package de.sep.sesam.gui.server.communication;

import com.fasterxml.jackson.databind.JsonNode;
import de.sep.sesam.cli.CliMainImpl;
import de.sep.sesam.gui.client.mediaaction.MediaActionStrings;
import de.sep.sesam.gui.common.DefaultUserNames;
import de.sep.sesam.gui.common.json.JsonUtil;
import de.sep.sesam.gui.common.logging.ContextLogger;
import de.sep.sesam.gui.common.logging.LogContext;
import de.sep.sesam.gui.common.logging.LogGroup;
import de.sep.sesam.gui.common.logging.SesamComponent;
import de.sep.sesam.gui.common.logging.messages.SimpleMessage;
import de.sep.sesam.gui.server.GUIServerImpl;
import de.sep.sesam.gui.server.ProtLogger;
import de.sep.sesam.gui.server.communication.dto.CallResponse;
import de.sep.sesam.gui.server.communication.restlet.APIRestlet;
import de.sep.sesam.gui.server.communication.restlet.BaseRestlet;
import de.sep.sesam.gui.server.communication.restlet.CRUDRestlet;
import de.sep.sesam.gui.server.communication.restlet.DaoRestlet;
import de.sep.sesam.gui.server.communication.restlet.ServiceRestlet;
import de.sep.sesam.gui.server.communication.restlet.ServiceRestletV2;
import de.sep.sesam.gui.server.communication.restlet.file.StaticFileDeliveryRestlet;
import de.sep.sesam.gui.server.socket.netty.NettyServerUtils;
import de.sep.sesam.gui.server.socket.netty.SepHttpRequest;
import de.sep.sesam.gui.tools.SpringUtils;
import de.sep.sesam.model.Accounts;
import de.sep.sesam.model.Acls;
import de.sep.sesam.model.AllEvents;
import de.sep.sesam.model.AllResults;
import de.sep.sesam.model.CalSheets;
import de.sep.sesam.model.Calendars;
import de.sep.sesam.model.Capacities;
import de.sep.sesam.model.Clients;
import de.sep.sesam.model.CommandEvents;
import de.sep.sesam.model.Commands;
import de.sep.sesam.model.Credentials;
import de.sep.sesam.model.DataStoreTypes;
import de.sep.sesam.model.DataStores;
import de.sep.sesam.model.Defaults;
import de.sep.sesam.model.DriveGroups;
import de.sep.sesam.model.DriveTypes;
import de.sep.sesam.model.ExternalGroupRelations;
import de.sep.sesam.model.ExternalGroups;
import de.sep.sesam.model.Groups;
import de.sep.sesam.model.HwDrives;
import de.sep.sesam.model.HwLoaders;
import de.sep.sesam.model.LoaderContents;
import de.sep.sesam.model.LoaderDevices;
import de.sep.sesam.model.Locations;
import de.sep.sesam.model.Media;
import de.sep.sesam.model.MediaActions;
import de.sep.sesam.model.MediaEvents;
import de.sep.sesam.model.MediaPools;
import de.sep.sesam.model.MediaResults;
import de.sep.sesam.model.MediaTypes;
import de.sep.sesam.model.MediapoolLocations;
import de.sep.sesam.model.MediapoolRelations;
import de.sep.sesam.model.MediapoolsEvents;
import de.sep.sesam.model.MigrationEvents;
import de.sep.sesam.model.MigrationResults;
import de.sep.sesam.model.MigrationTasks;
import de.sep.sesam.model.NewdayEvents;
import de.sep.sesam.model.Notifications;
import de.sep.sesam.model.OperSystems;
import de.sep.sesam.model.ParamsFix;
import de.sep.sesam.model.Performance;
import de.sep.sesam.model.Permissions;
import de.sep.sesam.model.Preferences;
import de.sep.sesam.model.Profiles;
import de.sep.sesam.model.ReplicationTypes;
import de.sep.sesam.model.RestoreEvents;
import de.sep.sesam.model.RestoreResults;
import de.sep.sesam.model.RestoreTasks;
import de.sep.sesam.model.ResultLbls;
import de.sep.sesam.model.Results;
import de.sep.sesam.model.Roles;
import de.sep.sesam.model.Schedules;
import de.sep.sesam.model.Servers;
import de.sep.sesam.model.Syntaxes;
import de.sep.sesam.model.TaskEvents;
import de.sep.sesam.model.TaskGroups;
import de.sep.sesam.model.TaskTypes;
import de.sep.sesam.model.Tasks;
import de.sep.sesam.model.Terms;
import de.sep.sesam.model.UserScheds;
import de.sep.sesam.model.Users;
import de.sep.sesam.model.dto.SEPAuthentication;
import de.sep.sesam.model.interfaces.IEntity;
import de.sep.sesam.restapi.authentication.SessionContext;
import de.sep.sesam.restapi.authentication.SessionHandler;
import de.sep.sesam.restapi.dao.IGenericDao;
import de.sep.sesam.restapi.dao.InterfacesDao;
