package com.edulib.muse.proxy.handler.web.context.root;

import com.edulib.ice.security.ICESubject;
import com.edulib.muse.proxy.authentication.AuthenticationResult;
import com.edulib.muse.proxy.authentication.jaas.Authenticator;
import com.edulib.muse.proxy.authentication.jaas.RequestHandlerAuthenticatorProxy;
import com.edulib.muse.proxy.core.Handler;
import com.edulib.muse.proxy.core.MuseProxy;
import com.edulib.muse.proxy.core.Reply;
import com.edulib.muse.proxy.core.Request;
import com.edulib.muse.proxy.handler.web.context.WebContext;
import com.edulib.muse.proxy.handler.web.context.WebContextAuthentication;
import com.edulib.muse.proxy.handler.web.context.WebContextAuthenticationFactory;
import com.edulib.muse.proxy.handler.web.context.WebContextFileSetType;
import com.edulib.muse.proxy.handler.web.context.WebModule;
import com.edulib.muse.proxy.handler.web.context.root.actions.impl.RootActionGetResource;
import com.edulib.muse.proxy.handler.web.parameters.HttpRequestParametersParser;
import com.edulib.muse.proxy.handler.web.parameters.RequestParameters;
import com.edulib.muse.proxy.jmx.ProxyMBeanUtil;
import com.edulib.muse.proxy.util.MuseProxyServerUtils;
import com.edulib.muse.proxy.util.serial.MuseProxySerialLimitReachedException;
import java.io.File;
import java.util.List;
import java.util.Map;
import javax.management.MBeanServer;

/* loaded from: input_file:install/data/c209c5bada6eba92aa597d306a6100b8/2.1.0.1/assembly.dat:af19655828940eb48f353d7110581e68/museproxy.jar:com/edulib/muse/proxy/handler/web/context/root/WebModuleRoot.class */
public class WebModuleRoot extends WebModule implements WebModuleRootMBean {
    RequestParameters requestParameters;
    private String jaasContext;
    private String jaasUserGroup;
    private String defaultJaasUserName;
    public static String DO_NOT_EXTEND_AUTHENTICATION_PARAMETER_NAME = "doNotExtendAuthentication";
    private String webContextIdentifier;
    String action;

    public WebModuleRoot(WebContext webContext) {
        super(webContext);
        this.requestParameters = null;
        this.defaultJaasUserName = null;
        this.webContextIdentifier = "";
        this.action = null;
        setWebModuleLoaderXml(new WebModuleRootLoaderXml(this));
        if (webContext != null) {
            this.webContextIdentifier = webContext.getIdentifier();
        }
    }

    @Override // com.edulib.muse.proxy.handler.web.context.WebModule
    protected void process() throws Exception {
        try {
        } catch (Throwable th) {
            this.reply = constructHttpErrorReplyUsingFreemarker(500, getCorrectedErrorMessage(th));
        }
        if ("http".equals(MuseProxyServerUtils.getProtocolForRequest(this.handledRequest)) && !Boolean.valueOf(MuseProxy.getOptions().getRawString("PORT_ENABLED")).booleanValue() && Boolean.valueOf(MuseProxy.getOptions().getRawString("SSL_PORT_ENABLED")).booleanValue()) {
            this.reply = constructHttpsRedirectReply();
            getParentHandler().setReply(this.reply);
            markReplyForSending(this.reply);
            return;
        }
        this.requestParameters = parseParameters();
        this.action = (String) this.requestParameters.getParameterFirstValue("action");
        this.reply = constructReply();
        if (this.reply != null) {
            getParentHandler().setReply(this.reply);
            markReplyForSending(this.reply);
        }
    }

