package ca.nrc.cadc.dlm.server;

import ca.nrc.cadc.auth.AuthMethod;
import ca.nrc.cadc.auth.AuthenticationUtil;
import ca.nrc.cadc.cred.client.CredUtil;
import ca.nrc.cadc.date.DateUtil;
import ca.nrc.cadc.dlm.DownloadRequest;
import ca.nrc.cadc.dlm.DownloadUtil;
import ca.nrc.cadc.net.HttpGet;
import ca.nrc.cadc.reg.Standards;
import ca.nrc.cadc.reg.client.LocalAuthority;
import ca.nrc.cadc.reg.client.RegistryClient;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.net.URL;
import java.security.AccessControlException;
import java.security.PrivilegedActionException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.text.DateFormat;
import java.util.Calendar;
import java.util.Date;
import java.util.Iterator;
import javax.security.auth.Subject;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:ca/nrc/cadc/dlm/server/ShellScriptServlet.class */
public class ShellScriptServlet extends HttpServlet {
    private static final long serialVersionUID = 202303151015L;
    public static final String SCRIPT_TARGET = "/shellScript";
    private static final int MINUTES_TO_EXPIRY = 20160;
    private static final DateFormat DATE_FORMAT = DateUtil.getDateFormat("yyyyMMddHHmmss", DateUtil.UTC);

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        ScriptGenerator scriptGenerator;
        String format = String.format("cadc-download-%s.sh", DATE_FORMAT.format(new Date()));
        httpServletResponse.setContentType("text/x-shellscript");
        httpServletResponse.setHeader("content-disposition", "attachment;filename=\"" + format + "\"");
        DownloadRequest downloadRequest = (DownloadRequest) httpServletRequest.getAttribute("downloadRequest");
        downloadRequest.runID = (String) httpServletRequest.getAttribute("runid");
        Iterator iterateURLs = DownloadUtil.iterateURLs(downloadRequest);
        Subject subject = AuthenticationUtil.getSubject(httpServletRequest, false);
        try {
            if (CredUtil.checkCredentials(subject)) {
                String token = getToken(subject);
                Calendar calendar = Calendar.getInstance(DateUtil.UTC);
                calendar.add(12, MINUTES_TO_EXPIRY);
                scriptGenerator = new ScriptGenerator(iterateURLs, token, calendar.getTime());
            } else {
                scriptGenerator = new ScriptGenerator(iterateURLs);
            }
            PrintWriter writer = httpServletResponse.getWriter();
            scriptGenerator.generate(writer);
            writer.flush();
        } catch (IOException e) {
            throw e;
        } catch (CertificateExpiredException | CertificateNotYetValidException e2) {
            throw new AccessControlException(e2.getMessage());
        } catch (Exception e3) {
            throw new ServletException(e3.getMessage(), e3);
        }
    }

    private String getToken(Subject subject) throws Exception {
        URL url = new URL(new RegistryClient().getServiceURL(new LocalAuthority().getServiceURI(Standards.SECURITY_METHOD_OPENID.toString()), Standards.SECURITY_METHOD_OPENID, AuthMethod.COOKIE).toString() + "/authorize?response_type=token");
        try {
            return (String) Subject.doAs(subject, () -> {
                HttpGet httpGet = new HttpGet(url, true);
                httpGet.run();
                return new BufferedReader(new InputStreamReader(httpGet.getInputStream())).readLine();
            });
        } catch (PrivilegedActionException e) {
            throw e.getException();
        }
    }
}
