package com.ibm.wps.command.xml;

import com.ibm.logging.Handler;
import com.ibm.portal.WpsException;
import com.ibm.portal.puma.PumaException;
import com.ibm.wcp.runtime.WCPConstants;
import com.ibm.wps.command.CommandException;
import com.ibm.wps.command.MissingAccessRightsException;
import com.ibm.wps.logging.LogManager;
import com.ibm.wps.logging.Logger;
import com.ibm.wps.puma.User;
import com.ibm.wps.puma.UserManager;
import com.ibm.wps.services.ServiceManager;
import com.ibm.wps.services.authentication.Authentication;
import com.ibm.wps.services.config.Config;
import com.ibm.wps.util.DataBackendException;
import com.ibm.wps.util.GeneralMessages;
import com.ibm.wps.util.MessageCode;
import com.ibm.wps.util.StringUtils;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.util.List;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletInputStream;
import javax.servlet.ServletOutputStream;
import javax.servlet.UnavailableException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.xml.sax.InputSource;

/* JADX WARN: Classes with same name are omitted:
  input_file:plugins/com.ibm.wps_4.2.0.1/wps.jar:com/ibm/wps/command/xml/XmlCommandServlet.class
 */
/* loaded from: input_file:plugins/com.ibm.wps_v5_5.0.2/wps.jar:com/ibm/wps/command/xml/XmlCommandServlet.class */
public class XmlCommandServlet extends HttpServlet {
    private static final String COPYRIGHT = "Licensed Materials - Property of IBM, 5724-E76 and 5724-E77, (C) Copyright IBM Corp. 2001, 2003 - All Rights reserved. US Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.";
    private static final Logger logger;
    public static String AUTH_HEADER;
    public static String ECHO_MODE_HEADER;
    static Class class$com$ibm$wps$command$xml$XmlCommandServlet;

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:plugins/com.ibm.wps_4.2.0.1/wps.jar:com/ibm/wps/command/xml/XmlCommandServlet$AuthorizationException.class
     */
    /* loaded from: input_file:plugins/com.ibm.wps_v5_5.0.2/wps.jar:com/ibm/wps/command/xml/XmlCommandServlet$AuthorizationException.class */
    public static class AuthorizationException extends WpsException {
        AuthorizationException(MessageCode messageCode, Object[] objArr, Throwable th) {
            super(messageCode, objArr, th);
        }

        AuthorizationException(MessageCode messageCode, Object[] objArr) {
            super(messageCode, objArr);
        }

        AuthorizationException(MessageCode messageCode) {
            super(messageCode);
        }
    }

    @Override // javax.servlet.GenericServlet, javax.servlet.Servlet
    public final void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        try {
            ServiceManager.init(servletConfig);
        } catch (Throwable th) {
            log("Initialization failed!", th);
            throw new UnavailableException("Initialization of one or more services failed.");
        }
    }

    @Override // javax.servlet.GenericServlet, javax.servlet.Servlet
    public final void destroy() {
        ServiceManager.destroy(getServletConfig());
    }

    @Override // javax.servlet.http.HttpServlet
    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (logger.isLogging(110)) {
            logger.entry(110, "doPost");
        }
        ServletOutputStream outputStream = httpServletResponse.getOutputStream();
        ServletInputStream inputStream = httpServletRequest.getInputStream();
        try {
            if (httpServletRequest.getHeader(ECHO_MODE_HEADER) != null) {
                if (logger.isLogging(102)) {
                    logger.message(102, "doPost", XmlCommandMessages.PROCESSING_ECHO_0, (Object[]) null);
                }
                echo(inputStream, outputStream);
            } else {
                process(inputStream, outputStream, httpServletRequest.getHeader(AUTH_HEADER));
            }
        } catch (MissingAccessRightsException e) {
            if (logger.isLogging(100)) {
                logger.message(100, "doPost", GeneralMessages.EXCEPTION_0, e);
            }
            writeException(outputStream, e);
        } catch (AuthorizationException e2) {
            if (logger.isLogging(100)) {
                logger.message(100, "doPost", GeneralMessages.EXCEPTION_0, e2);
            }
            writeException(outputStream, e2);
        } catch (Throwable th) {
            if (logger.isLogging(100)) {
                logger.message(100, "doPost", GeneralMessages.EXCEPTION_0, th);
            }
            writeException(outputStream, th);
        }
        if (logger.isLogging(110)) {
            logger.exit(110, "doPost");
        }
    }

    private void writeException(OutputStream outputStream, Throwable th) throws IOException {
        if (logger.isLogging(110)) {
            logger.entry(110, "writeException");
        }
        OutputStreamWriter outputStreamWriter = new OutputStreamWriter(outputStream, "UTF-8");
        outputStreamWriter.write("<?xml version=\"1.0\" encoding=\"UTF-8\" ?>");
        outputStreamWriter.write(StringUtils.lineSeparator);
        outputStreamWriter.write("<failure>");
        outputStreamWriter.write(StringUtils.lineSeparator);
        outputStreamWriter.write(th.toString());
        outputStreamWriter.write(StringUtils.lineSeparator);
        outputStreamWriter.write("</failure>");
        outputStreamWriter.write(StringUtils.lineSeparator);
        outputStream.flush();
        outputStreamWriter.flush();
        outputStreamWriter.close();
        if (logger.isLogging(110)) {
            logger.exit(110, "writeException");
        }
    }

