package org.webswing.server.base;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.lang.annotation.Annotation;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.lang.reflect.Parameter;
import java.util.Iterator;
import java.util.LinkedList;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.QueryParam;
import org.apache.commons.io.IOUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.webswing.server.common.util.CommonUtil;
import org.webswing.server.common.util.WebswingObjectMapper;
import org.webswing.server.model.exception.WsException;
import org.webswing.server.services.security.SecurableService;
import org.webswing.server.services.security.api.AbstractWebswingUser;
import org.webswing.server.services.security.api.WebswingAction;
import org.webswing.server.services.security.login.SecuredPathHandler;
import org.webswing.server.util.SecurityUtil;
import org.webswing.server.util.ServerUtil;

/* loaded from: input_file:WEB-INF/classes/org/webswing/server/base/AbstractUrlHandler.class */
public abstract class AbstractUrlHandler implements UrlHandler, SecurableService {
    private static final Logger log = LoggerFactory.getLogger(AbstractUrlHandler.class);
    private static final String GET = "GET";
    private static final String PUT = "PUT";
    private static final String POST = "POST";
    private static final String DELETE = "DELETE";
    private final UrlHandler parent;
    private final LinkedList<UrlHandler> childHandlers = new LinkedList<>();

    public AbstractUrlHandler(UrlHandler urlHandler) {
        this.parent = urlHandler;
    }

    @Override // org.webswing.server.base.UrlHandler
    public void init() {
        synchronized (this.childHandlers) {
            Iterator<UrlHandler> it = this.childHandlers.iterator();
            while (it.hasNext()) {
                UrlHandler next = it.next();
                try {
                    next.init();
                } catch (Exception e) {
                    log.error("Failed to initialize child handler: " + next.getClass().getName(), (Throwable) e);
                }
            }
        }
    }

    @Override // org.webswing.server.base.UrlHandler
    public void destroy() {
        synchronized (this.childHandlers) {
            Iterator<UrlHandler> it = this.childHandlers.iterator();
            while (it.hasNext()) {
                UrlHandler next = it.next();
                try {
                    next.destroy();
                } catch (Exception e) {
                    log.error("Failed to destroy child handler: " + next.getClass().getName(), (Throwable) e);
                }
            }
            this.childHandlers.clear();
        }
    }

    @Override // org.webswing.server.base.UrlHandler
    public boolean serve(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws WsException {
        String pathInfo = getPathInfo(httpServletRequest);
        for (UrlHandler urlHandler : new LinkedList(this.childHandlers)) {
            if (isSubPath(toPath(urlHandler.getPathMapping()), pathInfo) && urlHandler.serve(httpServletRequest, httpServletResponse)) {
                return true;
            }
        }
        return serveRestMethod(httpServletRequest, httpServletResponse);
    }

    protected boolean serveRestMethod(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws WsException {
        Object obj;
        Method findRestHandlerMethod = findRestHandlerMethod(httpServletRequest.getMethod(), getPathInfo(httpServletRequest));
        if (findRestHandlerMethod == null) {
            return false;
        }
        findRestHandlerMethod.setAccessible(true);
        try {
            obj = findRestHandlerMethod.invoke(this, resolveRestParameters(findRestHandlerMethod, httpServletRequest));
        } catch (InvocationTargetException e) {
            obj = e.getTargetException();
        } catch (Exception e2) {
            obj = e2;
        }
        try {
            writeRestResponse(findRestHandlerMethod, httpServletRequest, httpServletResponse, obj);
            return true;
        } catch (WsException e3) {
            throw e3;
        }
    }

    @Override // org.webswing.server.services.security.SecurableService
    public Object secureServe(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws WsException {
        return Boolean.valueOf(serve(httpServletRequest, httpServletResponse));
    }

