package com.sap.ecm.api;

import com.sap.ecm.api.auth.EcmAuthenticationProvider;
import com.sap.ecm.api.internal.SessionLookup;
import com.sap.ecm.api.internal.cert.ClientCertificate;
import com.sap.security.auth.login.LoginContextFactory;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.PrintWriter;
import java.net.HttpURLConnection;
import java.net.SocketTimeoutException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSocketFactory;
import javax.security.auth.login.LoginException;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/sap/ecm/api/AbstractCmisProxyServlet.class */
public abstract class AbstractCmisProxyServlet extends HttpServlet {
    private static final long serialVersionUID = 1;
    private static final Logger LOG = Logger.getLogger(AbstractCmisProxyServlet.class);
    private static final String HTTPHEADER_X_ECMREPUNIQUENAME = "X-EcmRepUniqueNameEnc";
    private static final String HTTPHEADER_X_ECMREPKEY = "X-EcmRepKeyEnc";
    private static final String HTTPHEADER_X_CMIS_BASE_URL = "X-CmisBaseUrl";
    private static final String HTTPHEADER_X_ECM_USER = "X-EcmUserEnc";
    private static final String SESSION_ECM_COOKIES = "com.sap.ecm.api.ecm.cookies";
    private static final String SESSION_ECM_REQHOST = "com.sap.ecm.api.ecm.reqhost";
    private static final String SESSION_ECM_BASEURL = "com.sap.ecm.api.ecm.baseurl";
    private static final int DEFAULT_CONNECT_TIMEOUT = 30000;
    private static final int DEFAULT_READ_TIMEOUT = 300000;
    private static final int BUFFER_SIZE = 4096;
    private SSLSocketFactory sslSocketFactory;

    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        this.sslSocketFactory = new ClientCertificate().getSSLSocketFactory();
    }