import de.sep.sesam.restapi.dao.LoginService;
import de.sep.sesam.restapi.exception.AuthenticationException;
import de.sep.sesam.restapi.exception.OperationNotPossibleException;
import de.sep.sesam.restapi.exception.ServiceException;
import de.sep.sesam.restapi.service.InfoService;
import de.sep.sesam.restapi.service.LoaderInventoryService;
import de.sep.sesam.restapi.service.MailerService;
import de.sep.sesam.restapi.service.MountService;
import de.sep.sesam.restapi.service.NotificationService;
import de.sep.sesam.restapi.service.SavesetsService;
import de.sep.sesam.restapi.service.StatisticService;
import de.sep.sesam.restapi.service.VMService;
import de.sep.sesam.restapi.service.impl.LoginServiceImpl;
import de.sep.sesam.restapi.util.ArgumentTokenizer;
import de.sep.sesam.restapi.util.HttpStatus;
import de.sep.sesam.restapi.v2.acls.AclsService;
import de.sep.sesam.restapi.v2.auth.AuthService;
import de.sep.sesam.restapi.v2.backups.BackupsService;
import de.sep.sesam.restapi.v2.clients.ClientsService;
import de.sep.sesam.restapi.v2.defaults.DefaultsService;
import de.sep.sesam.restapi.v2.locations.LocationsService;
import de.sep.sesam.restapi.v2.logs.LogsService;
import de.sep.sesam.restapi.v2.persistence.PersistenceService;
import de.sep.sesam.restapi.v2.renderer.RendererService;
import de.sep.sesam.restapi.v2.restores.RestoresService;
import de.sep.sesam.restapi.v2.server.ServerService;
import de.sep.sesam.security.CertificateAuthenticationHandler;
import io.netty.handler.codec.http.FullHttpResponse;
import io.netty.handler.codec.http.HttpHeaderNames;
import io.netty.handler.codec.http.HttpMethod;
import io.netty.handler.codec.http.HttpResponseStatus;
import io.netty.handler.codec.http.cookie.DefaultCookie;
import io.netty.handler.codec.http.cookie.ServerCookieEncoder;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.io.PrintStream;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.lang.reflect.InvocationTargetException;
import java.nio.charset.Charset;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantLock;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.jdesktop.swingx.JXLoginPane;
import org.springframework.beans.PropertyAccessor;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:de/sep/sesam/gui/server/communication/RestHandler.class */
public class RestHandler {
    private static final String ORIGINAL_IP_HEADER = "Sep-address";
    private final StaticFileDeliveryRestlet staticFileDeliveryRestlet;
    private final StaticFileDeliveryRestlet staticFileDeliveryRestletNg2;
    private APIRestlet apiRestlet;
    private LoginService loginService;
    private static final Lock lock;
    private static final Class<?>[] serviceClasses;
    private static final Class<?>[] serviceClassesV2;
    private static final Class<IGenericDao<?, ?>>[] daoClasses;
    private static final Class<IEntity<?>>[] crudEntities;
    public static final HashMap<String, BaseRestlet> restlets;
    static final /* synthetic */ boolean $assertionsDisabled;
    private final ContextLogger logger = new ContextLogger(RestHandler.class, SesamComponent.RESTAPI);
    private final CertificateAuthenticationHandler authenticationHandler = new CertificateAuthenticationHandler();
    private boolean initialized = false;
    private final DaoCliRequestExecutor executor = new DaoCliRequestExecutor(this);

    public RestHandler(File file) {
        if (GUIServerImpl.hasWebInterface("dashboard")) {
            this.logger.info("RestHandler", "Starting the dashboard web application", new Object[0]);
            ProtLogger.smProtLogInfo("Starting the dashboard web application");
            this.staticFileDeliveryRestlet = new StaticFileDeliveryRestlet("/sep/ui", file, "/html");
            this.staticFileDeliveryRestletNg2 = new StaticFileDeliveryRestlet("/sep/ui/ng2", new File(file, "ng2"), "/html/ng2");
        } else {
            this.logger.info("RestHandler", "Dashboard web application disabled", new Object[0]);
