package org.ametys.site;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.net.URI;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.Vector;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import org.ametys.core.authentication.CredentialProvider;
import org.ametys.core.user.UserIdentity;
import org.ametys.core.util.URLEncoder;
import org.ametys.plugins.site.Site;
import org.ametys.plugins.site.SiteUrl;
import org.ametys.plugins.site.proxy.BackOfficeRequestProxy;
import org.ametys.plugins.site.proxy.BackOfficeRequestProxyExtensionPoint;
import org.ametys.runtime.config.Config;
import org.apache.cocoon.environment.ObjectModelHelper;
import org.apache.cocoon.environment.Request;
import org.apache.cocoon.environment.Session;
import org.apache.cocoon.servlet.multipart.Part;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.http.Consts;
import org.apache.http.HttpEntity;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpEntityEnclosingRequestBase;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpHead;
import org.apache.http.client.methods.HttpOptions;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpPut;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.entity.ContentType;
import org.apache.http.entity.InputStreamEntity;
import org.apache.http.entity.mime.HttpMultipartMode;
import org.apache.http.entity.mime.MultipartEntityBuilder;
import org.apache.http.entity.mime.content.InputStreamBody;
import org.apache.http.entity.mime.content.StringBody;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.message.BasicNameValuePair;

/* loaded from: input_file:org/ametys/site/BackOfficeRequestHelper.class */
public final class BackOfficeRequestHelper {
    private static final Pattern __AUTHORIZED_HEADERS;
    private static final Set<String> __FILTERED_REQUEST_PARAMETERS;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/ametys/site/BackOfficeRequestHelper$HttpLock.class */
    public static class HttpLock extends HttpEntityEnclosingRequestBase {
        HttpLock(String str) {
            setURI(URI.create(str));
        }

        @Override // org.apache.http.client.methods.HttpRequestBase, org.apache.http.client.methods.HttpUriRequest
        public String getMethod() {
            return "LOCK";
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/ametys/site/BackOfficeRequestHelper$HttpMkcol.class */
    public static class HttpMkcol extends HttpEntityEnclosingRequestBase {
        HttpMkcol(String str) {
            setURI(URI.create(str));
        }

        @Override // org.apache.http.client.methods.HttpRequestBase, org.apache.http.client.methods.HttpUriRequest
        public String getMethod() {
            return "MKCOL";
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/ametys/site/BackOfficeRequestHelper$HttpPropfind.class */
    public static class HttpPropfind extends HttpEntityEnclosingRequestBase {
        HttpPropfind(String str) {
            setURI(URI.create(str));
        }

        @Override // org.apache.http.client.methods.HttpRequestBase, org.apache.http.client.methods.HttpUriRequest
        public String getMethod() {
            return "PROPFIND";
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/ametys/site/BackOfficeRequestHelper$HttpUnLock.class */
    public static class HttpUnLock extends HttpRequestBase {
        HttpUnLock(String str) {
            setURI(URI.create(str));
        }

        @Override // org.apache.http.client.methods.HttpRequestBase, org.apache.http.client.methods.HttpUriRequest
        public String getMethod() {
            return "UNLOCK";
        }
    }

    private BackOfficeRequestHelper() {
    }

    public static CloseableHttpClient getHttpClient() {
        return HttpClientBuilder.create().disableRedirectHandling().useSystemProperties().build();
    }

