package com.tridium.web;

import com.tridium.httpd.CookieUtil;
import com.tridium.httpd.Httpd;
import com.tridium.net.HttpUtil;
import com.tridium.user.BUserPasswordConfiguration;
import com.tridium.web.WebUtil;
import java.io.IOException;
import javax.baja.agent.AgentFilter;
import javax.baja.agent.AgentInfo;
import javax.baja.agent.AgentList;
import javax.baja.file.BExporter;
import javax.baja.log.Log;
import javax.baja.naming.BLocalHost;
import javax.baja.naming.BLocalScheme;
import javax.baja.naming.BOrd;
import javax.baja.naming.NullOrdException;
import javax.baja.naming.OrdQuery;
import javax.baja.naming.OrdTarget;
import javax.baja.naming.SyntaxException;
import javax.baja.naming.UnresolvedException;
import javax.baja.naming.ViewQuery;
import javax.baja.security.BPermissions;
import javax.baja.spy.BSpy;
import javax.baja.sys.BFacets;
import javax.baja.sys.BObject;
import javax.baja.sys.BString;
import javax.baja.sys.BasicContext;
import javax.baja.sys.Clock;
import javax.baja.sys.Context;
import javax.baja.sys.Sys;
import javax.baja.user.BUser;
import javax.baja.user.BUserService;
import javax.baja.web.BAuthenticationType;
import javax.baja.web.BIWebProfile;
import javax.baja.web.BServletView;
import javax.baja.web.BWebService;
import javax.baja.web.BWebServlet;
import javax.baja.web.BXFrameOptionsEnum;
import javax.baja.web.IWebEnv;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/tridium/web/WebProcess.class */
public class WebProcess {
    static Log webLog = Log.getLog("web");
    static Log uriLog = Log.getLog("web.uri");
    static Log ordLog = Log.getLog("web.ord");
    static Log authLog = Log.getLog("web.auth");
    static Log targetLog = Log.getLog("web.target");
    static Log viewListLog = Log.getLog("web.viewList");
    static Log viewLog = Log.getLog("web.view");
    private final SysServlet sys;
    private final BWebService webService;
    private final BUserService userService;
    private final HttpServletRequest req;
    private final HttpServletResponse resp;
    private String serverName;
    private String path;
    private String query;
    private String uri;
    private BOrd ord;
    private BWebServlet servlet;
    private BUser user;
    private boolean isGuest;
    private OrdTarget ordTarget;
    private BObject target;
    private NWebOp op;
    private IWebEnv env;
    private AgentList allViews;
    private AgentList hasViews;
    private AgentInfo viewInfo;
    private BObject view;
    static Class class$com$tridium$user$BUserPasswordConfiguration;

    public void service() throws WebProcessException {
        try {
            Throwable th = null;
            toUri();
            this.resp.setDateHeader("Date", Clock.millis());
            this.resp.setDateHeader("Expires", 0L);
            this.resp.setHeader(HttpHeaderUtil.H_CACHE_CONTROL, "private, must-revalidate");
            String header = this.req.getHeader("accept-language");
            if (header != null) {
                this.resp.setHeader("accept-language", header);
            }
            BWebService service = Sys.getService(BWebService.TYPE);
            if (service.getXFrameOptions() == BXFrameOptionsEnum.deny) {
                this.resp.addHeader("x-frame-options", "deny");
            } else if (service.getXFrameOptions() == BXFrameOptionsEnum.sameorigin) {
                this.resp.addHeader("x-frame-options", "sameorigin");
            }
            if (redirectToHttps()) {
                return;
            }
            try {
            } catch (Throwable th2) {
                th = th2;
            }
            if (this.sys.serviceSpecial(this.req, this.resp)) {
                return;
            }
            try {
                toOrd();
            } catch (Throwable th3) {
                th = th3;
            }
            try {
                authenticate();
            } catch (Throwable th4) {
                th = th4;
            }
            try {
                resolve();
            } catch (Throwable th5) {
                th = th5;
            }
            if (challenge() || this.sys.serviceSpecialWb(this.req, this.resp, this.user)) {
                return;
            }
            if (th != null) {
                throw th;
            }
            toWebOp();
            toWebEnv();
            if (redirectToHome() || serviceWebServlet()) {
                return;
            }
            checkLicense();
            toViewList();
            toViewInfo();
            checkViewPermission();
            if (serviceWbView()) {
                return;
            }
            toView();
            if (!serviceExporter() && !serviceServletView()) {
                throw new WebProcessException(HttpServletResponse.SC_NOT_FOUND, "View is not web enabled");
            }
        } catch (WebProcessException e) {
            throw e;
        } catch (SyntaxException e2) {
            webLog.trace(new StringBuffer("Invalid ORD syntax: ").append(this.req.getQueryString()).toString());
            throw new WebProcessException(HttpServletResponse.SC_NOT_FOUND, (Throwable) e2);
        } catch (Throwable th6) {
            webLog.error("Internal Server Error", th6);
            throw new WebProcessException(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, th6);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void toUri() {
        this.path = this.req.getRequestURI();
        this.query = this.req.getQueryString();
        this.uri = this.path;
        if (this.query != null && this.query.length() > 0) {
            this.uri = new StringBuffer().append(this.uri).append('?').append(this.query).toString();
        }
        this.serverName = this.req.getServerName();
        if (uriLog.isTraceOn()) {
            uriLog.trace(new StringBuffer().append(this.req.getMethod()).append(' ').append(this.uri).toString());
        }
    }

