package org.ow2.bonita.facade.rest.interceptor;

import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.StringTokenizer;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.ext.Provider;
import org.jboss.resteasy.annotations.interception.Precedence;
import org.jboss.resteasy.annotations.interception.ServerInterceptor;
import org.jboss.resteasy.core.ResourceMethod;
import org.jboss.resteasy.core.ServerResponse;
import org.jboss.resteasy.spi.Failure;
import org.jboss.resteasy.spi.HttpRequest;
import org.jboss.resteasy.spi.interception.PreProcessInterceptor;
import org.ow2.bonita.facade.APIAccessor;
import org.ow2.bonita.facade.IdentityAPI;
import org.ow2.bonita.identity.auth.APIMethodsSecurity;
import org.ow2.bonita.util.Base64;
import org.ow2.bonita.util.BonitaConstants;
import org.ow2.bonita.util.Misc;
import org.ow2.bonita.util.xml.XStreamUtil;

@Provider
@Precedence("SECURITY")
@ServerInterceptor
/* loaded from: input_file:org/ow2/bonita/facade/rest/interceptor/LoginPreProcessorInterceptor.class */
public class LoginPreProcessorInterceptor implements PreProcessInterceptor {
    private static Logger LOG = Logger.getLogger(LoginPreProcessorInterceptor.class.getName());
    private static final String AUTHENTICATION_SCHEME = "Basic";
    private static final String OPTIONS = "options";
    private static final String AUTHORIZATION_PROPERTY = "Authorization";
    private boolean optionsMapCreatedOrModified = false;
    private boolean wasEncoded = false;

    public ServerResponse preProcess(HttpRequest httpRequest, ResourceMethod resourceMethod) throws Failure, WebApplicationException {
        Map<String, String> optionsMap;
        decodeParameters(httpRequest);
        List list = (List) httpRequest.getDecodedFormParameters().get(OPTIONS);
        if (list == null || list.isEmpty()) {
            list = httpRequest.getHttpHeaders().getRequestHeader(OPTIONS);
        }
        if (list == null || list.isEmpty()) {
            optionsMap = getOptionsMap(null);
        } else {
            if (list.size() > 1 && LOG.isLoggable(Level.WARNING)) {
                LOG.warning("Attention: there are more than one parameter named \"options\". Only the first one will be used.");
            }
            String str = (String) list.get(0);
            if (!str.startsWith("<")) {
                this.wasEncoded = true;
                try {
                    str = URLDecoder.decode((String) list.get(0), BonitaConstants.FILE_ENCONDING);
                } catch (UnsupportedEncodingException e) {
                    if (LOG.isLoggable(Level.WARNING)) {
                        LOG.warning("Error while decoding " + ((String) list.get(0)) + " using UTF-8: " + Misc.getStackTraceFrom(e));
                    }
                }
            }
            optionsMap = getOptionsMap(str);
        }
        if (optionsMap.get("queryList") == null) {
            this.optionsMapCreatedOrModified = true;
            optionsMap.put("queryList", "queryList");
        }
        if (optionsMap.get("domain") == null) {
            this.optionsMapCreatedOrModified = true;
            optionsMap.put("domain", BonitaConstants.DEFAULT_DOMAIN);
        }
        if (!APIMethodsSecurity.isSecuredMethod(resourceMethod.getMethod())) {
            if (!this.optionsMapCreatedOrModified) {
                return null;
            }
            if (isOptionsMapInHeader(httpRequest)) {
                updateOptionsHeaderParam(httpRequest, optionsMap);
                return null;
            }
            updateOptionsFormParam(httpRequest, optionsMap);
            return null;
        }
        if (optionsMap.get(APIAccessor.PASSWORD_HASH_OPTION) != null) {
            return null;
        }
        StringTokenizer stringTokenizer = new StringTokenizer(new String(Base64.decode(((String) httpRequest.getHttpHeaders().getRequestHeader(AUTHORIZATION_PROPERTY).get(0)).replaceFirst("Basic ", ""))), IdentityAPI.MEMBERSHIP_SEPARATOR);
        String nextToken = stringTokenizer.nextToken();
        String nextToken2 = stringTokenizer.nextToken();
        this.optionsMapCreatedOrModified = true;
        optionsMap.put("restUser", nextToken);
        optionsMap.put(APIAccessor.PASSWORD_HASH_OPTION, nextToken2);
        if (isOptionsMapInHeader(httpRequest)) {
            updateOptionsHeaderParam(httpRequest, optionsMap);
            return null;
        }
        updateOptionsFormParam(httpRequest, optionsMap);
        return null;
    }

    private void decodeParameters(HttpRequest httpRequest) {
        decodeFormParameters(httpRequest);
    }

