package org.fcrepo.server.security.xacml.pep.rest.objectshandlers;

import com.sun.xacml.attr.AnyURIAttribute;
import com.sun.xacml.attr.StringAttribute;
import com.sun.xacml.ctx.RequestCtx;
import com.sun.xacml.ctx.Result;
import com.sun.xacml.ctx.Status;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.net.URI;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.namespace.NamespaceContext;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerConfigurationException;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import javax.xml.xpath.XPath;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathExpressionException;
import javax.xml.xpath.XPathFactory;
import org.fcrepo.common.Constants;
import org.fcrepo.server.rest.RestParam;
import org.fcrepo.server.security.xacml.MelcoeXacmlException;
import org.fcrepo.server.security.xacml.pep.PEPException;
import org.fcrepo.server.security.xacml.pep.rest.filters.AbstractFilter;
import org.fcrepo.server.security.xacml.pep.rest.filters.DataResponseWrapper;
import org.fcrepo.server.security.xacml.pep.rest.filters.ResponseHandlingRESTFilter;
import org.fcrepo.server.security.xacml.util.ContextUtil;
import org.fcrepo.server.security.xacml.util.LogUtil;
import org.fcrepo.server.utilities.CXFUtility;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.w3c.tidy.Tidy;

/* loaded from: input_file:WEB-INF/lib/fcrepo-security-pep-3.6.1.jar:org/fcrepo/server/security/xacml/pep/rest/objectshandlers/FindObjects.class */
public class FindObjects extends AbstractFilter implements ResponseHandlingRESTFilter {
    private static final Logger logger = LoggerFactory.getLogger(FindObjects.class);
    private static final NamespaceContext TYPES_NAMESPACE = new TypesNamespaceContext();
    private static final XPathFactory XPATH_FACTORY = XPathFactory.newInstance();
    private static final DocumentBuilderFactory BUILDER_FACTORY = DocumentBuilderFactory.newInstance();
    private ContextUtil m_contextUtil = null;
    private Transformer xFormer;
    private Tidy tidy;

    /* loaded from: input_file:WEB-INF/lib/fcrepo-security-pep-3.6.1.jar:org/fcrepo/server/security/xacml/pep/rest/objectshandlers/FindObjects$TypesNamespaceContext.class */
    static class TypesNamespaceContext implements NamespaceContext {
        static List<String> PREFIXES = Arrays.asList("types", "");
        static List<String> XSI_PREFIXES = Arrays.asList("xsi");
        static ArrayList<String> EMPTY = new ArrayList<>(0);

        TypesNamespaceContext() {
        }

        @Override // javax.xml.namespace.NamespaceContext
        public String getNamespaceURI(String str) {
            return ("types".equals(str) || "".equals(str)) ? "http://www.fedora.info/definitions/1/0/types/" : "xsi".equals(str) ? "http://www.w3.org/2001/XMLSchema-instance" : "";
        }

        @Override // javax.xml.namespace.NamespaceContext
        public String getPrefix(String str) {
            if ("http://www.fedora.info/definitions/1/0/types/".equals(str)) {
                return "types";
            }
            if ("http://www.w3.org/2001/XMLSchema-instance".equals(str)) {
                return "xsi";
            }
            return null;
        }

        @Override // javax.xml.namespace.NamespaceContext
        public Iterator getPrefixes(String str) {
            return "http://www.fedora.info/definitions/1/0/types/".equals(str) ? PREFIXES.iterator() : "http://www.w3.org/2001/XMLSchema-instance".equals(str) ? XSI_PREFIXES.iterator() : EMPTY.iterator();
        }
    }

    public FindObjects() throws PEPException {
        this.xFormer = null;
        this.tidy = null;
        try {
            this.xFormer = TransformerFactory.newInstance().newTransformer();
            this.tidy = new Tidy();
            this.tidy.setShowWarnings(false);
            this.tidy.setQuiet(true);
        } catch (TransformerConfigurationException e) {
            throw new PEPException("Error initialising SearchFilter", e);
        }
    }

    public void setContextUtil(ContextUtil contextUtil) {
        this.m_contextUtil = contextUtil;
    }

