package com.adobe.cq.social.commons;

import com.adobe.granite.security.user.UserProperties;
import com.day.cq.commons.Externalizer;
import com.day.cq.commons.jcr.JcrUtil;
import com.day.cq.mcm.exacttarget.ExactTargetConstants;
import com.day.cq.replication.Agent;
import com.day.cq.replication.AgentFilter;
import com.day.cq.replication.ReplicationActionType;
import com.day.cq.search.eval.XPath;
import com.day.cq.security.NoSuchAuthorizableException;
import com.day.cq.security.UserManagerFactory;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Iterator;
import java.util.List;
import javax.jcr.Node;
import javax.jcr.NodeIterator;
import javax.jcr.PathNotFoundException;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.servlet.ServletException;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.ReferenceCardinality;
import org.apache.felix.scr.annotations.ReferencePolicy;
import org.apache.jackrabbit.webdav.DavConstants;
import org.apache.jackrabbit.webdav.version.DeltaVConstants;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.request.RequestDispatcherOptions;
import org.apache.sling.api.request.RequestParameter;
import org.apache.sling.api.request.RequestParameterMap;
import org.apache.sling.api.resource.ModifiableValueMap;
import org.apache.sling.api.resource.Resource;
import org.apache.sling.api.resource.ResourceResolver;
import org.apache.sling.api.resource.ResourceUtil;
import org.apache.sling.api.resource.ValueMap;
import org.apache.sling.api.wrappers.SlingHttpServletRequestWrapper;
import org.apache.sling.commons.osgi.OsgiUtil;
import org.apache.sling.jcr.resource.JcrResourceResolverFactory;
import org.apache.sling.servlets.post.SlingPostConstants;
import org.apache.sling.settings.SlingSettingsService;
import org.osgi.service.component.ComponentContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Component(metatype = false, componentAbstract = true)
@Deprecated
/* loaded from: input_file:com/adobe/cq/social/commons/AbstractCreateCommentServlet.class */
public abstract class AbstractCreateCommentServlet extends AbstractSessionServlet {
    public static final String PROPERTY_REVERSE_REPLICATE = "reverseReplicate";
    public static final String PROPERTY_FIELD_WHITELIST = "fieldWhitelist";
    public static final String PROPERTY_ATTACHMENT_TYPE_BLACKLIST = "attachmentTypeBlacklist";
    public static final boolean DEFAULT_REVERSE_REPLICATE = true;
    private static final long serialVersionUID = 1;
    private static final String TEMPLATE_MASK = "-template\\..*";
    protected static final String TEMPLATE_FORM_ID = ":templatename";

    @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY, policy = ReferencePolicy.STATIC)
    protected JcrResourceResolverFactory jcrResourceResolverFactory;

    @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY, policy = ReferencePolicy.STATIC)
    protected Externalizer externalizer;
    protected boolean reverseReplicate;
    protected String[] fieldWhitelist;
    protected String[] attachmentTypeBlacklist;

    @Reference
    protected UserManagerFactory userManagerFactory;

    @Reference
    protected SlingSettingsService settingsService;

    @Reference
    protected AsyncReverseReplicator replicator;
    private final Logger log = LoggerFactory.getLogger(getClass());
    public static final AgentFilter REV_AGENT_FILTER = new AgentFilter() { // from class: com.adobe.cq.social.commons.AbstractCreateCommentServlet.1
        @Override // com.day.cq.replication.AgentFilter
        public boolean isIncluded(Agent agent) {
            return agent.getConfiguration().isTriggeredOnDistribute();
        }
    };
    public static final String[] RESERVED_PROPERTY_NAMES = {"jcr:description", "email", "userIdentifier", "url"};

