package io.apiman.manager.ui.server.servlets;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.HashSet;
import java.util.Set;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.IOUtils;

/* loaded from: input_file:io/apiman/manager/ui/server/servlets/ApiManagerProxyServlet.class */
public class ApiManagerProxyServlet extends AbstractUIServlet {
    private static final long serialVersionUID = -4532742030638806510L;
    private static Set<String> EXCLUDE_HEADERS = new HashSet();

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        StringBuilder sb = new StringBuilder();
        String managementApiEndpoint = getConfig().getManagementApiEndpoint();
        if (managementApiEndpoint == null) {
            managementApiEndpoint = getDefaultEndpoint(httpServletRequest);
        }
        sb.append(managementApiEndpoint);
        if (!sb.toString().endsWith("/")) {
            sb.append('/');
        }
        String pathInfo = httpServletRequest.getPathInfo();
        if (pathInfo == null || !pathInfo.startsWith("/")) {
            sb.append(pathInfo);
        } else {
            sb.append(pathInfo.substring(1));
        }
        String str = null;
        switch (getConfig().getManagementApiAuthType()) {
            case basic:
                str = "Basic " + base64Encode(getConfig().getManagementApiAuthUsername() + ":" + getConfig().getManagementApiAuthPassword());
                break;
            case authToken:
                str = "AUTH-TOKEN " + getTokenGenerator().generateToken(httpServletRequest).getToken();
                break;
            case bearerToken:
                str = "Bearer " + getTokenGenerator().generateToken(httpServletRequest).getToken();
                break;
            case samlBearerToken:
                str = "Basic SAML-BEARER-TOKEN:" + getTokenGenerator().generateToken(httpServletRequest).getToken();
                break;
        }
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(sb.toString()).openConnection();
        InputStream inputStream = null;
        OutputStream outputStream = null;
        try {
            if (str != null) {
                try {
                    httpURLConnection.setRequestProperty("Authorization", str);
                } catch (Exception e) {
                    httpServletResponse.sendError(500, e.getMessage());
                    IOUtils.closeQuietly(outputStream);
                    IOUtils.closeQuietly(inputStream);
                    return;
                }
            }
            httpURLConnection.connect();
            for (String str2 : httpURLConnection.getHeaderFields().keySet()) {
                if (str2 != null && !EXCLUDE_HEADERS.contains(str2)) {
                    httpServletResponse.setHeader(str2, httpURLConnection.getHeaderField(str2));
                    if (sb.toString().contains("apiregistry")) {
                        httpServletResponse.setHeader("Content-Disposition", "attachment; filename=api-registry." + (sb.toString().endsWith("xml") ? "xml" : "json"));
                    }
                }
            }
            httpServletResponse.setHeader("Cache-control", "no-cache, no-store, must-revalidate");
            inputStream = httpURLConnection.getInputStream();
            outputStream = httpServletResponse.getOutputStream();
            IOUtils.copy(inputStream, outputStream);
            httpServletResponse.flushBuffer();
            IOUtils.closeQuietly(outputStream);
            IOUtils.closeQuietly(inputStream);
        } catch (Throwable th) {
            IOUtils.closeQuietly(outputStream);
            IOUtils.closeQuietly(inputStream);
            throw th;
        }
    }

    private String base64Encode(String str) throws UnsupportedEncodingException {
        return Base64.encodeBase64String(str.getBytes("UTF-8"));
    }

    static {
        EXCLUDE_HEADERS.add("ETag");
        EXCLUDE_HEADERS.add("Last-Modified");
        EXCLUDE_HEADERS.add("Date");
        EXCLUDE_HEADERS.add("Cache-control");
    }
}
