package weblogic.management.servlet;

import java.io.BufferedOutputStream;
import java.io.DataOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import javax.mail.internet.MimeUtility;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import weblogic.deploy.utils.DeploymentServletConstants;
import weblogic.diagnostics.debug.DebugLogger;
import weblogic.kernel.Kernel;
import weblogic.ldap.EmbeddedLDAP;
import weblogic.management.ManagementLogger;
import weblogic.management.provider.PropertyService;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.acl.internal.FileRealm;
import weblogic.security.service.AdminResource;
import weblogic.security.service.AuthorizationManager;
import weblogic.security.service.PrincipalAuthenticator;
import weblogic.security.service.PrivilegedActions;
import weblogic.security.service.SecurityService;
import weblogic.security.service.SecurityServiceManager;
import weblogic.servlet.security.Utils;
import weblogic.utils.io.StreamUtils;

/* loaded from: input_file:weblogic/management/servlet/FileDistributionServlet.class */
public class FileDistributionServlet extends HttpServlet {
    public static final String OAM_APPNAME = "bea_wls_management_internal2";
    public static final String NAME = "bea_wls_management_internal2/wl_management";
    public static final String REQUEST_TYPE = "wl_request_type";
    public static final String REQUEST_USERNAME = "username";
    public static final String REQUEST_PASSWORD = "password";
    public static final String FILE_REALM_REQUEST = "wl_file_realm_request";
    public static final String INIT_REPLICA_REQUEST = "wl_init_replica_request";
    public static final String INIT_REPLICA_SERVER_NAME = "init-replica_server-name";
    public static final String INIT_REPLICA_SERVER_URL = "init-replica_server-url";
    public static final String INIT_REPLICA_VALIDATE = "init-replica-validate";
    public static final String XML_ENTITY_REQUEST = "wl_xml_entity_request";
    public static final String XML_ENTITY_PATH = "xml-entity-path";
    public static final String XML_REGISTRY_NAME = "xml-registry-name";
    public static final String JSP_UPLOAD_REQUEST = "wl_jsp_upload_request";
    public static final String JSP_REFRESH_REQUEST = "wl_jsp_refresh_request";
    public static final String SERVER_NAME = "server_name";
    public static final String MSI_REQUEST = "wl_managed_server_independence_request";
    public static final String MSI_REQUEST_FILE = "wl_managed_server_independence_request_filename";
    public static final String MSI_REQUEST_DOMAIN = "wl_managed_server_independence_request_domain";
    public static final String FILE_REQUEST = "file";
    public static final String FILE_REQUESTED = "file_name";
    private static final long serialVersionUID = -8473442547994280015L;
    private AuthorizationManager am = null;
    private PrincipalAuthenticator pa = null;
    private static DebugLogger debugLogger = DebugLogger.getDebugLogger("DebugFileDistributionServlet");
    private static AuthenticatedSubject KERNEL_ID = (AuthenticatedSubject) AccessController.doPrivileged(PrivilegedActions.getKernelIdentityAction());

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:weblogic/management/servlet/FileDistributionServlet$FileNotFoundHandler.class */
    public interface FileNotFoundHandler {
        void log(String str);

        String purpose();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:weblogic/management/servlet/FileDistributionServlet$MyCallbackHandler.class */
    public class MyCallbackHandler implements CallbackHandler {
        private String username;
        private String password;

        public MyCallbackHandler(String str, String str2) {
            this.username = str;
            this.password = str2;
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws UnsupportedCallbackException {
            for (int i = 0; i < callbackArr.length; i++) {
                if (callbackArr[i] instanceof NameCallback) {
                    ((NameCallback) callbackArr[i]).setName(this.username);
                } else {
                    if (!(callbackArr[i] instanceof PasswordCallback)) {
                        throw new UnsupportedCallbackException(callbackArr[i], "Unrecognized Callback");
                    }
                    PasswordCallback passwordCallback = (PasswordCallback) callbackArr[i];
                    if (this.password != null) {
                        passwordCallback.setPassword(this.password.toCharArray());
                    } else {
                        passwordCallback.setPassword(null);
                    }
                }
            }
        }
    }