    @Override // org.webswing.server.base.UrlHandler
    public String getFullPathMapping() {
        String str;
        String path = toPath(getPathMapping());
        if (this.parent != null) {
            str = this.parent.getFullPathMapping() + path;
        } else {
            str = ServerUtil.getContextPath(getServletContext()) + path;
        }
        return str;
    }

    public String getPathInfo(HttpServletRequest httpServletRequest) {
        String fullPathMapping = getFullPathMapping();
        String path = toPath(ServerUtil.getContextPath(getServletContext()) + httpServletRequest.getPathInfo());
        return isSubPath(fullPathMapping, path) ? toPath(path.substring(fullPathMapping.length())) : "/";
    }

    protected abstract String getPath();

    @Override // org.webswing.server.base.UrlHandler
    public String getPathMapping() {
        return toPath(getPath());
    }

    public boolean isSubPath(String str, String str2) {
        return CommonUtil.isSubPath(str, str2);
    }

    public static String toPath(String str) {
        return CommonUtil.toPath(str);
    }

    @Override // org.webswing.server.base.UrlHandler
    public void registerFirstChildUrlHandler(UrlHandler urlHandler) {
        this.childHandlers.addFirst(urlHandler);
    }

    @Override // org.webswing.server.base.UrlHandler
    public void registerChildUrlHandler(UrlHandler urlHandler) {
        this.childHandlers.add(urlHandler);
    }

    @Override // org.webswing.server.base.UrlHandler
    public void removeChildUrlHandler(UrlHandler urlHandler) {
        if (this.childHandlers.contains(urlHandler)) {
            this.childHandlers.remove(urlHandler);
            urlHandler.destroy();
        }
    }

    @Override // org.webswing.server.base.UrlHandler
    public ServletContext getServletContext() {
        return this.parent.getServletContext();
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.webswing.server.base.UrlHandler
    public String getSecuredPath() {
        if ((!SecuredPathHandler.class.isAssignableFrom(getClass()) || ((SecuredPathHandler) this).get() == null) && this.parent != null) {
            return this.parent.getSecuredPath();
        }
        return getFullPathMapping();
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.webswing.server.base.UrlHandler
    public SecuredPathHandler getSecurityProvider() {
        if (SecuredPathHandler.class.isAssignableFrom(getClass())) {
            SecuredPathHandler securedPathHandler = (SecuredPathHandler) this;
            if (securedPathHandler.get() != null) {
                return securedPathHandler;
            }
        }
        return this.parent == null ? (SecuredPathHandler) this : this.parent.getSecurityProvider();
    }

    @Override // org.webswing.server.base.UrlHandler
    public long getLastModified(HttpServletRequest httpServletRequest) {
        return -1L;
    }

    @Override // org.webswing.server.base.UrlHandler
    public AbstractWebswingUser getUser() {
        return SecurityUtil.getUser(this);
    }

    public AbstractWebswingUser getMasterUser() {
        return SecurityUtil.getUser(getRootHandler().getSecuredPath());
    }

    @Override // org.webswing.server.base.UrlHandler
    public UrlHandler getRootHandler() {
        return this.parent != null ? this.parent.getRootHandler() : this;
    }

    @Override // org.webswing.server.base.UrlHandler
    public void checkPermission(WebswingAction webswingAction) throws WsException {
        checkPermission(getUser(), webswingAction);
    }

    @Override // org.webswing.server.base.UrlHandler
    public void checkMasterPermission(WebswingAction webswingAction) throws WsException {
        checkPermission(getMasterUser(), webswingAction);
    }

    public void checkPermissionLocalOrMaster(WebswingAction webswingAction) throws WsException {
        try {
            checkPermission(webswingAction);
        } catch (WsException e) {
            checkMasterPermission(webswingAction);
        }
    }

    private void checkPermission(AbstractWebswingUser abstractWebswingUser, WebswingAction webswingAction) throws WsException {
        if (abstractWebswingUser == null || !abstractWebswingUser.isPermitted(webswingAction.name())) {
            throw new WsException("User '" + abstractWebswingUser + "' is not allowed to execute action '" + webswingAction + "'", 401);
        }
    }

