package org.openhab.binding.homeconnectdirect.internal.servlet;

import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.time.LocalDateTime;
import java.time.ZonedDateTime;
import java.time.format.DateTimeFormatter;
import java.util.Dictionary;
import java.util.HashMap;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.UUID;
import java.util.regex.Pattern;
import java.util.zip.ZipEntry;
import java.util.zip.ZipOutputStream;
import javassist.compiler.TokenId;
import javax.servlet.MultipartConfigElement;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.Part;
import org.apache.commons.lang3.StringUtils;
import org.eclipse.jdt.annotation.NonNullByDefault;
import org.openhab.binding.homeconnectdirect.internal.HomeConnectDirectBindingConstants;
import org.openhab.binding.homeconnectdirect.internal.configuration.HomeConnectDirectServletConfiguration;
import org.openhab.binding.homeconnectdirect.internal.handler.BaseHomeConnectDirectHandler;
import org.openhab.binding.homeconnectdirect.internal.service.profile.ApplianceProfileService;
import org.openhab.binding.homeconnectdirect.internal.service.profile.model.ApplianceDescription;
import org.openhab.binding.homeconnectdirect.internal.service.profile.model.ApplianceProfile;
import org.openhab.binding.homeconnectdirect.internal.service.websocket.model.Resource;
import org.openhab.binding.homeconnectdirect.internal.service.websocket.serializer.ResourceSerializer;
import org.openhab.binding.homeconnectdirect.internal.service.websocket.serializer.ZonedDateTimeSerializer;
import org.openhab.binding.homeconnectdirect.internal.servlet.model.Program;
import org.openhab.core.thing.Thing;
import org.openhab.core.thing.ThingRegistry;
import org.osgi.service.cm.ConfigurationAdmin;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ServiceScope;
import org.osgi.service.http.HttpContext;
import org.osgi.service.http.HttpService;
import org.osgi.service.http.NamespaceException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.thymeleaf.TemplateEngine;
import org.thymeleaf.context.WebContext;
import org.thymeleaf.templatemode.TemplateMode;
import org.thymeleaf.templateresolver.ClassLoaderTemplateResolver;
import org.thymeleaf.web.servlet.JavaxServletWebApplication;

@NonNullByDefault
@Component(service = {HomeConnectDirectServlet.class}, scope = ServiceScope.SINGLETON, immediate = true)
/* loaded from: input_file:org/openhab/binding/homeconnectdirect/internal/servlet/HomeConnectDirectServlet.class */
public class HomeConnectDirectServlet extends HttpServlet {
    private static final long serialVersionUID = -3227785548304622034L;
    private static final String PATH_APPLIANCE = "/appliance/";
    private static final String PATH_DOWNLOAD_LOG = "/download-debug-log";
    private static final String PATH_DOWNLOAD_PROFILE = "/download-profile";
    private static final String PATH_UPLOAD_PROFILE = "/upload-profile";
    private static final String PATH_DELETE_PROFILE = "/delete-profile";
    private static final String DEFAULT_CONTENT_TYPE = "text/html; charset=UTF-8";
    private static final String ZIP_CONTENT_TYPE = "application/zip";
    private static final String ASSET_CLASSPATH = "assets";
    private static final String CSRF_TOKEN = "CSRF_TOKEN";
    private static final String PROFILE_DOWNLOAD_FILENAME_TEMPLATE = "homeconnectdirect-%s-%s-%s-%s_%s.zip";
    private static final String LOG_DOWNLOAD_FILENAME_TEMPLATE = "homeconnectdirect-%s-%s-%s_%s.log";
    private static final String MULTIPART_KEY = "org.eclipse.jetty.multipartConfig";
    private final HttpService httpService;
    private final TemplateEngine templateEngine;
    private final ThingRegistry thingRegistry;
    private final ApplianceProfileService applianceProfileService;
    private final ConfigurationAdmin configurationAdmin;
    private final MultipartConfigElement multipartConfig;
    private final Logger logger = LoggerFactory.getLogger(HomeConnectDirectServlet.class);
    private final ServletUtils utils = new ServletUtils();
    private final Gson gson = new GsonBuilder().setPrettyPrinting().registerTypeAdapter(Resource.class, new ResourceSerializer()).registerTypeAdapter(ZonedDateTime.class, new ZonedDateTimeSerializer()).create();
    private final DateTimeFormatter fileNameDateFormatter = DateTimeFormatter.ofPattern("yyyy-MM-dd_HH-mm-ss");

