, "nosniff");
        httpServletResponse.addHeader(HttpHeaders.X_XSS_PROTECTION, "1; mode=block");
        httpServletResponse.addHeader(HttpHeaders.REFERRER_POLICY, HttpHeaders.ReferrerPolicyValues.STRICT_ORIGIN_WHEN_CROSS_ORIGIN);
        if (StringUtils.equalsIgnoreCase(httpServletRequest.getScheme(), "https")) {
            httpServletResponse.addHeader(HttpHeaders.STRICT_TRANSPORT_SECURITY, "1; mode=block");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.webswing.server.base.PrimaryUrlHandler
    public WebswingSecurityConfig getSecurityConfig() {
        log.info("Loading master security module.(" + getConfig().getSecurity() + ").");
        WebswingSecurityConfig securityConfig = super.getSecurityConfig();
        if (BuiltInModules.INHERITED.name().equals(securityConfig.getModule())) {
            log.error("Master security module INHERITED is not valid. Falling back to default module PROPERTY_FILE.");
            SecuredPathConfig config = getConfig();
            config.getSecurity().put("module", BuiltInModules.PROPERTY_FILE.name());
            securityConfig = (WebswingSecurityConfig) config.getValueAs("security", WebswingSecurityConfig.class);
        }
        return securityConfig;
    }

    public void loadApplications() {
        log.info("Loading configured Applications.");
        synchronized (this.instanceManagers) {
            for (String str : this.configService.getPaths()) {
                SecuredPathConfig configuration = this.configService.getConfiguration(str);
                String path = toPath(str);
                if (!toPath("/").equals(path)) {
                    if (this.instanceManagers.get(path) == null) {
                        installApplication(configuration);
                    } else {
                        log.error("Application with path '" + path + "' already exists! Application skipped.", (Throwable) new IllegalStateException("Invalid Application configuration."));
                    }
                }
            }
        }
    }

    public SwingInstanceManager installApplication(SecuredPathConfig securedPathConfig) {
        log.info("Installing application " + securedPathConfig.getPath());
        SwingInstanceManager createApp = this.appFactory.createApp(this, securedPathConfig.getPath());
        registerFirstChildUrlHandler(createApp);
        return createApp;
    }

    public void uninstallApplication(SwingInstanceManager swingInstanceManager) {
        log.info("Removing application " + swingInstanceManager.getPathMapping());
        swingInstanceManager.destroy();
        removeChildUrlHandler(swingInstanceManager);
    }

    private void handleException(Exception exc, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        log.debug("Failed to process request. " + httpServletRequest.getPathInfo(), (Throwable) exc);
        try {
            if (!(exc instanceof WsException)) {
                log.error("Failed to process request. " + httpServletRequest.getPathInfo(), (Throwable) exc);
                if (!httpServletResponse.isCommitted()) {
                    httpServletResponse.setStatus(500);
                    exc.printStackTrace(new PrintStream(httpServletResponse.getOutputStream()));
                }
            } else if (!httpServletResponse.isCommitted()) {
                WsException wsException = (WsException) exc;
                httpServletResponse.sendError(wsException.getReponseCode(), wsException.getLocalizedMessage());
            }
        } catch (IOException e) {
            log.error("Failed send error response to client. ");
        }
    }

    @Override // org.webswing.server.base.AbstractUrlHandler, org.webswing.server.base.UrlHandler
    public void registerFirstChildUrlHandler(UrlHandler urlHandler) {
        super.registerFirstChildUrlHandler(urlHandler);
        if (urlHandler instanceof SwingInstanceManager) {
            synchronized (this.instanceManagers) {
                SwingInstanceManager swingInstanceManager = (SwingInstanceManager) urlHandler;
                this.instanceManagers.put(swingInstanceManager.getPathMapping(), swingInstanceManager);
            }
        }
    }

    @Override // org.webswing.server.base.AbstractUrlHandler, org.webswing.server.base.UrlHandler
    public void registerChildUrlHandler(UrlHandler urlHandler) {
        super.registerChildUrlHandler(urlHandler);
        if (urlHandler instanceof SwingInstanceManager) {
            synchronized (this.instanceManagers) {
                SwingInstanceManager swingInstanceManager = (SwingInstanceManager) urlHandler;
                this.instanceManagers.put(swingInstanceManager.getPathMapping(), swingInstanceManager);
            }
        }
    }

    @Override // org.webswing.server.base.AbstractUrlHandler, org.webswing.server.base.UrlHandler
    public void removeChildUrlHandler(UrlHandler urlHandler) {
        super.removeChildUrlHandler(urlHandler);
        if (urlHandler instanceof SwingInstanceManager) {
            synchronized (this.instanceManagers) {
                SwingInstanceManager swingInstanceManager = (SwingInstanceManager) urlHandler;
                this.instanceManagers.remove(swingInstanceManager.getPathMapping(), swingInstanceManager);
            }
        }
    }

