package org.xipki.ocsp.server.servlet;

import java.io.EOFException;
import java.io.IOException;
import java.time.Clock;
import java.util.HashMap;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xipki.ocsp.api.OcspRespWithCacheInfo;
import org.xipki.ocsp.api.OcspServer;
import org.xipki.ocsp.api.Responder;
import org.xipki.ocsp.api.ResponderAndPath;
import org.xipki.security.HashAlgo;
import org.xipki.util.Args;
import org.xipki.util.Base64;
import org.xipki.util.Base64Url;
import org.xipki.util.Hex;
import org.xipki.util.IoUtil;
import org.xipki.util.LogUtil;
import org.xipki.util.StringUtil;
import org.xipki.util.http.HttpResponse;
import org.xipki.util.http.XiHttpRequest;
import org.xipki.util.http.XiHttpResponse;

/* loaded from: input_file:org/xipki/ocsp/server/servlet/HttpOcspServlet.class */
class HttpOcspServlet {
    private static final Logger LOG = LoggerFactory.getLogger(HttpOcspServlet.class);
    private static final long DFLT_CACHE_MAX_AGE = 60;
    private static final String CT_REQUEST = "application/ocsp-request";
    private static final String CT_RESPONSE = "application/ocsp-response";
    private boolean logReqResp;
    private OcspServer server;

    public void setLogReqResp(boolean z) {
        this.logReqResp = z;
    }

    public void setServer(OcspServer ocspServer) {
        this.server = (OcspServer) Args.notNull(ocspServer, "server");
    }

    public void service(XiHttpRequest xiHttpRequest, XiHttpResponse xiHttpResponse) throws IOException {
        String method = xiHttpRequest.getMethod();
        if ("GET".equalsIgnoreCase(method)) {
            doGet(xiHttpRequest).fillResponse(xiHttpResponse);
        } else if ("POST".equalsIgnoreCase(method)) {
            doPost(xiHttpRequest).fillResponse(xiHttpResponse);
        } else {
            xiHttpResponse.setStatus(405);
        }
    }

    private HttpResponse doPost(XiHttpRequest xiHttpRequest) {
        try {
            ResponderAndPath responderForPath = this.server.getResponderForPath((String) xiHttpRequest.getAttribute("xipki_path"));
            if (responderForPath == null) {
                return new HttpResponse(404);
            }
            if (!CT_REQUEST.equalsIgnoreCase(xiHttpRequest.getHeader("Content-Type"))) {
                return new HttpResponse(415);
            }
            Responder responder = responderForPath.getResponder();
            byte[] readAllBytes = IoUtil.readAllBytes(xiHttpRequest.getInputStream());
            if (readAllBytes.length > responder.getMaxRequestSize()) {
                return new HttpResponse(413);
            }
            OcspRespWithCacheInfo answer = this.server.answer(responder, readAllBytes, false);
            if (answer == null || answer.getResponse() == null) {
                LOG.error("processRequest returned null, this should not happen");
                return new HttpResponse(500);
            }
            byte[] response = answer.getResponse();
            if (this.logReqResp && LOG.isDebugEnabled()) {
                LOG.debug("HTTP POST OCSP path: {}\nRequest:\n{}\nResponse:\n{}", new Object[]{xiHttpRequest.getRequestURI(), LogUtil.base64Encode(readAllBytes), LogUtil.base64Encode(response)});
            }
            return new HttpResponse(200, CT_RESPONSE, (Map) null, response);
        } catch (Throwable th) {
            if (th instanceof EOFException) {
                LogUtil.warn(LOG, th, "Connection reset by peer");
            } else {
                LOG.error("Throwable thrown, this should not happen!", th);
            }
            return new HttpResponse(500);
        }
    }