    @Activate
    public HomeConnectDirectServlet(@Reference HttpService httpService, @Reference ThingRegistry thingRegistry, @Reference ApplianceProfileService applianceProfileService, @Reference ConfigurationAdmin configurationAdmin) {
        this.httpService = httpService;
        this.thingRegistry = thingRegistry;
        this.applianceProfileService = applianceProfileService;
        this.configurationAdmin = configurationAdmin;
        try {
            this.logger.debug("Initialize Home Connect Direct servlet ({})", HomeConnectDirectBindingConstants.SERVLET_BASE_PATH);
            httpService.registerServlet(HomeConnectDirectBindingConstants.SERVLET_BASE_PATH, this, (Dictionary) null, httpService.createDefaultHttpContext());
            httpService.registerResources(HomeConnectDirectBindingConstants.SERVLET_ASSETS_PATH, ASSET_CLASSPATH, (HttpContext) null);
        } catch (ServletException | NamespaceException e) {
            this.logger.warn("Could not register Home Connect servlet! ({})", HomeConnectDirectBindingConstants.SERVLET_BASE_PATH, e);
        }
        this.multipartConfig = new MultipartConfigElement("", 5242880L, 10485760L, 1048576);
        ClassLoaderTemplateResolver classLoaderTemplateResolver = new ClassLoaderTemplateResolver();
        classLoaderTemplateResolver.setTemplateMode(TemplateMode.HTML);
        classLoaderTemplateResolver.setPrefix("/templates/");
        classLoaderTemplateResolver.setSuffix(".html");
        classLoaderTemplateResolver.setCacheable(true);
        this.templateEngine = new TemplateEngine();
        this.templateEngine.setTemplateResolver(classLoaderTemplateResolver);
    }

    protected void doGet(@NonNullByDefault({}) HttpServletRequest httpServletRequest, @NonNullByDefault({}) HttpServletResponse httpServletResponse) throws IOException {
        HomeConnectDirectServletConfiguration configuration = this.utils.getConfiguration(this.configurationAdmin);
        if (configuration.basicAuthEnabled) {
            this.utils.checkAuthorization(httpServletRequest, httpServletResponse, configuration.basicAuthUsername, configuration.basicAuthPassword);
        }
        String pathInfo = httpServletRequest.getPathInfo();
        if (StringUtils.startsWith(pathInfo, PATH_DOWNLOAD_PROFILE)) {
            sendProfile(httpServletRequest, httpServletResponse);
            return;
        }
        if (StringUtils.startsWith(pathInfo, PATH_DOWNLOAD_LOG)) {
            sendLog(httpServletRequest, httpServletResponse);
            return;
        }
        PrintWriter writer = httpServletResponse.getWriter();
        WebContext prepareContext = prepareContext(httpServletRequest, httpServletResponse);
        prepareResponse(httpServletResponse);
        prepareContext.setVariable(CSRF_TOKEN, setCsrfToken(httpServletResponse));
        if (StringUtils.startsWith(pathInfo, PATH_APPLIANCE)) {
            getAppliance(StringUtils.substringAfter(pathInfo, PATH_APPLIANCE)).ifPresentOrElse(thing -> {
                renderAppliancePage(prepareContext, writer, thing);
            }, () -> {
                renderNotFound(httpServletResponse);
            });
        } else if (StringUtils.startsWith(pathInfo, PATH_UPLOAD_PROFILE)) {
            renderUploadProfilePage(prepareContext, writer);
        } else {
            renderProfilePage(prepareContext, writer);
        }
    }

