package org.kawanfw.sql.servlet;

import java.io.File;
import java.io.IOException;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.sql.SQLException;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Objects;
import java.util.concurrent.ThreadPoolExecutor;
import javax.servlet.AsyncContext;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.SystemUtils;
import org.apache.tomcat.util.http.fileupload.FileUploadException;
import org.kawanfw.sql.api.server.auth.headers.RequestHeadersAuthenticator;
import org.kawanfw.sql.api.server.session.SessionConfigurator;
import org.kawanfw.sql.servlet.injection.classes.InjectedClassesManagerNew;
import org.kawanfw.sql.servlet.injection.classes.InjectedClassesStore;
import org.kawanfw.sql.servlet.injection.properties.ConfPropertiesStore;
import org.kawanfw.sql.servlet.injection.properties.PropertiesFileStore;
import org.kawanfw.sql.servlet.sql.json_return.ExceptionReturner;
import org.kawanfw.sql.servlet.sql.json_return.JsonErrorReturn;
import org.kawanfw.sql.servlet.sql.json_return.JsonOkReturn;
import org.kawanfw.sql.tomcat.TomcatSqlModeStore;
import org.kawanfw.sql.util.ConnectionParms;
import org.kawanfw.sql.util.FrameworkDebug;
import org.kawanfw.sql.util.IpUtil;
import org.kawanfw.sql.util.SqlTag;
import org.kawanfw.sql.util.TimestampUtil;
import org.kawanfw.sql.version.VersionWrapper;

/* loaded from: input_file:org/kawanfw/sql/servlet/ServerSqlManager.class */
public class ServerSqlManager extends HttpServlet {
    public static final String STATELESS_MODE = "statelessMode";
    public static final String DATABASE_CONFIGURATOR_CLASS_NAME = "databaseConfiguratorClassName";
    public static final String USER_AUTHENTICATOR_CLASS_NAME = "userAuthenticatorClassName";
    public static final String REQUEST_HEADERS_AUTHENTICATOR_CLASS_NAME = "requestHeadersAuthenticatorClassName";
    public static final String SQL_FIREWALL_MANAGER_CLASS_NAMES = "sqlFirewallManagerClassNames";
    public static final String SQL_FIREWALL_TRIGGER_CLASS_NAMES = "sqlFirewallTriggerClassNames";
    public static final String BLOB_DOWNLOAD_CONFIGURATOR_CLASS_NAME = "blobDownloadConfiguratorClassName";
    public static final String BLOB_UPLOAD_CONFIGURATOR_CLASS_NAME = "blobUploadConfiguratorClassName";
    public static final String SESSION_CONFIGURATOR_CLASS_NAME = "sessionConfiguratorClassName";
    public static final String JWT_SESSION_CONFIGURATOR_SECRET = "jwtSessionConfiguratorSecret";
    public static final String UPDATE_LISTENER_MANAGER_CLASS_NAMES = "updateListenerClassNames";
    private String propertiesFileStr;
    private static boolean DEBUG = FrameworkDebug.isSet(ServerSqlManager.class);
    public static String CR_LF = System.getProperty("line.separator");
    private static boolean INIT_DONE = false;

    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        INIT_DONE = false;
        this.propertiesFileStr = servletConfig.getInitParameter(ConnectionParms.PROPERTIES);
        if (!TomcatSqlModeStore.isTomcatEmbedded()) {
            System.out.println(String.valueOf(SqlTag.SQL_PRODUCT_INIT) + " " + TimestampUtil.getHumanTimestampNoMillisNow() + " Call the AceQL Servlet from a browser to display full start in Tomcat logs...");
            System.out.println();
        }
        if (this.propertiesFileStr == null) {
            this.propertiesFileStr = PropertiesFileStore.get().toString();
        }
        debug("propertiesFileStr: " + this.propertiesFileStr);
    }

