package org.wso2.photo.edit.services;

import java.io.DataOutputStream;
import java.io.IOException;
import java.net.URL;
import java.util.logging.Logger;
import javax.net.ssl.HttpsURLConnection;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.oltu.oauth2.common.OAuth;
import org.bouncycastle.asn1.x509.DisplayText;
import org.json.JSONArray;
import org.json.JSONObject;
import org.wso2.photo.edit.CommonUtils;

/* loaded from: input_file:WEB-INF/classes/org/wso2/photo/edit/services/ResourceServlet.class */
public class ResourceServlet extends HttpServlet {
    private static final Logger LOGGER = Logger.getLogger(ResourceServlet.class.getName());

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String header = httpServletRequest.getHeader(OAuth.HeaderType.AUTHORIZATION);
        try {
            if (StringUtils.isNotBlank(header) && header.contains("Bearer ")) {
                String str = header.split("Bearer ")[1];
                if (StringUtils.isNotBlank(str)) {
                    JSONObject introspect = introspect(str);
                    LOGGER.info("Intro response json:" + introspect.toString());
                    if (introspect.getBoolean("active")) {
                        String string = introspect.getJSONArray("permissions").getJSONObject(0).getString("resource_id");
                        ResourceTokenData fromResourceMap = CommonUtils.getFromResourceMap(httpServletRequest.getPathInfo().substring(1));
                        LOGGER.info("resourceTokenData rec_id: " + fromResourceMap.getResourceId() + ", Introspect rec_id: " + string);
                        if (string.equals(fromResourceMap.getResourceId())) {
                            LOGGER.fine("Matching resource ID found: " + string);
                            httpServletResponse.setStatus(DisplayText.DISPLAY_TEXT_MAXIMUM_SIZE);
                            JSONArray jSONArray = new JSONArray();
                            jSONArray.put("http://localhost.com:8080/photo-edit/res/sri_lanka.jpg");
                            ServletOutputStream outputStream = httpServletResponse.getOutputStream();
                            outputStream.print(jSONArray.toString());
                            outputStream.close();
                        }
                        LOGGER.fine("Resource ID with permission in introspection response: " + string);
                    } else {
                        sendPTResponse(httpServletRequest, httpServletResponse);
                    }
                } else {
                    sendPTResponse(httpServletRequest, httpServletResponse);
                }
            } else {
                sendPTResponse(httpServletRequest, httpServletResponse);
            }
        } catch (Throwable th) {
            LOGGER.severe("Error fetching resource: " + th);
        }
    }

    private void sendPTResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String pt = getPT(httpServletRequest.getPathInfo().substring(1));
        LOGGER.warning("Permission ticket: " + pt);
        if (pt == null) {
            httpServletResponse.sendError(404);
            return;
        }
        ServletOutputStream outputStream = httpServletResponse.getOutputStream();
        httpServletResponse.setStatus(401);
        httpServletResponse.setHeader(OAuth.HeaderType.WWW_AUTHENTICATE, "UMA");
        outputStream.print("as_uri=" + CommonUtils.getIdpUrl() + "&ticket=" + pt);
        outputStream.close();
    }

    private String getPT(String str) throws IOException {
        ResourceTokenData fromResourceMap = CommonUtils.getFromResourceMap(str);
        if (fromResourceMap == null) {
            return null;
        }
        String resourceId = fromResourceMap.getResourceId();
        String token = fromResourceMap.getToken();
        String str2 = CommonUtils.getIdpUrl() + "/api/identity/oauth2/uma/permission/v1.0/permission";
        JSONArray jSONArray = new JSONArray();
        JSONObject jSONObject = new JSONObject();
        JSONArray jSONArray2 = new JSONArray();
        jSONArray2.put("view");
        jSONObject.put("resource_scopes", jSONArray2);
        jSONObject.put("resource_id", resourceId);
        jSONArray.put(jSONObject);
        String jSONArray3 = jSONArray.toString();
        LOGGER.fine("Permission ticket request payload: " + jSONArray3);
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL(str2).openConnection();
        httpsURLConnection.setRequestMethod(OAuth.HttpMethod.POST);
        httpsURLConnection.setRequestProperty(OAuth.HeaderType.AUTHORIZATION, CommonUtils.getBearerHeader(token));
        httpsURLConnection.setRequestProperty(OAuth.HeaderType.CONTENT_TYPE, OAuth.ContentType.JSON);
        httpsURLConnection.setDoOutput(true);
        new DataOutputStream(httpsURLConnection.getOutputStream()).writeBytes(jSONArray3);
        String readFromResponse = CommonUtils.readFromResponse(httpsURLConnection);
        LOGGER.fine("Permission ticket response payload: " + readFromResponse);
        return new JSONObject(readFromResponse).getString("ticket");
    }

    private JSONObject introspect(String str) throws IOException {
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL(CommonUtils.getIdpUrl() + "/oauth2/introspect").openConnection();
        httpsURLConnection.setRequestMethod(OAuth.HttpMethod.POST);
        httpsURLConnection.setRequestProperty(OAuth.HeaderType.AUTHORIZATION, CommonUtils.getAuthHeader());
        httpsURLConnection.setRequestProperty(OAuth.HeaderType.CONTENT_TYPE, OAuth.ContentType.URL_ENCODED);
        httpsURLConnection.setDoOutput(true);
        new DataOutputStream(httpsURLConnection.getOutputStream()).writeBytes("token=" + str);
        String readFromResponse = CommonUtils.readFromResponse(httpsURLConnection);
        LOGGER.warning("Introspection response: " + readFromResponse);
        return new JSONObject(readFromResponse);
    }
}
