package info.dragonlady.scriptlet;

import info.dragonlady.scriptlet.SecureServlet;
import info.dragonlady.util.DBAccesser;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.util.Properties;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.xml.parsers.DocumentBuilderFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:info/dragonlady/scriptlet/SecureServletGAE.class */
public class SecureServletGAE extends SecureServlet {
    private static final long serialVersionUID = -1783518376805871958L;
    private static final String DEFAULT_CHARSET = "Shift-jis";
    private static final String DEFAULT_CONTENT_TYPE = "text/html";
    protected static final String SEQUENCE_KEY = "info.dragonlady.scriptlet.SecureServlet#SEQUENCE_KEY";
    protected static final String SITEMAP_KEY = "info.dragonlady.scriptlet.SecureServlet#SITEMAP_KEY";
    public static final int CORRECT_SEQUENCE = 0;
    public static final int CONTEXT_ACCESS_SEQUENCE = 97;
    public static final int IGNORE_SEQUENCE = 98;
    public static final int INVALID_SEQUENCE = 99;
    public static final String WILD_CARD_SEQUENCE = "*";
    private String SCRIPTLET_PATH = "scriptlet_path";
    private String SITEMAP_PATH = "sitemap";
    private String DBCONFIG_PATH = "dbconfig";
    private String DBOBJECT_CONTROL = "dbobject";
    private String EXT_NAME = "extendName";
    private boolean sequenceControl = true;
    protected int sequenceId = 0;
    protected String charset = DEFAULT_CHARSET;
    protected String contentType = DEFAULT_CONTENT_TYPE;
    protected String scriptletPath = "WEB-INF" + File.separator + "scriptlet" + File.separator;
    protected String sitemapPath = "WEB-INF" + File.separator + "sitemap.xml";
    protected String dbConfigPath = "WEB-INF" + File.separator + "db_config.xml";
    protected Document sitemapXML = null;
    protected String defaultScriptClassName = null;
    protected DBAccesser dbaccesser = null;
    protected String extendName = null;
    private Properties properties = new Properties();

    @Override // info.dragonlady.scriptlet.SecureServlet
    protected void setupSiteMap(HttpSession httpSession) throws SystemErrorException {
        try {
            String str = String.valueOf(getRealPath()) + this.sitemapPath;
            if (this.properties.getProperty(this.SITEMAP_PATH) == null || this.properties.getProperty(this.SITEMAP_PATH).length() <= 2) {
                File file = new File(str);
                if (this.sitemapXML == null || httpSession.getAttribute(SITEMAP_KEY) == null) {
                    this.sitemapXML = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(str);
                    httpSession.setAttribute(SITEMAP_KEY, Long.valueOf(file.lastModified()));
                } else if (Long.parseLong(httpSession.getAttribute(SITEMAP_KEY).toString()) != file.lastModified()) {
                    this.sitemapXML = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(str);
                    httpSession.setAttribute(SITEMAP_KEY, Long.valueOf(file.lastModified()));
                }
            } else {
                String property = this.properties.getProperty(this.SITEMAP_PATH);
                File file2 = new File(property);
                if (this.sitemapXML == null || httpSession.getAttribute(SITEMAP_KEY) == null) {
                    this.sitemapXML = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(property);
                    httpSession.setAttribute(SITEMAP_KEY, Long.valueOf(file2.lastModified()));
                } else if (Long.parseLong(httpSession.getAttribute(SITEMAP_KEY).toString()) != file2.lastModified()) {
                    this.sitemapXML = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(property);
                    httpSession.setAttribute(SITEMAP_KEY, Long.valueOf(file2.lastModified()));
                }
            }
            if (this.sitemapXML == null) {
                throw new SystemErrorException("SITE-MAP XML NOT FOUND.");
            }
            NodeList elementsByTagName = this.sitemapXML.getElementsByTagName("site");
            if (elementsByTagName != null && elementsByTagName.getLength() > 0) {
                Element element = (Element) elementsByTagName.item(0);
                if (element.hasAttribute("class")) {
                    this.defaultScriptClassName = element.getAttribute("class");
                    return;
                }
            }
            throw new SystemErrorException("'SITE' ATTRIBUTE or 'CLASS' ATTRIBUTE NOT FOUND IN SITE_MAP XML.");
        } catch (SystemErrorException e) {
            throw e;
        } catch (Exception e2) {
            throw new SystemErrorException(e2);
        }
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    protected void setupDBObject() throws SystemErrorException {
        try {
            if (useDBObject()) {
                String str = String.valueOf(getRealPath()) + this.dbConfigPath;
                if (this.properties.getProperty(this.DBCONFIG_PATH) != null && this.properties.getProperty(this.DBCONFIG_PATH).length() > 2) {
                    str = this.properties.getProperty(this.DBCONFIG_PATH);
                }
                this.dbaccesser = new DBAccesser(new FileInputStream(str));
            }
        } catch (Exception e) {
            throw new SystemErrorException(e);
        }
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    public boolean useDBObject() {
        return this.properties.getProperty(this.DBOBJECT_CONTROL) != null && Boolean.parseBoolean(this.properties.getProperty(this.DBOBJECT_CONTROL));
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    public DBAccesser getDBAccessObject() {
