package org.drools.guvnor.server.files;

import java.io.IOException;
import java.text.DateFormat;
import java.text.ParseException;
import java.util.Calendar;
import javax.security.auth.login.LoginException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import org.apache.log4j.varia.ExternallyRolledFileAppender;
import org.apache.util.Base64;
import org.drools.guvnor.server.util.TestEnvironmentSessionHelper;
import org.drools.repository.RulesRepository;
import org.drools.repository.remoteapi.Response;
import org.drools.repository.remoteapi.RestAPI;
import org.hsqldb.ServerConstants;
import org.jboss.seam.Component;
import org.jboss.seam.contexts.Contexts;
import org.jboss.seam.security.Identity;

/* loaded from: input_file:WEB-INF/classes/org/drools/guvnor/server/files/RestAPIServlet.class */
public class RestAPIServlet extends HttpServlet {
    private static final long serialVersionUID = 500;
    public static final Logger log = Logger.getLogger(RestAPIServlet.class);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/classes/org/drools/guvnor/server/files/RestAPIServlet$A.class */
    public interface A {
        void a() throws Exception;
    }

    protected void doPost(final HttpServletRequest httpServletRequest, final HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doAuthorizedAction(httpServletRequest, httpServletResponse, new A() { // from class: org.drools.guvnor.server.files.RestAPIServlet.1
            @Override // org.drools.guvnor.server.files.RestAPIServlet.A
            public void a() throws Exception {
                httpServletResponse.setContentType(ServerConstants.SC_DEFAULT_WEB_MIME);
                RestAPI api = RestAPIServlet.this.getAPI();
                String header = httpServletRequest.getHeader("Checkin-Comment");
                api.post(httpServletRequest.getRequestURI(), httpServletRequest.getInputStream(), header != null ? header : "");
                httpServletResponse.getWriter().write(ExternallyRolledFileAppender.OK);
            }
        });
    }

    protected void doGet(final HttpServletRequest httpServletRequest, final HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doAuthorizedAction(httpServletRequest, httpServletResponse, new A() { // from class: org.drools.guvnor.server.files.RestAPIServlet.2
            @Override // org.drools.guvnor.server.files.RestAPIServlet.A
            public void a() throws Exception {
                RestAPI api = RestAPIServlet.this.getAPI();
                String queryString = httpServletRequest.getQueryString();
                String requestURI = httpServletRequest.getRequestURI();
                if (queryString != null && queryString.length() > 0) {
                    requestURI = requestURI + '?' + queryString;
                }
                Response response = api.get(requestURI);
                httpServletResponse.setContentType("application/x-download");
                httpServletResponse.setHeader("Content-Disposition", "attachment; filename=data;");
                response.writeData(httpServletResponse.getOutputStream());
                httpServletResponse.getOutputStream().flush();
            }
        });
    }

    protected void doPut(final HttpServletRequest httpServletRequest, final HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doAuthorizedAction(httpServletRequest, httpServletResponse, new A() { // from class: org.drools.guvnor.server.files.RestAPIServlet.3
            @Override // org.drools.guvnor.server.files.RestAPIServlet.A
            public void a() throws Exception {
                httpServletResponse.setContentType(ServerConstants.SC_DEFAULT_WEB_MIME);
                RestAPI api = RestAPIServlet.this.getAPI();
                String header = httpServletRequest.getHeader("Checkin-Comment");
                api.put(httpServletRequest.getRequestURI(), RestAPIServlet.this.getModified(httpServletRequest.getHeader("Last-Modified")), httpServletRequest.getInputStream(), header != null ? header : "");
                httpServletResponse.getWriter().write(ExternallyRolledFileAppender.OK);
            }
        });
    }

    Calendar getModified(String str) throws ParseException {
        if (str == null) {
            return null;
        }
        Calendar calendar = Calendar.getInstance();
        try {
            calendar.setTime(RestAPI.getISODateFormat().parse(str));
        } catch (ParseException e) {
            calendar.setTime(DateFormat.getInstance().parse(str));
        }
        return calendar;
    }

    protected void doDelete(final HttpServletRequest httpServletRequest, final HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doAuthorizedAction(httpServletRequest, httpServletResponse, new A() { // from class: org.drools.guvnor.server.files.RestAPIServlet.4
            @Override // org.drools.guvnor.server.files.RestAPIServlet.A
            public void a() throws Exception {
                httpServletResponse.setContentType(ServerConstants.SC_DEFAULT_WEB_MIME);
                RestAPIServlet.this.getAPI().delete(httpServletRequest.getRequestURI());
                httpServletResponse.getWriter().write(ExternallyRolledFileAppender.OK);
            }
        });
    }

    private void doAuthorizedAction(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, A a) throws IOException {
        if (!allowUser(httpServletRequest.getHeader("Authorization"))) {
            httpServletResponse.setHeader("WWW-Authenticate", "BASIC realm=\"users\"");
            httpServletResponse.sendError(401);
        } else {
            try {
                a.a();
            } catch (Exception e) {
                log.error(e);
                throw new RuntimeException(e);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static RulesRepository getRepository() {
        if (Contexts.isApplicationContextActive()) {
            return (RulesRepository) Component.getInstance("repository");
        }
        try {
            return new RulesRepository(TestEnvironmentSessionHelper.getSession(false));
        } catch (Exception e) {
            throw new IllegalStateException("Unable to get repo to run tests", e);
        }
    }

    RestAPI getAPI() {
        return new RestAPI(getRepository());
    }

    public static boolean allowUser(String str) {
        if (str == null || !str.toUpperCase().startsWith("BASIC ")) {
            return false;
        }
        String[] unpack = unpack(str);
        String str2 = unpack[0];
        String str3 = unpack[1];
        if (!Contexts.isApplicationContextActive()) {
            return str2.equals(ServerConstants.SC_DEFAULT_DATABASE) && str3.equals("password");
        }
        Identity instance = Identity.instance();
        instance.setUsername(str2);
        instance.setPassword(str3);
        try {
            instance.authenticate();
            return true;
        } catch (LoginException e) {
            log.warn("Unable to authenticate for rest api: " + str2);
            return false;
        }
    }

    static String[] unpack(String str) {
        String[] split = new String(Base64.decode(str.substring(6).getBytes())).split(":");
        split[0] = split[0].trim();
        split[1] = split[1].trim();
        return split;
    }
}
