package com.worklight.gadgets.serving;

import com.ibm.json.java.JSONObject;
import com.worklight.adapters.http.HTTP;
import com.worklight.common.log.WorklightLogger;
import com.worklight.common.log.WorklightServerLogger;
import com.worklight.common.type.Environment;
import com.worklight.core.exceptions.InstrumentedException;
import com.worklight.core.logging.Timer;
import com.worklight.core.logging.WorklightErrors;
import com.worklight.core.util.RssBrokerUtils;
import com.worklight.gadgets.GadgetRuntimeException;
import com.worklight.gadgets.LoginDisplayType;
import com.worklight.gadgets.OldAPIRequestException;
import com.worklight.gadgets.api.GadgetAPIRequestCoder;
import com.worklight.gadgets.bean.UserPref;
import com.worklight.gadgets.bean.WidgetServiceBean;
import com.worklight.gadgets.serving.handler.APIMethodHandler;
import com.worklight.gadgets.serving.handler.APIMethodHandlerException;
import com.worklight.gadgets.utils.GadgetUtils;
import com.worklight.gadgets.utils.GadgetsMessages;
import com.worklight.server.auth.api.UserIdentity;
import com.worklight.server.auth.impl.WorkLightAuthenticationException;
import java.io.IOException;
import java.text.MessageFormat;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/worklight/gadgets/serving/GadgetAPIServlet.class */
public class GadgetAPIServlet extends HttpServlet {
    private static final WorklightServerLogger logger = new WorklightServerLogger(GadgetAPIServlet.class, WorklightLogger.MessagesBundles.CORE);
    public static final String JSON_FIELD_ERROR_MSG = "errorMsg";
    public static final String JSON_FIELD_ERROR_CODE = "errorCode";
    public static final String ATT_SHOW_LOGIN_LINK = "isShowLoginLink";
    public static final String ATT_LOGIN_MSG = "loginMsg";
    public static final String ATT_URL = "url";
    private static final String GADGET_ERROR_HTML = "/gadgetError.jsp";

    public void init(ServletConfig servletConfig) throws ServletException {
        APIMethodHandlerMgr.getInstance().init(servletConfig);
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        lockedGetOrPost(httpServletRequest, httpServletResponse);
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        lockedGetOrPost(httpServletRequest, httpServletResponse);
    }

    private void lockedGetOrPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        try {
            WidgetServiceBean.getReadwritelock().readLock().lock();
            doGetOrPost(httpServletRequest, httpServletResponse);
            WidgetServiceBean.getReadwritelock().readLock().unlock();
        } catch (Throwable th) {
            WidgetServiceBean.getReadwritelock().readLock().unlock();
            throw th;
        }
    }

    private void doGetOrPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Timer timer = Timer.getTimer();
        try {
            GadgetAPIRequestCoder.GadgetRequestInfo decodeGadgetRequestInfo = GadgetAPIRequestCoder.decodeGadgetRequestInfo(httpServletRequest);
            String handlerPath = decodeGadgetRequestInfo.getHandlerPath();
            UserIdentity userRealmIdentity = GadgetUtils.getGadgetApplicationFrom(decodeGadgetRequestInfo).getGadget().getUserRealmIdentity();
            if (userRealmIdentity == null) {
                logger.warn("doGetOrPost", "logger.userIdentityForAPIISNull", new Object[0]);
                throw new GadgetRuntimeException("userIdentityForAPI is null. Check your application''s authentication requirements (never, onStartup, onDemand). These settings must match to the deployed application");
            }
            String str = userRealmIdentity.name;
            APIMethodHandler handler = APIMethodHandlerMgr.getInstance().getHandler(handlerPath);
            if (httpServletRequest.getMethod().equals(HTTP.GET_METHOD)) {
                handler.doGet(httpServletRequest, httpServletResponse, decodeGadgetRequestInfo);
            } else {
                handler.doPost(httpServletRequest, httpServletResponse, decodeGadgetRequestInfo);
            }
            logger.debug("doGetOrPost", "Gadgets servlet served " + str + " for path " + httpServletRequest.getPathInfo() + " with handler " + handlerPath + " in " + timer + ".");
        } catch (OldAPIRequestException e) {
            httpServletResponse.setStatus(301);
            httpServletResponse.setHeader("Location", constructNewUrlFrom(httpServletRequest, e.getGadgetId(), e.getGadgetEnv()));
        } catch (Exception e2) {
            if (isAjaxRequest(httpServletRequest)) {
                handleAjaxRequestException(httpServletRequest, httpServletResponse, e2);
            } else {
                handleBrowserRequestException(httpServletRequest, httpServletResponse, null, e2);
            }
            logger.debug("doGetOrPost", "Gadgets servlet FAILED to serve UNKNOWN for path " + httpServletRequest.getPathInfo() + " in " + timer + ". Exception: " + e2.getMessage());
        } catch (WorkLightAuthenticationException e3) {
            throw e3;
        }
    }