    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String method = httpServletRequest.getMethod();
        if (!checkMethod(method)) {
            httpServletResponse.sendError(400);
            return;
        }
        String extractPath = extractPath(httpServletRequest);
        if (!checkPath(extractPath)) {
            httpServletResponse.sendError(404);
            return;
        }
        if (readOnlyMode() && !method.equals("GET")) {
            httpServletResponse.setStatus(405);
            httpServletResponse.setCharacterEncoding("UTF-8");
            httpServletResponse.setContentType("application/json; charset=utf-8");
            httpServletResponse.getWriter().println("{\"exception\": \"notSupported\", \"message\": \"Only read operations are supported!\"}");
            return;
        }
        HttpSession session = httpServletRequest.getSession();
        String queryString = httpServletRequest.getQueryString();
        String str = (String) session.getAttribute(SESSION_ECM_REQHOST);
        String str2 = (String) session.getAttribute(SESSION_ECM_BASEURL);
        if (str == null || !httpServletRequest.getServerName().equals(str) || str2 == null) {
            session.setAttribute(SESSION_ECM_REQHOST, httpServletRequest.getServerName());
            str2 = findEcmUrl();
            session.setAttribute(SESSION_ECM_BASEURL, str2);
        }
        String str3 = String.valueOf(str2) + extractPath + (queryString != null ? "?" + queryString : "");
        if (LOG.isDebugEnabled()) {
            LOG.debug("Forwarding request to: " + str3);
        }
        String str4 = null;
        if (!isWebServicesWsdl(method, extractPath) && requireAuthentication()) {
            try {
                str4 = authenticate(httpServletRequest, httpServletResponse);
            } catch (LoginException e) {
                if (LOG.isInfoEnabled()) {
                    LOG.info("Login error. URL: " + str3, e);
                    return;
                }
                return;
            } catch (Exception e2) {
                if (LOG.isInfoEnabled()) {
                    LOG.info("Authentication error. URL: " + str3, e2);
                }
                sendCMISProxyError(httpServletRequest, httpServletResponse, "CMIS Proxy login error.");
                return;
            }
        }
        try {
            HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(str3).openConnection();
            httpURLConnection.setRequestMethod(httpServletRequest.getMethod());
            httpURLConnection.setDoInput(true);
            httpURLConnection.setAllowUserInteraction(false);
            httpURLConnection.setUseCaches(false);
            httpURLConnection.setConnectTimeout(getConnectTimeout());
            httpURLConnection.setReadTimeout(getReadTimeout());
            if ((httpURLConnection instanceof HttpsURLConnection) && this.sslSocketFactory != null) {
                ((HttpsURLConnection) httpURLConnection).setSSLSocketFactory(this.sslSocketFactory);
            }
            Enumeration headerNames = httpServletRequest.getHeaderNames();
            while (headerNames.hasMoreElements()) {
                String str5 = (String) headerNames.nextElement();
                if (isHeaderAllowedToForward(str5)) {
                    Enumeration headers = httpServletRequest.getHeaders(str5);
                    while (headers.hasMoreElements()) {
                        httpURLConnection.addRequestProperty(str5, (String) headers.nextElement());
                    }
                }
            }
            String repositoryUniqueName = getRepositoryUniqueName();
            if (!checkNameOrKey(repositoryUniqueName)) {
                throw new ServiceException("Invalid repository unique name!");
            }
            String repositoryKey = getRepositoryKey();
            if (!checkNameOrKey(repositoryKey)) {
                throw new ServiceException("Invalid repository key!");
            }
            if (repositoryUniqueName != null && repositoryKey == null) {
                throw new ServiceException("Repository key not set!");
            }
            if (repositoryUniqueName != null) {
                httpURLConnection.setRequestProperty(HTTPHEADER_X_ECMREPUNIQUENAME, EcmAuthenticationProvider.encodeUTF8(repositoryUniqueName));
                httpURLConnection.setRequestProperty(HTTPHEADER_X_ECMREPKEY, EcmAuthenticationProvider.encodeUTF8(repositoryKey));
            }
            httpURLConnection.setRequestProperty(HTTPHEADER_X_CMIS_BASE_URL, EcmAuthenticationProvider.encodeUTF8(getProxyBaseUrl(httpServletRequest)));
            if (str4 != null) {
                httpURLConnection.setRequestProperty(HTTPHEADER_X_ECM_USER, EcmAuthenticationProvider.encodeUTF8(str4));
            }
            String str6 = (String) session.getAttribute(SESSION_ECM_COOKIES);
            if (str6 != null) {
                httpURLConnection.setRequestProperty("Cookie", str6);
            }
            if (mayHaveContent(httpServletRequest)) {
                httpURLConnection.setDoOutput(true);
                httpURLConnection.setChunkedStreamingMode(65535);
                OutputStream outputStream = httpURLConnection.getOutputStream();
                copyStream(httpServletRequest.getInputStream(), outputStream);
                outputStream.flush();
            } else {
                httpURLConnection.setDoOutput(false);
            }
            httpURLConnection.connect();
            httpServletResponse.setStatus(httpURLConnection.getResponseCode());
            ArrayList<String> arrayList = new ArrayList();
            for (Map.Entry<String, List<String>> entry : httpURLConnection.getHeaderFields().entrySet()) {
                if (entry.getKey() != null) {
                    String lowerCase = entry.getKey().toLowerCase(Locale.ENGLISH);
                    if (!lowerCase.equals("transfer-encoding") && !lowerCase.equals("connection") && !lowerCase.equals("content-length") && !lowerCase.equals("via")) {
                        for (String str7 : entry.getValue()) {
                            if (lowerCase.equals("set-cookie")) {
                                arrayList.add(str7);
                            } else {
                                httpServletResponse.addHeader(entry.getKey(), str7);
                            }
                        }
                    }
                }
            }
            if (!arrayList.isEmpty()) {
                StringBuilder sb = new StringBuilder();
                for (String str8 : arrayList) {
                    if (sb.length() > 0) {
                        sb.append("; ");
                    }
                    int indexOf = str8.indexOf(59);
                    if (indexOf >= 0) {
                        sb.append(str8.substring(0, indexOf).trim());
                    } else {
                        sb.append(str8.trim());
                    }
                }
                session.setAttribute(SESSION_ECM_COOKIES, sb.toString());
            }
            if (httpURLConnection.getContentLength() != 0) {
                InputStream errorStream = httpURLConnection.getErrorStream();
                if (errorStream == null) {
                    errorStream = httpURLConnection.getInputStream();
                }
                if (errorStream != null) {
                    ServletOutputStream outputStream2 = httpServletResponse.getOutputStream();
                    copyStream(errorStream, outputStream2);
                    errorStream.close();
                    outputStream2.flush();
                }
            }
        } catch (SocketTimeoutException e3) {
            if (LOG.isInfoEnabled()) {
                LOG.info("Timeout connecting to: " + str3, e3);
            }
            sendCMISProxyError(httpServletRequest, httpServletResponse, "CMIS Proxy timeout.");
        } catch (Exception e4) {
            if (LOG.isInfoEnabled()) {
                LOG.info("Communication error. URL: " + str3, e4);
            }
            sendCMISProxyError(httpServletRequest, httpServletResponse, "CMIS Proxy communication error.");
        }
    }