    public static URL getURL() throws MalformedURLException {
        String adminHttpUrl = PropertyService.getAdminHttpUrl();
        if (!adminHttpUrl.endsWith("/")) {
            adminHttpUrl = adminHttpUrl + "/";
        }
        return new URL(adminHttpUrl + NAME);
    }

    private AuthenticatedSubject authenticateRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String header = httpServletRequest.getHeader(ConnectionSigner.REQUEST_SALT);
        if (header != null) {
            String header2 = httpServletRequest.getHeader(ConnectionSigner.REQUEST_SIGNATURE);
            if (header2 == null) {
                ManagementLogger.logErrorFDSMissingCredentials();
            }
            if (ConnectionSigner.authenticate(header, header2)) {
                return KERNEL_ID;
            }
            ManagementLogger.logErrorFDSAuthenticationFailedDueToDomainWideSecretMismatch(header, header2);
            return null;
        }
        String header3 = httpServletRequest.getHeader("username");
        String header4 = httpServletRequest.getHeader("password");
        if (header3 == null || header4 == null) {
            ManagementLogger.logErrorFDSMissingCredentials();
            httpServletResponse.sendError(401);
            return null;
        }
        try {
            return this.pa.authenticate(new MyCallbackHandler(header3, header4));
        } catch (LoginException e) {
            ManagementLogger.logErrorFDSAuthenticationFailed(header3);
            httpServletResponse.sendError(401);
            return null;
        }
    }

    @Override // javax.servlet.GenericServlet, javax.servlet.Servlet
    public String getServletInfo() {
        return "Management files distribution servlet";
    }

    @Override // javax.servlet.GenericServlet, javax.servlet.Servlet
    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        KERNEL_ID = (AuthenticatedSubject) AccessController.doPrivileged(PrivilegedActions.getKernelIdentityAction());
        if (KERNEL_ID == null) {
            throw new ServletException("Security Services Unavailable");
        }
        this.pa = (PrincipalAuthenticator) SecurityServiceManager.getSecurityService(KERNEL_ID, SecurityServiceManager.defaultRealmName, SecurityService.ServiceType.AUTHENTICATION);
        this.am = (AuthorizationManager) SecurityServiceManager.getSecurityService(KERNEL_ID, SecurityServiceManager.defaultRealmName, SecurityService.ServiceType.AUTHORIZE);
        if (this.pa == null || this.am == null) {
            throw new ServletException("Security Services Unavailable");
        }
        if (debugLogger.isDebugEnabled()) {
            debugLogger.debug("FileDistributionServlet initialized");
        }
    }

    @Override // javax.servlet.http.HttpServlet
    public void doPost(final HttpServletRequest httpServletRequest, final HttpServletResponse httpServletResponse) throws ServletException, IOException {
        AuthenticatedSubject authenticateRequest = authenticateRequest(httpServletRequest, httpServletResponse);
        if (authenticateRequest == null) {
            return;
        }
        try {
            SecurityServiceManager.runAs(KERNEL_ID, authenticateRequest, new PrivilegedExceptionAction() { // from class: weblogic.management.servlet.FileDistributionServlet.1
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    FileDistributionServlet.this.internalDoPost(httpServletRequest, httpServletResponse);
                    return null;
                }
            });
        } catch (PrivilegedActionException e) {
            ManagementLogger.logErrorFDSUnauthorizedUploadAttempt(authenticateRequest.getName());
            httpServletResponse.sendError(401);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void internalDoPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
    }