    protected void doPost(@NonNullByDefault({}) HttpServletRequest httpServletRequest, @NonNullByDefault({}) HttpServletResponse httpServletResponse) throws ServletException, IOException {
        PrintWriter writer = httpServletResponse.getWriter();
        WebContext prepareContext = prepareContext(httpServletRequest, httpServletResponse);
        prepareResponse(httpServletResponse);
        HomeConnectDirectServletConfiguration configuration = this.utils.getConfiguration(this.configurationAdmin);
        if (configuration.basicAuthEnabled) {
            this.utils.checkAuthorization(httpServletRequest, httpServletResponse, configuration.basicAuthUsername, configuration.basicAuthPassword);
        }
        String pathInfo = httpServletRequest.getPathInfo();
        if (StringUtils.startsWith(pathInfo, PATH_DELETE_PROFILE)) {
            String parameter = httpServletRequest.getParameter("haId");
            if (!isCsrfTokenValid(httpServletRequest) || parameter == null) {
                renderForbiddenError(httpServletResponse, "Invalid CSRF token!");
            } else {
                this.applianceProfileService.deleteProfile(parameter);
                httpServletResponse.sendRedirect(HomeConnectDirectBindingConstants.SERVLET_BASE_PATH);
            }
        } else if (StringUtils.startsWith(pathInfo, PATH_UPLOAD_PROFILE)) {
            httpServletRequest.setAttribute(MULTIPART_KEY, this.multipartConfig);
            if (isCsrfTokenValid(httpServletRequest)) {
                Part part = httpServletRequest.getPart("zipFile");
                if (part == null || part.getSubmittedFileName() == null) {
                    httpServletResponse.setStatus(400);
                    writer.write("No file submitted!");
                    return;
                }
                if (!part.getSubmittedFileName().endsWith(".zip")) {
                    httpServletResponse.setStatus(415);
                    writer.write("Only zip files are supported!");
                    return;
                }
                Throwable th = null;
                try {
                    InputStream inputStream = part.getInputStream();
                    try {
                        Optional<ApplianceProfile> uploadProfileZip = this.applianceProfileService.uploadProfileZip(inputStream);
                        if (inputStream != null) {
                            inputStream.close();
                        }
                        if (uploadProfileZip.isPresent()) {
                            prepareContext.setVariable("done", true);
                            prepareContext.setVariable("profile", uploadProfileZip.get());
                            renderUploadProfilePage(prepareContext, writer);
                        } else {
                            httpServletResponse.setStatus(500);
                        }
                    } catch (Throwable th2) {
                        if (inputStream != null) {
                            inputStream.close();
                        }
                        throw th2;
                    }
                } catch (Throwable th3) {
                    if (0 == 0) {
                        th = th3;
                    } else if (null != th3) {
                        th.addSuppressed(th3);
                    }
                    throw th;
                }
            } else {
                renderForbiddenError(httpServletResponse, "Invalid CSRF token!");
            }
        } else {
            super.doPost(httpServletRequest, httpServletResponse);
        }
        prepareResponse(httpServletResponse);
    }

    private WebContext prepareContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        WebContext webContext = new WebContext(JavaxServletWebApplication.buildApplication(httpServletRequest.getServletContext()).buildExchange(httpServletRequest, httpServletResponse));
        webContext.setVariable("appliances", getAppliances());
        webContext.setVariable("utils", this.utils);
        webContext.setVariable("basePath", HomeConnectDirectBindingConstants.SERVLET_BASE_PATH);
        webContext.setVariable("assetPath", HomeConnectDirectBindingConstants.SERVLET_ASSETS_PATH);
        webContext.setVariable("appliancePath", "/homeconnectdirect/appliance/");
        webContext.setVariable("profileDeletePath", "/homeconnectdirect/delete-profile");
        webContext.setVariable("profileDownloadPath", "/homeconnectdirect/download-profile");
        webContext.setVariable("profileUploadPath", "/homeconnectdirect/upload-profile");
        webContext.setVariable("downloadDebugLogPath", "/homeconnectdirect/download-debug-log");
        webContext.setVariable("configurationPid", HomeConnectDirectBindingConstants.CONFIGURATION_PID);
        return webContext;
    }

    private void prepareResponse(HttpServletResponse httpServletResponse) {
        httpServletResponse.setContentType(DEFAULT_CONTENT_TYPE);
        httpServletResponse.setCharacterEncoding(StandardCharsets.UTF_8.name());
        httpServletResponse.setHeader("Content-Security-Policy", "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'; base-uri 'self'; frame-ancestors 'none'");
        httpServletResponse.setHeader("X-Content-Type-Options", "nosniff");
        httpServletResponse.setHeader("Referrer-Policy", "no-referrer");
        httpServletResponse.setHeader("X-Frame-Options", "DENY");
        httpServletResponse.setHeader("Permissions-Policy", "camera=(), microphone=(), geolocation=()");
        httpServletResponse.setHeader("Cross-Origin-Opener-Policy", "same-origin");
        httpServletResponse.setHeader("Cross-Origin-Embedder-Policy", "require-corp");
        httpServletResponse.setHeader("Cross-Origin-Resource-Policy", "same-site");
    }

    private String setCsrfToken(HttpServletResponse httpServletResponse) {
        String uuid = UUID.randomUUID().toString();
        Cookie cookie = new Cookie(CSRF_TOKEN, uuid);
        cookie.setHttpOnly(true);
        cookie.setPath("/");
        cookie.setMaxAge(-1);
        httpServletResponse.addCookie(cookie);
        return uuid;
    }