    public boolean redirectToHttps() throws Exception {
        if (this.req.getScheme().equals(Httpd.HTTPS) || !this.webService.getHttpsOnly() || !this.webService.getHttpsEnabled()) {
            return false;
        }
        this.resp.sendRedirect(new StringBuffer("https://").append(this.serverName).append(':').append(this.webService.getHttpsPort()).append(this.uri).toString());
        return true;
    }

    public void authenticate() throws Exception {
        BUserService service = BUserService.getService();
        if (service == null) {
            this.resp.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE);
            return;
        }
        BHttpAuthAgent bHttpAuthAgent = (BHttpAuthAgent) service.getAuthAgent(BHttpAuthAgent.TYPE);
        if (bHttpAuthAgent == null) {
            bHttpAuthAgent = BHttpUsernamePasswordAuthAgent.INSTANCE;
        }
        UserAndCredentials doWebProcessAuth = bHttpAuthAgent.doWebProcessAuth(this.req, this.resp);
        if (doWebProcessAuth == null) {
            this.user = this.userService.getGuestUser();
            this.isGuest = true;
            return;
        }
        this.user = doWebProcessAuth.getUser();
        if (this.user == this.userService.getGuestUser()) {
            this.isGuest = true;
        } else {
            this.isGuest = false;
        }
        if (this.isGuest) {
            return;
        }
        this.req.getSession().setAttribute(BWebService.SESSION_INFO_USER, this.user.getUsername());
        this.req.getSession().setAttribute(BWebService.SESSION_INFO_AUTH, new Boolean(true));
    }

    private final void toOrd() throws Exception {
        BOrd ordImpl = toOrdImpl();
        if (ordImpl == null) {
            throw new WebProcessException(HttpServletResponse.SC_NOT_FOUND);
        }
        ordImpl.normalize();
        for (OrdQuery ordQuery : ordImpl.parse()) {
            if (ordQuery.getScheme().equals("sql")) {
                throw new WebProcessException(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "SQL ORD Scheme not allowed");
            }
        }
        this.ord = ordImpl;
        if (ordLog.isTraceOn()) {
            ordLog.trace(this.ord.toString());
        }
    }

    private static final String decodeUrl(String str) throws WebProcessException {
        return HttpUtil.decodeUrl(str);
    }

    private final BOrd toOrdImpl() throws WebProcessException {
        if (this.uri.equals("/")) {
            return BLocalScheme.ORD;
        }
        if (this.path.equals("/ord")) {
            if (this.query == null) {
                this.query = "";
            }
            return BOrd.make(decodeUrl(this.query));
        }
        if (this.path.startsWith("/ord/")) {
            return BOrd.make(decodeUrl(this.path.substring("/ord/".length())));
        }
        if (this.path.startsWith("/file/")) {
            String substring = this.path.substring("/file/".length());
            if (substring.startsWith("stations")) {
                return BOrd.make(new StringBuffer("file:!").append(decodeUrl(this.path.substring("/file/".length()))).toString());
            }
            if (substring.startsWith("!")) {
                return substring.startsWith("!/") ? BOrd.make(new StringBuffer("file:!").append(decodeUrl(this.path.substring("/file/!/".length()))).toString()) : BOrd.make("file:!");
            }
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("file:^");
            stringBuffer.append(decodeUrl(this.path.substring("/file/".length())));
            return BOrd.make(stringBuffer.toString());
        }
        if (this.path.equals("/file")) {
            return BOrd.make("file:^");
        }
        if (this.path.startsWith("/module/")) {
            return BOrd.make(new StringBuffer("module://").append(decodeUrl(this.path.substring("/module/".length()))).toString());
        }
        int indexOf = this.path.indexOf(47, 1);
        BWebServlet servletByName = this.webService.getServletByName(indexOf < 0 ? this.path.substring(1) : this.path.substring(1, indexOf));
        if (servletByName != null) {
            return servletByName.getAbsoluteOrd();
        }
        return null;
    }