            ProtLogger.smProtLogInfo("Dashboard web application disabled");
            this.staticFileDeliveryRestlet = null;
            this.staticFileDeliveryRestletNg2 = null;
        }
        if (SpringUtils.isAvailable()) {
            init();
        }
    }

    public void init() {
        if (!this.initialized || restlets.size() <= 0) {
            lock.lock();
            try {
                if (GUIServerImpl.hasWebInterface("apihelp")) {
                    this.logger.info(MediaActionStrings.INIT, "Starting the API help web application", new Object[0]);
                    ProtLogger.smProtLogInfo("Starting the API help web application");
                    this.apiRestlet = new APIRestlet();
                } else {
                    this.logger.info(MediaActionStrings.INIT, "API help web application disabled", new Object[0]);
                    ProtLogger.smProtLogInfo("API help web application disabled");
                }
                this.logger.info(MediaActionStrings.INIT, "Initializing CRUD restlets...", new Object[0]);
                ProtLogger.smProtLogInfo("Initializing CRUD restlets...");
                for (Class<IEntity<?>> cls : crudEntities) {
                    attachCRUDRestlet(cls);
                }
                this.logger.info(MediaActionStrings.INIT, "Initializing CRUD restlets completed (# of restlets = " + restlets.size() + ")", new Object[0]);
                ProtLogger.smProtLogInfo("Initializing CRUD restlets completed");
                this.logger.info(MediaActionStrings.INIT, "Initializing DAO restlets...", new Object[0]);
                ProtLogger.smProtLogInfo("Initializing DAO restlets...");
                for (Class<IGenericDao<?, ?>> cls2 : daoClasses) {
                    attachDaoRestlet(cls2);
                }
                this.logger.info(MediaActionStrings.INIT, "Initializing DAO restlets completed (# of restlets = " + restlets.size() + ")", new Object[0]);
                ProtLogger.smProtLogInfo("Initializing DAO restlets completed");
                this.logger.info(MediaActionStrings.INIT, "Initializing service restlets...", new Object[0]);
                ProtLogger.smProtLogInfo("Initializing service restlets...");
                for (Class<?> cls3 : serviceClasses) {
                    attachServiceRestlet(cls3);
                }
                this.logger.info(MediaActionStrings.INIT, "Initializing service restlets completed (# of restlets = " + restlets.size() + ")", new Object[0]);
                ProtLogger.smProtLogInfo("Initializing service restlets completed");
                this.logger.info(MediaActionStrings.INIT, "Initializing v2 service restlets...", new Object[0]);
                ProtLogger.smProtLogInfo("Initializing v2 service restlets...");
                for (Class<?> cls4 : serviceClassesV2) {
                    attachServiceRestletV2(cls4);
                }
                this.logger.info(MediaActionStrings.INIT, "Initializing v2 service restlets completed (# of restlets = " + restlets.size() + ")", new Object[0]);
                ProtLogger.smProtLogInfo("Initializing v2 service restlets completed");
                this.logger.info(MediaActionStrings.INIT, "Initializing login service...", new Object[0]);
                ProtLogger.smProtLogInfo("Initializing login service...");
                this.loginService = (LoginService) SpringUtils.getBean(LoginService.class);
                this.loginService.initialize();
                this.logger.info(MediaActionStrings.INIT, "Initializing login service completed", new Object[0]);
                ProtLogger.smProtLogInfo("Initializing login service completed");
                this.initialized = true;
                lock.unlock();
            } catch (Throwable th) {
                lock.unlock();
                throw th;
            }
        }
    }

    private void doHandle(SepHttpRequest sepHttpRequest, FullHttpResponse fullHttpResponse) {
        String uri = sepHttpRequest.getUri();
        HttpStatus httpStatus = HttpStatus.NONE;