    private Reply constructReply() {
        Reply constructNotFoundErrorReplyUsingFreemarker;
        Map<String, List<String>> parameters;
        Reply reply = null;
        boolean z = false;
        try {
            if (shouldNotExtendAuthentication(this.handledRequest)) {
                z = true;
                removeDoNotExtendAuthenticationRequestParameter(this.handledRequest);
                this.requestRelativePath = getURLFileRelativeToWebModuleRootPath(this.handledRequest.getPath());
            }
        } catch (Throwable th) {
            Handler handler = this.handledRequest.getHandler();
            MuseProxy.log(1, this, "[connection.id=" + (handler != null ? handler.getId() : "") + "] " + MuseProxyServerUtils.getStackTrace(th));
        }
        File file = null;
        WebContextFileSetType webContextFileSetType = null;
        if (0 == 0) {
            file = getResourceFile(this.requestRelativePath);
            if (file != null) {
                webContextFileSetType = this.parentWebContext.getFileSetTypeForResource(this.requestRelativePath);
            }
        }
        if (file != null && webContextFileSetType != null) {
            if (WebContextFileSetType.PUBLIC.equals(webContextFileSetType)) {
                reply = constructResourceReplyUsingFreemarker(file);
            } else if (WebContextFileSetType.PRIVATE.equals(webContextFileSetType)) {
                MuseProxy.log(4, this, "[connection.id=" + getParentHandler().getId() + "][application.id=" + this.webContextIdentifier + "] The resource requested \"" + file + "\" was found, but it was not served because it is a private resource. Returned a \"Not Found\" response instead.");
                reply = constructNotFoundErrorReplyUsingFreemarker(normalizeNotFoundPath(this.requestRelativePath));
            }
        }
        if (reply != null) {
            return reply;
        }
        boolean z2 = true;
        if (!isValidResourceFile(constructResourceFile(this.requestRelativePath))) {
            String url = this.handledRequest.getURL();
            if (url == null) {
                url = "";
            }
            if (!url.equals(this.rootPath) && !url.equals(this.rootPath + "/") && ((parameters = this.handledRequest.getParameters(false)) == null || parameters.size() == 0)) {
                z2 = false;
            }
        }
        if (!z2) {
            return constructNotFoundErrorReplyUsingFreemarker(this.handledRequest.getURL());
        }
        if (file != null && webContextFileSetType != null) {
            RequestHandlerAuthenticatorProxy.RequestHandlerAuthenticationResult verifyRequestAuthentication = verifyRequestAuthentication(!z);
            if (WebContextFileSetType.AUTHENTICATED.equals(webContextFileSetType) && verifyRequestAuthentication == RequestHandlerAuthenticatorProxy.RequestHandlerAuthenticationResult.SUCCESS) {
                try {
                    validateClientSession();
                } catch (MuseProxySerialLimitReachedException e) {
                    MuseProxy.log(1, this, "[connection.id=" + getParentHandlerId() + "] " + e.getMessage() + " Returning a \"404 Not Found\" response to Client.");
                    constructNotFoundErrorReplyUsingFreemarker(this.handledRequest.getURL());
                }
                return constructResourceReplyUsingFreemarker(file);
            }
        }
        if (this.action != null && "getResource".equals(this.action)) {
            MuseProxy.log(4, this, "[connection.id=" + getParentHandler().getId() + "][application.id=" + this.webContextIdentifier + "] Handle \"getResource\" action.");
            return handleGetResource(null, !z, null);
        }
        if (this.action == null && this.requestRelativePath != null && !this.requestRelativePath.equals("/")) {
            return constructNotFoundErrorReplyUsingFreemarker(this.handledRequest.getPath());
        }
        RequestHandlerAuthenticatorProxy.RequestHandlerAuthenticationResult verifyRequestAuthentication2 = verifyRequestAuthentication(!z);
        if (verifyRequestAuthentication2 != null && RequestHandlerAuthenticatorProxy.RequestHandlerAuthenticationResult.SUCCESS.equals(verifyRequestAuthentication2)) {
            try {
                validateClientSession();
            } catch (MuseProxySerialLimitReachedException e2) {
                MuseProxy.log(1, this, "[connection.id=" + getParentHandlerId() + "] " + e2.getMessage() + " Returning a \"404 Not Found\" response to Client.");
                return constructNotFoundErrorReplyUsingFreemarker(this.handledRequest.getURL());
            }
        }
        if (this.action == null) {
            MuseProxy.log(4, this, "[connection.id=" + getParentHandler().getId() + "] Handle \"getResource\" action.");
            if (verifyRequestAuthentication2 == RequestHandlerAuthenticatorProxy.RequestHandlerAuthenticationResult.SUCCESS) {
                constructNotFoundErrorReplyUsingFreemarker = handleGetResource(verifyRequestAuthentication2, !z, RootConstants.AUTHENTICATED_INDEX_FILE_RELATIVE_PATH);
            } else {
                constructNotFoundErrorReplyUsingFreemarker = handleGetResource(verifyRequestAuthentication2, !z, RootConstants.NOT_AUTHENTICATED_INDEX_FILE_RELATIVE_PATH);
            }
        } else if (this.action.equals("getDocument")) {
            MuseProxy.log(4, this, "[connection.id=" + getParentHandler().getId() + "] Handle \"getDocument\" action.");
            constructNotFoundErrorReplyUsingFreemarker = handleGetDocument(verifyRequestAuthentication2, !z);
        } else {
            MuseProxy.log(4, this, "[connection.id=" + getParentHandler().getId() + "] The action: \"" + this.action + "\" is not defined.");
            constructNotFoundErrorReplyUsingFreemarker = constructNotFoundErrorReplyUsingFreemarker(this.handledRequest.getURL());
        }
        return constructNotFoundErrorReplyUsingFreemarker;
    }

