package com.google.gwtjsonrpc.server;

import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.google.gson.InstanceCreator;
import com.google.gson.JsonElement;
import com.google.gson.JsonNull;
import com.google.gson.JsonObject;
import com.google.gson.JsonParseException;
import com.google.gson.JsonParser;
import com.google.gson.JsonSerializationContext;
import com.google.gson.JsonSerializer;
import com.google.gwtjsonrpc.common.AsyncCallback;
import com.google.gwtjsonrpc.common.JsonConstants;
import com.google.gwtjsonrpc.common.RemoteJsonService;
import com.google.gwtjsonrpc.server.ActiveCall;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.io.StringWriter;
import java.io.UnsupportedEncodingException;
import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
import java.lang.reflect.Type;
import java.nio.ByteBuffer;
import java.nio.charset.CharacterCodingException;
import java.nio.charset.Charset;
import java.nio.charset.CharsetDecoder;
import java.nio.charset.CodingErrorAction;
import java.sql.Date;
import java.sql.Timestamp;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import java.util.regex.Pattern;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;

/* loaded from: input_file:com/google/gwtjsonrpc/server/JsonServlet.class */
public abstract class JsonServlet<CallType extends ActiveCall> extends HttpServlet {
    public static final Pattern SAFE_CALLBACK = Pattern.compile("^([A-Za-z0-9_$.]|\\[|\\])+$");
    private static final ThreadLocal<ActiveCall> perThreadCall = new ThreadLocal<>();
    static final Object[] NO_PARAMS = new Object[0];
    private static final String ENC = "UTF-8";
    private Map<String, MethodHandle> myMethods;
    private SignedToken xsrf;

    public static <CallType extends ActiveCall> CallType getCurrentCall() {
        return (CallType) perThreadCall.get();
    }

    public static GsonBuilder defaultGsonBuilder() {
        GsonBuilder gsonBuilder = new GsonBuilder();
        gsonBuilder.registerTypeAdapter(Set.class, new InstanceCreator<Set<Object>>() { // from class: com.google.gwtjsonrpc.server.JsonServlet.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.google.gson.InstanceCreator
            public Set<Object> createInstance(Type type) {
                return new HashSet();
            }
        });
        gsonBuilder.registerTypeAdapter(Map.class, new MapDeserializer());
        gsonBuilder.registerTypeAdapter(Date.class, new SqlDateDeserializer());
        gsonBuilder.registerTypeAdapter(Timestamp.class, new SqlTimestampDeserializer());
        return gsonBuilder;
    }

    @Override // javax.servlet.GenericServlet, javax.servlet.Servlet
    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        try {
            this.myMethods = methods((RemoteJsonService) createServiceHandle());
            if (this.myMethods.isEmpty()) {
                throw new ServletException("No service methods declared");
            }
            try {
                this.xsrf = createXsrfSignedToken();
            } catch (XsrfException e) {
                throw new ServletException("Cannot initialize XSRF", e);
            }
        } catch (Exception e2) {
            throw new ServletException("Service handle not available", e2);
        }
    }

    protected Object createServiceHandle() throws Exception {
        return this;
    }

    protected SignedToken createXsrfSignedToken() throws XsrfException {
        return new SignedToken(14400);
    }

    protected GsonBuilder createGsonBuilder() {
        return defaultGsonBuilder();
    }

    protected boolean xsrfValidate(CallType calltype) throws XsrfException {
        return calltype.xsrfValidate();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public MethodHandle lookupMethod(String str) {
        return this.myMethods.get(str);
    }

    protected CallType createActiveCall(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return (CallType) new ActiveCall(httpServletRequest, httpServletResponse);
    }

    protected int maxRequestSize() {
        return 1048576;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void preInvoke(CallType calltype) {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.servlet.http.HttpServlet
    public void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        try {
            CallType createActiveCall = createActiveCall(httpServletRequest, httpServletResponse);
            createActiveCall.xsrf = this.xsrf;
            createActiveCall.noCache();
            if (!acceptJSON(createActiveCall)) {
                textError(createActiveCall, 400, "Must Accept application/json");
                perThreadCall.set(null);
                return;
            }
            perThreadCall.set(createActiveCall);
            doService(createActiveCall);
            if (createActiveCall.internalFailure != null) {
                getServletContext().log("Error in " + createActiveCall.method.getName(), createActiveCall.internalFailure);
                createActiveCall.onFailure(new Exception("Internal Server Error"));
            }
            String formatResult = formatResult(createActiveCall);
            RPCServletUtils.writeResponse(getServletContext(), createActiveCall.httpResponse, formatResult, createActiveCall.callback == null && formatResult.length() > 256 && RPCServletUtils.acceptsGzipEncoding(createActiveCall.httpRequest));
            perThreadCall.set(null);
        } catch (Throwable th) {
            perThreadCall.set(null);
            throw th;
        }
    }

