package fr.in2p3.lavoisier.service.resources;

import fr.in2p3.lavoisier.interfaces.error.AuthenticationException;
import fr.in2p3.lavoisier.interfaces.error.AuthorizationException;
import fr.in2p3.lavoisier.security.UserPasswordAuthN;
import fr.in2p3.lavoisier.service.ResponseResult;
import java.net.URLDecoder;
import java.security.Principal;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.glassfish.grizzly.http.Method;
import org.glassfish.grizzly.http.server.Request;
import org.glassfish.grizzly.http.server.Response;
import org.glassfish.grizzly.http.util.Base64Utils;
import org.glassfish.grizzly.http.util.HttpStatus;

/* loaded from: input_file:fr/in2p3/lavoisier/service/resources/LavoisierHttpHandler.class */
public class LavoisierHttpHandler extends AbstractHttpHandler {
    private static Logger s_logger = Logger.getLogger(LavoisierHttpHandler.class.getName());
    private UserPasswordAuthN m_autenticator;

    public LavoisierHttpHandler(String str) {
        super(str);
        this.m_autenticator = UserPasswordAuthN.getInstance();
    }

    public void service(Request request, Response response) throws Exception {
        String str;
        Method method = request.getMethod();
        str = "_default_";
        String str2 = null;
        String str3 = null;
        String str4 = null;
        String[] split = request.getPathInfo().split("/", 3);
        if (split.length > 1) {
            str = split[1].length() > 0 ? split[1] : "_default_";
            if (split.length > 2) {
                str2 = "/" + split[2];
            }
        }
        if (request.getQueryString() != null) {
            for (String str5 : request.getQueryString().split("&")) {
                String str6 = str5.split("=")[0];
                String str7 = str5.split("=")[1];
                s_logger.log(Level.FINEST, str6 + "=" + str7);
                if (str6.equals("accept")) {
                    str3 = str7;
                } else if (str6.equals("login")) {
                    str4 = str7;
                }
            }
        }
        s_logger.log(Level.WARNING, "Executing view " + str);
        String str8 = null;
        String authorization = request.getAuthorization();
        s_logger.log(Level.FINE, "Authz=" + authorization);
        s_logger.log(Level.FINE, "RemoteUser=" + request.getRemoteUser());
        if (authorization != null) {
            String str9 = authorization.split(" ")[0];
            String str10 = authorization.split(" ")[1];
            if ("Basic".equals(str9)) {
                str8 = new String(Base64Utils.decode(str10)).split(":")[0];
                try {
                    this.m_autenticator.authentify(str8, new String(Base64Utils.decode(str10)).split(":")[1]);
                } catch (AuthenticationException e) {
                    s_logger.log(Level.WARNING, e.getMessage());
                    response.setStatus(HttpStatus.UNAUTHORIZED_401.getStatusCode());
                    response.setHeader("WWW-Authenticate", "Basic realm=\"" + e.getMessage() + "\"");
                    response.finish();
                    return;
                } catch (ArrayIndexOutOfBoundsException e2) {
                    s_logger.log(Level.FINE, "Authentication needed, send back 401");
                    response.setStatus(HttpStatus.UNAUTHORIZED_401.getStatusCode());
                    response.setHeader("WWW-Authenticate", "Basic realm=\"Missing password for user " + str8 + "\"");
                    response.finish();
                    return;
                }
            }
        } else {
            Principal userPrincipal = request.getUserPrincipal();
            if (userPrincipal != null) {
                str8 = userPrincipal.toString();
            } else if (str4 != null) {
                s_logger.log(Level.FINE, "Authentication needed, send back 401");
                response.setStatus(HttpStatus.UNAUTHORIZED_401.getStatusCode());
                response.setHeader("WWW-Authenticate", "Basic realm=\"Missing password for user " + str4 + "\"");
                response.finish();
                return;
            }
        }
        String[] strArr = str8 == null ? new String[]{request.getRemoteAddr()} : new String[]{request.getRemoteAddr(), str8};
        for (String str11 : strArr) {
            s_logger.log(Level.FINE, "UserId=" + str11);
        }
        try {
            if (Method.GET.equals(method)) {
                try {
                    try {
                        try {
                            String queryString = request.getQueryString();
                            if (queryString != null) {
                                queryString = queryString.replace("&", "\n");
                            }
                            this.m_engine.execute(new ResponseResult(response), strArr, str, str2, queryString, str3);
                            response.finish();
                            return;
                        } catch (AuthorizationException e3) {
                            s_logger.log(Level.FINE, "Not authorized, send back 403");
                            response.setStatus(HttpStatus.FORBIDDEN_403.getStatusCode(), e3.getMessage());
                            response.finish();
                            return;
                        }
                    } catch (Exception e4) {
                        s_logger.log(Level.WARNING, "Failed to execute GET request '/" + str + (str2 == null ? "" : str2) + "'", (Throwable) e4);
                        response.setContentType("text/plain");
                        response.getOutputStream().write((e4.getMessage() + "\n").getBytes());
                        response.setStatus(HttpStatus.NOT_FOUND_404.getStatusCode(), e4.getMessage());
                        response.finish();
                        return;
                    }
                } catch (AuthenticationException e5) {
                    s_logger.log(Level.WARNING, e5.getMessage());
                    response.setStatus(HttpStatus.UNAUTHORIZED_401.getStatusCode());
                    response.setHeader("WWW-Authenticate", "Basic realm=\"" + e5.getMessage() + "\"");
                    response.finish();
                    return;
                }
            }
            try {
                if (Method.POST.equals(method)) {
                    try {
                        if (request.getInputStream().available() != request.getContentLength()) {
                            s_logger.log(Level.SEVERE, "broken content section: only " + request.getInputStream().available() + " of " + request.getContentLength() + "bytes.");
                            throw new Exception("Bad content");
                        }
                        String decode = URLDecoder.decode(request.getInputBuffer().readBuffer().toStringContent(), "UTF-8");
                        s_logger.log(Level.FINE, "input=" + decode);
                        this.m_engine.execute(new ResponseResult(response), strArr, str, str2, decode.replace("&", "\n"), str3);
                        response.finish();
                    } catch (AuthenticationException e6) {
                        s_logger.log(Level.WARNING, e6.getMessage());
                        response.setStatus(HttpStatus.UNAUTHORIZED_401.getStatusCode());
                        response.setHeader("WWW-Authenticate", "Basic realm=\"" + e6.getMessage() + "\"");
                        response.finish();
                    } catch (AuthorizationException e7) {
                        s_logger.log(Level.INFO, "Not authorized, send back 403");
                        response.setStatus(HttpStatus.FORBIDDEN_403.getStatusCode(), e7.getMessage());
                        response.finish();
                    } catch (Exception e8) {
                        s_logger.log(Level.WARNING, "Failed to execute POST request '/" + str + (str2 == null ? "" : str2) + "'", (Throwable) e8);
                        response.setContentType("text/plain");
                        response.getOutputStream().write((e8.getMessage() + "\n").getBytes());
                        response.setStatus(HttpStatus.NOT_FOUND_404.getStatusCode(), e8.getMessage());
                        response.finish();
                    }
                }
            } catch (Throwable th) {
                response.finish();
                throw th;
            }
        } catch (Throwable th2) {
            response.finish();
            throw th2;
        }
    }
}