    private void process(InputStream inputStream, OutputStream outputStream, String str) throws IOException, AuthorizationException, PumaException, DataBackendException, CommandException {
        User authenticate = authenticate(str);
        InputSource inputSource = new InputSource(new InputStreamReader(inputStream, "UTF-8"));
        OutputStreamWriter outputStreamWriter = new OutputStreamWriter(outputStream, "UTF-8");
        XmlCommand xmlCommand = new XmlCommand();
        xmlCommand.setUser(authenticate);
        xmlCommand.setInputSource(inputSource);
        xmlCommand.setOutputWriter(outputStreamWriter);
        xmlCommand.execute();
        outputStreamWriter.flush();
    }

    private void echo(InputStream inputStream, OutputStream outputStream) throws IOException {
        File createTempFile = File.createTempFile("XmlRequest", WCPConstants.XML_DOT_EXTENSION);
        if (logger.isLogging(102)) {
            logger.message(102, "echo", XmlCommandMessages.LOGGING_REQUEST_1, new Object[]{createTempFile.getAbsolutePath()});
        }
        FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
        byte[] bArr = new byte[Handler.DEFAULT_RETRY_INTERVAL];
        while (true) {
            int read = inputStream.read(bArr);
            if (read < 0) {
                outputStream.flush();
                fileOutputStream.close();
                return;
            } else {
                outputStream.write(bArr, 0, read);
                fileOutputStream.write(bArr, 0, read);
            }
        }
    }

    private User authenticate(String str) throws AuthorizationException, PumaException, DataBackendException {
        User user;
        if (logger.isLogging(111)) {
            logger.entry(111, "authenticate");
        }
        if (str == null) {
            throw new AuthorizationException(XmlCommandMessages.MISSING_AUTHHEADER_0);
        }
        int indexOf = str.indexOf(58);
        if (indexOf < 0) {
            throw new AuthorizationException(XmlCommandMessages.INVALID_AUTHHEADER_1, new Object[]{str});
        }
        String trim = str.substring(0, indexOf).trim();
        String trim2 = str.substring(indexOf + 1).trim();
        if (logger.isLogging(110)) {
            logger.text(110, "authenticate", "authenticating user {0}", new Object[]{trim});
        }
        Boolean bool = Config.getService().getBoolean("was.security.enabled");
        if (bool == null) {
            logger.message(101, "authenticate", XmlCommandMessages.SETTING_NOT_FOUND_ASSUMING_2, new Object[]{"was.security.enabled", "false"});
        }
        if (bool == null || !bool.booleanValue()) {
            if (logger.isLogging(111)) {
                logger.text(111, "authenticate", "WAS security not active -- skipping WAS authentication");
            }
            List findByAttribute = UserManager.instance().findByAttribute(trim);
            if (findByAttribute.size() == 0) {
                throw new AuthorizationException(XmlCommandMessages.USERID_NOT_FOUND_1, new Object[]{trim});
            }
            if (findByAttribute.size() > 1) {
                throw new AuthorizationException(XmlCommandMessages.USERID_NOT_UNIQUE_1, new Object[]{trim});
            }
            user = (User) findByAttribute.get(0);
            if (!user.verifyPassword(trim2)) {
                throw new AuthorizationException(XmlCommandMessages.INVALID_PASSWORD_1, new Object[]{trim});
            }
        } else {
            try {
                if (logger.isLogging(111)) {
                    logger.text(111, "authenticate", "Authenticating user {0} with WAS", new Object[]{trim});
                }
                Authentication.getService().doAppServerLogin(trim, trim2, null, null);
                List findByAttribute2 = UserManager.instance().findByAttribute(trim);
                if (findByAttribute2.size() == 0) {
                    throw new AuthorizationException(XmlCommandMessages.USERID_NOT_FOUND_1, new Object[]{trim});
                }
                if (findByAttribute2.size() > 1) {
                    throw new AuthorizationException(XmlCommandMessages.USERID_NOT_UNIQUE_1, new Object[]{trim});
                }
                user = (User) findByAttribute2.get(0);
            } catch (Exception e) {
                if (logger.isLogging(100)) {
                    logger.text(100, "authenticate", "Error during WAS authentication");
                    logger.message(100, "authenticate", GeneralMessages.EXCEPTION_0, e);
                }
                throw new AuthorizationException(XmlCommandMessages.AUTH_FAILED_1, new Object[]{trim});
            }
        }
        if (logger.isLogging(110)) {
            logger.text(110, "authenticate", "user {0} authenticated successfully", new Object[]{trim});
        }
        if (logger.isLogging(111)) {
            logger.exit(111, "authenticate");
        }
        return user;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        LogManager logManager = LogManager.getLogManager();
        if (class$com$ibm$wps$command$xml$XmlCommandServlet == null) {
            cls = class$("com.ibm.wps.command.xml.XmlCommandServlet");
            class$com$ibm$wps$command$xml$XmlCommandServlet = cls;
        } else {
            cls = class$com$ibm$wps$command$xml$XmlCommandServlet;
        }
        logger = logManager.getLogger(cls);
        AUTH_HEADER = "WPS-Authorization";
        ECHO_MODE_HEADER = "WPS-EchoMode";
    }
}