    public void destroy() {
        ThreadPoolExecutor threadPoolExecutor;
        super.destroy();
        INIT_DONE = false;
        if (InjectedClassesStore.get() == null || InjectedClassesStore.get().getThreadPoolExecutor() == null || (threadPoolExecutor = InjectedClassesStore.get().getThreadPoolExecutor()) == null) {
            return;
        }
        try {
            threadPoolExecutor.shutdown();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        createClassesSynchronized(this.propertiesFileStr);
        final AsyncContext startAsync = httpServletRequest.startAsync();
        startAsync.setTimeout(0L);
        startAsync.addListener(new ServerAsyncListener());
        ThreadPoolExecutor threadPoolExecutor = InjectedClassesStore.get().getThreadPoolExecutor();
        Objects.requireNonNull(threadPoolExecutor, "threadPoolExecutor cannot be null!");
        threadPoolExecutor.execute(new Runnable() { // from class: org.kawanfw.sql.servlet.ServerSqlManager.1
            @Override // java.lang.Runnable
            public void run() {
                try {
                    ServerSqlManager.this.handleRequestWrapper(startAsync.getRequest(), startAsync.getResponse());
                } finally {
                    startAsync.complete();
                }
            }
        });
    }

    public static synchronized void createClassesSynchronized(String str) throws ServletException, IOException {
        if (INIT_DONE) {
            return;
        }
        INIT_DONE = true;
        new InjectedClassesManagerNew().createClasses(str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void handleRequestWrapper(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        OutputStream outputStream = null;
        try {
            outputStream = httpServletResponse.getOutputStream();
            handleRequest(httpServletRequest, httpServletResponse, outputStream);
        } catch (Throwable th) {
            try {
                new PrivateTmpLogger(th).log();
                ExceptionReturner.logAndReturnException(httpServletRequest, httpServletResponse, outputStream, th);
            } catch (IOException e) {
                e.printStackTrace(System.out);
            }
        }
    }

    private void handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, OutputStream outputStream) throws UnsupportedEncodingException, IOException, SQLException, FileUploadException {
        httpServletRequest.setCharacterEncoding("UTF-8");
        debug("after RequestInfoStore.init(request);");
        debug(IpUtil.getRemoteAddr(httpServletRequest));
        HttpServletRequest httpServletRequestHolder = new HttpServletRequestHolder(httpServletRequest);
        ServerSqlDispatch serverSqlDispatch = new ServerSqlDispatch();
        debug("before dispatch.executeRequest()");
        debug("servlet Path : " + httpServletRequest.getServletPath());
        debug("getRequestURI: " + httpServletRequest.getRequestURI());
        String servletPath = httpServletRequest.getServletPath();
        String requestURI = httpServletRequest.getRequestURI();
        String servletCallName = ConfPropertiesStore.get().getServletCallName();
        if (checkRequestStartsWithAceqlServlet(httpServletResponse, outputStream, servletPath, requestURI, servletCallName) && !getVersion(outputStream, requestURI, servletCallName)) {
            try {
                ServletPathAnalyzer servletPathAnalyzer = new ServletPathAnalyzer(requestURI, servletCallName);
                String action = servletPathAnalyzer.getAction();
                String actionValue = servletPathAnalyzer.getActionValue();
                String database = servletPathAnalyzer.getDatabase();
                String username = servletPathAnalyzer.getUsername();
                String session = servletPathAnalyzer.getSession();
                String connection = servletPathAnalyzer.getConnection();
                if (validateHeaders(httpServletRequest, httpServletResponse, outputStream)) {
                    if (username == null && database == null) {
                        if (!checkSessionIsVerified(httpServletResponse, outputStream, session)) {
                            return;
                        }
                        SessionConfigurator sessionConfigurator = InjectedClassesStore.get().getSessionConfigurator();
                        username = sessionConfigurator.getUsername(session);
                        database = sessionConfigurator.getDatabase(session);
                        if (!checkUsernameAndDatabase(httpServletResponse, outputStream, database, username)) {
                            return;
                        }
                    }
                    debugValues(database, username, session, connection, action, actionValue);
                    httpServletRequestHolder.setParameter(HttpParameter.ACTION, action);
                    httpServletRequestHolder.setParameter(HttpParameter.ACTION_VALUE, actionValue);
                    httpServletRequestHolder.setParameter(HttpParameter.SESSION_ID, session);
                    httpServletRequestHolder.setParameter(HttpParameter.CONNECTION_ID, connection);
                    httpServletRequestHolder.setParameter(HttpParameter.USERNAME, username);
                    httpServletRequestHolder.setParameter(HttpParameter.DATABASE, database);
                    testThrowException();
                    serverSqlDispatch.executeRequestInTryCatch(httpServletRequestHolder, httpServletResponse, outputStream);
                }
            } catch (Exception e) {
                writeLine(outputStream, new JsonErrorReturn(httpServletResponse, 400, 2, e.getMessage()).build());
            }
        }
    }