    private Reply handleGetResource(RequestHandlerAuthenticatorProxy.RequestHandlerAuthenticationResult requestHandlerAuthenticationResult, boolean z, String str) {
        if (str == null) {
            str = (String) this.requestParameters.getParameterFirstValue("resourcePath");
        }
        if (str == null || str.trim().length() == 0) {
            this.reply = constructNotFoundErrorReplyUsingFreemarker(normalizeNotFoundPath(str));
            return this.reply;
        }
        File resourceFile = getResourceFile(str);
        if (resourceFile == null) {
            this.reply = constructNotFoundErrorReplyUsingFreemarker(normalizeNotFoundPath(str));
            return this.reply;
        }
        WebContextFileSetType fileSetTypeForResource = this.parentWebContext.getFileSetTypeForResource(str);
        if (fileSetTypeForResource == null) {
            this.reply = constructNotFoundErrorReplyUsingFreemarker(normalizeNotFoundPath(str));
            return this.reply;
        }
        if (WebContextFileSetType.PUBLIC.equals(fileSetTypeForResource)) {
            try {
                RootActionGetResource rootActionGetResource = new RootActionGetResource(this, resourceFile);
                rootActionGetResource.run();
                this.reply = rootActionGetResource.getReply();
            } catch (Exception e) {
                MuseProxy.log(4, this, "[connection.id=" + getParentHandler().getId() + "] Resource cannot be retrieved: " + e.getMessage());
                MuseProxy.log(4, this, "[connection.id=" + getParentHandler().getId() + "] " + MuseProxyServerUtils.getStackTrace(e));
                this.reply = constructNotFoundErrorReplyUsingFreemarker(normalizeNotFoundPath(str));
            }
            return this.reply;
        }
        if (WebContextFileSetType.PRIVATE.equals(fileSetTypeForResource)) {
            MuseProxy.log(4, this, "[connection.id=" + getParentHandler().getId() + "][application.id=" + this.webContextIdentifier + "] The resource requested \"" + resourceFile + "\" was found, but it was not served because it is a private resource. Returned a \"Not Found\" response instead.");
            this.reply = constructNotFoundErrorReplyUsingFreemarker(normalizeNotFoundPath(str));
            return this.reply;
        }
        if (requestHandlerAuthenticationResult == null) {
            requestHandlerAuthenticationResult = verifyRequestAuthentication(z);
            if (requestHandlerAuthenticationResult != null && RequestHandlerAuthenticatorProxy.RequestHandlerAuthenticationResult.SUCCESS.equals(requestHandlerAuthenticationResult)) {
                try {
                    validateClientSession();
                } catch (MuseProxySerialLimitReachedException e2) {
                    MuseProxy.log(1, this, "[connection.id=" + getParentHandlerId() + "] " + e2.getMessage() + " Returning a \"404 Not Found\" response to Client.");
                    this.reply = constructNotFoundErrorReplyUsingFreemarker(this.handledRequest.getURL());
                    return this.reply;
                }
            }
        }
        if (WebContextFileSetType.AUTHENTICATED.equals(fileSetTypeForResource) && requestHandlerAuthenticationResult == RequestHandlerAuthenticatorProxy.RequestHandlerAuthenticationResult.SUCCESS) {
            try {
                RootActionGetResource rootActionGetResource2 = new RootActionGetResource(this, resourceFile);
                rootActionGetResource2.run();
                this.reply = rootActionGetResource2.getReply();
            } catch (Exception e3) {
                MuseProxy.log(4, this, "[connection.id=" + getParentHandler().getId() + "] Resource cannot be retrieved: " + e3.getMessage());
                MuseProxy.log(4, this, "[connection.id=" + getParentHandler().getId() + "] " + MuseProxyServerUtils.getStackTrace(e3));
                this.reply = constructNotFoundErrorReplyUsingFreemarker(normalizeNotFoundPath(str));
            }
        } else {
            this.reply = constructNotFoundErrorReplyUsingFreemarker(normalizeNotFoundPath(str));
        }
        return this.reply;
    }