        OperationNotPossibleException.ONPMessage oNPMessage = null;
        IOException iOException = null;
        if (uri.startsWith("/sep/ui/ng2/sep/api/")) {
            uri = uri.substring(11);
        }
        if (uri.equals("/sep/api") || uri.equals("/sep/api/") || uri.startsWith("/sep/api/info")) {
            if ((uri.equals("/sep/api") || uri.equals("/sep/api/")) && !sepHttpRequest.method().equals(HttpMethod.GET)) {
                try {
                    ArrayList arrayList = new ArrayList();
                    for (JsonNode jsonNode : sepHttpRequest.getParameter()) {
                        CallResponse callResponse = new CallResponse();
                        callResponse.setCall(jsonNode.get("call").asText());
                        if (jsonNode.get("id") != null) {
                            callResponse.setId(jsonNode.get("id").asText());
                        }
                        arrayList.add(callResponse);
                        String asText = jsonNode.get("call").asText();
                        if (asText.indexOf(47) != -1) {
                            asText = asText.substring(0, asText.indexOf(47));
                        }
                        BaseRestlet restlet = getRestlet(asText, false);
                        if (restlet == null) {
                            callResponse.setError(new OperationNotPossibleException(OperationNotPossibleException.ONPMessage.INVALID_API, asText).toError());
                        } else {
                            try {
                                callResponse.setData(restlet.handle(jsonNode));
                            } catch (ServiceException e) {
                                callResponse.setError(e.toError());
                            }
                        }
                    }
                    NettyServerUtils.write(fullHttpResponse, sepHttpRequest, arrayList);
                } catch (IOException e2) {
                    httpStatus = HttpStatus.CLIENT_ERROR_BAD_REQUEST;
                    oNPMessage = OperationNotPossibleException.ONPMessage.INVALID_REQUEST;
                    iOException = e2;
                }
            } else if (GUIServerImpl.hasWebInterface("apihelp")) {
                this.apiRestlet.handle(sepHttpRequest, fullHttpResponse);
            } else {
                httpStatus = HttpStatus.CLIENT_ERROR_BAD_REQUEST;
                oNPMessage = OperationNotPossibleException.ONPMessage.FORBIDDEN;
            }
        } else if (uri.startsWith("/sep/api/v2/")) {
            String substring = uri.substring(12);
            if (substring.indexOf(47) != -1) {
                substring = substring.substring(0, substring.indexOf(47));
            }
            BaseRestlet restlet2 = getRestlet(substring, true);
            if (restlet2 != null) {
                restlet2.handle(sepHttpRequest, fullHttpResponse);
            } else {
                httpStatus = HttpStatus.CLIENT_ERROR_NOT_FOUND;
                oNPMessage = OperationNotPossibleException.ONPMessage.INVALID_API;
            }
        } else if (uri.startsWith("/sep/api/")) {
            String substring2 = uri.substring(9);
            if (substring2.indexOf(47) != -1) {
                substring2 = substring2.substring(0, substring2.indexOf(47));
            }
            BaseRestlet restlet3 = getRestlet(substring2, false);
            if (restlet3 != null) {
                restlet3.handle(sepHttpRequest, fullHttpResponse);
            } else {
                httpStatus = HttpStatus.CLIENT_ERROR_NOT_FOUND;
                oNPMessage = OperationNotPossibleException.ONPMessage.INVALID_API;
            }
        } else if (uri.equals("/sep/ui/ng2")) {
            if (GUIServerImpl.hasWebInterface("dashboard")) {
                fullHttpResponse.setStatus(HttpResponseStatus.MOVED_PERMANENTLY);
                fullHttpResponse.headers().add("Location", "/sep/ui/ng2/");
            } else {
                httpStatus = HttpStatus.CLIENT_ERROR_BAD_REQUEST;
