package org.xipki.ocsp.server.servlet;

import java.io.EOFException;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xipki.ocsp.api.OcspRespWithCacheInfo;
import org.xipki.ocsp.api.OcspServer;
import org.xipki.ocsp.api.Responder;
import org.xipki.ocsp.api.ResponderAndPath;
import org.xipki.security.HashAlgo;
import org.xipki.util.Base64;
import org.xipki.util.IoUtil;
import org.xipki.util.LogUtil;
import org.xipki.util.StringUtil;

/* loaded from: input_file:org/xipki/ocsp/server/servlet/HttpOcspServlet.class */
public class HttpOcspServlet extends HttpServlet {
    private static final Logger LOG = LoggerFactory.getLogger(HttpOcspServlet.class);
    private static final long DFLT_CACHE_MAX_AGE = 60;
    private static final long serialVersionUID = 1;
    private static final String CT_REQUEST = "application/ocsp-request";
    private static final String CT_RESPONSE = "application/ocsp-response";

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        OcspServer server = ServletHelper.getServer();
        try {
            try {
                if (server == null) {
                    LOG.error("ServletHelper.server not configured");
                    sendError(httpServletResponse, 500);
                    httpServletResponse.flushBuffer();
                    return;
                }
                ResponderAndPath responderForPath = server.getResponderForPath(StringUtil.getRelativeRequestUri(httpServletRequest.getServletPath(), httpServletRequest.getRequestURI()));
                if (responderForPath == null) {
                    sendError(httpServletResponse, 404);
                    httpServletResponse.flushBuffer();
                    return;
                }
                if (!CT_REQUEST.equalsIgnoreCase(httpServletRequest.getHeader("Content-Type"))) {
                    sendError(httpServletResponse, 415);
                    httpServletResponse.flushBuffer();
                    return;
                }
                Responder responder = responderForPath.getResponder();
                byte[] read = IoUtil.read(httpServletRequest.getInputStream());
                if (read.length > responder.getMaxRequestSize()) {
                    sendError(httpServletResponse, 413);
                    httpServletResponse.flushBuffer();
                    return;
                }
                OcspRespWithCacheInfo answer = server.answer(responder, read, false);
                if (answer == null || answer.getResponse() == null) {
                    LOG.error("processRequest returned null, this should not happen");
                    sendError(httpServletResponse, 500);
                }
                byte[] response = answer.getResponse();
                httpServletResponse.setStatus(200);
                httpServletResponse.setContentType(CT_RESPONSE);
                httpServletResponse.setContentLength(response.length);
                httpServletResponse.getOutputStream().write(response);
                httpServletResponse.flushBuffer();
            } catch (Throwable th) {
                if (th instanceof EOFException) {
                    LogUtil.warn(LOG, th, "Connection reset by peer");
                } else {
                    LOG.error("Throwable thrown, this should not happen!", th);
                }
                sendError(httpServletResponse, 500);
                httpServletResponse.flushBuffer();
            }
        } catch (Throwable th2) {
            httpServletResponse.flushBuffer();
            throw th2;
        }
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        OcspServer server = ServletHelper.getServer();
        if (server == null) {
            LOG.error("server in servlet not configured");
            sendError(httpServletResponse, 500);
            return;
        }
        String relativeRequestUri = StringUtil.getRelativeRequestUri(httpServletRequest.getServletPath(), httpServletRequest.getRequestURI());
        ResponderAndPath responderForPath = server.getResponderForPath(relativeRequestUri);
        if (responderForPath == null) {
            sendError(httpServletResponse, 404);
            return;
        }
        String servletPath = responderForPath.getServletPath();
        Responder responder = responderForPath.getResponder();
        if (!responder.supportsHttpGet()) {
            sendError(httpServletResponse, 405);
            return;
        }
        int length = servletPath.length();
        if (relativeRequestUri.length() - length <= 10) {
            sendError(httpServletResponse, 400);
            return;
        }
        if (relativeRequestUri.charAt(length) == '/') {
            length++;
        }
        String substring = relativeRequestUri.substring(length);
        try {
            try {
                if (substring.length() > responder.getMaxRequestSize()) {
                    sendError(httpServletResponse, 413);
                    httpServletResponse.flushBuffer();
                    return;
                }
                OcspRespWithCacheInfo answer = server.answer(responder, Base64.decode(substring), true);
                if (answer == null || answer.getResponse() == null) {
                    sendError(httpServletResponse, 500);
                    httpServletResponse.flushBuffer();
                    return;
                }
                byte[] response = answer.getResponse();
                OcspRespWithCacheInfo.ResponseCacheInfo cacheInfo = answer.getCacheInfo();
                if (cacheInfo != null) {
                    response = answer.getResponse();
                    httpServletResponse.addDateHeader("Date", System.currentTimeMillis());
                    httpServletResponse.addDateHeader("Last-Modified", cacheInfo.getThisUpdate());
                    if (cacheInfo.getNextUpdate() != null) {
                        httpServletResponse.addDateHeader("Expires", cacheInfo.getNextUpdate().longValue());
                    }
                    httpServletResponse.addHeader("ETag", StringUtil.concat("\"", new String[]{HashAlgo.SHA1.hexHash(response), "\""}));
                    long longValue = responder.getCacheMaxAge() != null ? responder.getCacheMaxAge().longValue() : 60L;
                    if (cacheInfo.getNextUpdate() != null) {
                        longValue = Math.min(longValue, (cacheInfo.getNextUpdate().longValue() - cacheInfo.getThisUpdate()) / 1000);
                    }
                    httpServletResponse.addHeader("Cache-Control", StringUtil.concat("max-age=", new String[]{Long.toString(longValue), ",public,no-transform,must-revalidate"}));
                }
                httpServletResponse.setContentLength(response.length);
                httpServletResponse.setContentType(CT_RESPONSE);
                httpServletResponse.getOutputStream().write(response);
                httpServletResponse.flushBuffer();
            } catch (Throwable th) {
                if (th instanceof EOFException) {
                    LogUtil.warn(LOG, th, "Connection reset by peer");
                } else {
                    LOG.error("Throwable thrown, this should not happen!", th);
                }
                sendError(httpServletResponse, 500);
                httpServletResponse.flushBuffer();
            }
        } catch (Throwable th2) {
            httpServletResponse.flushBuffer();
            throw th2;
        }
    }

    private static void sendError(HttpServletResponse httpServletResponse, int i) {
        httpServletResponse.setStatus(i);
        httpServletResponse.setContentLength(0);
    }
}