    private boolean isHeaderAllowedToForward(String str) {
        if (str == null || str.length() == 0) {
            return false;
        }
        String lowerCase = str.toLowerCase(Locale.ENGLISH);
        if ("X-EcmAddPrincipals".toLowerCase(Locale.ENGLISH).equals(lowerCase)) {
            return true;
        }
        return (lowerCase.startsWith("x-") || lowerCase.startsWith("sap-") || lowerCase.startsWith("cookie") || lowerCase.startsWith("authorization")) ? false : true;
    }

    protected String getDestinationName() {
        return null;
    }

    protected abstract String getRepositoryUniqueName();

    protected abstract String getRepositoryKey();

    protected boolean supportWebServicesBinding() {
        return true;
    }

    protected boolean supportAtomPubBinding() {
        return true;
    }

    protected boolean supportBrowserBinding() {
        return true;
    }

    protected boolean supportCMIS_1_0() {
        return true;
    }

    protected boolean supportCMIS_1_1() {
        return true;
    }

    protected boolean requireAuthentication() {
        return true;
    }

    protected String authenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws LoginException {
        String remoteUser = httpServletRequest.getRemoteUser();
        if (remoteUser == null) {
            LoginContextFactory.createLoginContext("BASIC").login();
            remoteUser = httpServletRequest.getRemoteUser();
        }
        return remoteUser;
    }

    protected boolean readOnlyMode() {
        return false;
    }

    protected int getConnectTimeout() {
        return DEFAULT_CONNECT_TIMEOUT;
    }

    protected int getReadTimeout() {
        return DEFAULT_READ_TIMEOUT;
    }

    private void copyStream(InputStream inputStream, OutputStream outputStream) throws IOException {
        byte[] bArr = new byte[BUFFER_SIZE];
        while (true) {
            int read = inputStream.read(bArr);
            if (read <= -1) {
                return;
            } else {
                outputStream.write(bArr, 0, read);
            }
        }
    }

    private boolean mayHaveContent(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getMethod().equals("POST") || httpServletRequest.getMethod().equals("PUT");
    }

    private String extractPath(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getRequestURI().substring(httpServletRequest.getContextPath().length() + httpServletRequest.getServletPath().length());
    }

    private String getProxyBaseUrl(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getScheme() + "://" + httpServletRequest.getServerName() + ':' + httpServletRequest.getServerPort() + httpServletRequest.getContextPath() + httpServletRequest.getServletPath();
    }

    private boolean isAtomBinding(String str) {
        if (str == null) {
            return false;
        }
        if (supportCMIS_1_0() && (str.equals("/atom") || str.startsWith("/atom/"))) {
            return true;
        }
        if (supportCMIS_1_1()) {
            return str.equals("/1.1/atom") || str.startsWith("/1.1/atom/");
        }
        return false;
    }