    private Reply handleGetDocument(RequestHandlerAuthenticatorProxy.RequestHandlerAuthenticationResult requestHandlerAuthenticationResult, boolean z) {
        String str = (String) this.requestParameters.getParameterFirstValue("resourcePath");
        if (str == null || str.trim().length() == 0) {
            this.reply = constructNotFoundErrorReplyUsingFreemarker(normalizeNotFoundPath(str));
            return this.reply;
        }
        if (str.contains("/")) {
            str = str.substring(str.lastIndexOf("/") + "/".length());
        }
        File file = new File(getParentWebContext().resolveVariables(RootConstants.DOCUMENTS_HOME), str);
        if (!file.exists() || file.isDirectory()) {
            this.reply = constructNotFoundErrorReplyUsingFreemarker(normalizeNotFoundPath(str));
            return this.reply;
        }
        if (requestHandlerAuthenticationResult == null) {
            requestHandlerAuthenticationResult = verifyRequestAuthentication(z);
            if (requestHandlerAuthenticationResult != null && RequestHandlerAuthenticatorProxy.RequestHandlerAuthenticationResult.SUCCESS.equals(requestHandlerAuthenticationResult)) {
                try {
                    validateClientSession();
                } catch (MuseProxySerialLimitReachedException e) {
                    MuseProxy.log(1, this, "[connection.id=" + getParentHandlerId() + "] " + e.getMessage() + " Returning a \"404 Not Found\" response to Client.");
                    this.reply = constructNotFoundErrorReplyUsingFreemarker(this.handledRequest.getURL());
                    return this.reply;
                }
            }
        }
        if (requestHandlerAuthenticationResult == RequestHandlerAuthenticatorProxy.RequestHandlerAuthenticationResult.SUCCESS) {
            this.reply = constructResourceReplyUsingFreemarker(file);
            return this.reply;
        }
        MuseProxy.log(1, this, "[connection.id=" + getParentHandler().getId() + "] The Client is not authenticated and the requested resource can be served only to authenticated clients. Returning a \"404 Not Found\" response to Client.");
        this.reply = constructNotFoundErrorReplyUsingFreemarker(normalizeNotFoundPath(str));
        return this.reply;
    }

    public RequestParameters getRequestParameters() {
        return this.requestParameters;
    }

    private RequestParameters parseParameters() {
        HttpRequestParametersParser httpRequestParametersParser = new HttpRequestParametersParser();
        httpRequestParametersParser.parseParameters(this.handledRequest);
        return httpRequestParametersParser.getRequestParameters();
    }

    public void setJaasContext(String str) {
        this.jaasContext = str;
    }

    public void setJaasUserGroup(String str) {
        this.jaasUserGroup = str;
    }

    @Override // com.edulib.muse.proxy.handler.web.context.root.WebModuleRootMBean
    public String getDefaultJAASUserName() {
        return this.defaultJaasUserName;
    }

    public void setDefaultJaasUserName(String str) {
        this.defaultJaasUserName = str;
    }

    public long getAuthenticationTimeout() {
        return getParentWebContext().getConfiguration().getAuthenticationTimeout();
    }

    @Override // com.edulib.muse.proxy.handler.web.context.WebModule
    public Request getHandledRequest() {
        return this.handledRequest;
    }