        return this.dbaccesser;
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    protected void initialize(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IllegalAccessException, SystemErrorException {
        if (this.properties.getProperty("sequence_control") != null) {
            this.sequenceControl = Boolean.parseBoolean(this.properties.getProperty("sequence_control"));
        }
        this.extendName = this.properties.getProperty(this.EXT_NAME);
        if (this.extendName == null) {
            this.extendName = new String();
        }
        setContentType(DEFAULT_CONTENT_TYPE);
        setupSiteMap(httpServletRequest.getSession());
        setupDBObject();
        this.sequenceId = verifySequence(httpServletRequest);
        if (this.sequenceId == 99) {
            httpServletRequest.getSession().setAttribute(SEQUENCE_KEY, (Object) null);
            throw new IllegalAccessException("Invalid sequence detected.");
        }
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    protected Scriptlet buildScriptlet(HttpServletRequest httpServletRequest) throws SystemErrorException, ClassNotFoundException, InstantiationException, java.lang.IllegalAccessException {
        String relativePath = getRelativePath(httpServletRequest);
        NodeList elementsByTagName = this.sitemapXML.getElementsByTagName("page");
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Element element = (Element) elementsByTagName.item(i);
            if (element.hasAttribute("path") && element.getAttribute("path").equals(relativePath)) {
                if (element.hasAttribute("class")) {
                    Object newInstance = getClass().getClassLoader().loadClass(element.getAttribute("class")).newInstance();
                    if (newInstance instanceof Scriptlet) {
                        return (Scriptlet) newInstance;
                    }
                }
                Object newInstance2 = getClass().getClassLoader().loadClass(this.defaultScriptClassName).newInstance();
                if (newInstance2 instanceof Scriptlet) {
                    return (Scriptlet) newInstance2;
                }
            }
        }
        throw new SystemErrorException(String.format("Scriptlet not found(%s)", relativePath));
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    protected String getRealPath() {
        String realPath = getServletContext().getRealPath("/");
        if (!realPath.endsWith("/")) {
            realPath = String.valueOf(realPath) + "/";
        }
        return realPath;
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        try {
            this.properties.loadFromXML(new FileInputStream(String.valueOf(getRealPath()) + "WEB-INF" + File.separator + "config.xml"));
            initialize(httpServletRequest, httpServletResponse);
            if (this.sequenceId != 98) {
                if (this.sequenceId == 97) {
                    httpServletResponse.sendRedirect(String.valueOf(httpServletRequest.getContextPath()) + "/");
                    return;
                }
                if (this.sequenceId != 0) {
                    httpServletResponse.sendError(404, String.format("NOT FOUND PATH(%s)", getRelativePath(httpServletRequest)));
                    return;
                }
                Scriptlet buildScriptlet = buildScriptlet(httpServletRequest);
                buildScriptlet.setServlet(this, httpServletRequest, httpServletResponse);
                buildScriptlet.start();
                httpServletResponse.setContentType(getContentTypeValue());
                return;
            }
            BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(String.valueOf(getScriptletPath()) + getRelativePath(httpServletRequest)));
            BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(httpServletResponse.getOutputStream());
            byte[] bArr = new byte[2048];
            while (true) {
                int read = bufferedInputStream.read(bArr);
                if (read <= 0) {
                    bufferedOutputStream.flush();
                    return;
                } else {
                    bufferedOutputStream.write(bArr, 0, read);
                    bufferedOutputStream.flush();
                }
            }
        } catch (IllegalAccessException e) {
            log("ERROR:" + e.getMessage(), e);
            httpServletResponse.sendError(403, e.getMessage());
        } catch (SystemErrorException e2) {
            log("ERROR:" + e2.getMessage(), e2);
            httpServletResponse.sendError(500, e2.getMessage());
        } catch (IOException e3) {
            log("ERROR:" + e3.getMessage(), e3);
            httpServletResponse.sendError(404, e3.getMessage());
        } catch (Exception e4) {
            log("ERROR:" + e4.getMessage(), e4);
            httpServletResponse.sendError(404, e4.getMessage());
        }
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    protected boolean checkSitemap(String str, String str2) {
        NodeList elementsByTagName = this.sitemapXML.getElementsByTagName("page");
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Element element = (Element) elementsByTagName.item(i);
            if (element.hasAttribute("path") && element.getAttribute("path").equals(str2)) {
                Element element2 = (Element) element.getParentNode();
                if ((element2.hasAttribute("path") && element2.getAttribute("path").equals(str)) || str2.equals(str)) {
                    return true;
                }
                if (element.hasAttribute("backward") && Boolean.parseBoolean(element.getAttribute("backward"))) {