    private Method findRestHandlerMethod(String str, String str2) {
        Path path;
        Class<? extends Annotation> httpMethod2RestAnnotation = httpMethod2RestAnnotation(str);
        Method method = null;
        if (httpMethod2RestAnnotation != null) {
            int length = str2.length();
            for (Method method2 : getClass().getDeclaredMethods()) {
                if (method2.getAnnotation(httpMethod2RestAnnotation) != null && (path = (Path) method2.getAnnotation(Path.class)) != null && isSubPath(path.value(), str2) && str2.length() - path.value().length() < length) {
                    method = method2;
                    length = str2.length() - path.value().length();
                }
            }
        }
        return method;
    }

    private static Class<? extends Annotation> httpMethod2RestAnnotation(String str) {
        if (str.equals("GET")) {
            return GET.class;
        }
        if (str.equals("PUT")) {
            return PUT.class;
        }
        if (str.equals("POST")) {
            return POST.class;
        }
        if (str.equals("DELETE")) {
            return DELETE.class;
        }
        return null;
    }

    private Object[] resolveRestParameters(Method method, HttpServletRequest httpServletRequest) {
        Object[] objArr = new Object[method.getParameterCount()];
        Parameter[] parameters = method.getParameters();
        for (int i = 0; i < parameters.length; i++) {
            if (parameters[i].getType().isAssignableFrom(HttpServletRequest.class)) {
                objArr[i] = httpServletRequest;
            } else {
                QueryParam queryParam = (QueryParam) parameters[i].getAnnotation(QueryParam.class);
                if (queryParam != null) {
                    objArr[i] = httpServletRequest.getParameter(queryParam.value());
                } else if (parameters[i].getAnnotation(PathParam.class) != null && String.class.isAssignableFrom(parameters[i].getType())) {
                    objArr[i] = getPathInfo(httpServletRequest).substring(((Path) method.getAnnotation(Path.class)).value().length());
                } else if (String.class.isAssignableFrom(parameters[i].getType())) {
                    try {
                        objArr[i] = IOUtils.toString(httpServletRequest.getReader());
                    } catch (IOException e) {
                        objArr[i] = null;
                    }
                } else {
                    try {
                        objArr[i] = WebswingObjectMapper.get().readValue(IOUtils.toString(httpServletRequest.getReader()), parameters[i].getType());
                    } catch (IOException e2) {
                        objArr[i] = null;
                    }
                }
            }
        }
        return objArr;
    }

    private void writeRestResponse(Method method, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws WsException {
        if (obj != null && (obj instanceof Throwable)) {
            if (obj instanceof WsException) {
                throw ((WsException) obj);
            }
            log.error("Invocation of REST method failed.", (Throwable) obj);
            throw new WsException("Invocation of REST method failed.", 500);
        }
        httpServletResponse.setStatus(200);
        httpServletResponse.setHeader("Cache-Control", "no-store, must-revalidate");
        httpServletResponse.setHeader("Expires", "0");
        if (method.getReturnType().equals(Void.TYPE) || obj == null) {
            return;
        }
        try {
            if (method.getReturnType().equals(String.class)) {
                IOUtils.write(obj.toString(), (OutputStream) httpServletResponse.getOutputStream());
            } else if (method.getReturnType().equals(InputStream.class)) {
                IOUtils.copy((InputStream) obj, httpServletResponse.getOutputStream());
            } else {
                WebswingObjectMapper.get().writerWithDefaultPrettyPrinter().writeValue(httpServletResponse.getOutputStream(), obj);
            }
        } catch (Exception e) {
            log.error("Failed to serialize REST execution result." + httpServletRequest.getRequestURI(), (Throwable) e);
            throw new WsException("Serializing of REST result failed.", 500);
        }
    }
}