    @Override // javax.servlet.http.HttpServlet
    public void doGet(final HttpServletRequest httpServletRequest, final HttpServletResponse httpServletResponse) throws ServletException, IOException {
        AuthenticatedSubject authenticateRequest = authenticateRequest(httpServletRequest, httpServletResponse);
        if (authenticateRequest == null) {
            return;
        }
        final String header = httpServletRequest.getHeader("wl_request_type");
        if (authenticateRequest != KERNEL_ID) {
            if (!this.am.isAccessAllowed(authenticateRequest, new AdminResource("FileDownload", null, header), null)) {
                ManagementLogger.logErrorFDSUnauthorizedDownloadAttempt(authenticateRequest.getName(), header);
                httpServletResponse.sendError(401);
                return;
            }
        }
        try {
            if (debugLogger.isDebugEnabled()) {
                debugLogger.debug("---- >doGet incoming request: " + header);
            }
            if (header.equals(XML_ENTITY_REQUEST)) {
                doGetXMLEntityRequest(httpServletRequest, httpServletResponse);
            } else if (header.equals(JSP_REFRESH_REQUEST)) {
                doGetJspRefreshRequest(httpServletRequest, httpServletResponse);
            } else if (header.equals("file")) {
                doGetFile(httpServletRequest, httpServletResponse);
            } else if (header.equals(INIT_REPLICA_REQUEST) || header.equals(FILE_REALM_REQUEST) || header.equals(MSI_REQUEST)) {
                try {
                    SecurityServiceManager.runAs(KERNEL_ID, authenticateRequest, new PrivilegedExceptionAction() { // from class: weblogic.management.servlet.FileDistributionServlet.2
                        @Override // java.security.PrivilegedExceptionAction
                        public Object run() throws IOException {
                            if (header.equals(FileDistributionServlet.INIT_REPLICA_REQUEST)) {
                                FileDistributionServlet.this.doGetInitReplicaRequest(httpServletRequest, httpServletResponse);
                                return null;
                            }
                            if (header.equals(FileDistributionServlet.FILE_REALM_REQUEST)) {
                                FileDistributionServlet.this.doGetFileRealmRequest(httpServletResponse);
                                return null;
                            }
                            if (!header.equals(FileDistributionServlet.MSI_REQUEST)) {
                                return null;
                            }
                            FileDistributionServlet.this.doGetMSIRequest(httpServletRequest, httpServletResponse);
                            return null;
                        }
                    });
                } catch (PrivilegedActionException e) {
                    throw e.getException();
                }
            } else {
                httpServletResponse.addHeader(DeploymentServletConstants.ERROR_MSG, "Bad request type");
                httpServletResponse.sendError(HttpServletResponse.SC_BAD_REQUEST, "Bad request type: " + Utils.encodeXSS(header));
                ManagementLogger.logBadRequestInFileDistributionServlet(header);
            }
        } catch (Exception e2) {
            if (!Kernel.isInitialized()) {
                throw new AssertionError("kernel not initialized");
            }
            ManagementLogger.logErrorInFileDistributionServlet(header, e2);
        }
    }

    private void returnInputStream(InputStream inputStream, OutputStream outputStream) throws IOException {
        StreamUtils.writeTo(inputStream, outputStream);
    }

    private void returnFile(String str, HttpServletResponse httpServletResponse, boolean z, FileNotFoundHandler fileNotFoundHandler) throws IOException {
        File file = new File(str);
        if (!file.exists()) {
            String str2 = fileNotFoundHandler.purpose() + " file not found at configured location";
            httpServletResponse.addHeader(DeploymentServletConstants.ERROR_MSG, str2);
            httpServletResponse.sendError(500, str2 + ": " + Utils.encodeXSS(file.toString()));
            if (Kernel.isInitialized()) {
                fileNotFoundHandler.log(file.toString());
                return;
            }
            return;
        }
        DataOutputStream dataOutputStream = new DataOutputStream(httpServletResponse.getOutputStream());
        if (z) {
            try {
                dataOutputStream.writeUTF(Utils.encodeXSS(str));
            } finally {
                dataOutputStream.close();
            }
        }
        InputStream fileInputStream = new FileInputStream(file);
        try {
            returnInputStream(fileInputStream, dataOutputStream);
        } finally {
            fileInputStream.close();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void doGetFileRealmRequest(HttpServletResponse httpServletResponse) throws IOException {
        returnFile(FileRealm.getPath(), httpServletResponse, false, new FileNotFoundHandler() { // from class: weblogic.management.servlet.FileDistributionServlet.3
            @Override // weblogic.management.servlet.FileDistributionServlet.FileNotFoundHandler
            public void log(String str) {
                ManagementLogger.logFileNotFoundProcessingFileRealmRequest(str);
            }