                oNPMessage = OperationNotPossibleException.ONPMessage.FORBIDDEN;
            }
        } else if (uri.equals("/sep/ui") || uri.equals("/sep/ui/")) {
            if (GUIServerImpl.hasWebInterface("dashboard")) {
                fullHttpResponse.setStatus(HttpResponseStatus.MOVED_PERMANENTLY);
                fullHttpResponse.headers().add("Location", "/sep/ui/dashboard/");
            } else {
                httpStatus = HttpStatus.CLIENT_ERROR_BAD_REQUEST;
                oNPMessage = OperationNotPossibleException.ONPMessage.FORBIDDEN;
            }
        } else if (uri.equals("/sep/ui/ng2/dashboard")) {
            if (GUIServerImpl.hasWebInterface("dashboard")) {
                fullHttpResponse.setStatus(HttpResponseStatus.MOVED_PERMANENTLY);
                fullHttpResponse.headers().add("Location", "/sep/ui/ng2/");
            } else {
                httpStatus = HttpStatus.CLIENT_ERROR_BAD_REQUEST;
                oNPMessage = OperationNotPossibleException.ONPMessage.FORBIDDEN;
            }
        } else if (uri.startsWith("/sep/ui/ng2/")) {
            if (!GUIServerImpl.hasWebInterface("dashboard")) {
                httpStatus = HttpStatus.CLIENT_ERROR_BAD_REQUEST;
                oNPMessage = OperationNotPossibleException.ONPMessage.FORBIDDEN;
            } else {
                if (!$assertionsDisabled && this.staticFileDeliveryRestletNg2 == null) {
                    throw new AssertionError();
                }
                this.staticFileDeliveryRestletNg2.handle(sepHttpRequest, fullHttpResponse);
            }
        } else if (uri.equals("/sep/ui/dashboard") || uri.equals("/sep/ui/restore")) {
            if (!GUIServerImpl.hasWebInterface("dashboard")) {
                httpStatus = HttpStatus.CLIENT_ERROR_BAD_REQUEST;
                oNPMessage = OperationNotPossibleException.ONPMessage.FORBIDDEN;
            } else if (uri.equals("/sep/ui/dashboard")) {
                fullHttpResponse.setStatus(HttpResponseStatus.MOVED_PERMANENTLY);
                fullHttpResponse.headers().add("Location", "/sep/ui/dashboard/");
            } else {
                fullHttpResponse.setStatus(HttpResponseStatus.MOVED_PERMANENTLY);
                fullHttpResponse.headers().add("Location", "/sep/ui/restore/");
            }
        } else if (uri.startsWith("/sep/ui/")) {
            if (!GUIServerImpl.hasWebInterface("dashboard")) {
                httpStatus = HttpStatus.CLIENT_ERROR_BAD_REQUEST;
                oNPMessage = OperationNotPossibleException.ONPMessage.FORBIDDEN;
            } else {
                if (!$assertionsDisabled && this.staticFileDeliveryRestlet == null) {
                    throw new AssertionError();
                }
                this.staticFileDeliveryRestlet.handle(sepHttpRequest, fullHttpResponse);
            }
        }
        if (httpStatus != HttpStatus.NONE) {
            if (oNPMessage == null) {
                oNPMessage = OperationNotPossibleException.ONPMessage.INVALID_API;
            }
            NettyServerUtils.writeError(fullHttpResponse, sepHttpRequest, httpStatus, (iOException == null ? new OperationNotPossibleException(oNPMessage, uri) : new OperationNotPossibleException(oNPMessage, uri, iOException.getMessage())).toError());
        }
    }

    private void attachCRUDRestlet(Class<IEntity<?>> cls) {
        try {
            CRUDRestlet<?, ?> cRUDRestlet = new CRUDRestlet<>(cls);
            lock.lock();
            try {
                restlets.put(cRUDRestlet.getRestletName(), cRUDRestlet);
                lock.unlock();
                if (this.apiRestlet != null) {
                    this.apiRestlet.add(cRUDRestlet);
                }
            } catch (Throwable th) {
                lock.unlock();
                throw th;
            }
        } catch (ClassNotFoundException e) {
            this.logger.error("attachCRUDRestlet", LogGroup.ERROR, new SimpleMessage("Unable to attach CRUD Servlet {0}"), e, cls.getCanonicalName());