    private boolean isCsrfTokenValid(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter(CSRF_TOKEN);
        if (parameter == null) {
            try {
                Part part = httpServletRequest.getPart(CSRF_TOKEN);
                if (part != null) {
                    parameter = new String(part.getInputStream().readAllBytes());
                }
            } catch (IOException | ServletException e) {
            }
        }
        String str = null;
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies != null) {
            int length = cookies.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                Cookie cookie = cookies[i];
                if (CSRF_TOKEN.equals(cookie.getName())) {
                    str = cookie.getValue();
                    break;
                }
                i++;
            }
        }
        return (str == null || parameter == null || !Objects.equals(str, parameter)) ? false : true;
    }

    private void renderProfilePage(WebContext webContext, PrintWriter printWriter) {
        List<ApplianceProfile> profiles = this.applianceProfileService.getProfiles();
        if (profiles.isEmpty()) {
            renderUploadProfilePage(webContext, printWriter);
            return;
        }
        HashMap hashMap = new HashMap();
        profiles.forEach(applianceProfile -> {
            String haId = applianceProfile.haId();
            getProgramInformation(applianceProfile);
            hashMap.put(haId, this.gson.toJson(getProgramInformation(applianceProfile)));
        });
        webContext.setVariable("programMap", hashMap);
        webContext.setVariable("profiles", profiles);
        webContext.setVariable("selectedMenuEntry", "profile");
        this.templateEngine.process("profiles", webContext, printWriter);
    }

    private void renderUploadProfilePage(WebContext webContext, PrintWriter printWriter) {
        webContext.setVariable("selectedMenuEntry", "profile");
        this.templateEngine.process("upload-profile", webContext, printWriter);
    }

    private void sendProfile(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter("haId");
        boolean z = false;
        if (parameter != null) {
            Optional<ApplianceProfile> profile = this.applianceProfileService.getProfile(parameter);
            if (profile.isPresent()) {
                String format = String.format(PROFILE_DOWNLOAD_FILENAME_TEMPLATE, StringUtils.isNotBlank(profile.get().type()) ? convertToKebabCase(profile.get().type()) : "", StringUtils.isNotBlank(profile.get().brand()) ? profile.get().brand().toLowerCase() : "", StringUtils.isNotBlank(profile.get().vib()) ? profile.get().vib().toLowerCase() : "", StringUtils.isNotBlank(profile.get().mac()) ? profile.get().mac().replaceAll("-", "").toLowerCase() : "", LocalDateTime.now().format(this.fileNameDateFormatter));
                httpServletResponse.setContentType(ZIP_CONTENT_TYPE);
                httpServletResponse.setHeader("Content-Disposition", "attachment; filename=\"" + format + "\"");
                try {
                    z = this.applianceProfileService.downloadProfileZip(parameter, httpServletResponse.getOutputStream());
                } catch (IOException e) {
                }
            }
        }
        if (z) {
            return;
        }
        httpServletResponse.sendError(500);
    }