    private final void resolve() throws Exception {
        if (this.ord == null) {
            return;
        }
        try {
            Context basicContext = new BasicContext(this.user, WebUtil.getLanguage(this.req, this.user));
            if (this.user != null) {
                basicContext = new BasicContext(basicContext, BFacets.make("username", BString.make(this.user.getUsername())));
            }
            this.ordTarget = this.ord.resolve(BLocalHost.INSTANCE, basicContext);
            this.target = this.ordTarget.get();
            if (this.target instanceof BWebServlet) {
                this.servlet = this.target;
                NWebOp nWebOp = new NWebOp(this.ordTarget, this.sys.service, this.req, this.resp);
                nWebOp.fw(this.servlet);
                this.ordTarget = this.servlet.resolve(nWebOp);
                this.target = this.ordTarget.get();
            }
            if (targetLog.isTraceOn()) {
                targetLog.trace(this.target.toDebugString());
            }
        } catch (NullOrdException e) {
            throw new WebProcessException(HttpServletResponse.SC_BAD_REQUEST);
        } catch (UnresolvedException e2) {
            throw new WebProcessException(HttpServletResponse.SC_NOT_FOUND);
        }
    }

    public boolean challenge() throws Exception {
        if (!this.isGuest) {
            return handlePasswordReset();
        }
        if (this.userService.canLogin(this.user)) {
            if (this.ordTarget == null) {
                this.ordTarget = BLocalHost.INSTANCE.getAbsoluteOrd().resolve();
            }
            if (this.ordTarget.getPermissionsForTarget().hasOperatorRead()) {
                return false;
            }
        }
        if (this.webService.getAuthenticationScheme() == BAuthenticationType.basic) {
            if (authLog.isTraceOn()) {
                authLog.trace("  Challenge: basic");
            }
            this.resp.setHeader("WWW-Authenticate", new StringBuffer("Basic realm=\"").append(Sys.getStation().getStationName()).append('\"').toString());
            this.resp.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return true;
        }
        if (authLog.isTraceOn()) {
            authLog.trace("  Challenge: cookie");
        }
        if (!this.path.equals("/") && this.req.getMethod().equals("GET") && this.webService.isValidCookieRedirect(this.uri)) {
            Cookie cookie = new Cookie(CookieUtil.getCookieName(this.req, "niagara_uri"), this.uri);
            cookie.setPath("/");
            this.resp.addCookie(cookie);
        }
        this.resp.sendRedirect(WebUtil.getRedirect(this.req, "/login"));
        return true;
    }

    private final boolean handlePasswordReset() throws IOException {
        if (!this.userService.canUsePasswordFeatures(this.user)) {
            return false;
        }
        BUser bUser = this.user;
        Class cls = class$com$tridium$user$BUserPasswordConfiguration;
        if (cls == null) {
            cls = m64class("[Lcom.tridium.user.BUserPasswordConfiguration;", false);
            class$com$tridium$user$BUserPasswordConfiguration = cls;
        }
        BUserPasswordConfiguration[] bUserPasswordConfigurationArr = (BUserPasswordConfiguration[]) bUser.getChildren(cls);
        if (bUserPasswordConfigurationArr.length <= 0 || !bUserPasswordConfigurationArr[0].getForceResetAtNextLogin()) {
            return false;
        }
        Cookie cookie = new Cookie(CookieUtil.getCookieName(this.req, "niagara_login_state"), String.valueOf(3));
        cookie.setPath("/");
        this.resp.addCookie(cookie);
        this.resp.sendRedirect(new StringBuffer().append(WebUtil.getAbsolutePathBase(this.req)).append("login").toString());
        return true;
    }

    private final boolean redirectToHome() throws Exception {
        if (!this.path.equals("/")) {
            return false;
        }
        this.resp.sendRedirect(WebUtil.getRedirect(this.req, WebUtil.toUri(this.ordTarget, this.req, this.env.getHomePage(this.op))));
        return true;
    }

    private final void toWebOp() throws Exception {
        this.op = new NWebOp(this.ordTarget, this.sys.service, this.req, this.resp);
        if (this.servlet != null) {
            this.op.fw(this.servlet);
        }
    }

    private final boolean serviceWebServlet() throws Exception {
        if (this.servlet == null) {
            return false;
        }
        if (!this.op.getPermissionsForTarget().hasOperatorRead()) {
            throw new WebProcessException(HttpServletResponse.SC_FORBIDDEN);
        }
        if (!this.servlet.getEnabled()) {
            throw new WebProcessException(HttpServletResponse.SC_GONE);
        }
        this.servlet.service(this.op);
        return true;
    }

    private final void toWebEnv() throws WebProcessException {
        this.env = this.op.initWebEnv();
    }

