package org.exist.atom.http;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.URI;
import java.net.URL;
import java.security.Principal;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.commons.configuration.tree.DefaultExpressionEngine;
import org.apache.log4j.Logger;
import org.exist.EXistException;
import org.exist.atom.AtomModule;
import org.exist.atom.modules.AtomFeeds;
import org.exist.atom.modules.AtomProtocol;
import org.exist.atom.modules.Query;
import org.exist.http.BadRequestException;
import org.exist.http.NotFoundException;
import org.exist.http.servlets.Authenticator;
import org.exist.http.servlets.BasicAuthenticator;
import org.exist.jsp.CollectionTag;
import org.exist.security.PermissionDeniedException;
import org.exist.security.User;
import org.exist.security.XmldbPrincipal;
import org.exist.storage.BrokerPool;
import org.exist.storage.DBBroker;
import org.exist.util.Configuration;
import org.exist.util.DatabaseConfigurationException;
import org.exist.validation.XmlLibraryChecker;
import org.exist.xmldb.DatabaseImpl;
import org.quartz.impl.jdbcjobstore.Constants;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
import org.xmldb.api.DatabaseManager;
import org.xmldb.api.base.Database;
import org.xmldb.api.base.XMLDBException;

/* loaded from: input_file:WEB-INF/lib/exist-1.2.4.jar:org/exist/atom/http/AtomServlet.class */
public class AtomServlet extends HttpServlet {
    public static final String DEFAULT_ENCODING = "UTF-8";
    public static final String CONF_NS = "http://www.exist-db.org/Vocabulary/AtomConfiguration/2006/1/0";
    protected static final Logger LOG;
    private Map modules;
    private Map noAuth;
    private String formEncoding = null;
    private BrokerPool pool = null;
    private String defaultUsername = "guest";
    private String defaultPassword = "guest";
    private Authenticator authenticator;
    private User defaultUser;
    static Class class$org$exist$atom$http$AtomServlet;
    static Class class$org$exist$atom$Atom;

    /* loaded from: input_file:WEB-INF/lib/exist-1.2.4.jar:org/exist/atom/http/AtomServlet$ModuleContext.class */
    class ModuleContext implements AtomModule.Context {
        ServletConfig config;
        String moduleLoadPath;
        private final AtomServlet this$0;

        ModuleContext(AtomServlet atomServlet, ServletConfig servletConfig, String str, String str2) {
            this.this$0 = atomServlet;
            this.config = servletConfig;
            this.moduleLoadPath = str2;
        }

        @Override // org.exist.atom.AtomModule.Context
        public String getDefaultCharset() {
            return this.this$0.formEncoding;
        }

        @Override // org.exist.atom.AtomModule.Context
        public String getParameter(String str) {
            return this.config.getInitParameter(str);
        }

        @Override // org.exist.atom.AtomModule.Context
        public String getContextPath() {
            return null;
        }

        @Override // org.exist.atom.AtomModule.Context
        public URL getContextURL() {
            return null;
        }

        @Override // org.exist.atom.AtomModule.Context
        public String getModuleLoadPath() {
            return this.moduleLoadPath;
        }
    }

    /* loaded from: input_file:WEB-INF/lib/exist-1.2.4.jar:org/exist/atom/http/AtomServlet$UserXmldbPrincipal.class */
    static class UserXmldbPrincipal implements XmldbPrincipal {
        int authMethod;
        User user;

        UserXmldbPrincipal(int i, User user) {
            this.authMethod = i;
            this.user = user;
        }

        @Override // org.exist.security.XmldbPrincipal, java.security.Principal
        public String getName() {
            return this.user.getName();
        }

        @Override // org.exist.security.XmldbPrincipal
        public String getPassword() {
            return this.authMethod == 0 ? this.user.getPassword() : this.user.getDigestPassword();
        }

        @Override // org.exist.security.XmldbPrincipal
        public boolean hasRole(String str) {
            return this.user.hasGroup(str);
        }
    }