    private boolean acceptJSON(CallType calltype) {
        String header = calltype.httpRequest.getHeader("Accept");
        if (header == null) {
            return false;
        }
        if (JsonConstants.JSON_TYPE.equals(header) || header.startsWith("application/json,")) {
            return true;
        }
        for (String str : header.split("[ ,;][ ,;]*")) {
            if (JsonConstants.JSON_TYPE.equals(str)) {
                return true;
            }
        }
        return false;
    }

    private void doService(CallType calltype) throws IOException {
        try {
            try {
                if ("GET".equals(calltype.httpRequest.getMethod())) {
                    parseGetRequest(calltype);
                    if (!calltype.method.allowCrossSiteRequest()) {
                        calltype.onFailure(new Exception(JsonConstants.ERROR_INVALID_XSRF));
                        return;
                    }
                } else {
                    if (!"POST".equals(calltype.httpRequest.getMethod())) {
                        calltype.httpResponse.setStatus(400);
                        calltype.onFailure(new Exception("Unsupported HTTP method"));
                        return;
                    }
                    parsePostRequest(calltype);
                }
                if (calltype.callback != null && !SAFE_CALLBACK.matcher(calltype.callback).matches()) {
                    calltype.httpResponse.setStatus(400);
                    calltype.onFailure(new Exception("Unsafe name in 'callback' property"));
                    return;
                }
                try {
                    calltype.xsrfValid = xsrfValidate(calltype);
                } catch (XsrfException e) {
                    getServletContext().log("Unexpected XSRF validation error", e);
                    calltype.xsrfValid = false;
                }
                if (calltype.method.allowCrossSiteRequest() || calltype.requireXsrfValid()) {
                    preInvoke(calltype);
                    if (calltype.isComplete()) {
                        return;
                    }
                    calltype.method.invoke(calltype.params, calltype);
                }
            } catch (NoSuchRemoteMethodException e2) {
                calltype.httpResponse.setStatus(404);
                calltype.onFailure(new Exception("No such service method"));
            }
        } catch (JsonParseException e3) {
            if (e3.getCause() instanceof NoSuchRemoteMethodException) {
                throw ((NoSuchRemoteMethodException) e3.getCause());
            }
            calltype.httpResponse.setStatus(400);
            calltype.onFailure(new Exception("Error parsing request", e3));
        }
    }

    private void parseGetRequest(CallType calltype) {
        HttpServletRequest httpServletRequest = calltype.httpRequest;
        if ("2.0".equals(httpServletRequest.getParameter("jsonrpc"))) {
            JsonObject jsonObject = new JsonObject();
            jsonObject.addProperty("jsonrpc", "2.0");
            jsonObject.addProperty("method", httpServletRequest.getParameter("method"));
            jsonObject.addProperty("id", httpServletRequest.getParameter("id"));
            try {
                jsonObject.add("params", new JsonParser().parse(new String(Base64.decodeBase64(httpServletRequest.getParameter("params").getBytes("ISO-8859-1")), "UTF-8")));
                try {
                    GsonBuilder createGsonBuilder = createGsonBuilder();
                    createGsonBuilder.registerTypeAdapter(ActiveCall.class, new CallDeserializer(calltype, this));
                    createGsonBuilder.create().fromJson((JsonElement) jsonObject, ActiveCall.class);
                    return;
                } catch (JsonParseException e) {
                    calltype.method = null;
                    calltype.params = null;
                    throw e;
                }
            } catch (UnsupportedEncodingException e2) {
                throw new JsonParseException("Cannot parse params", e2);
            }
        }
        Gson create = createGsonBuilder().create();
        calltype.method = lookupMethod(httpServletRequest.getParameter("method"));
        if (calltype.method == null) {
            throw new NoSuchRemoteMethodException();
        }
        Type[] paramTypes = calltype.method.getParamTypes();
        Object[] objArr = new Object[paramTypes.length];
        for (int i = 0; i < objArr.length; i++) {
            String parameter = httpServletRequest.getParameter("param" + i);
            if (parameter == null) {
                objArr[i] = null;
            } else if (paramTypes[i] == String.class) {
                objArr[i] = parameter;
            } else if ((paramTypes[i] instanceof Class) && ((Class) paramTypes[i]).isPrimitive()) {
                objArr[i] = create.fromJson(parameter, paramTypes[i]);
            } else {
                objArr[i] = create.fromJson(create.toJson(parameter), paramTypes[i]);
            }
        }
        calltype.params = objArr;
        calltype.callback = httpServletRequest.getParameter("callback");
    }