    public static boolean isAjaxRequest(HttpServletRequest httpServletRequest) {
        boolean z = httpServletRequest.getHeader("x-requested-with") != null && httpServletRequest.getHeader("x-requested-with").equals("XMLHttpRequest");
        if (!z) {
            z = httpServletRequest.getParameter("isAjaxRequest") != null && httpServletRequest.getParameter("isAjaxRequest").equals("true");
        }
        return z;
    }

    private void handleAjaxRequestException(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Exception exc) {
        try {
            JSONObject createAjaxRequestExceptionJSON = createAjaxRequestExceptionJSON(httpServletRequest, exc, logger);
            httpServletResponse.setContentType("application/json; charset=UTF-8");
            httpServletResponse.setStatus(500);
            httpServletResponse.getWriter().write(createAjaxRequestExceptionJSON.toString());
        } catch (Exception e) {
            logger.error("handleAjaxRequestException", "logger.handleAjaxException", new Object[0]);
            logger.debug(e, "handleAjaxRequestException", e.getLocalizedMessage());
        }
    }

    public static JSONObject createAjaxRequestExceptionJSON(HttpServletRequest httpServletRequest, Exception exc, WorklightServerLogger worklightServerLogger) {
        ErrorCode errorCode;
        worklightServerLogger.error("createAjaxRequestExceptionJSON", "logger.ajsxRequestException", new Object[]{exc.getMessage()});
        worklightServerLogger.debug(exc, "createAjaxRequestExceptionJSON", exc.getLocalizedMessage());
        String message = exc.getMessage();
        if (exc instanceof UserInstanceAccessViolationException) {
            errorCode = ErrorCode.USER_INSTANCE_ACCESS_VIOLATION;
            httpServletRequest.getSession().invalidate();
        } else if (exc instanceof APIMethodHandlerException) {
            errorCode = ((APIMethodHandlerException) exc).getErrorCode();
        } else {
            errorCode = ErrorCode.UNEXPECTED_ERROR;
            worklightServerLogger.errorToErrorHandler("createAjaxRequestExceptionJSON", WorklightErrors.INTERNAL_ERROR.createErrorMessage(worklightServerLogger.getFormatter().format("logger.internalErrorGadgetRequest", new Object[0]) + exc.getLocalizedMessage()));
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.put(JSON_FIELD_ERROR_CODE, errorCode.toString());
        jSONObject.put(JSON_FIELD_ERROR_MSG, message);
        return jSONObject;
    }

    private void handleBrowserRequestException(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, GadgetAPIRequestCoder.GadgetRequestInfo gadgetRequestInfo, Exception exc) {
        try {
            String message = exc.getMessage();
            if (exc instanceof InstrumentedException) {
                message = ((InstrumentedException) exc).getExternalMessage(RssBrokerUtils.getAudit().getLocale());
            }
            if (exc instanceof UserInstanceAccessViolationException) {
                if (GadgetUtils.getGadgetApplicationFrom(gadgetRequestInfo).getLoginDisplayType() == LoginDisplayType.EMBEDDED) {
                    httpServletRequest.setAttribute(ATT_SHOW_LOGIN_LINK, "true");
                }
                httpServletRequest.setAttribute(ATT_LOGIN_MSG, GadgetsMessages.USER_INSTANCE_ACCESS_VIOLATION_LOGIN_MSG.format(RssBrokerUtils.getAudit().getLocale(), new Object[0]));
                httpServletRequest.setAttribute(ATT_URL, httpServletRequest.getRequestURL().toString());
                httpServletRequest.getSession().invalidate();
            } else if (exc instanceof IOException) {
                logger.debug("handleBrowserRequestException", "Http connection failure. " + exc.getMessage());
                return;
            } else {
                logger.errorToErrorHandler("handleBrowserRequestException", WorklightErrors.INTERNAL_ERROR.createErrorMessage(logger.getFormatter().format("logger.errorBrowserRequest", new Object[0]) + message));
            }
            logger.error(exc, "handleBrowserRequestException", "logger.browserRequestException", new Object[0]);
            httpServletRequest.setAttribute(JSON_FIELD_ERROR_MSG, message);
            httpServletRequest.getRequestDispatcher(GADGET_ERROR_HTML).forward(httpServletRequest, httpServletResponse);
        } catch (Exception e) {
            logger.warn(exc, "handleBrowserRequestException", "logger.handleBrowserFailed", new Object[0]);
        }
    }

    private static String constructNewUrlFrom(HttpServletRequest httpServletRequest, String str, Environment environment) {
        return "/apps/services/" + MessageFormat.format("www/{0}/{1}", str, environment.getId()) + MessageFormat.format("/{0}/{1}.html", UserPref.DEFAULT_USER_PREFS_IDENTITY, str) + MessageFormat.format("?{0}", httpServletRequest.getQueryString());
    }
}