    @Override // javax.servlet.GenericServlet, javax.servlet.Servlet
    public void init(ServletConfig servletConfig) throws ServletException {
        URL url;
        Class cls;
        Class cls2;
        super.init(servletConfig);
        try {
            if (BrokerPool.isConfigured()) {
                LOG.debug("Database already started. Skipping configuration ...");
            } else {
                String initParameter = servletConfig.getInitParameter("configuration");
                String initParameter2 = servletConfig.getInitParameter("basedir");
                String initParameter3 = servletConfig.getInitParameter("start");
                if (initParameter == null) {
                    initParameter = DatabaseImpl.CONF_XML;
                }
                String realPath = initParameter2 == null ? servletConfig.getServletContext().getRealPath(".") : servletConfig.getServletContext().getRealPath(initParameter2);
                LOG.debug(new StringBuffer().append("AtomServlet: exist.home=").append(realPath).toString());
                File file = new File(new StringBuffer().append(realPath).append(File.separator).append(initParameter).toString());
                LOG.debug(new StringBuffer().append("reading configuration from ").append(file.getAbsolutePath()).toString());
                if (!file.canRead()) {
                    throw new ServletException(new StringBuffer().append("configuration file ").append(initParameter).append(" not found or not readable").toString());
                }
                Configuration configuration = new Configuration(initParameter, realPath);
                if (initParameter3 != null && initParameter3.equals("true")) {
                    startup(configuration);
                }
            }
            this.pool = BrokerPool.getInstance();
            String initParameter4 = servletConfig.getInitParameter("use-default-user");
            if (initParameter4 != null ? initParameter4.trim().equals("true") : true) {
                String initParameter5 = servletConfig.getInitParameter("user");
                if (initParameter5 != null) {
                    this.defaultUsername = initParameter5;
                }
                String initParameter6 = servletConfig.getInitParameter("password");
                if (initParameter6 != null) {
                    this.defaultPassword = initParameter6;
                }
                this.defaultUser = getDefaultUser();
                if (this.defaultUser != null) {
                    LOG.info(new StringBuffer().append("Using default user ").append(this.defaultUsername).append(" for all unauthorized requests.").toString());
                } else {
                    LOG.error(new StringBuffer().append("Default user ").append(this.defaultUsername).append(" cannot be found.  A BASIC AUTH challenge will be the default.").toString());
                }
            } else {
                LOG.info("No default user.  All requires must be authorized or will result in a BASIC AUTH challenge.");
                this.defaultUser = null;
            }
            this.authenticator = new BasicAuthenticator(this.pool);
            this.formEncoding = servletConfig.getInitParameter("form-encoding");
            if (this.formEncoding == null) {
                this.formEncoding = "UTF-8";
            }
            if (servletConfig.getInitParameter("container-encoding") == null) {
            }
            this.modules = new HashMap();
            this.noAuth = new HashMap();
            String initParameter7 = servletConfig.getInitParameter("config-file");
            File existHome = this.pool.getConfiguration().getExistHome();
            File file2 = initParameter7 == null ? new File(existHome, "atom-services.xml") : new File(servletConfig.getServletContext().getRealPath(initParameter7));
            servletConfig.getServletContext().log(new StringBuffer().append("Checking for atom configuration in ").append(file2.getAbsolutePath()).toString());
            if (file2.exists()) {
                servletConfig.getServletContext().log(new StringBuffer().append("Loading configuration ").append(file2.getAbsolutePath()).toString());
                DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
                newInstance.setNamespaceAware(true);
                InputStream inputStream = null;
                try {
                    try {
                        try {
                            FileInputStream fileInputStream = new FileInputStream(file2);
                            InputSource inputSource = new InputSource(new InputStreamReader(fileInputStream, this.formEncoding));
                            URI uri = file2.toURI();
                            inputSource.setSystemId(uri.toString());
                            Document parse = newInstance.newDocumentBuilder().parse(inputSource);
                            parse.getDocumentElement();
                            NodeList elementsByTagNameNS = parse.getElementsByTagNameNS(CONF_NS, "module");
                            for (int i = 0; i < elementsByTagNameNS.getLength(); i++) {
                                Element element = (Element) elementsByTagNameNS.item(i);
                                String attribute = element.getAttribute("name");
                                if (this.modules.get(attribute) != null) {
                                    throw new ServletException(new StringBuffer().append("Module '").append(attribute).append("' is configured more than once ( child # ").append(i + 1).toString());
                                }
                                if ("false".equals(element.getAttribute("authenticate"))) {
                                    this.noAuth.put(attribute, Boolean.TRUE);
                                }
                                String attribute2 = element.getAttribute("class");
                                if (attribute2 == null || attribute2.length() <= 0) {
                                    Query query = new Query();
                                    this.modules.put(attribute, query);
                                    if ("true".equals(element.getAttribute("query-by-post"))) {
                                        query.setQueryByPost(true);
                                    }
                                    NodeList elementsByTagNameNS2 = element.getElementsByTagNameNS(CONF_NS, "method");
                                    for (int i2 = 0; i2 < elementsByTagNameNS2.getLength(); i2++) {
                                        Element element2 = (Element) elementsByTagNameNS2.item(i2);
                                        String attribute3 = element2.getAttribute("type");
                                        if (attribute3 == null) {
                                            LOG.warn(new StringBuffer().append("No type specified for method in module ").append(attribute).toString());
                                        } else {
                                            String attribute4 = element2.getAttribute("query");
                                            if (attribute4 == null) {
                                                LOG.warn(new StringBuffer().append("No query specified for method ").append(attribute3).append(" in module ").append(attribute).toString());
                                            } else {
                                                boolean equals = "true".equals(element2.getAttribute("from-classpath"));
                                                Query.MethodConfiguration methodConfiguration = query.getMethodConfiguration(attribute3);
                                                if (methodConfiguration == null) {
                                                    LOG.warn(new StringBuffer().append("Unknown method ").append(attribute3).append(" in module ").append(attribute).toString());
                                                } else {
                                                    String attribute5 = element2.getAttribute("content-type");
                                                    if (attribute5 != null && attribute5.trim().length() != 0) {
                                                        methodConfiguration.setContentType(attribute5);
                                                    }
                                                    if (equals) {
                                                        Logger logger = LOG;