    private static boolean isBodyJson(ActiveCall activeCall) {
        String contentType = activeCall.httpRequest.getContentType();
        if (contentType == null) {
            return false;
        }
        int indexOf = contentType.indexOf(59);
        if (indexOf >= 0) {
            contentType = contentType.substring(0, indexOf).trim();
        }
        return JsonConstants.JSON_TYPE.equals(contentType);
    }

    private static boolean isBodyUTF8(ActiveCall activeCall) {
        String characterEncoding = activeCall.httpRequest.getCharacterEncoding();
        if (characterEncoding == null) {
            characterEncoding = "";
        }
        return characterEncoding.toLowerCase().contains("UTF-8".toLowerCase());
    }

    private String readBody(ActiveCall activeCall) throws IOException {
        if (!isBodyJson(activeCall)) {
            throw new JsonParseException("Invalid Request Content-Type");
        }
        if (!isBodyUTF8(activeCall)) {
            throw new JsonParseException("Invalid Request Character-Encoding");
        }
        int contentLength = activeCall.httpRequest.getContentLength();
        if (contentLength < 0) {
            throw new JsonParseException("Invalid Request Content-Length");
        }
        if (contentLength == 0) {
            throw new JsonParseException("Invalid Request POST Body Required");
        }
        if (contentLength > maxRequestSize()) {
            throw new JsonParseException("Invalid Request POST Body Too Large");
        }
        ServletInputStream inputStream = activeCall.httpRequest.getInputStream();
        if (inputStream == null) {
            throw new JsonParseException("Invalid Request POST Body Required");
        }
        try {
            byte[] bArr = new byte[contentLength];
            int i = 0;
            while (i < contentLength) {
                int read = inputStream.read(bArr, i, contentLength - i);
                if (read <= 0) {
                    throw new JsonParseException("Invalid Request Incomplete Body");
                }
                i += read;
            }
            CharsetDecoder newDecoder = Charset.forName("UTF-8").newDecoder();
            newDecoder.onMalformedInput(CodingErrorAction.REPORT);
            newDecoder.onUnmappableCharacter(CodingErrorAction.REPORT);
            try {
                String charBuffer = newDecoder.decode(ByteBuffer.wrap(bArr)).toString();
                inputStream.close();
                return charBuffer;
            } catch (CharacterCodingException e) {
                throw new JsonParseException("Invalid Request Not UTF-8", e);
            }
        } catch (Throwable th) {
            inputStream.close();
            throw th;
        }
    }

    private void parsePostRequest(CallType calltype) throws UnsupportedEncodingException, IOException {
        try {
            GsonBuilder createGsonBuilder = createGsonBuilder();
            createGsonBuilder.registerTypeAdapter(ActiveCall.class, new CallDeserializer(calltype, this));
            createGsonBuilder.create().fromJson(readBody(calltype), ActiveCall.class);
        } catch (JsonParseException e) {
            calltype.method = null;
            calltype.params = null;
            throw e;
        }
    }