            @Override // weblogic.management.servlet.FileDistributionServlet.FileNotFoundHandler
            public String purpose() {
                return "Security";
            }
        });
    }

    /* JADX WARN: Code restructure failed: missing block: B:29:0x00fe, code lost:
    
        if (r10 == null) goto L33;
     */
    /* JADX WARN: Code restructure failed: missing block: B:30:0x0101, code lost:
    
        r10.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:31:0x0106, code lost:
    
        r0.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:33:0x00f9, code lost:
    
        throw r14;
     */
    /* JADX WARN: Code restructure failed: missing block: B:40:0x00fe, code lost:
    
        if (r10 == null) goto L33;
     */
    /* JADX WARN: Code restructure failed: missing block: B:41:0x0101, code lost:
    
        r10.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:42:0x0106, code lost:
    
        r0.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:43:0x00f1, code lost:
    
        return;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void doGetXMLEntityRequest(javax.servlet.http.HttpServletRequest r5, javax.servlet.http.HttpServletResponse r6) throws java.io.IOException {
        /*
            Method dump skipped, instructions count: 287
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: weblogic.management.servlet.FileDistributionServlet.doGetXMLEntityRequest(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse):void");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void doGetInitReplicaRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String mimeDecode = mimeDecode(httpServletRequest.getHeader(INIT_REPLICA_SERVER_NAME));
        if (debugLogger.isDebugEnabled()) {
            debugLogger.debug("wl_init_replica_request: serverName = " + mimeDecode);
        }
        if (mimeDecode == null) {
            ManagementLogger.logErrorProcessingInitReplicaRequest("Server Name not specified");
            httpServletResponse.addHeader(DeploymentServletConstants.ERROR_MSG, "Server Name not specified");
            httpServletResponse.sendError(500, "Server Name not specified");
            return;
        }
        String header = httpServletRequest.getHeader(INIT_REPLICA_SERVER_URL);
        String header2 = httpServletRequest.getHeader(INIT_REPLICA_VALIDATE);
        EmbeddedLDAP embeddedLDAP = EmbeddedLDAP.getEmbeddedLDAP();
        if (embeddedLDAP == null) {
            ManagementLogger.logErrorProcessingInitReplicaRequest("Embedded LDAP not available");
            httpServletResponse.addHeader(DeploymentServletConstants.ERROR_MSG, "Embedded LDAP not available");
            httpServletResponse.sendError(500, "Embedded LDAP not available");
            return;
        }
        if (header2 != null) {
            try {
                if (embeddedLDAP.isValidReplica(mimeDecode, header)) {
                    new BufferedOutputStream(httpServletResponse.getOutputStream()).close();
                    return;
                }
            } catch (Exception e) {
                if (debugLogger.isDebugEnabled()) {
                    debugLogger.debug("Exception in FileDistributionServlet", e);
                }
                String str = "" + e.getMessage();
                ManagementLogger.logErrorProcessingInitReplicaRequest(str);
                httpServletResponse.addHeader(DeploymentServletConstants.ERROR_MSG, str);
                httpServletResponse.sendError(500, str);
                return;
            }
        }
        try {
            String initReplicaForNewServer = embeddedLDAP.initReplicaForNewServer(mimeDecode, header);
            if (initReplicaForNewServer != null) {
                returnFile(initReplicaForNewServer, httpServletResponse, false, new FileNotFoundHandler() { // from class: weblogic.management.servlet.FileDistributionServlet.4
                    @Override // weblogic.management.servlet.FileDistributionServlet.FileNotFoundHandler
                    public void log(String str2) {
                        ManagementLogger.logFileNotFoundProcessingInitReplicaRequest(str2);
                    }