    @Override // com.edulib.muse.proxy.handler.web.context.WebModule
    protected WebContextAuthentication authenticateRequest() {
        WebContextAuthentication webContextAuthentication = null;
        String id = getParentHandler() != null ? getParentHandler().getId() : "";
        String str = this.jaasContext;
        String hostAddress = this.handledRequest.getClient().getSocket().getInetAddress().getHostAddress();
        String str2 = this.jaasUserGroup;
        String str3 = "" + this.handledRequest.getPort();
        String str4 = null;
        if (this.defaultJaasUserName != null && this.defaultJaasUserName.length() > 0) {
            str4 = this.defaultJaasUserName;
        }
        if (str4 == null || str4.length() == 0) {
            str4 = str;
        }
        Authenticator authenticator = new Authenticator();
        authenticator.setConnectionId(id);
        authenticator.setJaasContext(str);
        authenticator.setUserName(str4);
        authenticator.setUserAddress(hostAddress);
        authenticator.setUserGroup(str2);
        authenticator.setRemotePort(str3);
        AuthenticationResult authenticateUser = authenticator.authenticateUser();
        if (authenticateUser.isAuthenticated()) {
            ICESubject iCESubject = (ICESubject) authenticateUser.getAuthenticationProperty(AuthenticationResult.AUTHENTICATION_PROPERTY_ICE_SUBJECT);
            WebContext parentWebContext = getParentWebContext();
            webContextAuthentication = WebContextAuthenticationFactory.createWebContextAuthentication(parentWebContext != null ? parentWebContext.getIdentifier() : "", iCESubject);
            webContextAuthentication.setAuthenticationResult(authenticateUser);
        }
        return webContextAuthentication;
    }

    private boolean shouldNotExtendAuthentication(Request request) {
        String str;
        List<String> list = request.getGETParameters(false).get(DO_NOT_EXTEND_AUTHENTICATION_PARAMETER_NAME);
        if (list == null || list.isEmpty() || (str = list.get(0)) == null) {
            return false;
        }
        try {
            return Boolean.parseBoolean(str);
        } catch (Exception e) {
            Handler handler = request.getHandler();
            MuseProxy.log(1, this, "[connection.id=" + (handler != null ? handler.getId() : "") + "] Incorrect value for '" + DO_NOT_EXTEND_AUTHENTICATION_PARAMETER_NAME + "' parameter in URL: '" + request.getURL() + "'. It must have one of the following values: 'true' or 'false' without quotes.");
            return false;
        }
    }

    private void removeDoNotExtendAuthenticationRequestParameter(Request request) {
        String substring;
        String url = request.getURL();
        boolean z = false;
        String str = "&" + DO_NOT_EXTEND_AUTHENTICATION_PARAMETER_NAME + "=";
        int indexOf = MuseProxyServerUtils.indexOf(url, str, 0, true);
        if (indexOf == -1) {
            str = "?" + DO_NOT_EXTEND_AUTHENTICATION_PARAMETER_NAME + "=";
            indexOf = MuseProxyServerUtils.indexOf(url, str, 0, true);
            if (indexOf != -1) {
                indexOf += "?".length();
                str = str.substring("?".length());
                z = true;
            }
        }
        if (indexOf == -1) {
            return;
        }
        int indexOf2 = MuseProxyServerUtils.indexOf(url, "&", indexOf + str.length(), false);
        if (indexOf2 != -1) {
            if (z) {
                indexOf2 += "&".length();
            }
            substring = url.substring(0, indexOf) + url.substring(indexOf2);
        } else {
            if (z) {
                indexOf -= "?".length();
            }
            substring = url.substring(0, indexOf);
        }
        request.setURL(substring);
    }

    @Override // com.edulib.muse.proxy.handler.web.context.WebModule
    public void registerMBean(MBeanServer mBeanServer, String str) throws Exception {
        ProxyMBeanUtil.registerModelMBean(mBeanServer, WebModuleRootMBean.mBeanInfo, this, str + ",name=" + getIdentifier());
    }

    @Override // com.edulib.muse.proxy.handler.web.context.root.WebModuleRootMBean
    public String getJAASContext() {
        return this.jaasContext;
    }

    @Override // com.edulib.muse.proxy.handler.web.context.root.WebModuleRootMBean
    public String getJAASUserGroup() {
        return this.jaasUserGroup;
    }

    @Override // com.edulib.muse.proxy.handler.web.context.WebModule
    protected boolean verifyMuseProxySerial() throws Exception {
        return true;
    }
}