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/adobe/cq/social/commons/AbstractCreateCommentServlet$TemplateHandlingRequest.class */
    public class TemplateHandlingRequest extends SlingHttpServletRequestWrapper {
        public TemplateHandlingRequest(SlingHttpServletRequest slingHttpServletRequest) {
            super(slingHttpServletRequest);
        }

        public String getMethod() {
            return "GET";
        }
    }

    @Override // com.adobe.cq.social.ugcbase.AbstractSessionServlet, org.apache.sling.api.servlets.SlingAllMethodsServlet
    protected void doPost(SlingHttpServletRequest slingHttpServletRequest, SlingHttpServletResponse slingHttpServletResponse) throws ServletException, IOException {
        allowCORS(slingHttpServletRequest, slingHttpServletResponse);
    }

    protected boolean isBot(SlingHttpServletRequest slingHttpServletRequest) {
        String parameter = slingHttpServletRequest.getParameter("id");
        return parameter == null || !parameter.equals(Comment.VALUE_BOTCHECK);
    }

    protected ResourceResolver getResourceResolver(Session session) {
        return this.jcrResourceResolverFactory.getResourceResolver(session);
    }

    protected CommentSystem getCommentSystem(Resource resource, Session session) {
        Resource resolve = getResourceResolver(session).resolve(resource.getPath());
        if (null != resolve) {
            return (CommentSystem) resolve.adaptTo(CommentSystem.class);
        }
        return null;
    }

    protected Node getNode(String str, Session session) {
        Resource resource = getResourceResolver(session).getResource(str);
        if (resource != null) {
            return (Node) resource.adaptTo(Node.class);
        }
        return null;
    }

    protected void redirect(SlingHttpServletRequest slingHttpServletRequest, SlingHttpServletResponse slingHttpServletResponse, String str) {
        try {
            String contextPath = slingHttpServletRequest.getContextPath();
            String str2 = str;
            if (!"".equals(contextPath) && !str.contains("://") && !str.startsWith(contextPath)) {
                str2 = contextPath + str;
            }
            slingHttpServletResponse.sendRedirect(str2);
        } catch (IOException e) {
            this.log.error("failed to redirect to {}", str, e);
        }
    }

    protected void reverseReplicate(String str) {
        reverseReplicate(ReplicationActionType.ACTIVATE, str);
    }

    protected void reverseReplicate(ReplicationActionType replicationActionType, String str) {
        if (this.reverseReplicate) {
            this.replicator.reverseReplicate(replicationActionType, str);
        }
    }

    protected void reverseReplicate(ReplicationActionType replicationActionType, List<String> list) {
        if (this.reverseReplicate) {
            this.replicator.reverseReplicate(replicationActionType, list);
        }
    }

    private List<String> getPaths(Session session, String str) {
        ArrayList arrayList = new ArrayList();
        Node node = (Node) getResourceResolver(session).getResource(str).adaptTo(Node.class);
        arrayList.add(str);
        try {
            if (node.hasNode("attachments")) {
                NodeIterator nodes = node.getNode("attachments").getNodes();
                while (nodes.hasNext()) {
                    arrayList.add(nodes.nextNode().getPath());
                }
            }
        } catch (PathNotFoundException e) {
            this.log.error("Error with fetching attachment paths", str, e);
        } catch (RepositoryException e2) {
            this.log.error("Error with fetching attachment paths", str, e2);
        }
        return arrayList;
    }

    protected void setCommentProperties(SlingHttpServletRequest slingHttpServletRequest, Node node) throws RepositoryException {
        node.setProperty("added", Calendar.getInstance());
        String parameter = slingHttpServletRequest.getParameter("email");
        if (parameter == null) {
            parameter = "";
        }
        node.setProperty("email", parameter);
        String parameter2 = slingHttpServletRequest.getParameter("url");
        if (parameter2 == null) {
            parameter2 = "";
        } else if (!"".equals(parameter2) && !parameter2.matches("^.*\\:\\/\\/.*$")) {
            parameter2 = "http://" + parameter2;
        }
        node.setProperty("url", parameter2);
        node.setProperty("ip", slingHttpServletRequest.getRemoteAddr());
        node.setProperty("userAgent", slingHttpServletRequest.getHeader("User-Agent"));
        node.setProperty("referer", slingHttpServletRequest.getHeader("Referer"));
        setAuthorizableId(slingHttpServletRequest, node);
        this.log.debug("additional properties set on " + node.getPath());
    }

