package azkaban.webapp.servlet;

import azkaban.executor.ConnectorParams;
import azkaban.project.Project;
import azkaban.user.Permission;
import azkaban.user.Role;
import azkaban.user.User;
import azkaban.user.UserManager;
import azkaban.user.UserManagerException;
import azkaban.user.XmlUserManager;
import azkaban.webapp.session.Session;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.UUID;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.fileupload.servlet.ServletFileUpload;
import org.apache.commons.io.IOUtils;
import org.apache.log4j.Logger;

/* loaded from: input_file:azkaban/webapp/servlet/LoginAbstractAzkabanServlet.class */
public abstract class LoginAbstractAzkabanServlet extends AbstractAzkabanServlet {
    private static final long serialVersionUID = 1;
    private static final String SESSION_ID_NAME = "azkaban.browser.session.id";
    private static final int DEFAULT_UPLOAD_DISK_SPOOL_SIZE = 20971520;
    private File webResourceDirectory = null;
    private MultipartParser multipartParser;
    private static final Logger logger = Logger.getLogger(LoginAbstractAzkabanServlet.class.getName());
    private static HashMap<String, String> contextType = new HashMap<>();

    @Override // azkaban.webapp.servlet.AbstractAzkabanServlet
    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        this.multipartParser = new MultipartParser(DEFAULT_UPLOAD_DISK_SPOOL_SIZE);
    }

    public void setResourceDirectory(File file) {
        this.webResourceDirectory = file;
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        Session sessionFromRequest = getSessionFromRequest(httpServletRequest);
        if (hasParam(httpServletRequest, "logout")) {
            httpServletResponse.sendRedirect(httpServletRequest.getContextPath());
            if (sessionFromRequest != null) {
                getApplication().getSessionCache().removeSession(sessionFromRequest.getSessionId());
                return;
            }
            return;
        }
        if (sessionFromRequest != null) {
            logger.info("Found session " + sessionFromRequest.getUser());
            if (handleFileGet(httpServletRequest, httpServletResponse)) {
                return;
            }
            handleGet(httpServletRequest, httpServletResponse, sessionFromRequest);
            return;
        }
        if (!hasParam(httpServletRequest, "ajax")) {
            handleLogin(httpServletRequest, httpServletResponse);
            return;
        }
        HashMap hashMap = new HashMap();
        hashMap.put("error", "session");
        writeJSON(httpServletResponse, hashMap);
    }

    private boolean handleFileGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (this.webResourceDirectory == null) {
            return false;
        }
        String substring = httpServletRequest.getRequestURI().substring((httpServletRequest.getContextPath() + httpServletRequest.getServletPath()).length());
        int lastIndexOf = substring.lastIndexOf(46);
        if (lastIndexOf == -1) {
            return false;
        }
        String substring2 = substring.substring(lastIndexOf);
        if (!contextType.containsKey(substring2)) {
            return false;
        }
        File file = new File(this.webResourceDirectory, substring);
        if (!file.exists() || !file.isFile()) {
            return false;
        }
        httpServletResponse.setContentType(contextType.get(substring2));
        ServletOutputStream outputStream = httpServletResponse.getOutputStream();
        BufferedInputStream bufferedInputStream = null;
        try {
            bufferedInputStream = new BufferedInputStream(new FileInputStream(file));
            IOUtils.copy(bufferedInputStream, outputStream);
            if (bufferedInputStream != null) {
                bufferedInputStream.close();
            }
            outputStream.flush();
            return true;
        } catch (Throwable th) {
            if (bufferedInputStream != null) {
                bufferedInputStream.close();
            }
            throw th;
        }
    }

    private Session getSessionFromRequest(HttpServletRequest httpServletRequest) throws ServletException {
        String remoteAddr = httpServletRequest.getRemoteAddr();
        Cookie cookieByName = getCookieByName(httpServletRequest, SESSION_ID_NAME);
        String str = null;
        if (cookieByName != null) {
            str = cookieByName.getValue();
            logger.info("Session id " + str);
        }
        if (str == null && hasParam(httpServletRequest, "session.id")) {
            str = getParam(httpServletRequest, "session.id");
        }
        return getSessionFromSessionId(str, remoteAddr);
    }

    private Session getSessionFromSessionId(String str, String str2) {
        Session session;
        if (str == null || (session = getApplication().getSessionCache().getSession(str)) == null || !str2.equals(session.getIp())) {
            return null;
        }
        return session;
    }

    private void handleLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        handleLogin(httpServletRequest, httpServletResponse, null);
    }