                                                        StringBuffer append = new StringBuffer().append("Nope. Attempting to get resource ").append(attribute4).append(" from ");
                                                        if (class$org$exist$atom$Atom == null) {
                                                            cls = class$("org.exist.atom.Atom");
                                                            class$org$exist$atom$Atom = cls;
                                                        } else {
                                                            cls = class$org$exist$atom$Atom;
                                                        }
                                                        logger.debug(append.append(cls.getName()).toString());
                                                        if (class$org$exist$atom$Atom == null) {
                                                            cls2 = class$("org.exist.atom.Atom");
                                                            class$org$exist$atom$Atom = cls2;
                                                        } else {
                                                            cls2 = class$org$exist$atom$Atom;
                                                        }
                                                        url = cls2.getResource(attribute4);
                                                    } else {
                                                        url = uri.resolve(attribute4).toURL();
                                                    }
                                                    LOG.debug(new StringBuffer().append("Loading from module ").append(attribute).append(" method ").append(attribute3).append(" from resource ").append(url).append(" via classpath(").append(equals).append(") and ref (").append(attribute4).append(DefaultExpressionEngine.DEFAULT_INDEX_END).toString());
                                                    if (url == null) {
                                                        throw new ServletException(new StringBuffer().append("Cannot find resource ").append(attribute4).append(" for module ").append(attribute).toString());
                                                    }
                                                    methodConfiguration.setQuerySource(url);
                                                }
                                            }
                                        }
                                    }
                                    query.init(new ModuleContext(this, servletConfig, attribute, file2.getParent()));
                                } else {
                                    try {
                                        AtomModule atomModule = (AtomModule) Class.forName(attribute2).newInstance();
                                        this.modules.put(attribute, atomModule);
                                        atomModule.init(new ModuleContext(this, servletConfig, attribute, file2.getParent()));
                                    } catch (Exception e) {
                                        throw new ServletException(new StringBuffer().append("Cannot instantiate class ").append(attribute2).append(" for module '").append(attribute).append("' due to exception: ").append(e.getMessage()).toString(), e);
                                    }
                                }
                            }
                            if (fileInputStream != null) {
                                try {
                                    fileInputStream.close();
                                } catch (IOException e2) {
                                }
                            }
                        } catch (Throwable th) {
                            if (0 != 0) {
                                try {
                                    inputStream.close();
                                } catch (IOException e3) {
                                }
                            }
                            throw th;
                        }
                    } catch (ParserConfigurationException e4) {
                        LOG.warn(e4);
                        throw new ServletException(e4.getMessage());
                    } catch (SAXException e5) {
                        LOG.warn(e5);
                        throw new ServletException(e5.getMessage());
                    }
                } catch (IOException e6) {
                    LOG.warn(e6);
                    throw new ServletException(e6.getMessage());
                } catch (EXistException e7) {
                    LOG.warn(e7);
                    throw new ServletException(e7.getMessage());
                }
            } else {
                try {
                    AtomProtocol atomProtocol = new AtomProtocol();
                    this.modules.put("edit", atomProtocol);
                    atomProtocol.init(new ModuleContext(this, servletConfig, "edit", existHome.getAbsolutePath()));
                    AtomFeeds atomFeeds = new AtomFeeds();
                    this.modules.put("content", atomFeeds);
                    atomFeeds.init(new ModuleContext(this, servletConfig, "content", existHome.getAbsolutePath()));
                    Query query2 = new Query();
                    query2.setQueryByPost(true);
                    this.modules.put("query", query2);
                    query2.init(new ModuleContext(this, servletConfig, "query", existHome.getAbsolutePath()));
                    Query query3 = new Query();
                    this.modules.put("topic", query3);
                    query3.getMethodConfiguration("GET").setQuerySource(query3.getClass().getResource("topic.xq"));
                    query3.init(new ModuleContext(this, servletConfig, "topic", existHome.getAbsolutePath()));
                    Query query4 = new Query();
                    this.modules.put("introspect", query4);
                    query4.getMethodConfiguration("GET").setQuerySource(query4.getClass().getResource("introspect.xq"));
                    query4.init(new ModuleContext(this, servletConfig, "introspect", existHome.getAbsolutePath()));
                } catch (EXistException e8) {
                    throw new ServletException(new StringBuffer().append("Exception during module init(): ").append(e8.getMessage()).toString(), e8);
                }
            }
            XmlLibraryChecker.check();
        } catch (EXistException e9) {
            throw new ServletException("No database instance available");
        } catch (DatabaseConfigurationException e10) {
            throw new ServletException(new StringBuffer().append("Unable to configure database instance: ").append(e10.getMessage()).toString(), e10);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.servlet.http.HttpServlet
    public void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException {
        DBBroker dBBroker;
        try {
            String pathInfo = httpServletRequest.getPathInfo();
            if (pathInfo == null) {
                httpServletResponse.sendError(400, "URL has no extra path information specified.");
                return;
            }
            int indexOf = pathInfo.indexOf(47, 1);
            if (indexOf < 0 && pathInfo.length() == 1) {
                httpServletResponse.sendError(400, "Module not specified.");
                return;
            }
            String substring = indexOf < 0 ? pathInfo.substring(1) : pathInfo.substring(1, indexOf);
            String substring2 = indexOf < 0 ? "" : pathInfo.substring(indexOf);
            AtomModule atomModule = (AtomModule) this.modules.get(substring);
            if (atomModule == null) {
                httpServletResponse.sendError(400, new StringBuffer().append("Module ").append(substring).append(" not found.").toString());
                return;
            }
            User user = null;
            if (this.noAuth.get(substring) == null) {
                user = authenticate(httpServletRequest, httpServletResponse);
                if (user == null) {
                    return;
                }
            }
            try {
                new HttpServletRequestWrapper(this, httpServletRequest, new UserXmldbPrincipal(0, user)) { // from class: org.exist.atom.http.AtomServlet.1
                    private final Principal val$principal;
                    private final AtomServlet this$0;