                    @Override // weblogic.management.servlet.FileDistributionServlet.FileNotFoundHandler
                    public String purpose() {
                        return "Embedded LDAP initial replica";
                    }
                });
                return;
            }
            ManagementLogger.logErrorProcessingInitReplicaRequest("Initial replica not available");
            httpServletResponse.addHeader(DeploymentServletConstants.ERROR_MSG, "Initial replica not available");
            httpServletResponse.sendError(500, "Initial replica not available");
        } catch (Exception e2) {
            if (debugLogger.isDebugEnabled()) {
                debugLogger.debug("Exception in FileDistributionServlet", e2);
            }
            String str2 = "" + e2.getMessage();
            ManagementLogger.logErrorProcessingInitReplicaRequest(str2);
            httpServletResponse.addHeader(DeploymentServletConstants.ERROR_MSG, str2);
            httpServletResponse.sendError(500, str2);
        }
    }

    private static String mimeDecode(String str) {
        String str2;
        try {
            str2 = MimeUtility.decodeText(str);
        } catch (UnsupportedEncodingException e) {
            str2 = str;
        }
        return str2;
    }

    private void doGetJspRefreshRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        try {
            FileInputStream fileInputStream = new FileInputStream(httpServletRequest.getHeader("adminPath"));
            try {
                httpServletResponse.setContentType("text/plain");
                httpServletResponse.setStatus(200);
                returnInputStream(fileInputStream, httpServletResponse.getOutputStream());
            } finally {
                fileInputStream.close();
            }
        } catch (IOException e) {
            String str = "I/O Exception getting resource: " + e.getMessage();
            httpServletResponse.addHeader(DeploymentServletConstants.ERROR_MSG, str);
            httpServletResponse.sendError(500, str);
        }
    }

    /*  JADX ERROR: NullPointerException in pass: RegionMakerVisitor
        java.lang.NullPointerException
        */
    /* JADX INFO: Access modifiers changed from: private */
    public void doGetMSIRequest(javax.servlet.http.HttpServletRequest r5, javax.servlet.http.HttpServletResponse r6) throws java.io.IOException {
        /*
            Method dump skipped, instructions count: 304
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: weblogic.management.servlet.FileDistributionServlet.doGetMSIRequest(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse):void");
    }

    private void doGetFile(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String header = httpServletRequest.getHeader("file_name");
        if (debugLogger.isDebugEnabled()) {
            debugLogger.debug(" File requested : " + header);
        }
        File file = new File(header);
        if (!file.exists()) {
            String str = file.getAbsolutePath() + " doesn't exist";
            httpServletResponse.addHeader(DeploymentServletConstants.ERROR_MSG, str);
            httpServletResponse.sendError(404, str);
            return;
        }
        try {
            InputStream fileInputStream = new FileInputStream(file);
            try {
                httpServletResponse.setContentType("text/plain");
                httpServletResponse.setStatus(200);
                returnInputStream(fileInputStream, httpServletResponse.getOutputStream());
            } finally {
                fileInputStream.close();
            }
        } catch (IOException e) {
            log("Interal I/0 Exception on AdminServer getting resource " + (header == null ? "null" : header), e);
            String str2 = "I/O Exception getting resource: " + e.getMessage();
            httpServletResponse.addHeader(DeploymentServletConstants.ERROR_MSG, str2);
            httpServletResponse.sendError(500, str2);
        }
    }
}
