package ru.curs.showcase.app.server.rest;

import com.google.gwt.i18n.client.LocalizableResource;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.SortedMap;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.transform.TransformerException;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationServiceException;
import ru.curs.showcase.app.api.UserInfo;
import ru.curs.showcase.app.server.rest.RESTGateway;
import ru.curs.showcase.runtime.AppInfoSingleton;
import ru.curs.showcase.runtime.UserDataUtils;
import ru.curs.showcase.security.AuthServerAuthenticationProvider;
import ru.curs.showcase.security.AuthServerUtils;
import ru.curs.showcase.security.SecurityParamsFactory;
import ru.curs.showcase.security.UserInfoUtils;
import ru.curs.showcase.util.ServletUtils;
import ru.curs.showcase.util.exception.SettingsFileOpenException;

/* loaded from: input_file:WEB-INF/classes/ru/curs/showcase/app/server/rest/ShowcaseRestServlet.class */
public final class ShowcaseRestServlet extends HttpServlet {
    private static final long serialVersionUID = 1311685218914828051L;
    private static final Logger LOGGER = LoggerFactory.getLogger(ShowcaseRestServlet.class);

    @Override // javax.servlet.http.HttpServlet
    public void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String str;
        if (AppInfoSingleton.getAppInfo().getShowcaseAppOnStartMessage().contains("Не удаётся подключиться к указанной базе данных")) {
            httpServletResponse.setCharacterEncoding("UTF-8");
            httpServletResponse.getWriter().write("При запуске сервера приложений произошла ошибка.");
            httpServletResponse.setStatus(500);
            httpServletResponse.getWriter().close();
            return;
        }
        String id = httpServletRequest.getSession().getId();
        String stringBuffer = httpServletRequest.getRequestURL().toString();
        if (stringBuffer.endsWith("restlogin") || stringBuffer.endsWith("restlogin/")) {
            addAccessControlAllowOriginPropertyToResponceHeader(httpServletResponse);
            String parameter = httpServletRequest.getParameter("user");
            try {
                HttpURLConnection httpURLConnection = null;
                try {
                    httpURLConnection = (HttpURLConnection) new URL(SecurityParamsFactory.getLocalAuthServerUrl() + String.format("/checkcredentials?login=%s&pwd=%s", AuthServerAuthenticationProvider.encodeParam(parameter), AuthServerAuthenticationProvider.encodeParam(httpServletRequest.getParameter("password")))).openConnection();
                    httpURLConnection.setRequestMethod("GET");
                    httpURLConnection.connect();
                    if (httpURLConnection.getResponseCode() == 200) {
                        try {
                            UserInfo userInfo = UserInfoUtils.parseStream(httpURLConnection.getInputStream()).get(0);
                            userInfo.setResponseCode(httpURLConnection.getResponseCode());
                            str = userInfo.getSid();
                        } catch (TransformerException e) {
                            throw new ServletException(AuthServerUtils.AUTH_SERVER_DATA_ERROR + e.getMessage(), e);
                        }
                    } else {
                        str = null;
                    }
                    if (httpURLConnection != null) {
                        httpURLConnection.disconnect();
                    }
                    if (str == null) {
                        httpServletResponse.setCharacterEncoding("UTF-8");
                        httpServletResponse.getWriter().write("ОШИБКА выполнения REST запроса restlogin: Логин пользователя ''" + parameter + "'' неуспешен. Неверная пара логин-пароль.");
                        httpServletResponse.setStatus(403);
                        httpServletResponse.getWriter().close();
                        return;
                    }
                    try {
                        AppInfoSingleton.getAppInfo().getCelestaInstance().login(id, str);
                        AppInfoSingleton.getAppInfo().getSessionSidsMap().put(id, str);
                        return;
                    } catch (Exception e2) {
                        e2.printStackTrace();
                        return;
                    }
                } catch (Throwable th) {
                    if (httpURLConnection != null) {
                        httpURLConnection.disconnect();
                    }
                    throw th;
                }
            } catch (SettingsFileOpenException e3) {
                throw new AuthenticationServiceException(SecurityParamsFactory.APP_PROP_READ_ERROR, e3);
            }
        }
        if (stringBuffer.endsWith("restlogout") || stringBuffer.endsWith("restlogout/")) {
            addAccessControlAllowOriginPropertyToResponceHeader(httpServletResponse);
            try {
                AppInfoSingleton.getAppInfo().getCelestaInstance().logout(id, false);
                AppInfoSingleton.getAppInfo().getSessionSidsMap().remove(id);
                if (AppInfoSingleton.getAppInfo().getPrintWriterForCelesta() != null) {
                    AppInfoSingleton.getAppInfo().getPrintWriterForCelesta().println("Сессия с id " + id + " разлогинена из celesta");
                    AppInfoSingleton.getAppInfo().getPrintWriterForCelesta().flush();
                }
            } catch (Exception e4) {
                e4.printStackTrace();
            }
            httpServletResponse.setStatus(200);
            return;
        }
        String method = httpServletRequest.getMethod();
        String header = httpServletRequest.getHeader("user-token");
        String remoteAddr = httpServletRequest.getRemoteAddr();
        String header2 = httpServletRequest.getHeader("Accept-Language");
        if (header2 == null || header2.isEmpty()) {
            header2 = LocalizableResource.DefaultLocale.DEFAULT_LOCALE;
        }
        String queryString = httpServletRequest.getQueryString();
        StringBuilder sb = new StringBuilder();
        BufferedReader reader = httpServletRequest.getReader();
        while (true) {
            String readLine = reader.readLine();
            if (readLine == null) {
                break;
            } else {
                sb.append(readLine);
            }
        }
        String sb2 = sb.toString();
        String generalOptionalProp = UserDataUtils.getGeneralOptionalProp("rest.entry.proc");
        if (generalOptionalProp == null || generalOptionalProp.isEmpty()) {
            httpServletResponse.setStatus(500);
            return;
        }
        JythonRestResult jythonRestResult = null;
        if (generalOptionalProp.endsWith(".cl") || generalOptionalProp.endsWith(".celesta")) {
            try {
                jythonRestResult = RESTGateway.executeRESTcommand(method, truncateRequestUrl(stringBuffer), sb2, getHeadersJson(httpServletRequest), getUrlParamsJson(httpServletRequest), id, generalOptionalProp, remoteAddr);
            } catch (RESTGateway.ShowcaseRESTUnauthorizedException e5) {
                httpServletResponse.setStatus(401);
                return;
            }
        }
        if (generalOptionalProp.endsWith(".py")) {
            jythonRestResult = RESTGateway.executeRESTcommandFromJythonProc(method, truncateRequestUrl(stringBuffer), sb2, getHeadersJson(httpServletRequest), getUrlParamsJson(httpServletRequest), generalOptionalProp, remoteAddr);
        }
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.getWriter().write(jythonRestResult.getResponseData());
        httpServletResponse.setStatus(jythonRestResult.getResponseCode().intValue());
        httpServletResponse.setHeader("Content-Type", jythonRestResult.getContentType());
        addAccessControlAllowOriginPropertyToResponceHeader(httpServletResponse);
        for (Map.Entry<String, String> entry : jythonRestResult.getResponseHttpParametersMap().entrySet()) {
            if (!"Access-Control-Allow-Origin".equals(entry.getKey())) {
                httpServletResponse.setHeader(entry.getKey(), entry.getValue());
            }
        }
        if (AppInfoSingleton.getAppInfo().isEnableLogLevelInfo()) {
            if (sb2.length() > 200) {
                sb2 = sb2.substring(0, 200) + " ... (Total: " + sb2.length() + " symbols)";
            }
            String responseData = jythonRestResult.getResponseData();
            if (responseData.length() > 200) {
                responseData = responseData.substring(0, 200) + " ... (Total: " + responseData.length() + " symbols)";
            }
            LOGGER.info("Using Rest WebService. \nCalled procedure: " + generalOptionalProp + "\nRequest Type: " + method + "\nRequest URL: " + stringBuffer + "\nClient IP: " + remoteAddr + "\nUser Token: " + header + "\nAccept Language: " + header2 + "\nRequest Data: " + sb2 + "\nRequest URL Params: " + queryString + "\nResponse Code: " + jythonRestResult.getResponseCode() + "\nResponse Data: " + responseData);
        }
        httpServletResponse.getWriter().close();
    }