    @Override // org.fcrepo.server.security.xacml.pep.rest.filters.RESTFilter
    public RequestCtx handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        RequestCtx requestCtx = null;
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        try {
            hashMap.put(Constants.OBJECT.PID.getURI(), new StringAttribute("FedoraRepository"));
            hashMap.put(new URI("urn:oasis:names:tc:xacml:1.0:resource:resource-id"), new AnyURIAttribute(new URI("FedoraRepository")));
            hashMap2.put(Constants.ACTION.ID.getURI(), new StringAttribute(Constants.ACTION.FIND_OBJECTS.getURI().toASCIIString()));
            hashMap2.put(Constants.ACTION.API.getURI(), new StringAttribute(Constants.ACTION.APIA.getURI().toASCIIString()));
            requestCtx = getContextHandler().buildRequest(getSubjects(httpServletRequest), hashMap2, hashMap, getEnvironment(httpServletRequest));
            LogUtil.statLog(httpServletRequest.getRemoteUser(), Constants.ACTION.FIND_OBJECTS.getURI().toASCIIString(), "FedoraRepository", null);
        } catch (Exception e) {
            logger.error(e.getMessage(), (Throwable) e);
            CXFUtility.getFault(e);
        }
        return requestCtx;
    }

    @Override // org.fcrepo.server.security.xacml.pep.rest.filters.ResponseHandlingRESTFilter
    public RequestCtx handleResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        String str;
        if (httpServletRequest.getParameter(RestParam.TERMS) == null && httpServletRequest.getParameter("query") == null && httpServletRequest.getParameter(RestParam.SESSION_TOKEN) == null) {
            return null;
        }
        DataResponseWrapper dataResponseWrapper = (DataResponseWrapper) httpServletResponse;
        String str2 = new String(dataResponseWrapper.getData());
        if (str2.startsWith("<html>")) {
            logger.debug("filtering html");
            str = filterHTML(httpServletRequest, dataResponseWrapper);
        } else if (str2.startsWith("<?xml")) {
            logger.debug("filtering xml");
            str = filterXML(httpServletRequest, dataResponseWrapper);
        } else {
            logger.debug("not filtering due to unexpected output: {}", str2);
            str = str2;
        }
        dataResponseWrapper.setData(str.getBytes());
        return null;
    }

    private String filterXML(HttpServletRequest httpServletRequest, DataResponseWrapper dataResponseWrapper) throws ServletException {
        DocumentBuilder newDocumentBuilder;
        XPath newXPath;
        String str = new String(dataResponseWrapper.getData());
        try {
            synchronized (BUILDER_FACTORY) {
                newDocumentBuilder = BUILDER_FACTORY.newDocumentBuilder();
            }
            Document parse = newDocumentBuilder.parse(new ByteArrayInputStream(dataResponseWrapper.getData()));
            synchronized (XPATH_FACTORY) {
                newXPath = XPATH_FACTORY.newXPath();
            }
            newXPath.setNamespaceContext(TYPES_NAMESPACE);
            try {
                NodeList nodeList = (NodeList) newXPath.evaluate("/:result/:resultList/:objectFields/:pid", parse, XPathConstants.NODESET);
                if (nodeList.getLength() == 0) {
                    logger.debug("No results to filter.");
                    return str;
                }
                HashMap hashMap = new HashMap();
                for (int i = 0; i < nodeList.getLength(); i++) {
                    Node item = nodeList.item(i);
                    hashMap.put(item.getFirstChild().getNodeValue(), item.getParentNode());
                }
                for (Result result : evaluatePids(hashMap.keySet(), httpServletRequest, dataResponseWrapper)) {
                    if (result.getResource() == null || "".equals(result.getResource())) {
                        logger.warn("This resource has no resource identifier in the xacml response results!");
                    } else if (logger.isDebugEnabled()) {
                        logger.debug("Checking: {}", result.getResource());
                    }
                    String[] split = result.getResource().split("\\/");
                    String str2 = split[split.length - 1];
                    if (result.getStatus().getCode().contains(Status.STATUS_OK) && result.getDecision() != 0) {
                        Node node = (Node) hashMap.get(str2);
                        node.getParentNode().removeChild(node);
                        logger.debug("Removing: {} [{}]", result.getResource(), str2);
                    }
                }
                parse.getDocumentElement().setAttribute("xmlns", "http://www.fedora.info/definitions/1/0/types/");
                DOMSource dOMSource = new DOMSource(parse);
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                try {
                    this.xFormer.transform(dOMSource, new StreamResult(byteArrayOutputStream));
                    return new String(byteArrayOutputStream.toByteArray());
                } catch (TransformerException e) {
                    throw new ServletException("error generating output", e);
                }
            } catch (XPathExpressionException e2) {
                throw new ServletException("Error parsing XML for search results: ", e2);
            }
        } catch (Exception e3) {
            throw new ServletException(e3);
        }
    }