    public static HttpUriRequest getRequest(Map map, String str, BackOfficeRequestProxyExtensionPoint backOfficeRequestProxyExtensionPoint) throws IOException {
        HttpEntity urlEncodedFormEntity;
        Request request = ObjectModelHelper.getRequest(map);
        String valueAsString = Config.getInstance().getValueAsString("org.ametys.site.bo");
        String method = request.getMethod();
        SiteUrl siteUrl = (SiteUrl) request.getAttribute("url");
        String baseServerPath = siteUrl.getBaseServerPath(request);
        HttpRequestBase httpRequestBase = null;
        String str2 = valueAsString + "/generate/" + str;
        boolean z = -1;
        switch (method.hashCode()) {
            case -1787112636:
                if (method.equals("UNLOCK")) {
                    z = 3;
                    break;
                }
                break;
            case -531492226:
                if (method.equals("OPTIONS")) {
                    z = 2;
                    break;
                }
                break;
            case -210493540:
                if (method.equals("PROPFIND")) {
                    z = 6;
                    break;
                }
                break;
            case 70454:
                if (method.equals("GET")) {
                    z = false;
                    break;
                }
                break;
            case 79599:
                if (method.equals("PUT")) {
                    z = 4;
                    break;
                }
                break;
            case 2213344:
                if (method.equals("HEAD")) {
                    z = true;
                    break;
                }
                break;
            case 2342187:
                if (method.equals("LOCK")) {
                    z = 5;
                    break;
                }
                break;
            case 2461856:
                if (method.equals("POST")) {
                    z = 8;
                    break;
                }
                break;
            case 73412354:
                if (method.equals("MKCOL")) {
                    z = 7;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
            case true:
            case true:
            case true:
                String str3 = str2 + "?" + _getContextQueryPart(siteUrl, baseServerPath) + "&_initialRequest=" + URLEncoder.encodeParameter("/" + request.getAttribute("path") + (StringUtils.isEmpty(request.getQueryString()) ? "" : "?" + request.getQueryString())) + _getParameters(request) + "&" + _getEditionQueryPart(request);
                if ("GET".equals(method)) {
                    httpRequestBase = new HttpGet(str3);
                    break;
                } else if ("HEAD".equals(method)) {
                    httpRequestBase = new HttpHead(str3);
                    break;
                } else if ("OPTIONS".equals(method)) {
                    httpRequestBase = new HttpOptions(str3);
                    break;
                } else if ("UNLOCK".equals(method)) {
                    httpRequestBase = new HttpUnLock(str3);
                    break;
                }
                break;
            case true:
            case true:
            case true:
            case true:
                String str4 = str2 + "?" + _getContextQueryPart(siteUrl, baseServerPath) + "&" + _getEditionQueryPart(request);
                HttpEntityEnclosingRequestBase httpEntityEnclosingRequestBase = null;
                if ("PUT".equals(method)) {
                    httpEntityEnclosingRequestBase = new HttpPut(str4);
                } else if ("LOCK".equals(method)) {
                    httpEntityEnclosingRequestBase = new HttpLock(str4);
                } else if ("PROPFIND".equals(method)) {
                    httpEntityEnclosingRequestBase = new HttpPropfind(str4);
                } else if ("MKCOL".equals(method)) {
                    httpEntityEnclosingRequestBase = new HttpMkcol(str4);
                }
                if (!$assertionsDisabled && httpEntityEnclosingRequestBase == null) {
                    throw new AssertionError();
                }
                String contentType = request.getContentType();
                if (contentType != null) {
                    httpEntityEnclosingRequestBase.setHeader("Content-Type", contentType);
                }
                httpEntityEnclosingRequestBase.setEntity(new InputStreamEntity(new ByteArrayInputStream(IOUtils.toByteArray(((HttpServletRequest) map.get("httprequest")).getInputStream())), r0.length));
                httpRequestBase = httpEntityEnclosingRequestBase;
                break;
            case true:
                byte[] byteArray = IOUtils.toByteArray(((HttpServletRequest) map.get("httprequest")).getInputStream());
                boolean z2 = byteArray.length > 0;
                HttpPost httpPost = new HttpPost(z2 ? str2 + "?" + _getContextQueryPart(siteUrl, baseServerPath) + "&" + _getEditionQueryPart(request) : str2 + "?" + _getEditionQueryPart(request));
                String contentType2 = request.getContentType();
                if (contentType2 != null && contentType2.toLowerCase().indexOf("multipart/form-data") > -1) {
                    MultipartEntityBuilder _getMultipartEntityBuilder = _getMultipartEntityBuilder(request);
                    _getMultipartEntityBuilder.addPart("_contextPath", new StringBody(siteUrl.getServerPath(), ContentType.create("text/plain", Consts.UTF_8)));
                    _getMultipartEntityBuilder.addPart("_baseServerPath", new StringBody(baseServerPath, ContentType.create("text/plain", Consts.UTF_8)));
                    urlEncodedFormEntity = _getMultipartEntityBuilder.build();
                } else if (z2) {
                    httpPost.setHeader("Content-Type", contentType2);
                    urlEncodedFormEntity = new InputStreamEntity(new ByteArrayInputStream(byteArray), byteArray.length);
                } else {
                    ArrayList arrayList = new ArrayList();
                    arrayList.add(new BasicNameValuePair("_contextPath", siteUrl.getServerPath()));
                    arrayList.add(new BasicNameValuePair("_baseServerPath", baseServerPath));
                    Enumeration parameterNames = request.getParameterNames();
                    while (parameterNames.hasMoreElements()) {
                        String str5 = (String) parameterNames.nextElement();
                        if (!__FILTERED_REQUEST_PARAMETERS.contains(str5)) {
                            for (String str6 : request.getParameterValues(str5)) {
                                arrayList.add(new BasicNameValuePair(str5, str6));
                            }
                        }
                    }
                    urlEncodedFormEntity = new UrlEncodedFormEntity(arrayList, "UTF-8");
                }
                httpPost.setEntity(urlEncodedFormEntity);
                httpRequestBase = httpPost;
                break;
            default:
                throw new IllegalArgumentException("Unrecognized method " + method);
        }
        _addRequestHeaders(request, httpRequestBase, backOfficeRequestProxyExtensionPoint);
        _copyCookieHeaders(request, httpRequestBase);
        return httpRequestBase;
    }

    private static String _getEditionQueryPart(Request request) {
        return "true".equals((String) request.getAttribute(GetSiteAction.EDITION_URI)) ? "_edition=true" : "";
    }