    private String getFullURL(HttpServletRequest httpServletRequest) {
        StringBuffer requestURL = httpServletRequest.getRequestURL();
        String queryString = httpServletRequest.getQueryString();
        return queryString == null ? requestURL.toString() : requestURL.append('?').append(queryString).toString();
    }

    private String getUrlParamsJson(HttpServletRequest httpServletRequest) {
        SortedMap<String, List<String>> sortedMap = null;
        try {
            sortedMap = ServletUtils.prepareURLParamsMap(httpServletRequest);
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        }
        return sortedMap == null ? "{}" : new JSONObject((Map<?, ?>) sortedMap).toString();
    }

    private String getHeadersJson(HttpServletRequest httpServletRequest) {
        HashMap hashMap = new HashMap();
        Enumeration<String> headerNames = httpServletRequest.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String nextElement = headerNames.nextElement();
            hashMap.put(nextElement, httpServletRequest.getHeader(nextElement));
        }
        return new JSONObject((Map<?, ?>) hashMap).toString();
    }

    private String truncateRequestUrl(String str) {
        return str.substring(str.indexOf("api") + 3);
    }

    private void addAccessControlAllowOriginPropertyToResponceHeader(HttpServletResponse httpServletResponse) {
        String generalOptionalProp = UserDataUtils.getGeneralOptionalProp("rest.allow.crossdomain.hosts");
        if (generalOptionalProp == null || !"true".equalsIgnoreCase(generalOptionalProp.trim())) {
            return;
        }
        httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
    }
}