    @Override // org.webswing.server.base.AbstractUrlHandler
    protected String getPath() {
        return "";
    }

    public void setServletContext(ServletContext servletContext) {
        this.servletContext = servletContext;
    }

    @Override // org.webswing.server.base.AbstractUrlHandler, org.webswing.server.base.UrlHandler
    public ServletContext getServletContext() {
        return this.servletContext;
    }

    @Override // org.webswing.server.services.swingmanager.SwingInstanceHolder
    public SwingInstance findInstanceBySessionId(String str) {
        synchronized (this.instanceManagers) {
            Iterator<SwingInstanceManager> it = this.instanceManagers.values().iterator();
            while (it.hasNext()) {
                SwingInstance findInstanceBySessionId = it.next().findInstanceBySessionId(str);
                if (findInstanceBySessionId != null) {
                    return findInstanceBySessionId;
                }
            }
            return null;
        }
    }

    @Override // org.webswing.server.services.swingmanager.SwingInstanceHolder
    public SwingInstance findInstanceByClientId(String str) {
        synchronized (this.instanceManagers) {
            Iterator<SwingInstanceManager> it = this.instanceManagers.values().iterator();
            while (it.hasNext()) {
                SwingInstance findInstanceByClientId = it.next().findInstanceByClientId(str);
                if (findInstanceByClientId != null) {
                    return findInstanceByClientId;
                }
            }
            return null;
        }
    }

    @Override // org.webswing.server.services.swingmanager.SwingInstanceHolder
    public List<SwingInstance> getAllInstances() {
        ArrayList arrayList = new ArrayList();
        synchronized (this.instanceManagers) {
            Iterator<SwingInstanceManager> it = this.instanceManagers.values().iterator();
            while (it.hasNext()) {
                arrayList.addAll(it.next().getAllInstances());
            }
        }
        return arrayList;
    }

    @Override // org.webswing.server.services.swingmanager.SwingInstanceHolder
    public List<SwingInstance> getAllClosedInstances() {
        ArrayList arrayList = new ArrayList();
        synchronized (this.instanceManagers) {
            Iterator<SwingInstanceManager> it = this.instanceManagers.values().iterator();
            while (it.hasNext()) {
                arrayList.addAll(it.next().getAllClosedInstances());
            }
        }
        return arrayList;
    }

    @Override // org.webswing.server.services.swingmanager.SwingInstanceHolder
    public List<SwingInstanceManager> getApplications() {
        ArrayList arrayList = new ArrayList();
        synchronized (this.instanceManagers) {
            arrayList.addAll(this.instanceManagers.values());
        }
        return arrayList;
    }

    @Override // org.webswing.server.base.PrimaryUrlHandler, org.webswing.server.common.model.meta.ConfigContext
    public URL getWebResource(String str) {
        if (!isCustomIndexPage() && StringUtils.equals("/index.html", toPath(str))) {
            str = System.getProperty(Constants.DEFAULT_WELCOME_PAGE, "/selector/index.html");
        }
        return super.getWebResource(str);
    }

    private boolean isCustomIndexPage() {
        String webFolder = getConfig().getWebFolder();
        if (StringUtils.isBlank(webFolder)) {
            return false;
        }
        File resolveFile = resolveFile(webFolder);
        return resolveFile.isDirectory() && new File(resolveFile, "index.html").isFile();
    }

    @GET
    @Path("/apps")
    public List<ApplicationInfoMsg> getApplicationInfo(HttpServletRequest httpServletRequest) throws WsException {
        ApplicationInfoMsg applicationInfoMsg;
        checkMasterPermission(WebswingAction.rest_getApps);
        ArrayList arrayList = new ArrayList();
        for (SwingInstanceManager swingInstanceManager : getApplications()) {
            if (swingInstanceManager.isEnabled() && swingInstanceManager.isUserAuthorized() && (applicationInfoMsg = swingInstanceManager.getApplicationInfoMsg()) != null) {
                arrayList.add(applicationInfoMsg);
            }
        }
        return arrayList;
    }

    @GET
    @Path("/info")
    public ApplicationInfo getApplicationInfo() throws WsException {
        checkPermission(WebswingAction.rest_getAppInfo);
        ApplicationInfo applicationInfo = new ApplicationInfo();
        applicationInfo.setPath(getPathMapping());
        applicationInfo.setEnabled(isEnabled());
        applicationInfo.setUrl(getFullPathMapping());
        applicationInfo.setName("Server");
        applicationInfo.setIcon(CommonUtil.loadImage(resolveFile(getConfig().getIcon())));
        applicationInfo.setConfig(getConfig());
        applicationInfo.setVariables(this.varSubs.getVariableMap());
        applicationInfo.setStatus(getStatus());
        return applicationInfo;
    }

    @GET
    @Path("/rest/paths")
    public List<String> getPaths(HttpServletRequest httpServletRequest) throws WsException {
        checkPermission(WebswingAction.rest_getPaths);
        ArrayList arrayList = new ArrayList();
        Iterator<SwingInstanceManager> it = getApplications().iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getFullPathMapping());
        }
        return arrayList;
    }