        }
    }

    private void attachServiceRestlet(Class<?> cls) {
        try {
            ServiceRestlet serviceRestlet = new ServiceRestlet(cls);
            lock.lock();
            try {
                restlets.put(serviceRestlet.getRestletName(), serviceRestlet);
                lock.unlock();
                if (this.apiRestlet != null) {
                    this.apiRestlet.add(serviceRestlet);
                }
            } catch (Throwable th) {
                lock.unlock();
                throw th;
            }
        } catch (ClassNotFoundException e) {
            this.logger.error("attachServiceRestlet", LogGroup.ERROR, new SimpleMessage("Unable to attach CRUD Servlet {0}"), e, cls.getCanonicalName());
        }
    }

    private void attachServiceRestletV2(Class<?> cls) {
        try {
            ServiceRestletV2 serviceRestletV2 = new ServiceRestletV2(cls);
            lock.lock();
            try {
                restlets.put("v2-" + serviceRestletV2.getRestletName(), serviceRestletV2);
                lock.unlock();
            } catch (Throwable th) {
                lock.unlock();
                throw th;
            }
        } catch (ClassNotFoundException e) {
            this.logger.error("attachServiceRestletV2", LogGroup.ERROR, new SimpleMessage("Unable to attach CRUD Servlet {0}"), e, cls.getCanonicalName());
        }
    }

    private void attachDaoRestlet(Class<IGenericDao<?, ?>> cls) {
        try {
            DaoRestlet<?, ?> daoRestlet = new DaoRestlet<>(cls);
            lock.lock();
            try {
                restlets.put(daoRestlet.getRestletName(), daoRestlet);
                lock.unlock();
                if (this.apiRestlet != null) {
                    this.apiRestlet.add(daoRestlet);
                }
            } catch (Throwable th) {
                lock.unlock();
                throw th;
            }
        } catch (ClassNotFoundException e) {
            this.logger.error("attachDaoRestlet", LogGroup.ERROR, new SimpleMessage("Unable to attach CRUD Servlet {0}"), e, cls.getCanonicalName());
        }
    }

    private String getIp(String str, SepHttpRequest sepHttpRequest) {
        String str2;
        return (!str.equals("127.0.0.1") || (str2 = sepHttpRequest.getHeaders().get(ORIGINAL_IP_HEADER)) == null) ? str : str2;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v35, types: [java.lang.Throwable] */
    public void handle(SepHttpRequest sepHttpRequest, FullHttpResponse fullHttpResponse) {
        boolean z = false;
        String ip = sepHttpRequest.getIp();
        String sessionId = sepHttpRequest.getSessionId();
        SessionContext sessionContext = null;
        if (StringUtils.isNotBlank(sessionId)) {
            sessionContext = SessionHandler.get(sessionId);
            if (sessionContext != null) {
                SecurityContextHolder.getContext().setAuthentication(sessionContext);
            } else {
                sessionId = null;
            }
        }
        if (!this.initialized) {
            try {
                lock.lock();
                lock.unlock();
            } catch (Throwable th) {
                lock.unlock();
                throw th;
            }
        }
        if (!$assertionsDisabled && this.loginService == null) {
            throw new AssertionError();
        }
        if (sessionContext == null) {
            SecurityContextHolder.getContext().setAuthentication(SessionHandler.ANONYMOUS);
            LogContext.updateContext(null, SessionHandler.ANONYMOUS.getName(), ip);
            if (!isBypassAuthenticationAllowed(sepHttpRequest.getUri(), sepHttpRequest.method())) {
                String str = sepHttpRequest.getHeaders().get("Authorization");
                if (sepHttpRequest.getPreAuthenticate() != null) {
                    try {
                        SEPAuthentication sEPAuthentication = new SEPAuthentication();
                        sEPAuthentication.name = sepHttpRequest.getPreAuthenticate();