                    NodeList childNodes = element.getChildNodes();
                    for (int i2 = 0; i2 < childNodes.getLength(); i2++) {
                        if (childNodes.item(i2).getNodeType() == 1) {
                            Element element3 = (Element) childNodes.item(i2);
                            if (element3.hasAttribute("path") && element3.getAttribute("path").equals(str)) {
                                return true;
                            }
                        }
                    }
                }
            }
        }
        return false;
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    protected int verifySequence(HttpServletRequest httpServletRequest) throws IllegalAccessException {
        int i = this.sequenceControl ? 99 : 0;
        if (httpServletRequest.getContextPath().length() > 0 && httpServletRequest.getRequestURI().endsWith(httpServletRequest.getContextPath()) && !httpServletRequest.getRequestURI().endsWith("/")) {
            return 97;
        }
        if (this.sequenceControl) {
            Object attribute = httpServletRequest.getSession().getAttribute(SEQUENCE_KEY);
            String initSequence = getInitSequence(httpServletRequest);
            if (initSequence != null && initSequence.equals("*")) {
                i = 0;
            } else {
                if (attribute == null) {
                    throw new IllegalAccessException("Invalid sequece check process.");
                }
                if (checkSitemap(attribute.toString(), initSequence)) {
                    i = 0;
                } else if (!initSequence.endsWith(this.extendName)) {
                    i = 98;
                }
            }
        }
        return i;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // info.dragonlady.scriptlet.SecureServlet
    public void setSequence(HttpServletRequest httpServletRequest) {
        httpServletRequest.getSession().setAttribute(SEQUENCE_KEY, getFingerprintForSequence(httpServletRequest));
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    protected String getSequence(HttpSession httpSession) {
        if (httpSession.getAttribute(SEQUENCE_KEY) == null) {
            return null;
        }
        return httpSession.getAttribute(SEQUENCE_KEY).toString();
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    protected String getFingerprintForSequence(HttpServletRequest httpServletRequest) {
        return getRelativePath(httpServletRequest);
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    protected String getRelativePath(HttpServletRequest httpServletRequest) {
        String requestURI = httpServletRequest.getRequestURI();
        String contextPath = httpServletRequest.getContextPath();
        if (requestURI.startsWith(contextPath)) {
            requestURI = requestURI.substring(contextPath.length());
        }
        if (requestURI == null || requestURI.length() < 2) {
            requestURI = ESEngine.defaultScriptletName + getScriptExtName();
        }
        return requestURI;
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    public String getInitSequence(HttpServletRequest httpServletRequest) throws IllegalAccessException {
        String relativePath = getRelativePath(httpServletRequest);
        NodeList elementsByTagName = this.sitemapXML.getElementsByTagName("page");
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Element element = (Element) elementsByTagName.item(i);
            if (element.hasAttribute("path") && element.getAttribute("path").equals(relativePath)) {
                return (element.hasAttribute("anyaccess") && Boolean.parseBoolean(element.getAttribute("anyaccess"))) ? "*" : relativePath;
            }
        }
        if (relativePath.endsWith(this.extendName)) {
            throw new IllegalAccessException("not found path on site-map(" + relativePath + ")");
        }
        return relativePath;
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    public HttpSession getSession(HttpSession httpSession) {
        return httpSession;
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    protected String getCharSet() {
        return this.charset;
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    public void setCharSet(String str, HttpServletResponse httpServletResponse) {
        this.charset = str;
        httpServletResponse.setCharacterEncoding(this.charset);
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    public String getScriptletPath() {
        String str = String.valueOf(getRealPath()) + this.scriptletPath;
        if (this.properties.getProperty(this.SCRIPTLET_PATH) != null && this.properties.getProperty(this.SCRIPTLET_PATH).length() > 2) {
            str = this.properties.getProperty(this.SCRIPTLET_PATH);
        }
        if (str.endsWith(File.separator)) {
            str = str.substring(0, str.lastIndexOf(File.separator));
        }
        return str;
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    protected String getContentType() {
        return this.contentType;
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    public void setContentType(String str) {
        this.contentType = str;
    }

    private String getContentTypeValue() {
        return String.valueOf(getContentType()) + "; charset=" + getCharSet();
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    public String getScriptExtName() {
        return this.extendName;
    }

    @Override // info.dragonlady.scriptlet.SecureServlet
    public SecureServlet.ServerEnvironment getServerEnvironment() {
        return SecureServlet.ServerEnvironment.GOOGLE;
    }
}
