package de.mhus.rest.core;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ObjectNode;
import de.mhus.lib.core.M;
import de.mhus.lib.core.MApi;
import de.mhus.lib.core.MProperties;
import de.mhus.lib.core.io.http.MHttp;
import de.mhus.lib.core.logging.Log;
import de.mhus.lib.core.logging.TrailLevelMapper;
import de.mhus.lib.core.shiro.AccessApi;
import de.mhus.rest.core.api.Node;
import de.mhus.rest.core.api.RestApi;
import de.mhus.rest.core.api.RestException;
import de.mhus.rest.core.api.RestResult;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Arrays;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.subject.Subject;

/* loaded from: input_file:de/mhus/rest/core/AbstractRestServlet.class */
public abstract class AbstractRestServlet extends HttpServlet {
    private static final String RESULT_TYPE_JSON = "json";
    private static final String RESULT_TYPE_HTTP = "http";
    private static final String PUBLIC_PATH = "/public/";
    private static final long serialVersionUID = 1;
    private RestApi restService;
    private Log log = Log.getLog(this);
    private int nextId = 0;
    private LinkedList<RestAuthenticator> authenticators = new LinkedList<>();

    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        TrailLevelMapper levelMapper;
        TrailLevelMapper levelMapper2;
        TrailLevelMapper levelMapper3;
        TrailLevelMapper levelMapper4;
        httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
        boolean z = false;
        try {
            String parameter = httpServletRequest.getParameter("_mhus_log");
            if (parameter != null && (levelMapper4 = MApi.get().getLogFactory().getLevelMapper()) != null && (levelMapper4 instanceof TrailLevelMapper)) {
                z = true;
                if (parameter.length() == 0) {
                    parameter = "MAP";
                }
                levelMapper4.doConfigureTrail("R", parameter);
            }
            String pathInfo = httpServletRequest.getPathInfo();
            if (pathInfo == null || pathInfo.length() < 1) {
                httpServletResponse.setStatus(404);
                if (z && (levelMapper2 = MApi.get().getLogFactory().getLevelMapper()) != null && (levelMapper2 instanceof TrailLevelMapper)) {
                    levelMapper2.doResetTrail();
                    return;
                }
                return;
            }
            AuthenticationToken authenticationToken = null;
            Iterator<RestAuthenticator> it = this.authenticators.iterator();
            while (it.hasNext()) {
                authenticationToken = it.next().authenticate(httpServletRequest);
                if (authenticationToken != null) {
                    break;
                }
            }
            AuthenticationToken authenticationToken2 = authenticationToken;
            ((AccessApi) M.l(AccessApi.class)).createSubject().execute(() -> {
                return serviceInSession(httpServletRequest, httpServletResponse, pathInfo, authenticationToken2);
            });
            if (z && (levelMapper3 = MApi.get().getLogFactory().getLevelMapper()) != null && (levelMapper3 instanceof TrailLevelMapper)) {
                levelMapper3.doResetTrail();
            }
        } catch (Throwable th) {
            if (0 != 0 && (levelMapper = MApi.get().getLogFactory().getLevelMapper()) != null && (levelMapper instanceof TrailLevelMapper)) {
                levelMapper.doResetTrail();
            }
            throw th;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r24v1, types: [java.lang.Throwable, de.mhus.rest.core.api.RestException] */
    private Object serviceInSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, AuthenticationToken authenticationToken) throws IOException {
        ((AccessApi) M.l(AccessApi.class)).updateSessionLastAccessTime();
        long newId = newId();
        Subject subject = SecurityUtils.getSubject();
        String parameter = httpServletRequest.getParameter("_method");
        if (parameter == null) {
            parameter = httpServletRequest.getMethod();
        }
        LinkedList linkedList = new LinkedList(Arrays.asList(str.split("/")));
        if (linkedList.size() == 0) {
            return null;
        }
        linkedList.remove(0);
        MProperties mProperties = new MProperties();
        logAccess(newId, httpServletRequest.getRemoteAddr(), httpServletRequest.getRemotePort(), subject, parameter, httpServletRequest.getPathInfo(), httpServletRequest.getParameterMap());
        if (authenticationToken != null) {
            try {
                subject.login(authenticationToken);
            } catch (AuthenticationException e) {
                return onLoginFailure(authenticationToken, e, httpServletRequest, httpServletResponse, newId);
            }
        }
        if (authenticationToken == null && !isPublicPath(str)) {
            return onLoginFailure(httpServletRequest, httpServletResponse, newId);
        }
        CallContext callContext = new CallContext(new HttpRequest(httpServletRequest.getParameterMap()), MHttp.toMethod(parameter), mProperties);
        RestApi restService = getRestService();
        RestResult restResult = null;
        if (parameter.equals("HEAD")) {
            return null;
        }
        try {
            Node lookup = restService.lookup(linkedList, null, callContext);
            if (lookup == null) {
                sendError(newId, httpServletRequest, httpServletResponse, 404, "Resource Not Found", null, subject);
                return null;
            }
            if (parameter.equals("GET")) {
                restResult = lookup.doRead(callContext);
            } else if (parameter.equals("POST")) {
                restResult = callContext.hasAction() ? lookup.doAction(callContext) : lookup.doCreate(callContext);
            } else if (parameter.equals("PUT")) {
                restResult = lookup.doUpdate(callContext);
            } else if (parameter.equals("DELETE")) {
                restResult = lookup.doDelete(callContext);
            } else if (parameter.equals("TRACE")) {
            }
            if (restResult == null) {
                sendError(newId, httpServletRequest, httpServletResponse, 501, null, null, subject);
                return null;
            }
            if (restResult != null) {
                try {
                    this.log.d(new Object[]{"result", Long.valueOf(newId), restResult});
                    httpServletResponse.setContentType(restResult.getContentType());
                    restResult.write(httpServletResponse.getWriter());
                } catch (Throwable th) {
                    this.log.d(new Object[]{th});
                    sendError(newId, httpServletRequest, httpServletResponse, 500, th.getMessage(), th, subject);
                    return null;
                }
            }
            return null;
        } catch (RestException e2) {
            this.log.d(new Object[]{e2});
            sendError(newId, httpServletRequest, httpServletResponse, e2.getErrorId(), e2.getMessage(), e2, subject);
            return null;
        } catch (Throwable th2) {
            this.log.d(new Object[]{th2});
            sendError(newId, httpServletRequest, httpServletResponse, 500, th2.getMessage(), th2, subject);
            return null;
        }
    }

