package com.collaxa.cube.ws.http;

import com.collaxa.common.util.CXStringUtils;
import com.collaxa.cube.CubeSecurityResources;
import com.collaxa.cube.util.CXPasswordUtils;
import com.collaxa.cube.ws.WSLogger;
import com.oracle.bpel.client.BPELFault;
import com.oracle.bpel.client.IBPELProcessHandle;
import com.oracle.bpel.client.Locator;
import com.oracle.bpel.client.NormalizedMessage;
import com.oracle.bpel.client.ServerException;
import com.oracle.bpel.client.auth.DomainAuth;
import com.oracle.bpel.client.auth.DomainAuthFactory;
import com.oracle.bpel.client.delivery.IDeliveryService;
import com.oracle.bpel.client.util.ProcessUtils;
import com.oracle.bpel.security.BPELPrincipal;
import com.oracle.bpel.security.BPELProcessValidator;
import com.oracle.bpel.security.util.SecurityUtils;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.PrintWriter;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.rmi.RemoteException;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.security.auth.Subject;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import sun.misc.BASE64Decoder;

/* loaded from: input_file:com/collaxa/cube/ws/http/HttpBindingServlet.class */
public class HttpBindingServlet extends HttpServlet {
    private static final String BPEL_USER = "bpelUser";
    private static final String BPEL_CRED = "bpelCredential";
    private static final String BASIC_AUTHENTICATION = "Authentication";
    DomainAuth mDomainAuth = null;

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        String str;
        NormalizedMessage normalizedMessage = new NormalizedMessage();
        NormalizedMessage constructBaseMsg = constructBaseMsg(populateHeader(normalizedMessage, httpServletRequest), checkSecurity(httpServletRequest));
        BufferedReader reader = httpServletRequest.getReader();
        String str2 = "";
        while (true) {
            str = str2;
            String readLine = reader.readLine();
            if (readLine == null) {
                break;
            } else {
                str2 = new StringBuffer(String.valueOf(str)).append(readLine).toString();
            }
        }
        reader.close();
        if (httpServletRequest.getContentType().startsWith("application/x-www-form-urlencoded")) {
            HashMap splitToMap = CXStringUtils.splitToMap(str, '&');
            splitToMap.remove("Submit");
            constructBaseMsg.setPayload(splitToMap);
        } else {
            constructBaseMsg.setPayload(str);
        }
        call(httpServletRequest, httpServletResponse, constructBaseMsg);
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        NormalizedMessage normalizedMessage = new NormalizedMessage();
        NormalizedMessage constructBaseMsg = constructBaseMsg(populateHeader(normalizedMessage, httpServletRequest), checkSecurity(httpServletRequest));
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            constructBaseMsg.addPart(str, new StringBuffer("<").append(str).append(">").append(httpServletRequest.getParameter(str)).append("</").append(str).append(">").toString());
        }
        call(httpServletRequest, httpServletResponse, constructBaseMsg);
    }

    protected void call(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, NormalizedMessage normalizedMessage) throws IOException, ServletException {
        ArrayList split = CXStringUtils.split(CXStringUtils.removeFromStart(httpServletRequest.getRequestURI(), "/"), '/');
        String str = (String) split.get(1);
        String str2 = (String) split.get(2);
        String str3 = (String) split.get(3);
        String str4 = null;
        if (split.size() > 4) {
            str4 = (String) split.get(4);
        }
        try {
            Locator locator = new Locator(getDomainAuth(str));
            IBPELProcessHandle lookupProcess = locator.lookupProcess(str2);
            IDeliveryService lookupService = locator.lookupService("LocalDeliveryService");
            if (str4 != null) {
                new HashMap().put("conversationId", str4);
            }
            if (ProcessUtils.isOneWayOperation(lookupProcess.getOperationType(str3))) {
                lookupService.post(str2, str3, normalizedMessage);
            } else {
                String str5 = "";
                httpServletResponse.setContentType("text/xml; charset=UTF-8");
                PrintWriter writer = httpServletResponse.getWriter();
                try {
                    NormalizedMessage request = lookupService.request(str2, str3, normalizedMessage);
                    if (request != null && request.getPayload() != null) {
                        Map payload = request.getPayload();
                        Iterator it = payload.keySet().iterator();
                        while (it.hasNext()) {
                            str5 = new StringBuffer(String.valueOf(str5)).append(String.valueOf(payload.get((String) it.next()))).toString();
                        }
                    }
                } catch (RemoteException e) {
                    BPELFault cause = e.getCause();
                    if (cause != null && (cause instanceof BPELFault)) {
                        BPELFault bPELFault = cause;
                        Iterator it2 = bPELFault.getParts().keySet().iterator();
                        while (it2.hasNext()) {
                            str5 = new StringBuffer(String.valueOf(str5)).append(String.valueOf(bPELFault.getParts().get((String) it2.next()))).toString();
                        }
                    }
                }
                writer.print(str5);
                writer.close();
            }
        } catch (Exception e2) {
            httpServletResponse.sendError(500, e2.getMessage());
            throw new ServletException(e2.getMessage());
        }
    }