    private void handleLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws ServletException, IOException {
        Page newPage = newPage(httpServletRequest, httpServletResponse, "azkaban/webapp/servlet/velocity/login.vm");
        if (str != null) {
            newPage.add("errorMsg", str);
        }
        newPage.render();
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        Session sessionFromSessionId;
        Session sessionFromRequest = getSessionFromRequest(httpServletRequest);
        if (ServletFileUpload.isMultipartContent(httpServletRequest)) {
            Map<String, Object> parseMultipart = this.multipartParser.parseMultipart(httpServletRequest);
            if (sessionFromRequest == null) {
                if (parseMultipart.containsKey("session.id") && (sessionFromSessionId = getSessionFromSessionId((String) parseMultipart.get("session.id"), httpServletRequest.getRemoteAddr())) != null) {
                    handleMultiformPost(httpServletRequest, httpServletResponse, parseMultipart, sessionFromSessionId);
                    return;
                }
                if (!parseMultipart.containsKey(XmlUserManager.USERNAME_ATTR) || !parseMultipart.containsKey(XmlUserManager.PASSWORD_ATTR)) {
                    writeResponse(httpServletResponse, "Login error. Need username and password");
                    return;
                }
                try {
                    sessionFromRequest = createSession((String) parseMultipart.get(XmlUserManager.USERNAME_ATTR), (String) parseMultipart.get(XmlUserManager.PASSWORD_ATTR), httpServletRequest.getRemoteAddr());
                } catch (UserManagerException e) {
                    writeResponse(httpServletResponse, "Login error: " + e.getMessage());
                    return;
                }
            }
            handleMultiformPost(httpServletRequest, httpServletResponse, parseMultipart, sessionFromRequest);
            return;
        }
        if (hasParam(httpServletRequest, "action") && getParam(httpServletRequest, "action").equals("login")) {
            HashMap hashMap = new HashMap();
            handleAjaxLoginAction(httpServletRequest, httpServletResponse, hashMap);
            writeJSON(httpServletResponse, hashMap);
        } else {
            if (sessionFromRequest != null) {
                handlePost(httpServletRequest, httpServletResponse, sessionFromRequest);
                return;
            }
            if (hasParam(httpServletRequest, XmlUserManager.USERNAME_ATTR) && hasParam(httpServletRequest, XmlUserManager.PASSWORD_ATTR)) {
                try {
                    sessionFromRequest = createSession(httpServletRequest);
                } catch (UserManagerException e2) {
                    writeResponse(httpServletResponse, "Login error: " + e2.getMessage());
                }
                handlePost(httpServletRequest, httpServletResponse, sessionFromRequest);
                return;
            }
            if (isAjaxCall(httpServletRequest)) {
                writeResponse(httpServletResponse, createJsonResponse("error", "Invalid Session. Need to re-login", "login", null));
            } else {
                handleLogin(httpServletRequest, httpServletResponse, "Enter username and password");
            }
        }
    }

    private Session createSession(HttpServletRequest httpServletRequest) throws UserManagerException, ServletException {
        return createSession(getParam(httpServletRequest, XmlUserManager.USERNAME_ATTR), getParam(httpServletRequest, XmlUserManager.PASSWORD_ATTR), httpServletRequest.getRemoteAddr());
    }

    private Session createSession(String str, String str2, String str3) throws UserManagerException, ServletException {
        return new Session(UUID.randomUUID().toString(), getApplication().getUserManager().getUser(str, str2), str3);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean hasPermission(Project project, User user, Permission.Type type) {
        UserManager userManager = getApplication().getUserManager();
        if (project.hasPermission(user, type)) {
            return true;
        }
        Iterator<String> it = user.getRoles().iterator();
        while (it.hasNext()) {
            Role role = userManager.getRole(it.next());
            if (role.getPermission().isPermissionSet(type) || role.getPermission().isPermissionSet(Permission.Type.ADMIN)) {
                return true;
            }
        }
        return false;
    }

    protected void handleAjaxLoginAction(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map<String, Object> map) throws ServletException {
        if (!hasParam(httpServletRequest, XmlUserManager.USERNAME_ATTR) || !hasParam(httpServletRequest, XmlUserManager.PASSWORD_ATTR)) {
            map.put("error", "Incorrect Login.");
            return;
        }
        try {
            Session createSession = createSession(httpServletRequest);
            Cookie cookie = new Cookie(SESSION_ID_NAME, createSession.getSessionId());
            cookie.setPath("/");
            httpServletResponse.addCookie(cookie);
            getApplication().getSessionCache().addSession(createSession);
            map.put("status", ConnectorParams.RESPONSE_SUCCESS);
            map.put("session.id", createSession.getSessionId());
        } catch (UserManagerException e) {
            map.put("error", "Incorrect Login. " + e.getMessage());
        }
    }

    protected void writeResponse(HttpServletResponse httpServletResponse, String str) throws IOException {
        PrintWriter writer = httpServletResponse.getWriter();
        writer.append((CharSequence) str);
        writer.flush();
    }

    protected boolean isAjaxCall(HttpServletRequest httpServletRequest) throws ServletException {
        String header = httpServletRequest.getHeader("X-Requested-With");
        if (header == null) {
            return false;
        }
        logger.info("has X-Requested-With " + header);
        return header.equals("XMLHttpRequest");
    }

    protected abstract void handleGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Session session) throws ServletException, IOException;

    protected abstract void handlePost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Session session) throws ServletException, IOException;

    protected void handleMultiformPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map<String, Object> map, Session session) throws ServletException, IOException {
    }

    static {
        contextType.put(".js", "application/javascript");
        contextType.put(".css", "text/css");
        contextType.put(".png", "image/png");
        contextType.put(".jpeg", "image/jpeg");
        contextType.put(".gif", "image/gif");
        contextType.put(".jpg", "image/jpeg");
        contextType.put(".eot", "application/vnd.ms-fontobject");
        contextType.put(".svg", "image/svg+xml");
        contextType.put(".ttf", "application/octet-stream");
        contextType.put(".woff", "application/x-font-woff");
    }
}
