package edu.ucsb.nceas.metacat.replication;

import edu.ucsb.nceas.metacat.MetaCatServlet;
import edu.ucsb.nceas.metacat.admin.SolrAdmin;
import edu.ucsb.nceas.metacat.service.ServiceService;
import edu.ucsb.nceas.metacat.shared.ServiceException;
import java.io.IOException;
import java.io.PrintWriter;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Iterator;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.dataone.client.auth.CertificateManager;

/* loaded from: input_file:edu/ucsb/nceas/metacat/replication/ReplicationServlet.class */
public class ReplicationServlet extends HttpServlet {
    private static final long serialVersionUID = -2898600143193513155L;
    private static Log logReplication = LogFactory.getLog("ReplicationLogging");
    private static Log logMetacat = LogFactory.getLog(ReplicationServlet.class);

    public void init(ServletConfig servletConfig) throws ServletException {
        try {
            ServiceService.registerService("ReplicationService", ReplicationService.getInstance());
        } catch (ServiceException e) {
            String str = "ReplicationServlet.init - Service problem while intializing Replication Servlet: " + e.getMessage();
            logMetacat.error("ReplicationServlet.init - " + ReplicationService.METACAT_REPL_ERROR_MSG);
            logReplication.error(str);
            throw new ServletException(str);
        }
    }

    public void destroy() {
    }

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        handleGetOrPost(httpServletRequest, httpServletResponse);
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        handleGetOrPost(httpServletRequest, httpServletResponse);
    }