    protected DomainAuth getDomainAuth(String str) throws Exception {
        if (this.mDomainAuth == null) {
            this.mDomainAuth = DomainAuthFactory.authenticate(str, CXPasswordUtils.decrypt("CRYPT{pl3HzAqgzGMqnYt1uPZFjw==}"), (String) null);
        }
        return this.mDomainAuth;
    }

    private Subject checkSecurity(HttpServletRequest httpServletRequest) throws ServletException {
        boolean z = true;
        String header = httpServletRequest.getHeader(BASIC_AUTHENTICATION);
        String str = null;
        String str2 = null;
        if (header != null) {
            String decodeBasicSecurity = decodeBasicSecurity(header);
            int indexOf = decodeBasicSecurity.indexOf(":");
            if (indexOf < 0) {
                throw new ServletException(CubeSecurityResources.getString("BPEL_CUBE_SEC_HTTP_decode_error"));
            }
            str = decodeBasicSecurity.substring(0, indexOf);
            str2 = decodeBasicSecurity.substring(indexOf + 1, decodeBasicSecurity.length());
            WSLogger.debug(new StringBuffer("user [").append(str).append("] pw [").append(str2).append("]").toString());
        }
        if (str == null) {
            WSLogger.debug("No basic auth found .. trying base header");
            str = httpServletRequest.getHeader(BPEL_USER);
        }
        WSLogger.debug(new StringBuffer("Searched for bpelUser in the Header [").append(str).append("]").toString());
        if (str == null) {
            WSLogger.debug("User not found in Header, trying request");
            str = httpServletRequest.getParameter(BPEL_USER);
            z = false;
        }
        if (str == null) {
            return null;
        }
        if (z && str2 == null) {
            str2 = httpServletRequest.getHeader(BPEL_CRED);
        } else if (str2 == null) {
            str2 = httpServletRequest.getParameter(BPEL_CRED);
        }
        if (str2 == null) {
            WSLogger.debug("User found, but credential missing, aborting!");
        }
        InetAddress inetAddress = null;
        String remoteHost = httpServletRequest.getRemoteHost();
        try {
            inetAddress = InetAddress.getByName(remoteHost);
        } catch (UnknownHostException e) {
            WSLogger.fatal(new StringBuffer("Constructing INET Addr failed [").append(remoteHost).append("] !").toString());
        }
        try {
            Subject constructSubject = BPELProcessValidator.constructSubject(str, str2, inetAddress);
            WSLogger.debug("Subject constructed successfully");
            return constructSubject;
        } catch (ServerException e2) {
            return null;
        }
    }

    private NormalizedMessage constructBaseMsg(NormalizedMessage normalizedMessage, Subject subject) {
        if (subject != null) {
            try {
                BPELPrincipal principalFromSubject = SecurityUtils.getPrincipalFromSubject(subject);
                if (principalFromSubject == null) {
                    return normalizedMessage;
                }
                normalizedMessage.setProperty("secured", principalFromSubject.getName());
                if (principalFromSubject.getCredential() != null) {
                    normalizedMessage.setProperty(principalFromSubject.getName(), principalFromSubject.getCredential());
                }
                if (principalFromSubject.getCallerAddress() != null) {
                    normalizedMessage.setProperty("ip", principalFromSubject.getCallerAddress().getHostName());
                }
            } catch (Exception e) {
                return normalizedMessage;
            }
        }
        return normalizedMessage;
    }

    private String decodeBasicSecurity(String str) throws ServletException {
        WSLogger.debug(new StringBuffer("Found basic auth [").append(str).append("]").toString());
        if (!str.toUpperCase().startsWith("BASIC ")) {
            throw new ServletException(CubeSecurityResources.getString("BPEL_CUBE_SEC_HTTP_basic_auth_format"));
        }
        String substring = str.substring(6);
        WSLogger.debug(new StringBuffer("Encoded: ").append(substring).toString());
        try {
            String str2 = new String(new BASE64Decoder().decodeBuffer(substring));
            if (str2 == null) {
                WSLogger.fatal("Could not decode [null]!");
                throw new ServletException(CubeSecurityResources.getString("BPEL_CUBE_SEC_HTTP_decode_error"));
            }
            WSLogger.debug(new StringBuffer("dec: ").append(str2).toString());
            return str2;
        } catch (IOException e) {
            WSLogger.fatal("Could not decode username & password");
            throw new ServletException(CubeSecurityResources.getString("BPEL_CUBE_SEC_HTTP_decode_wrong_format"));
        }
    }

    private NormalizedMessage populateHeader(NormalizedMessage normalizedMessage, HttpServletRequest httpServletRequest) {
        if (httpServletRequest == null) {
            return normalizedMessage;
        }
        Enumeration headerNames = httpServletRequest.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String str = (String) headerNames.nextElement();
            normalizedMessage.setProperty(str, httpServletRequest.getHeader(str));
        }
        return normalizedMessage;
    }
}