    private boolean validateHeaders(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, OutputStream outputStream) throws IOException {
        RequestHeadersAuthenticator requestHeadersAuthenticator = InjectedClassesStore.get().getRequestHeadersAuthenticator();
        if (requestHeadersAuthenticator == null) {
            return true;
        }
        HashMap hashMap = new HashMap();
        Enumeration headerNames = httpServletRequest.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String str = (String) headerNames.nextElement();
            hashMap.put(str, httpServletRequest.getHeader(str));
        }
        boolean validate = requestHeadersAuthenticator.validate(hashMap);
        if (validate) {
            return validate;
        }
        writeLine(outputStream, new JsonErrorReturn(httpServletResponse, 401, 2, JsonErrorReturn.INVALID_SESSION_ID).build());
        return false;
    }

    private void debugValues(String str, String str2, String str3, String str4, String str5, String str6) {
        debug("");
        debug("action      : " + str5);
        debug("actionValue : " + str6);
        debug("username    : " + str2);
        debug("sessionId   : " + str3);
        debug("connectionId: " + str4);
        debug("database    : " + str);
    }

    private boolean checkUsernameAndDatabase(HttpServletResponse httpServletResponse, OutputStream outputStream, String str, String str2) throws IOException {
        if (str2 != null && str != null) {
            return true;
        }
        writeLine(outputStream, new JsonErrorReturn(httpServletResponse, 401, 2, JsonErrorReturn.INVALID_SESSION_ID).build());
        return false;
    }

    private boolean checkSessionIsVerified(HttpServletResponse httpServletResponse, OutputStream outputStream, String str) throws IOException {
        boolean verifySessionId = InjectedClassesStore.get().getSessionConfigurator().verifySessionId(str);
        if (!verifySessionId) {
            writeLine(outputStream, new JsonErrorReturn(httpServletResponse, 401, 2, JsonErrorReturn.INVALID_SESSION_ID).build());
        }
        return verifySessionId;
    }

    private boolean getVersion(OutputStream outputStream, String str, String str2) throws IOException {
        if (!str.endsWith("/" + str2) && !str.endsWith("/" + str2 + "/")) {
            return false;
        }
        writeLine(outputStream, JsonOkReturn.build("version", VersionWrapper.getServerVersion()));
        return true;
    }

    private boolean checkRequestStartsWithAceqlServlet(HttpServletResponse httpServletResponse, OutputStream outputStream, String str, String str2, String str3) throws IOException {
        if (str2.startsWith("/" + str3) || str.startsWith("/" + str3)) {
            return true;
        }
        if (str2.equals("/")) {
            writeLine(outputStream, new JsonErrorReturn(httpServletResponse, 400, 2, JsonErrorReturn.ACEQL_SERVLET_NOT_FOUND_IN_PATH + str3).build());
            return false;
        }
        writeLine(outputStream, new JsonErrorReturn(httpServletResponse, 400, 2, JsonErrorReturn.UNKNOWN_SERVLET + str2.substring(1)).build());
        return false;
    }

    public static void testThrowException() {
        if (new File(String.valueOf(SystemUtils.USER_HOME) + File.separator + ".kawansoft" + File.separator + "throw_exception.txt").exists()) {
            throw new IllegalArgumentException("Exception thrown because user.home/.kawansoft/throw_exception.txt exists!");
        }
    }

    public static void write(OutputStream outputStream, String str) throws IOException {
        outputStream.write((String.valueOf(str) + CR_LF).getBytes("UTF-8"));
    }

    public static void writeLine(OutputStream outputStream) throws IOException {
        outputStream.write(CR_LF.getBytes("UTF-8"));
    }

    public static void writeLine(OutputStream outputStream, String str) throws IOException {
        outputStream.write((String.valueOf(str) + CR_LF).getBytes("UTF-8"));
    }

    public static void debug(String str) {
        if (DEBUG) {
            System.out.println(new Date() + " " + ServerSqlManager.class.getSimpleName() + " " + str);
        }
    }
}