    protected void setCommentProperties(SlingHttpServletRequest slingHttpServletRequest, Comment comment) {
        ModifiableValueMap modifiableValueMap = (ModifiableValueMap) comment.getResource().adaptTo(ModifiableValueMap.class);
        modifiableValueMap.put("added", Calendar.getInstance());
        String parameter = slingHttpServletRequest.getParameter("email");
        if (parameter == null) {
            parameter = "";
        }
        modifiableValueMap.put("email", parameter);
        String parameter2 = slingHttpServletRequest.getParameter("url");
        if (parameter2 == null) {
            parameter2 = "";
        } else if (!"".equals(parameter2) && !parameter2.matches("^.*\\:\\/\\/.*$")) {
            parameter2 = "http://" + parameter2;
        }
        modifiableValueMap.put("url", parameter2);
        modifiableValueMap.put("ip", slingHttpServletRequest.getRemoteAddr());
        modifiableValueMap.put("userAgent", slingHttpServletRequest.getHeader("User-Agent"));
        modifiableValueMap.put("referer", slingHttpServletRequest.getHeader("Referer"));
        setAuthorizableId(slingHttpServletRequest, modifiableValueMap);
        RequestParameterMap requestParameterMap = slingHttpServletRequest.getRequestParameterMap();
        for (String str : requestParameterMap.keySet()) {
            if (!ArrayUtils.contains(this.fieldWhitelist, str) || str.contains(SlingPostConstants.RP_PREFIX)) {
                this.log.debug("skipped custom form field [{}], not in white list.", str);
            } else if (ArrayUtils.contains(RESERVED_PROPERTY_NAMES, str)) {
                this.log.debug("skipped custom form field [{}], matches reserved field name.", str);
            } else {
                RequestParameter[] requestParameterArr = requestParameterMap.get(str);
                if (requestParameterArr.length <= 0 || !requestParameterArr[0].isFormField()) {
                    this.log.debug("skipped custom form field [{}], empty or binary not allowed.", str);
                } else {
                    Object string = requestParameterArr.length == 1 ? requestParameterArr[0].getString() : slingHttpServletRequest.getParameterValues(str);
                    if (null != string) {
                        if (str.equals("userIdentifier") && ((String) string).length() == 0) {
                            this.log.debug("skipped custom form field \"userIdentifier\", empty value is not allowed.");
                        } else {
                            modifiableValueMap.put(str, string);
                        }
                    }
                }
            }
        }
        this.log.debug("additional properties set on " + comment.getPath());
    }

    private void setAuthorizableId(SlingHttpServletRequest slingHttpServletRequest, Node node) throws RepositoryException {
        String parameter = slingHttpServletRequest.getParameter("userIdentifier");
        String userID = slingHttpServletRequest.getResourceResolver().getUserID();
        if (StringUtils.isNotBlank(userID)) {
            boolean equals = "anonymous".equals(userID);
            boolean isAuthorMode = isAuthorMode();
            if (!equals && isAuthorMode) {
                boolean userExists = userExists(parameter, node.getSession());
                boolean hasPermissions = hasPermissions(parameter, getRequestSession(slingHttpServletRequest), node.getSession());
                if (!userExists || !hasPermissions) {
                    this.log.warn("host {} posted a comment with an unknown userIdentifier ({})", slingHttpServletRequest.getRemoteAddr(), parameter);
                    return;
                }
                JcrUtil.setProperty(node, "authorizableId", parameter);
                if (parameter.equals(userID)) {
                    return;
                }
                this.log.warn("host {} posted a comment with different userIdentifier ({}) than sessionUserId ({})", new String[]{slingHttpServletRequest.getRemoteAddr(), parameter, userID});
                return;
            }
            if (equals || isAuthorMode) {
                return;
            }
            if (parameter == null || userID.equals(parameter)) {
                JcrUtil.setProperty(node, "authorizableId", userID);
                return;
            }
            String str = "host " + slingHttpServletRequest.getRemoteAddr() + "posted a comment with suspect userIdentifier (" + parameter + "), sessionUserId (" + userID + XPath.CLOSING_BRACKET;
            if (this.log.isWarnEnabled()) {
                this.log.warn(str);
            }
            throw new CommentException(str);
        }
    }