    @Override // org.webswing.server.base.PrimaryUrlHandler
    @GET
    @Path("/rest/version")
    public String getVersion() throws WsException {
        return super.getVersion();
    }

    @Override // org.webswing.server.base.PrimaryUrlHandler
    @GET
    @Path("/rest/config")
    public MetaObject getConfigMeta() throws WsException {
        return super.getConfigMeta();
    }

    @GET
    @Path("/rest/remove")
    public void removeSwingApp(@PathParam("") String str) throws Exception {
        checkMasterPermission(WebswingAction.rest_removeApp);
        if (StringUtils.isEmpty(str)) {
            throw new WsException("Unable to remove App '" + str + "'", 400);
        }
        SwingInstanceManager swingInstanceManager = this.instanceManagers.get(str);
        if (swingInstanceManager != null) {
            if (swingInstanceManager.isEnabled()) {
                throw new WsException("Unable to Remove App '" + str + "' while running. Stop the app first");
            }
            this.configService.removeConfiguration(str);
        }
    }

    @GET
    @Path("/rest/create")
    public void createSwingApp(@PathParam("") String str) throws Exception {
        checkMasterPermission(WebswingAction.rest_createApp);
        if (StringUtils.isEmpty(str)) {
            throw new WsException("Unable to create App '" + str + "'", 400);
        }
        if (this.instanceManagers.get(str) != null) {
            throw new WsException("Unable to Create App '" + str + "'. Application already exits.");
        }
        HashMap hashMap = new HashMap();
        hashMap.put("enabled", false);
        this.configService.setConfiguration(str, hashMap);
        this.configService.setConfiguration(str, null);
    }

    @POST
    @Path("/rest/config")
    public void saveConfig(Map<String, Object> map) throws Exception {
        checkMasterPermission(WebswingAction.rest_setConfig);
        map.put(ClientCookie.PATH_ATTR, "/");
        this.configService.setConfiguration("/", map);
    }

    @Override // org.webswing.server.base.PrimaryUrlHandler
    @GET
    @Path("/rest/permissions")
    public Map<String, Boolean> getPermissions() throws Exception {
        Map<String, Boolean> permissions = super.getPermissions();
        boolean isMultiApplicationMode = this.configService.isMultiApplicationMode();
        permissions.put("start", Boolean.valueOf(isMasterPermited(WebswingAction.rest_getPaths, WebswingAction.rest_getAppInfo, WebswingAction.rest_startApp)));
        permissions.put("stop", Boolean.valueOf(isMasterPermited(WebswingAction.rest_getPaths, WebswingAction.rest_getAppInfo, WebswingAction.rest_stopApp)));
        permissions.put("remove", Boolean.valueOf(isMultiApplicationMode && isMasterPermited(WebswingAction.rest_getPaths, WebswingAction.rest_getAppInfo, WebswingAction.rest_removeApp)));
        permissions.put("create", Boolean.valueOf(isMultiApplicationMode && isMasterPermited(WebswingAction.rest_getPaths, WebswingAction.rest_getAppInfo, WebswingAction.rest_createApp)));
        permissions.put("configEdit", Boolean.valueOf(isMasterPermited(WebswingAction.rest_getPaths, WebswingAction.rest_getAppInfo, WebswingAction.rest_getConfig, WebswingAction.rest_setConfig)));
        permissions.put("logsView", Boolean.valueOf(isMasterPermited(WebswingAction.rest_viewLogs)));
        return permissions;
    }

    @Override // org.webswing.server.base.PrimaryUrlHandler
    @POST
    @Path("/rest/metaConfig")
    public MetaObject getMeta(Map<String, Object> map) throws WsException {
        return super.getMeta(map);
    }

    @Override // org.webswing.server.base.PrimaryUrlHandler
    @GET
    @Path("/rest/variables")
    public Map<String, String> getVariables(@PathParam("") String str) throws WsException {
        return super.getVariables(str);
    }

    @POST
    @Path("/rest/logs")
    public LogResponse getLogs(@PathParam("") String str, LogRequest logRequest) throws WsException {
        checkMasterPermission(WebswingAction.rest_viewLogs);
        if (str.startsWith("/")) {
            str = str.substring(1);
        }
        return LogReaderUtil.readLog(str, logRequest);
    }

    @GET
    @Path("/rest/logs")
    public InputStream downloadLog(@PathParam("") String str) throws WsException {
        checkMasterPermission(WebswingAction.rest_viewLogs);
        if (str.startsWith("/")) {
            str = str.substring(1);
        }
        return LogReaderUtil.getZippedLog(str);
    }

    @Override // org.webswing.server.base.PrimaryUrlHandler
    @GET
    @Path("/rest/CSRFToken")
    public String generateCsrfToken() throws WsException {
        checkPermissionLocalOrMaster(WebswingAction.rest_getApps);
        return super.generateCsrfToken();
    }
}
