package org.wso2.carbon.event.input.adapter.http;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.axiom.om.util.Base64;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.event.input.adapter.core.InputEventAdapterListener;
import org.wso2.carbon.event.input.adapter.http.internal.ds.HTTPEventAdapterServiceValueHolder;
import org.wso2.carbon.event.input.adapter.http.internal.util.HTTPEventAdapterConstants;
import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/event/input/adapter/http/HTTPMessageServlet.class */
public class HTTPMessageServlet extends HttpServlet {
    private static final String AUTHORIZATION_HEADER = "Authorization";
    private static final String AUTH_MESSAGE_STORE_TENANT_ID = "AUTH_MESSAGE_STORE_TENANT_ID";
    private static final String AUTH_FAILURE_RESPONSE = "_AUTH_FAILURE_";
    private static Log log = LogFactory.getLog(HTTPMessageServlet.class);
    private InputEventAdapterListener eventAdaptorListener;
    private int tenantId;
    private String exposedTransports;
    private boolean isBasicAuthEnabled;

    /* loaded from: input_file:org/wso2/carbon/event/input/adapter/http/HTTPMessageServlet$HTTPRequestProcessor.class */
    public class HTTPRequestProcessor implements Runnable {
        private InputEventAdapterListener inputEventAdapterListener;
        private String payload;
        private int tenantId;

        public HTTPRequestProcessor(InputEventAdapterListener inputEventAdapterListener, String str, int i) {
            this.inputEventAdapterListener = inputEventAdapterListener;
            this.payload = str;
            this.tenantId = i;
        }

        @Override // java.lang.Runnable
        public void run() {
            try {
                PrivilegedCarbonContext.startTenantFlow();
                PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(this.tenantId);
                if (HTTPMessageServlet.log.isDebugEnabled()) {
                    HTTPMessageServlet.log.debug("Event received in HTTP Event Adapter - " + this.payload);
                }
                if (this.payload.trim() != null) {
                    this.inputEventAdapterListener.onEvent(this.payload);
                } else {
                    HTTPMessageServlet.log.warn("Dropping the empty/null event received through http adapter");
                }
            } catch (Exception e) {
                HTTPMessageServlet.log.error("Error while parsing http request for processing: " + e.getMessage(), e);
            } finally {
                PrivilegedCarbonContext.endTenantFlow();
            }
        }
    }

    public HTTPMessageServlet(InputEventAdapterListener inputEventAdapterListener, int i, String str, boolean z) {
        this.eventAdaptorListener = inputEventAdapterListener;
        this.tenantId = i;
        this.exposedTransports = str;
        this.isBasicAuthEnabled = z;
    }

    private String[] getUserPassword(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(AUTHORIZATION_HEADER);
        if (header == null || !header.startsWith("Basic ")) {
            return null;
        }
        String[] split = new String(Base64.decode(header.substring(6))).split(":");
        if (split.length != 2) {
            return null;
        }
        return split;
    }

    private int checkAuthentication(HttpServletRequest httpServletRequest) {
        Object attribute = httpServletRequest.getSession().getAttribute(AUTH_MESSAGE_STORE_TENANT_ID);
        if (attribute != null) {
            return ((Integer) attribute).intValue();
        }
        String[] userPassword = getUserPassword(httpServletRequest);
        if (userPassword == null) {
            return -1;
        }
        String str = userPassword[0];
        String str2 = userPassword[1];
        String tenantDomain = MultitenantUtils.getTenantDomain(str);
        String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(str);
        (tenantAwareUsername + "@" + tenantDomain).toLowerCase();
        RealmService realmService = HTTPEventAdapterServiceValueHolder.getRealmService();
        try {
            int tenantId = realmService.getTenantManager().getTenantId(tenantDomain);
            if (tenantId == -1 || !realmService.getTenantUserRealm(tenantId).getUserStoreManager().authenticate(tenantAwareUsername, str2)) {
                return -1;
            }
            httpServletRequest.getSession().setAttribute(AUTH_MESSAGE_STORE_TENANT_ID, Integer.valueOf(tenantId));
            return tenantId;
        } catch (Exception e) {
            if (!log.isDebugEnabled()) {
                return -1;
            }
            log.debug("checkAuthentication() fail: " + e.getMessage(), e);
            return -1;
        }
    }

    private String inputStreamToString(InputStream inputStream) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = new byte[1024];
        while (true) {
            int read = inputStream.read(bArr);
            if (read <= 0) {
                byteArrayOutputStream.close();
                return byteArrayOutputStream.toString();
            }
            byteArrayOutputStream.write(bArr, 0, read);
        }
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String inputStreamToString = inputStreamToString(httpServletRequest.getInputStream());
        if (inputStreamToString == null) {
            log.warn("Event Object is empty/null");
            return;
        }
        if (this.exposedTransports.equalsIgnoreCase(HTTPEventAdapterConstants.HTTPS)) {
            if (!httpServletRequest.isSecure()) {
                httpServletResponse.setStatus(403);
                log.error("Only Secured endpoint is enabled for requests");
                return;
            }
            if (this.isBasicAuthEnabled) {
                int checkAuthentication = checkAuthentication(httpServletRequest);
                if (checkAuthentication == -1) {
                    httpServletResponse.getOutputStream().write(AUTH_FAILURE_RESPONSE.getBytes());
                    httpServletResponse.setStatus(401);
                    log.error("Authentication failed for the request");
                    return;
                } else if (checkAuthentication != this.tenantId) {
                    httpServletResponse.getOutputStream().write(AUTH_FAILURE_RESPONSE.getBytes());
                    httpServletResponse.setStatus(401);
                    log.error("Authentication failed for the request");
                    return;
                }
            }
        } else if (this.exposedTransports.equalsIgnoreCase("http")) {
            if (httpServletRequest.isSecure()) {
                httpServletResponse.setStatus(403);
                log.error("Only unsecured endpoint is enabled for requests");
                return;
            }
        } else if (httpServletRequest.isSecure() && this.isBasicAuthEnabled) {
            int checkAuthentication2 = checkAuthentication(httpServletRequest);
            if (checkAuthentication2 == -1) {
                httpServletResponse.getOutputStream().write(AUTH_FAILURE_RESPONSE.getBytes());
                httpServletResponse.setStatus(401);
                log.error("Authentication failed for the request");
                return;
            } else if (checkAuthentication2 != this.tenantId) {
                httpServletResponse.getOutputStream().write(AUTH_FAILURE_RESPONSE.getBytes());
                httpServletResponse.setStatus(401);
                log.error("Authentication failed for the request");
                return;
            }
        }
        if (log.isDebugEnabled()) {
            log.debug("Message : " + inputStreamToString);
        }
        HTTPEventAdapter.executorService.submit(new HTTPRequestProcessor(this.eventAdaptorListener, inputStreamToString, this.tenantId));
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        doPost(httpServletRequest, httpServletResponse);
    }
}