    public boolean isPublicPath(String str) {
        return str.startsWith(PUBLIC_PATH);
    }

    public RestApi getRestService() {
        return this.restService;
    }

    public void setRestService(RestApi restApi) {
        this.restService = restApi;
    }

    private Object onLoginFailure(AuthenticationToken authenticationToken, AuthenticationException authenticationException, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, long j) throws IOException {
        httpServletResponse.setHeader("WWW-Authenticate", "BASIC realm=\"rest\"");
        sendError(j, httpServletRequest, httpServletResponse, 401, authenticationException.getMessage(), authenticationException, null);
        return null;
    }

    private Object onLoginFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, long j) throws IOException {
        httpServletResponse.setHeader("WWW-Authenticate", "BASIC realm=\"rest\"");
        sendError(j, httpServletRequest, httpServletResponse, 401, "", null, null);
        return null;
    }

    private void logAccess(long j, String str, int i, Subject subject, String str2, String str3, Map map) {
        this.log.d(new Object[]{"access", Long.valueOf(j), "\n Remote: " + str + ":" + i + "\n Subject: " + subject + "\n Method: " + str2 + "\n Request: " + str3 + "\n Parameters: " + getParameterLog(map) + "\n"});
    }

    private String getParameterLog(Map<?, ?> map) {
        StringBuilder append = new StringBuilder().append('{');
        for (Map.Entry<?, ?> entry : map.entrySet()) {
            append.append('\n').append(entry.getKey()).append("=[");
            Object value = entry.getValue();
            if (value != null) {
                if (value.getClass().isArray()) {
                    boolean z = true;
                    for (Object obj : (Object[]) value) {
                        if (z) {
                            z = false;
                        } else {
                            append.append(',');
                        }
                        append.append(obj);
                    }
                } else {
                    append.append(value);
                }
            }
            append.append("] ");
        }
        append.append('}');
        return append.toString();
    }

    private synchronized long newId() {
        int i = this.nextId;
        this.nextId = i + 1;
        return i;
    }

    private void sendError(long j, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, int i, String str, Throwable th, Subject subject) throws IOException {
        this.log.d(new Object[]{"error", Long.valueOf(j), Integer.valueOf(i), str, th});
        String parameter = httpServletRequest.getParameter("_errorResult");
        if (parameter == null) {
            parameter = RESULT_TYPE_JSON;
        }
        if (parameter.equals(RESULT_TYPE_HTTP)) {
            httpServletResponse.sendError(i);
            httpServletResponse.getWriter().print(str);
            return;
        }
        if (parameter.equals(RESULT_TYPE_JSON)) {
            if (i == 401) {
                httpServletResponse.setStatus(i);
            } else {
                httpServletResponse.setStatus(200);
            }
            PrintWriter writer = httpServletResponse.getWriter();
            ObjectMapper objectMapper = new ObjectMapper();
            ObjectNode createObjectNode = objectMapper.createObjectNode();
            createObjectNode.put("_sequence", j);
            if (subject != null) {
                createObjectNode.put("_user", String.valueOf(subject.getPrincipal()));
            }
            TrailLevelMapper levelMapper = MApi.get().getLogFactory().getLevelMapper();
            if (levelMapper != null && (levelMapper instanceof TrailLevelMapper)) {
                createObjectNode.put("_trail", levelMapper.getTrailId());
            }
            createObjectNode.put("_error", i);
            createObjectNode.put("_errorMessage", str);
            httpServletResponse.setContentType("application/json");
            objectMapper.writeValue(writer, createObjectNode);
        }
    }

    public LinkedList<RestAuthenticator> getAuthenticators() {
        return this.authenticators;
    }
}