    private String filterHTML(HttpServletRequest httpServletRequest, DataResponseWrapper dataResponseWrapper) throws ServletException {
        XPath newXPath;
        String str = new String(dataResponseWrapper.getData());
        Document parseDOM = this.tidy.parseDOM(new ByteArrayInputStream(str.getBytes()), null);
        synchronized (XPATH_FACTORY) {
            newXPath = XPATH_FACTORY.newXPath();
        }
        try {
            NodeList nodeList = (NodeList) newXPath.evaluate("/html/body/center/center/table/tr", parseDOM, XPathConstants.NODESET);
            if (nodeList.getLength() == 1) {
                logger.debug("No results to filter.");
                return str;
            }
            NodeList childNodes = nodeList.item(0).getChildNodes();
            int length = childNodes.getLength();
            int i = -1;
            for (int i2 = 0; i2 < length; i2++) {
                if ("pid".equals(childNodes.item(i2).getFirstChild().getFirstChild().getNodeValue())) {
                    i = i2;
                }
            }
            if (i == -1) {
                throw new ServletException("pid field not in result list!");
            }
            HashMap hashMap = new HashMap();
            for (int i3 = 1; i3 < nodeList.getLength(); i3++) {
                Node firstChild = nodeList.item(i3).getChildNodes().item(i).getFirstChild();
                if (firstChild != null && firstChild.getNodeName().equals("a")) {
                    hashMap.put(firstChild.getFirstChild().getNodeValue(), nodeList.item(i3));
                }
            }
            for (Result result : evaluatePids(hashMap.keySet(), httpServletRequest, dataResponseWrapper)) {
                if (result.getResource() == null || "".equals(result.getResource())) {
                    logger.warn("This resource has no resource identifier in the xacml response results!");
                } else if (logger.isDebugEnabled()) {
                    logger.debug("Checking: {}", result.getResource());
                }
                String[] split = result.getResource().split("\\/");
                String str2 = split[split.length - 1];
                if (result.getStatus().getCode().contains(Status.STATUS_OK) && result.getDecision() != 0) {
                    Node node = (Node) hashMap.get(str2);
                    node.getParentNode().removeChild(node.getNextSibling());
                    node.getParentNode().removeChild(node);
                    logger.debug("Removing: {} [{}]", result.getResource(), str2);
                }
            }
            DOMSource dOMSource = new DOMSource(parseDOM);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                this.xFormer.transform(dOMSource, new StreamResult(byteArrayOutputStream));
                return new String(byteArrayOutputStream.toByteArray());
            } catch (TransformerException e) {
                throw new ServletException("error generating output", e);
            }
        } catch (XPathExpressionException e2) {
            throw new ServletException("Error parsing HTML for search results: ", e2);
        }
    }

    private Set<Result> evaluatePids(Set<String> set, HttpServletRequest httpServletRequest, DataResponseWrapper dataResponseWrapper) throws ServletException {
        HashSet hashSet = new HashSet();
        for (String str : set) {
            logger.debug("Checking: {}", str);
            HashMap hashMap = new HashMap();
            HashMap hashMap2 = new HashMap();
            try {
                hashMap.put(Constants.ACTION.ID.getURI(), new StringAttribute(Constants.ACTION.LIST_OBJECT_IN_FIELD_SEARCH_RESULTS.getURI().toASCIIString()));
                if (str != null && !"".equals(str)) {
                    hashMap2.put(Constants.OBJECT.PID.getURI(), new StringAttribute(str));
                    hashMap2.put(new URI("urn:oasis:names:tc:xacml:1.0:resource:resource-id"), new AnyURIAttribute(new URI(str)));
                }
                String makeRequestCtx = this.m_contextUtil.makeRequestCtx(getContextHandler().buildRequest(getSubjects(httpServletRequest), hashMap, hashMap2, getEnvironment(httpServletRequest)));
                logger.debug(makeRequestCtx);
                hashSet.add(makeRequestCtx);
            } catch (Exception e) {
                logger.error(e.getMessage(), (Throwable) e);
                throw new ServletException(e.getMessage(), e);
            }
        }
        try {
            logger.debug("Number of requests: {}", Integer.valueOf(hashSet.size()));
            String evaluateBatch = getContextHandler().evaluateBatch((String[]) hashSet.toArray(new String[hashSet.size()]));
            logger.debug("Response: {}", evaluateBatch);
            return this.m_contextUtil.makeResponseCtx(evaluateBatch).getResults();
        } catch (MelcoeXacmlException e2) {
            throw new ServletException("Error evaluating pids: " + e2.getMessage(), e2);
        }
    }

    static {
        BUILDER_FACTORY.setNamespaceAware(true);
    }
}