    private void setAuthorizableId(SlingHttpServletRequest slingHttpServletRequest, ValueMap valueMap) {
        String parameter = slingHttpServletRequest.getParameter("userIdentifier");
        Session session = (Session) slingHttpServletRequest.getResourceResolver().adaptTo(Session.class);
        String userID = slingHttpServletRequest.getResourceResolver().getUserID();
        if (StringUtils.isNotBlank(userID)) {
            boolean equals = "anonymous".equals(userID);
            boolean isAuthorMode = isAuthorMode();
            if (!equals && isAuthorMode) {
                boolean userExists = userExists(parameter, session);
                boolean hasPermissions = hasPermissions(parameter, getRequestSession(slingHttpServletRequest), session);
                if (!userExists || !hasPermissions) {
                    this.log.warn("host {} posted a comment with an unknown userIdentifier ({})", slingHttpServletRequest.getRemoteAddr(), parameter);
                    return;
                }
                valueMap.put("authorizableId", parameter);
                if (parameter.equals(userID)) {
                    return;
                }
                this.log.warn("host {} posted a comment with different userIdentifier ({}) than sessionUserId ({})", new String[]{slingHttpServletRequest.getRemoteAddr(), parameter, userID});
                return;
            }
            if (equals || isAuthorMode) {
                return;
            }
            if (parameter == null || userID.equals(parameter)) {
                valueMap.put("authorizableId", userID);
                return;
            }
            String str = "host " + slingHttpServletRequest.getRemoteAddr() + "posted a comment with suspect userIdentifier (" + parameter + "), sessionUserId (" + userID + XPath.CLOSING_BRACKET;
            if (this.log.isWarnEnabled()) {
                this.log.warn(str);
            }
            throw new CommentException(str);
        }
    }

    protected void checkAuthorizableId(SlingHttpServletRequest slingHttpServletRequest, Session session) throws RepositoryException {
        String parameter = slingHttpServletRequest.getParameter("userIdentifier");
        String userID = slingHttpServletRequest.getResourceResolver().getUserID();
        if (StringUtils.isNotBlank(userID)) {
            boolean equals = "anonymous".equals(userID);
            boolean isAuthorMode = isAuthorMode();
            if (!equals && isAuthorMode) {
                boolean userExists = userExists(parameter, session);
                boolean hasPermissions = hasPermissions(parameter, getRequestSession(slingHttpServletRequest), session);
                if (userExists && hasPermissions && !parameter.equals(userID)) {
                    this.log.warn("host {} posted a comment with different userIdentifier ({}) than sessionUserId ({})", new String[]{slingHttpServletRequest.getRemoteAddr(), parameter, userID});
                    return;
                }
                return;
            }
            if (isAuthorMode) {
                return;
            }
            if (equals) {
                if (validateAnonymousUserId(session, userID, parameter)) {
                    return;
                }
                String str = "host " + slingHttpServletRequest.getRemoteAddr() + "posted a comment with invalid userIdentifier (" + parameter + "), sessionUserId (" + userID + XPath.CLOSING_BRACKET;
                this.log.warn(str);
                throw new CommentException(str);
            }
            if (parameter == null || userID.equals(parameter)) {
                return;
            }
            String str2 = "host " + slingHttpServletRequest.getRemoteAddr() + "posted a comment with suspicious userIdentifier (" + parameter + "), sessionUserId (" + userID + XPath.CLOSING_BRACKET;
            if (this.log.isWarnEnabled()) {
                this.log.warn(str2);
            }
            throw new CommentException(str2);
        }
    }