    private void decodeFormParameters(HttpRequest httpRequest) {
        try {
            decodeMultiValuedMap(httpRequest.getFormParameters());
        } catch (Throwable th) {
            if (LOG.isLoggable(Level.WARNING)) {
                LOG.warning("Imposible to decode some parameters using UTF-8. Keeping encoded values: " + th);
            }
        }
        try {
            decodeMultiValuedMap(httpRequest.getDecodedFormParameters());
        } catch (Throwable th2) {
            if (LOG.isLoggable(Level.WARNING)) {
                LOG.warning("Imposible to decode some parameters using UTF-8. Keeping encoded values: " + th2);
            }
        }
    }

    private void decodeMultiValuedMap(MultivaluedMap<String, String> multivaluedMap) throws UnsupportedEncodingException {
        for (String str : multivaluedMap.keySet()) {
            List list = (List) multivaluedMap.get(str);
            ArrayList arrayList = new ArrayList();
            Iterator it = list.iterator();
            while (it.hasNext()) {
                arrayList.add(URLDecoder.decode((String) it.next(), BonitaConstants.FILE_ENCONDING));
            }
            multivaluedMap.put(str, arrayList);
        }
    }

    private boolean isOptionsMapInHeader(HttpRequest httpRequest) {
        String preprocessedPath = httpRequest.getPreprocessedPath();
        return preprocessedPath.equals("/API/managementAPI/deploy") || preprocessedPath.startsWith("/API/managementAPI/deployJar");
    }

    private void updateOptionsFormParam(HttpRequest httpRequest, Map<String, String> map) {
        String nonEncodedStringRepresentation = getNonEncodedStringRepresentation(map);
        httpRequest.getFormParameters().remove(OPTIONS);
        httpRequest.getFormParameters().add(OPTIONS, encodeIfNecessary(nonEncodedStringRepresentation));
        httpRequest.getDecodedFormParameters().remove(OPTIONS);
        httpRequest.getDecodedFormParameters().add(OPTIONS, nonEncodedStringRepresentation);
    }

    private void updateOptionsHeaderParam(HttpRequest httpRequest, Map<String, String> map) {
        httpRequest.getHttpHeaders().getRequestHeaders().remove(OPTIONS);
        httpRequest.getHttpHeaders().getRequestHeaders().add(OPTIONS, getStringRepresentationEncodedIfNecessary(map));
    }

    private String getStringRepresentationEncodedIfNecessary(Map<String, String> map) {
        return encodeIfNecessary(getNonEncodedStringRepresentation(map));
    }

    private String getNonEncodedStringRepresentation(Map<String, String> map) {
        return XStreamUtil.getDefaultXstream().toXML(map);
    }

    private String encodeIfNecessary(String str) {
        try {
            if (this.wasEncoded) {
                str = URLEncoder.encode(str, BonitaConstants.FILE_ENCONDING);
            }
        } catch (UnsupportedEncodingException e) {
            if (LOG.isLoggable(Level.WARNING)) {
                LOG.warning("Cannot encode " + str + " using UTF-8");
            }
        }
        return str;
    }

    private Map<String, String> getOptionsMap(String str) {
        if (str == null || "".equals(str.trim())) {
            this.optionsMapCreatedOrModified = true;
            return new HashMap();
        }
        if (str.startsWith("<")) {
            try {
                return (Map) XStreamUtil.getDefaultXstream().fromXML(str);
            } catch (Exception e) {
                if (LOG.isLoggable(Level.WARNING)) {
                    LOG.warning("Error while criating the java object from " + str + ": " + Misc.getStackTraceFrom(e));
                }
                this.optionsMapCreatedOrModified = true;
                return new HashMap();
            }
        }
        this.optionsMapCreatedOrModified = true;
        HashMap hashMap = new HashMap();
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        while (stringTokenizer.hasMoreTokens()) {
            StringTokenizer stringTokenizer2 = new StringTokenizer(stringTokenizer.nextToken(), ": ");
            if (stringTokenizer2.countTokens() == 2) {
                String nextToken = stringTokenizer2.nextToken();
                String nextToken2 = stringTokenizer2.nextToken();
                if (nextToken.equalsIgnoreCase("queryList")) {
                    hashMap.put("queryList", nextToken2);
                } else if (nextToken.equalsIgnoreCase("domain")) {
                    hashMap.put("domain", nextToken2);
                } else if (nextToken.equalsIgnoreCase("user")) {
                    hashMap.put("user", nextToken2);
                } else if (nextToken.equalsIgnoreCase("restUser")) {
                    hashMap.put("restUser", nextToken2);
                }
            }
        }
        return hashMap;
    }
}