    /* JADX WARN: Type inference failed for: r7v1, types: [byte[], byte[][]] */
    private HttpResponse doGet(XiHttpRequest xiHttpRequest) {
        String str = (String) xiHttpRequest.getAttribute("xipki_path");
        ResponderAndPath responderForPath = this.server.getResponderForPath(str);
        if (responderForPath == null) {
            return new HttpResponse(404);
        }
        String servletPath = responderForPath.getServletPath();
        Responder responder = responderForPath.getResponder();
        if (!responder.supportsHttpGet()) {
            return new HttpResponse(405);
        }
        int length = servletPath.length();
        if (str.length() - length <= 10) {
            return new HttpResponse(400);
        }
        if (str.charAt(length) == '/') {
            length++;
        }
        String substring = str.substring(length);
        try {
            if (substring.length() > responder.getMaxRequestSize()) {
                return new HttpResponse(414);
            }
            byte[] base64Decode = base64Decode(StringUtil.toUtf8Bytes(substring));
            if (base64Decode == null) {
                return new HttpResponse(400);
            }
            OcspRespWithCacheInfo answer = this.server.answer(responder, base64Decode, true);
            if (answer == null || answer.getResponse() == null) {
                LOG.error("processRequest returned null, this should not happen");
                return new HttpResponse(500);
            }
            byte[] response = answer.getResponse();
            if (this.logReqResp && LOG.isDebugEnabled()) {
                LOG.debug("HTTP GET OCSP path: {}\nResponse:\n{}", xiHttpRequest.getRequestURI(), LogUtil.base64Encode(response));
            }
            OcspRespWithCacheInfo.ResponseCacheInfo cacheInfo = answer.getCacheInfo();
            HashMap hashMap = new HashMap();
            if (cacheInfo != null) {
                response = answer.getResponse();
                hashMap.put("Date", Long.toString(Clock.systemUTC().millis()));
                hashMap.put("Last-Modified", Long.toString(cacheInfo.getGeneratedAt()));
                Long nextUpdate = cacheInfo.getNextUpdate();
                if (nextUpdate != null) {
                    hashMap.put("Expires", Long.toString(nextUpdate.longValue()));
                }
                hashMap.put("ETag", StringUtil.concat("\"", new String[]{HashAlgo.SHA1.hexHash((byte[][]) new byte[]{response}), "\""}));
                long longValue = responder.getCacheMaxAge() != null ? responder.getCacheMaxAge().longValue() : 60L;
                if (nextUpdate != null) {
                    longValue = Math.min(longValue, (nextUpdate.longValue() - cacheInfo.getGeneratedAt()) / 1000);
                }
                hashMap.put("Cache-Control", StringUtil.concat("max-age=", new String[]{Long.toString(longValue), ",public,no-transform,must-revalidate"}));
            }
            return new HttpResponse(200, CT_RESPONSE, hashMap, response);
        } catch (Throwable th) {
            LOG.error("Throwable thrown, this should not happen!", th);
            return new HttpResponse(500);
        }
    }

    private static byte[] base64Decode(byte[] bArr) {
        int length = bArr.length;
        if (Base64.containsOnlyBase64Chars(bArr, 0, length)) {
            return Base64.decodeFast(bArr);
        }
        if (Base64Url.containsOnlyBase64UrlChars(bArr, 0, length)) {
            return Base64Url.decodeFast(bArr);
        }
        int i = 0;
        int i2 = 0;
        while (i2 < length - 2) {
            if (bArr[i2] == 37) {
                i++;
                i2 += 2;
            }
            i2++;
        }
        if (i == 0) {
            return null;
        }
        byte[] bArr2 = new byte[length - (i * 2)];
        int i3 = 0;
        for (int i4 = 0; i4 < bArr2.length; i4++) {
            if (bArr[i3] == 37) {
                bArr2[i4] = Hex.decodeSingle(bArr, i3 + 1);
                i3 += 2;
            } else {
                bArr2[i4] = bArr[i3];
            }
            i3++;
        }
        if (Base64.containsOnlyBase64Chars(bArr2, 0, length)) {
            return Base64.decodeFast(bArr2);
        }
        if (Base64Url.containsOnlyBase64UrlChars(bArr2, 0, length)) {
            return Base64Url.decodeFast(bArr2);
        }
        return null;
    }
}