    private final void checkLicense() throws Exception {
        if (isLicensed()) {
            return;
        }
        viewLog.warning(new StringBuffer("Unlicensed: ").append(this.ord).toString());
        throw new WebProcessException(HttpServletResponse.SC_FORBIDDEN);
    }

    private final boolean isLicensed() {
        BIWebProfile webProfile;
        if (this.target instanceof BSpy) {
            return true;
        }
        if (this.sys.licenseUi()) {
            return this.sys.licenseWb() || WebEnv.wbProfile == null || (webProfile = this.env.getWebProfile(this.op)) == null || !webProfile.getType().is(WebEnv.wbProfile);
        }
        return false;
    }

    private final void toViewList() throws Exception {
        this.allViews = this.env.getViews(this.op);
        if (this.allViews.size() == 0) {
            throw new WebProcessException(HttpServletResponse.SC_FORBIDDEN, "No views available.");
        }
        AgentFilter has = AgentFilter.has(this.op.getPermissionsForTarget());
        this.hasViews = this.allViews.filter(AgentFilter.and(AgentFilter.and(has, new PxViewFilter(this.op)), new WebUtil.ProfileFilter(this.env.getWebProfile(this.op), this.op.get())));
        this.op.views = this.hasViews;
        if (this.allViews.size() > 0 && this.hasViews.size() == 0) {
            if (authLog.isTraceOn()) {
                authLog.trace(new StringBuffer("  Forbidden allViews.size=").append(this.allViews.size()).toString());
            }
            throw new WebProcessException(HttpServletResponse.SC_FORBIDDEN);
        }
        if (viewListLog.isTraceOn()) {
            viewListLog.trace(this.hasViews.toString());
        }
    }

    private final void toViewInfo() {
        ViewQuery viewQuery = this.ordTarget.getViewQuery();
        if (viewQuery != null && viewQuery.getViewId() != null) {
            this.viewInfo = this.env.getView(this.allViews, viewQuery.getViewId());
        }
        if (this.viewInfo == null) {
            this.viewInfo = this.env.getDefaultView(this.op, this.hasViews);
        }
        this.viewInfo = this.env.translate(this.viewInfo);
        if (viewLog.isTraceOn()) {
            viewLog.trace(this.viewInfo.toString());
        }
    }

    private final void checkViewPermission() throws Exception {
        BPermissions permissionsForTarget = this.op.getPermissionsForTarget();
        BPermissions requiredPermissions = this.viewInfo.getRequiredPermissions();
        if (permissionsForTarget.has(requiredPermissions)) {
            return;
        }
        if (authLog.isTraceOn()) {
            authLog.trace(new StringBuffer("  Forbidden '").append(permissionsForTarget).append("' < '").append(requiredPermissions).append('\'').toString());
        }
        throw new WebProcessException(HttpServletResponse.SC_FORBIDDEN);
    }

    private final boolean serviceWbView() throws Exception {
        if (this.viewInfo.getAgentType().is(WebEnv.pxView)) {
            this.sys.wbServlet.serviceView(this.viewInfo, this.op);
            return true;
        }
        if (WebEnv.wbView == null || !this.viewInfo.getAgentType().is(WebEnv.wbView)) {
            return false;
        }
        this.sys.wbServlet.serviceView(this.viewInfo, this.op);
        return true;
    }

    private final void toView() throws Exception {
        this.view = this.viewInfo.getInstance();
    }

    private final boolean serviceExporter() throws Exception {
        if (!(this.view instanceof BExporter)) {
            return false;
        }
        BExporter bExporter = this.view;
        this.resp.setContentType(bExporter.getFileMimeType());
        bExporter.export(this.op);
        return true;
    }

    private final boolean serviceServletView() throws Exception {
        if (!(this.view instanceof BServletView)) {
            return false;
        }
        this.view.service(this.op);
        return true;
    }

    /* JADX WARN: Type inference failed for: r0v5, types: [java.lang.Throwable, java.lang.Class] */
    /* renamed from: class, reason: not valid java name */
    static Class m64class(String str, boolean z) {
        ?? componentType;
        try {
            Class<?> cls = Class.forName(str);
            if (z) {
                return cls;
            }
            componentType = cls.getComponentType();
            return componentType;
        } catch (ClassNotFoundException unused) {
            throw new NoClassDefFoundError(componentType.getMessage());
        }
    }

    /* renamed from: this, reason: not valid java name */
    private final void m65this() {
        this.ord = null;
        this.ordTarget = null;
    }

    public WebProcess(SysServlet sysServlet, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        m65this();
        this.sys = sysServlet;
        this.req = httpServletRequest;
        this.resp = httpServletResponse;
        this.webService = sysServlet.service;
        this.userService = Sys.getService(BUserService.TYPE);
    }
}