    private boolean validateAnonymousUserId(Session session, String str, String str2) {
        if (!"anonymous".equals(str)) {
            return true;
        }
        if (StringUtils.isNotBlank(str2)) {
            return "anonymous".equals(str2) || !userExists(str2, session);
        }
        return false;
    }

    private UserProperties getSessionUserProperties(SlingHttpServletRequest slingHttpServletRequest) {
        return (UserProperties) slingHttpServletRequest.getResourceResolver().adaptTo(UserProperties.class);
    }

    private Session getRequestSession(SlingHttpServletRequest slingHttpServletRequest) {
        return (Session) slingHttpServletRequest.getResourceResolver().adaptTo(Session.class);
    }

    private boolean userExists(String str, Session session) {
        try {
            return this.userManagerFactory.createUserManager(session).hasAuthorizable(str);
        } catch (Exception e) {
            this.log.debug(e.getMessage(), e);
            return false;
        }
    }

    private boolean hasPermissions(String str, Session session, Session session2) {
        try {
            if (!StringUtils.isNotBlank(str)) {
                return false;
            }
            UserProperties userProperties = (UserProperties) getResourceResolver(session).adaptTo(UserProperties.class);
            if (session != null) {
                return session.hasPermission(userProperties.getResource(".").getPath(), "read");
            }
            return false;
        } catch (NoSuchAuthorizableException e) {
            return false;
        } catch (RepositoryException e2) {
            return false;
        }
    }

    private boolean isAuthorMode() {
        return this.settingsService != null && this.settingsService.getRunModes().contains("author");
    }

    protected void activate(ComponentContext componentContext) {
        this.reverseReplicate = OsgiUtil.toBoolean(componentContext.getProperties().get("reverseReplicate"), true);
        this.fieldWhitelist = OsgiUtil.toStringArray(componentContext.getProperties().get("fieldWhitelist"));
        this.attachmentTypeBlacklist = OsgiUtil.toStringArray(componentContext.getProperties().get("attachmentTypeBlacklist"));
    }

    protected boolean writeUGCResponse(SlingHttpServletRequest slingHttpServletRequest, SlingHttpServletResponse slingHttpServletResponse, Resource resource, String str) throws ServletException, IOException {
        boolean z = false;
        if (StringUtils.equalsIgnoreCase(slingHttpServletRequest.getRequestPathInfo().getExtension(), "html")) {
            slingHttpServletResponse.setHeader(DavConstants.HEADER_CONTENT_TYPE, "text/html");
            slingHttpServletResponse.setCharacterEncoding("utf-8");
            TemplateHandlingRequest templateHandlingRequest = new TemplateHandlingRequest(slingHttpServletRequest);
            String parameter = slingHttpServletRequest.getParameter(TEMPLATE_FORM_ID);
            RequestDispatcherOptions requestDispatcherOptions = new RequestDispatcherOptions();
            if (null != parameter) {
                slingHttpServletResponse.setStatus(201);
                String path = null != str ? str : resource.getPath();
                if (isCORS(slingHttpServletRequest).booleanValue()) {
                    slingHttpServletResponse.setHeader(DeltaVConstants.HEADER_LOCATION, this.externalizer.absoluteLink(slingHttpServletRequest, slingHttpServletRequest.getScheme(), path));
                } else {
                    slingHttpServletResponse.setHeader(DeltaVConstants.HEADER_LOCATION, path);
                }
                requestDispatcherOptions.setReplaceSelectors(parameter);
                templateHandlingRequest.getRequestDispatcher(resource, requestDispatcherOptions).include(templateHandlingRequest, slingHttpServletResponse);
                z = true;
            }
        }
        return z;
    }