    private void handleGetOrPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        PrintWriter printWriter = null;
        Hashtable hashtable = new Hashtable();
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            hashtable.put(str, httpServletRequest.getParameterValues(str));
        }
        String str2 = "";
        if (!hashtable.isEmpty() && hashtable.get(SolrAdmin.ACTION) != null) {
            str2 = ((String[]) hashtable.get(SolrAdmin.ACTION))[0];
        }
        try {
            try {
                String str3 = ((String[]) hashtable.get("server"))[0];
                boolean z = false;
                String str4 = "Metacat received the replication request. However, Metacat can't find the enity of the client certificate or the server parameter on the request url is registered in the xml_replication table. ";
                try {
                    z = hasValidCertificate(httpServletRequest, str3);
                } catch (Exception e) {
                    str4 = "Could not verify client certificate: " + e.getMessage();
                    logMetacat.error(str4, e);
                    logReplication.error(str4, e);
                }
                if (!z) {
                    PrintWriter writer = httpServletResponse.getWriter();
                    writer.print("<error>");
                    writer.print(str4);
                    writer.print("</error>");
                    writer.close();
                    if (writer != null) {
                        writer.close();
                        return;
                    }
                    return;
                }
                if (ReplicationService.getServerCodeForServerName(str3) == 0) {
                    logReplication.debug("ReplicationServlet.handleGetOrPost - Action \"" + str2 + "\" rejected for server: " + str3);
                    if (0 != 0) {
                        printWriter.close();
                        return;
                    }
                    return;
                }
                logReplication.debug("ReplicationServlet.handleGetOrPost - Action \"" + str2 + "\" accepted for server: " + str3);
                if (str2.equals("readdata")) {
                    ServletOutputStream outputStream = httpServletResponse.getOutputStream();
                    ReplicationService.handleGetDataFileRequest(outputStream, hashtable, httpServletResponse);
                    outputStream.close();
                } else if (str2.equals("forcereplicatedatafile")) {
                    if (MetaCatServlet.isReadOnly(httpServletResponse)) {
                        if (0 != 0) {
                            printWriter.close();
                            return;
                        }
                        return;
                    }
                    ReplicationService.handleForceReplicateDataFileRequest(hashtable, httpServletRequest);
                } else if (str2.equals("forcereplicate")) {
                    if (MetaCatServlet.isReadOnly(httpServletResponse)) {
                        if (0 != 0) {
                            printWriter.close();
                            return;
                        }
                        return;
                    }
                    ReplicationService.handleForceReplicateRequest(hashtable, httpServletResponse, httpServletRequest);
                } else if (str2.equals("forcereplicatesystemmetadata")) {
                    if (MetaCatServlet.isReadOnly(httpServletResponse)) {
                        if (0 != 0) {
                            printWriter.close();
                            return;
                        }
                        return;
                    }
                    ReplicationService.handleForceReplicateSystemMetadataRequest(hashtable, httpServletResponse, httpServletRequest);
                } else if (str2.equals(ReplicationService.FORCEREPLICATEDELETE)) {
                    if (MetaCatServlet.isReadOnly(httpServletResponse)) {
                        if (0 != 0) {
                            printWriter.close();
                            return;
                        }
                        return;
                    }
                    ReplicationService.handleForceReplicateDeleteRequest(hashtable, httpServletResponse, httpServletRequest, false);
                } else if (str2.equals(ReplicationService.FORCEREPLICATEDELETEALL)) {
                    if (MetaCatServlet.isReadOnly(httpServletResponse)) {
                        if (0 != 0) {
                            printWriter.close();
                            return;
                        }
                        return;
                    }
                    ReplicationService.handleForceReplicateDeleteRequest(hashtable, httpServletResponse, httpServletRequest, true);
                } else if (str2.equals("update")) {
                    if (MetaCatServlet.isReadOnly(httpServletResponse)) {
                        if (0 != 0) {
                            printWriter.close();
                            return;
                        }
                        return;
                    }
                    ReplicationService.handleUpdateRequest(hashtable, httpServletResponse);
                } else if (str2.equals("read")) {
                    ReplicationService.handleGetDocumentRequest(hashtable, httpServletResponse);
                } else if (str2.equals("getlock")) {
                    ReplicationService.handleGetLockRequest(hashtable, httpServletResponse);
                } else if (str2.equals("getdocumentinfo")) {
                    ReplicationService.handleGetDocumentInfoRequest(hashtable, httpServletResponse);
                } else if (str2.equals("getsystemmetadata")) {
                    ReplicationService.handleGetSystemMetadataRequest(hashtable, httpServletResponse);
                } else if (str2.equals("gettime")) {
                    ReplicationService.handleGetTimeRequest(hashtable, httpServletResponse);
                } else if (str2.equals("getcatalog")) {
                    ReplicationService.handleGetCatalogRequest(hashtable, httpServletResponse, true);
                } else if (str2.equals("test")) {
                    httpServletResponse.setContentType("text/html");
                    printWriter = httpServletResponse.getWriter();
                    printWriter.println("<html><body>Test successfully</body></html>");
                }
                if (printWriter != null) {
                    printWriter.close();
                }
            } catch (ServiceException e2) {
                logMetacat.error("ReplicationServlet.handleGetOrPost - " + ReplicationService.METACAT_REPL_ERROR_MSG);
                logReplication.error("ReplicationServlet.handleGetOrPost - Error in ReplicationServlet.handleGetOrPost: " + e2.getMessage());
                if (0 != 0) {
                    printWriter.close();
                }
            }
        } catch (Throwable th) {
            if (0 != 0) {
                printWriter.close();
            }
            throw th;
        }
    }

    private boolean hasValidCertificate(HttpServletRequest httpServletRequest, String str) throws InvalidNameException, URISyntaxException, ServiceException {
        X509Certificate certificate = CertificateManager.getInstance().getCertificate(httpServletRequest);
        if (certificate == null) {
            logMetacat.error("ReplicationServlet.hasValidCertifcate - the client certificate is null. This means somehow the client certificate wasn't passed to Metacat!");
            throw new ServiceException("ReplicationServlet.hasValidCertifcate - the client certificate is null. This means somehow the client certificate wasn't passed to Metacat!");
        }
        String subjectDN = CertificateManager.getInstance().getSubjectDN(certificate);
        logMetacat.info("Given client's certificate subject: " + subjectDN);
        String str2 = null;
        Iterator it = new LdapName(subjectDN).getRdns().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Rdn rdn = (Rdn) it.next();
            if (rdn.getType().equalsIgnoreCase("CN")) {
                str2 = (String) rdn.getValue();
                logMetacat.debug("Given server CN: " + str2);
                break;
            }
        }
        if (ReplicationService.getServerCodeForServerName(str) == 0) {
            return false;
        }
        String host = new URI("https://" + str).getHost();
        logMetacat.debug("Checking against registerd replication server host name: " + host);
        return host.endsWith(str2.replace("*", ""));
    }
}