    private String formatResult(final ActiveCall activeCall) throws UnsupportedEncodingException, IOException {
        GsonBuilder createGsonBuilder = createGsonBuilder();
        createGsonBuilder.registerTypeAdapter(activeCall.getClass(), new JsonSerializer<ActiveCall>() { // from class: com.google.gwtjsonrpc.server.JsonServlet.2
            @Override // com.google.gson.JsonSerializer
            public JsonElement serialize(ActiveCall activeCall2, Type type, JsonSerializationContext jsonSerializationContext) {
                if (activeCall.callback != null) {
                    return activeCall2.externalFailure != null ? JsonNull.INSTANCE : jsonSerializationContext.serialize(activeCall2.result);
                }
                JsonObject jsonObject = new JsonObject();
                jsonObject.add(activeCall2.versionName, activeCall2.versionValue);
                if (activeCall2.id != null) {
                    jsonObject.add("id", activeCall2.id);
                }
                if (activeCall2.xsrfKeyOut != null) {
                    jsonObject.addProperty("xsrfKey", activeCall2.xsrfKeyOut);
                }
                if (activeCall2.externalFailure != null) {
                    JsonObject jsonObject2 = new JsonObject();
                    if ("jsonrpc".equals(activeCall2.versionName)) {
                        jsonObject2.addProperty("code", Integer.valueOf(JsonServlet.this.to2_0ErrorCode(activeCall2)));
                        jsonObject2.addProperty("message", activeCall2.externalFailure.getMessage());
                    } else {
                        jsonObject2.addProperty("name", "JSONRPCError");
                        jsonObject2.addProperty("code", (Number) 999);
                        jsonObject2.addProperty("message", activeCall2.externalFailure.getMessage());
                    }
                    jsonObject.add("error", jsonObject2);
                } else {
                    jsonObject.add("result", jsonSerializationContext.serialize(activeCall2.result));
                }
                return jsonObject;
            }
        });
        StringWriter stringWriter = new StringWriter();
        if (activeCall.callback != null) {
            stringWriter.write(activeCall.callback);
            stringWriter.write("(");
        }
        createGsonBuilder.create().toJson(activeCall, stringWriter);
        if (activeCall.callback != null) {
            stringWriter.write(");");
        }
        stringWriter.close();
        return stringWriter.toString();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public int to2_0ErrorCode(ActiveCall activeCall) {
        Throwable th = activeCall.externalFailure;
        Throwable th2 = activeCall.internalFailure;
        if ((th instanceof NoSuchRemoteMethodException) || (th2 instanceof NoSuchRemoteMethodException)) {
            return -32601;
        }
        return ((th instanceof JsonParseException) || (th2 instanceof JsonParseException)) ? -32700 : -32603;
    }

    private static void textError(ActiveCall activeCall, int i, String str) throws IOException {
        HttpServletResponse httpServletResponse = activeCall.httpResponse;
        httpServletResponse.setStatus(i);
        httpServletResponse.setContentType("text/plain; charset=UTF-8");
        OutputStreamWriter outputStreamWriter = new OutputStreamWriter(httpServletResponse.getOutputStream(), "UTF-8");
        try {
            outputStreamWriter.write(str);
            outputStreamWriter.close();
        } catch (Throwable th) {
            outputStreamWriter.close();
            throw th;
        }
    }

    private static Map<String, MethodHandle> methods(RemoteJsonService remoteJsonService) {
        Class<? extends RemoteJsonService> findInterface = findInterface(remoteJsonService.getClass());
        if (findInterface == null) {
            return Collections.emptyMap();
        }
        HashMap hashMap = new HashMap();
        for (Method method : findInterface.getMethods()) {
            if (Modifier.isPublic(method.getModifiers()) && method.getReturnType() == Void.TYPE) {
                Class<?>[] parameterTypes = method.getParameterTypes();
                if (parameterTypes.length >= 1 && parameterTypes[parameterTypes.length - 1].isAssignableFrom(AsyncCallback.class)) {
                    MethodHandle methodHandle = new MethodHandle(remoteJsonService, method);
                    hashMap.put(methodHandle.getName(), methodHandle);
                }
            }
        }
        return Collections.unmodifiableMap(hashMap);
    }

    private static Class<? extends RemoteJsonService> findInterface(Class<?> cls) {
        Class cls2 = cls;
        while (true) {
            Class cls3 = cls2;
            if (cls3 == null) {
                return null;
            }
            if (cls3.isInterface() && RemoteJsonService.class.isAssignableFrom(cls3)) {
                return cls3;
            }
            for (Class<?> cls4 : cls3.getInterfaces()) {
                Class<? extends RemoteJsonService> findInterface = findInterface(cls4);
                if (findInterface != null) {
                    return findInterface;
                }
            }
            cls2 = cls3.getSuperclass();
        }
    }
}