    private static String _getContextQueryPart(SiteUrl siteUrl, String str) {
        return "_contextPath=" + siteUrl.getServerPath() + "&_baseServerPath=" + str;
    }

    private static MultipartEntityBuilder _getMultipartEntityBuilder(Request request) throws IOException {
        MultipartEntityBuilder create = MultipartEntityBuilder.create();
        create.setMode(HttpMultipartMode.RFC6532);
        Enumeration parameterNames = request.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            if (!__FILTERED_REQUEST_PARAMETERS.contains(str)) {
                _addMultipartEntityToBuilder(create, str, request.get(str));
            }
        }
        return create;
    }

    private static void _addMultipartEntityToBuilder(MultipartEntityBuilder multipartEntityBuilder, String str, Object obj) throws IOException {
        if (obj instanceof Part) {
            Part part = (Part) obj;
            multipartEntityBuilder.addPart(str, new InputStreamBody(part.getInputStream(), ContentType.create(part.getMimeType()), part.getFileName()));
        } else {
            if (!(obj instanceof Vector)) {
                multipartEntityBuilder.addPart(str, new StringBody(obj.toString(), ContentType.create("text/plain", Consts.UTF_8)));
                return;
            }
            Iterator it = ((Vector) obj).iterator();
            while (it.hasNext()) {
                _addMultipartEntityToBuilder(multipartEntityBuilder, str, it.next());
            }
        }
    }

    private static String _getParameters(Request request) {
        StringBuilder sb = new StringBuilder();
        Enumeration parameterNames = request.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            if (!__FILTERED_REQUEST_PARAMETERS.contains(str)) {
                for (String str2 : request.getParameterValues(str)) {
                    sb.append("&");
                    sb.append(str);
                    sb.append("=");
                    sb.append(URLEncoder.encodeParameter(str2));
                }
            }
        }
        return sb.toString();
    }

    private static void _addRequestHeaders(Request request, HttpUriRequest httpUriRequest, BackOfficeRequestProxyExtensionPoint backOfficeRequestProxyExtensionPoint) {
        UserIdentity userIdentityFromSession = FrontAuthenticateAction.getUserIdentityFromSession(request);
        httpUriRequest.addHeader("X-Ametys-FO", "true");
        if (userIdentityFromSession != null) {
            httpUriRequest.addHeader("X-Ametys-FO-Login", userIdentityFromSession.getLogin());
            httpUriRequest.addHeader("X-Ametys-FO-Population", userIdentityFromSession.getPopulationId());
            Site site = (Site) request.getAttribute("site");
            Session session = request.getSession(false);
            if (site != null && session != null) {
                httpUriRequest.addHeader("X-Ametys-FO-Credential-Provider", ((CredentialProvider) session.getAttribute("Runtime:CredentialProvider-" + site.getName())).getId());
            }
        }
        Iterator it = backOfficeRequestProxyExtensionPoint.getExtensionsIds().iterator();
        while (it.hasNext()) {
            ((BackOfficeRequestProxy) backOfficeRequestProxyExtensionPoint.getExtension((String) it.next())).prepareBackOfficeRequest(request, httpUriRequest);
        }
        String str = (String) request.getAttribute("Monitoring-UUID");
        if (str != null) {
            httpUriRequest.addHeader("X-Ametys-FO-UUID", str);
        }
        Enumeration headerNames = request.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String str2 = (String) headerNames.nextElement();
            if (__AUTHORIZED_HEADERS.matcher(str2).matches()) {
                Enumeration headers = request.getHeaders(str2);
                while (headers.hasMoreElements()) {
                    httpUriRequest.addHeader(str2, (String) headers.nextElement());
                }
            }
        }
        String header = request.getHeader("X-Forwarded-For");
        httpUriRequest.setHeader("X-Forwarded-For", (header == null ? "" : header + ", ") + request.getRemoteAddr());
    }

    private static void _copyCookieHeaders(Request request, HttpUriRequest httpUriRequest) {
        Enumeration headers = request.getHeaders("Cookie");
        while (headers.hasMoreElements()) {
            for (String str : ((String) headers.nextElement()).split("; ")) {
                if (!str.startsWith("JSESSIONID=")) {
                    if (str.startsWith("JSESSIONID-Ametys=")) {
                        httpUriRequest.addHeader("Cookie", str.replace("JSESSIONID-Ametys=", "JSESSIONID="));
                    } else {
                        httpUriRequest.addHeader("Cookie", str);
                    }
                }
            }
        }
    }

    static {
        $assertionsDisabled = !BackOfficeRequestHelper.class.desiredAssertionStatus();
        __AUTHORIZED_HEADERS = Pattern.compile("^(?:Accept|Accept-Language|Accept-Charset|Referer|Origin|User-Agent|If-None-Match|If-Modified-Since)$", 2);
        __FILTERED_REQUEST_PARAMETERS = new HashSet(Arrays.asList("cocoon-view"));
    }
}