                    {
                        this.this$0 = this;
                        this.val$principal = r6;
                    }

                    @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
                    public Principal getUserPrincipal() {
                        return this.val$principal;
                    }
                };
                dBBroker = null;
                try {
                    try {
                        try {
                            try {
                                dBBroker = this.pool.get(user);
                                atomModule.process(dBBroker, new HttpRequestMessage(httpServletRequest, substring2, new StringBuffer().append('/').append(substring).toString()), new HttpResponseMessage(httpServletResponse));
                                this.pool.release(dBBroker);
                            } catch (BadRequestException e) {
                                LOG.info(new StringBuffer().append("Bad request throw from module ").append(substring).toString(), e);
                                httpServletResponse.sendError(400, e.getMessage());
                                this.pool.release(dBBroker);
                            }
                        } catch (PermissionDeniedException e2) {
                            LOG.info(new StringBuffer().append("Permission denied to ").append(substring2).append(" by ").append(substring).append(" for ").append(user.getName()).toString(), e2);
                            httpServletResponse.sendError(401, e2.getMessage());
                            this.pool.release(dBBroker);
                        }
                    } catch (EXistException e3) {
                        LOG.fatal(new StringBuffer().append("Exception getting broker from pool for user ").append(user.getName()).toString(), e3);
                        httpServletResponse.sendError(500, "Service is not available.");
                        this.pool.release(dBBroker);
                    }
                } catch (NotFoundException e4) {
                    LOG.info(new StringBuffer().append("Resource ").append(substring2).append(" not found by ").append(substring).toString(), e4);
                    httpServletResponse.sendError(404, e4.getMessage());
                    this.pool.release(dBBroker);
                }
            } catch (Throwable th) {
                this.pool.release(dBBroker);
                throw th;
            }
        } catch (IOException e5) {
            LOG.fatal("I/O exception on request.", e5);
            try {
                httpServletResponse.sendError(500, "Service is not available.");
            } catch (IOException e6) {
                LOG.fatal("Cannot return 500 on exception.", e5);
            }
        }
    }