    /* JADX WARN: Finally extract failed */
    private void sendLog(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter("uid");
        boolean z = false;
        if (parameter != null) {
            Optional<Thing> appliance = getAppliance(parameter);
            if (appliance.isPresent()) {
                String str = String.valueOf(appliance.get().getConfiguration().get("haId"));
                Optional<ApplianceProfile> profile = this.applianceProfileService.getProfile(str);
                if (profile.isPresent()) {
                    String format = String.format(LOG_DOWNLOAD_FILENAME_TEMPLATE, StringUtils.isNotBlank(profile.get().type()) ? convertToKebabCase(profile.get().type()) : "", StringUtils.isNotBlank(profile.get().brand()) ? profile.get().brand().toLowerCase() : "", StringUtils.isNotBlank(profile.get().vib()) ? profile.get().vib().toLowerCase() : "", LocalDateTime.now().format(this.fileNameDateFormatter));
                    httpServletResponse.setContentType(ZIP_CONTENT_TYPE);
                    httpServletResponse.setHeader("Content-Disposition", "attachment; filename=\"" + format + "\"");
                    Throwable th = null;
                    try {
                        try {
                            ZipOutputStream zipOutputStream = new ZipOutputStream(httpServletResponse.getOutputStream());
                            try {
                                OutputStreamWriter outputStreamWriter = new OutputStreamWriter(zipOutputStream);
                                try {
                                    BaseHomeConnectDirectHandler handler = appliance.get().getHandler();
                                    if (handler instanceof BaseHomeConnectDirectHandler) {
                                        zipOutputStream.putNextEntry(new ZipEntry("websocket-messages-" + str + ".json"));
                                        outputStreamWriter.write(this.gson.toJson(handler.getApplianceMessages()));
                                        outputStreamWriter.flush();
                                        zipOutputStream.closeEntry();
                                    }
                                    for (Path path : List.of(Paths.get(this.applianceProfileService.getUserDataPath() + File.separator + profile.get().deviceDescriptionFileName(), new String[0]), Paths.get(this.applianceProfileService.getUserDataPath() + File.separator + profile.get().featureMappingFileName(), new String[0]))) {
                                        if (Files.exists(path, new LinkOption[0])) {
                                            zipOutputStream.putNextEntry(new ZipEntry(path.getFileName().toString()));
                                            Files.copy(path, zipOutputStream);
                                            zipOutputStream.closeEntry();
                                        } else {
                                            this.logger.warn("Profile file {} does not exist!", profile.get().deviceDescriptionFileName());
                                        }
                                    }
                                    z = true;
                                    if (outputStreamWriter != null) {
                                        outputStreamWriter.close();
                                    }
                                    if (zipOutputStream != null) {
                                        zipOutputStream.close();
                                    }
                                } catch (Throwable th2) {
                                    if (outputStreamWriter != null) {
                                        outputStreamWriter.close();
                                    }
                                    throw th2;
                                }
                            } catch (Throwable th3) {
                                if (0 == 0) {
                                    th = th3;
                                } else if (null != th3) {
                                    th.addSuppressed(th3);
                                }
                                if (zipOutputStream != null) {
                                    zipOutputStream.close();
                                }
                                throw th;
                            }
                        } catch (IOException e) {
                        }
                    } catch (Throwable th4) {
                        if (0 == 0) {
                            th = th4;
                        } else if (null != th4) {
                            th.addSuppressed(th4);
                        }
                        throw th;
                    }
                }
            }
        }
        if (z) {
            return;
        }
        httpServletResponse.sendError(500);
    }

    private void renderAppliancePage(WebContext webContext, PrintWriter printWriter, Thing thing) {
        String encode = URLEncoder.encode(thing.getUID().toString(), StandardCharsets.UTF_8);
        webContext.setVariable("selectedMenuEntry", thing.getUID());
        webContext.setVariable("name", thing.getLabel());
        webContext.setVariable("uid", thing.getUID().toString());
        webContext.setVariable("webSocketUrl", "/homeconnectdirect/ws/" + encode);
        webContext.setVariable("status", thing.getStatus());
        this.templateEngine.process("appliance", webContext, printWriter);
    }

    private void renderNotFound(HttpServletResponse httpServletResponse) {
        try {
            httpServletResponse.sendError(TokenId.FloatConstant, "Not found!");
        } catch (IOException e) {
            this.logger.error("Could not send 404 error! error={}", e.getMessage());
        }
    }

    private void renderForbiddenError(HttpServletResponse httpServletResponse, String str) {
        try {
            httpServletResponse.sendError(TokenId.LongConstant, str);
        } catch (IOException e) {
            this.logger.error("Could not send 403 error! error={}", e.getMessage());
        }
    }

    private List<Thing> getAppliances() {
        return this.thingRegistry.stream().filter(thing -> {
            return HomeConnectDirectBindingConstants.SUPPORTED_THING_TYPES.contains(thing.getThingTypeUID());
        }).toList();
    }

    private Optional<Thing> getAppliance(String str) {
        return this.thingRegistry.stream().filter(thing -> {
            return HomeConnectDirectBindingConstants.SUPPORTED_THING_TYPES.contains(thing.getThingTypeUID());
        }).filter(thing2 -> {
            return thing2.getUID().toString().equals(str);
        }).findFirst();
    }

    private List<Program> getProgramInformation(ApplianceProfile applianceProfile) {
        ApplianceDescription description = this.applianceProfileService.getDescription(applianceProfile);
        return description.deviceDescription().programList.stream().map(program -> {
            int i = program.uid;
            return new Program(i, description.featureMapping().featureMap.get(Integer.valueOf(i)));
        }).toList();
    }

    @Deactivate
    protected void dispose() {
        this.httpService.unregister(HomeConnectDirectBindingConstants.SERVLET_BASE_PATH);
        this.httpService.unregister(HomeConnectDirectBindingConstants.SERVLET_ASSETS_PATH);
    }

    private String convertToKebabCase(String str) {
        return Pattern.compile("([a-z])([A-Z])").matcher(str).replaceAll("$1-$2").toLowerCase();
    }
}