    protected boolean writeUGCResponse(SlingHttpServletRequest slingHttpServletRequest, SlingHttpServletResponse slingHttpServletResponse, Resource resource) throws ServletException, IOException {
        return writeUGCResponse(slingHttpServletRequest, slingHttpServletResponse, resource, null);
    }

    protected String getResourceSuperType(SlingHttpServletRequest slingHttpServletRequest, String str) {
        return ResourceUtil.getResourceSuperType(slingHttpServletRequest.getResourceResolver(), str);
    }

    private List<String> collectTemplates(Resource resource) {
        ArrayList arrayList = new ArrayList();
        if (resource == null) {
            return arrayList;
        }
        ResourceResolver resourceResolver = resource.getResourceResolver();
        if (resource.getResourceSuperType() != null) {
            arrayList.addAll(collectTemplates(resourceResolver.getResource(resource.getResourceSuperType())));
        }
        Iterator<Resource> listChildren = resource.listChildren();
        while (listChildren.hasNext()) {
            String name = listChildren.next().getName();
            if (name.matches(TEMPLATE_MASK)) {
                arrayList.add(name);
            }
        }
        return arrayList;
    }

    protected Boolean isCORS(SlingHttpServletRequest slingHttpServletRequest) {
        if (null != this.externalizer && !this.externalizer.absoluteLink(slingHttpServletRequest, slingHttpServletRequest.getScheme(), "").equals(slingHttpServletRequest.getHeader("Origin"))) {
            return true;
        }
        return false;
    }

    protected void allowCORS(SlingHttpServletRequest slingHttpServletRequest, SlingHttpServletResponse slingHttpServletResponse) {
        if (null == this.externalizer || this.externalizer.absoluteLink(slingHttpServletRequest, slingHttpServletRequest.getScheme(), "").equals(slingHttpServletRequest.getHeader("Origin"))) {
            return;
        }
        slingHttpServletResponse.setHeader("Access-Control-Allow-Credentials", ExactTargetConstants.TRUE);
        slingHttpServletResponse.setHeader("Access-Control-Allow-Origin", slingHttpServletRequest.getHeader("Origin"));
        slingHttpServletResponse.setHeader("Access-Control-Allow-Headers", "CONTENT-TYPE, LOCATION, *");
        slingHttpServletResponse.setHeader("Access-Control-Expose-Headers", "Content-Type, Location");
    }

    protected void bindJcrResourceResolverFactory(JcrResourceResolverFactory jcrResourceResolverFactory) {
        this.jcrResourceResolverFactory = jcrResourceResolverFactory;
    }

    protected void unbindJcrResourceResolverFactory(JcrResourceResolverFactory jcrResourceResolverFactory) {
        if (this.jcrResourceResolverFactory == jcrResourceResolverFactory) {
            this.jcrResourceResolverFactory = null;
        }
    }

    protected void bindExternalizer(Externalizer externalizer) {
        this.externalizer = externalizer;
    }

    protected void unbindExternalizer(Externalizer externalizer) {
        if (this.externalizer == externalizer) {
            this.externalizer = null;
        }
    }

    protected void bindUserManagerFactory(UserManagerFactory userManagerFactory) {
        this.userManagerFactory = userManagerFactory;
    }

    protected void unbindUserManagerFactory(UserManagerFactory userManagerFactory) {
        if (this.userManagerFactory == userManagerFactory) {
            this.userManagerFactory = null;
        }
    }

    protected void bindSettingsService(SlingSettingsService slingSettingsService) {
        this.settingsService = slingSettingsService;
    }

    protected void unbindSettingsService(SlingSettingsService slingSettingsService) {
        if (this.settingsService == slingSettingsService) {
            this.settingsService = null;
        }
    }

    protected void bindReplicator(AsyncReverseReplicator asyncReverseReplicator) {
        this.replicator = asyncReverseReplicator;
    }

    protected void unbindReplicator(AsyncReverseReplicator asyncReverseReplicator) {
        if (this.replicator == asyncReverseReplicator) {
            this.replicator = null;
        }
    }
}