    @Override // javax.servlet.GenericServlet, javax.servlet.Servlet, javax.servlet.Filter
    public void destroy() {
        super.destroy();
        BrokerPool.stopAll(false);
    }

    private User authenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Principal userPrincipal = httpServletRequest.getUserPrincipal();
        if (userPrincipal instanceof XmldbPrincipal) {
            String name = ((XmldbPrincipal) userPrincipal).getName();
            String password = ((XmldbPrincipal) userPrincipal).getPassword();
            LOG.info(new StringBuffer().append("Validating Principle: ").append(userPrincipal.getName()).toString());
            User user = this.pool.getSecurityManager().getUser(name);
            if (user != null) {
                if (password.equalsIgnoreCase(user.getPassword())) {
                    LOG.info(new StringBuffer().append("Valid User: ").append(user.getName()).toString());
                    return user;
                }
                LOG.info(new StringBuffer().append("Password invalid for user: ").append(name).toString());
                LOG.info(new StringBuffer().append("User not found: ").append(userPrincipal.getName()).toString());
            }
        }
        return (httpServletRequest.getHeader("Authorization") != null || this.defaultUser == null) ? this.authenticator.authenticate(httpServletRequest, httpServletResponse) : this.defaultUser;
    }

    private User getDefaultUser() {
        if (this.defaultUsername == null) {
            return null;
        }
        User user = this.pool.getSecurityManager().getUser(this.defaultUsername);
        if (user == null || user.validate(this.defaultPassword)) {
            return user;
        }
        return null;
    }

    private void startup(Configuration configuration) throws ServletException {
        if (configuration == null) {
            throw new ServletException("database has not been configured");
        }
        LOG.info("configuring eXist instance");
        try {
            if (!BrokerPool.isConfigured()) {
                BrokerPool.configure(1, 5, configuration);
            }
            try {
                LOG.info("registering XMLDB driver");
                DatabaseManager.registerDatabase((Database) Class.forName(CollectionTag.DRIVER).newInstance());
            } catch (ClassNotFoundException e) {
                LOG.info(Constants.STATE_ERROR, e);
            } catch (IllegalAccessException e2) {
                LOG.info(Constants.STATE_ERROR, e2);
            } catch (InstantiationException e3) {
                LOG.info(Constants.STATE_ERROR, e3);
            } catch (XMLDBException e4) {
                LOG.info(Constants.STATE_ERROR, e4);
            }
        } catch (EXistException e5) {
            throw new ServletException(e5.getMessage());
        } catch (DatabaseConfigurationException e6) {
            throw new ServletException(e6.getMessage());
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$exist$atom$http$AtomServlet == null) {
            cls = class$("org.exist.atom.http.AtomServlet");
            class$org$exist$atom$http$AtomServlet = cls;
        } else {
            cls = class$org$exist$atom$http$AtomServlet;
        }
        LOG = Logger.getLogger(cls);
    }
}