    private boolean isBrowserBinding(String str) {
        if (str == null) {
            return false;
        }
        if (supportCMIS_1_0() && (str.equals("/json") || str.startsWith("/json/"))) {
            return true;
        }
        if (supportCMIS_1_1()) {
            return str.equals("/1.1/json") || str.startsWith("/1.1/json/");
        }
        return false;
    }

    private boolean isWebServicesBinding(String str) {
        if (str == null) {
            return false;
        }
        if (supportCMIS_1_0() && str.startsWith("/services/")) {
            return true;
        }
        return supportCMIS_1_1() && str.startsWith("/1.1/services/");
    }

    private boolean isWebServicesWsdl(String str, String str2) {
        if ("GET".equals(str) && isWebServicesBinding(str2)) {
            return str2.endsWith("?wsdl") || str2.endsWith("?core") || str2.endsWith("?msg");
        }
        return false;
    }

    private boolean checkPath(String str) {
        if (supportAtomPubBinding() && !readOnlyMode() && isAtomBinding(str)) {
            return true;
        }
        if (supportBrowserBinding() && isBrowserBinding(str)) {
            return true;
        }
        return supportWebServicesBinding() && !readOnlyMode() && isWebServicesBinding(str);
    }

    private boolean checkMethod(String str) {
        return str.equals("GET") || str.equals("POST") || str.equals("PUT") || str.equals("DELETE");
    }

    private void sendCMISProxyError(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        httpServletResponse.setStatus(500);
        httpServletResponse.setCharacterEncoding("UTF-8");
        PrintWriter writer = httpServletResponse.getWriter();
        String extractPath = extractPath(httpServletRequest);
        if (isAtomBinding(extractPath)) {
            httpServletResponse.setContentType("text/html; charset=utf-8");
            writer.print("<html><head><title>CMIS Proxy Error</title></head><body>");
            writer.print("<h1>HTTP Status 500 - <!--exception-->runtime<!--/exception--></h1>");
            writer.print("<p><!--message-->" + str + "<!--/message--></p>");
            writer.println("</body></html>");
        } else if (isBrowserBinding(extractPath)) {
            httpServletResponse.setContentType("application/json; charset=utf-8");
            writer.println("{\"exception\": \"runtime\", \"message\": \"" + str + "\"}");
        } else if (!isWebServicesBinding(extractPath)) {
            httpServletResponse.setContentType("text/plain; charset=utf-8");
            writer.println(str);
        } else if (httpServletRequest.getMethod().equals("GET")) {
            httpServletResponse.setContentType("text/plain; charset=utf-8");
            writer.println(str);
        } else {
            httpServletResponse.setContentType("text/xml; charset=utf-8");
            writer.println("<?xml version='1.0' encoding='UTF-8'?>");
            writer.println("<S:Envelope xmlns:S=\"http://schemas.xmlsoap.org/soap/envelope/\">");
            writer.println("<S:Body>");
            writer.println("<S:Fault>");
            writer.println("<faultcode>S:Server</faultcode>");
            writer.println("<faultstring>" + str + "</faultstring>");
            writer.println("<detail>");
            writer.println("<cmisFault xmlns=\"http://docs.oasis-open.org/ns/cmis/messaging/200908/\">");
            writer.println("<type>runtime</type>");
            writer.println("<code>0</code>");
            writer.println("<message>" + str + "</message>");
            writer.println("</cmisFault>");
            writer.println("</detail>");
            writer.println("</S:Fault>");
            writer.println("</S:Body>");
            writer.println("</S:Envelope>");
        }
        writer.flush();
    }

    private boolean checkNameOrKey(String str) {
        if (str == null) {
            return true;
        }
        return str.length() >= 1 && str.length() <= 1024 && str.indexOf(10) <= -1 && str.indexOf(13) <= -1;
    }

    private String findEcmUrl() {
        String trim = new SessionLookup(getDestinationName(), (String) null, (String) null).getEcmServerUrl().trim();
        if (trim.endsWith("/")) {
            trim = trim.substring(0, trim.length() - 2);
        }
        return trim.substring(0, trim.lastIndexOf(47));
    }
}