                        sEPAuthentication.ip = getIp(ip, sepHttpRequest);
                        sessionId = this.loginService.authenticate(sEPAuthentication, true);
                        z = true;
                    } catch (AuthenticationException e) {
                        this.logger.info(JXLoginPane.LOGIN_ACTION_COMMAND, LogGroup.SECURITY, new SimpleMessage("Authentication of pre-authenticated user {0} failed."), sepHttpRequest.getPreAuthenticate());
                        NettyServerUtils.writeError(fullHttpResponse, sepHttpRequest, e.getStatusCode(), e.toError());
                        LogContext.destroy();
                        return;
                    }
                } else if (str != null && str.startsWith("Basic")) {
                    String[] split = new String(new Base64().decode(str.substring("Basic".length()).trim()), Charset.forName("UTF-8")).split(":", 2);
                    SEPAuthentication sEPAuthentication2 = new SEPAuthentication();
                    if (split.length > 0) {
                        sEPAuthentication2.name = split[0];
                    }
                    if (split.length > 1) {
                        sEPAuthentication2.password = !"null".equals(split[1]) ? split[1] : null;
                    }
                    sEPAuthentication2.ip = getIp(ip, sepHttpRequest);
                    try {
                        sessionId = this.loginService.authenticate(sEPAuthentication2, false);
                        z = true;
                    } catch (AuthenticationException e2) {
                        this.logger.info(JXLoginPane.LOGIN_ACTION_COMMAND, LogGroup.SECURITY, new SimpleMessage(e2.getMessage()), new Object[0]);
                        NettyServerUtils.writeError(fullHttpResponse, sepHttpRequest, e2.getStatusCode(), e2.toError());
                        LogContext.destroy();
                        return;
                    }
                } else if (LoginServiceImpl.isLocalFullAccess() && LoginServiceImpl.isLocal(getIp(ip, sepHttpRequest))) {
                    SEPAuthentication sEPAuthentication3 = new SEPAuthentication();
                    sEPAuthentication3.name = DefaultUserNames.ADMIN_USER;
                    sEPAuthentication3.ip = getIp(ip, sepHttpRequest);
                    try {
                        sessionId = this.loginService.authenticate(sEPAuthentication3, true);
                    } catch (AuthenticationException e3) {
                        this.logger.info(JXLoginPane.LOGIN_ACTION_COMMAND, LogGroup.SECURITY, new SimpleMessage("Authentication of administrator user for local full access failed."), new Object[0]);
                    }
                } else if (sepHttpRequest.getHeaders().contains("X-SEP-Application") && !LoginServiceImpl.isAuthEnabled()) {
                    String str2 = sepHttpRequest.getHeaders().get("X-SEP-Application");
                    SEPAuthentication sEPAuthentication4 = new SEPAuthentication();
                    sEPAuthentication4.name = str2;
                    sEPAuthentication4.ip = getIp(ip, sepHttpRequest);
                    try {
                        sessionId = this.loginService.authenticate(sEPAuthentication4, false);
                    } catch (AuthenticationException e4) {
                    }
                }
            }
        }
        if (sessionContext == null && sessionId != null) {
            sessionContext = SessionHandler.get(sessionId);
        }
        if (sessionContext == null && sepHttpRequest.isSessionCookie() && sessionId != null) {
            DefaultCookie defaultCookie = new DefaultCookie(SessionHandler.COOKIE_NAME, "");
            defaultCookie.setMaxAge(-1L);
            defaultCookie.setValue("");
            defaultCookie.setDomain(sepHttpRequest.getHostDomain());
            defaultCookie.setPath("/");
            fullHttpResponse.headers().add(HttpHeaderNames.SET_COOKIE, ServerCookieEncoder.STRICT.encode(defaultCookie));
        }
        if (sessionContext != null && !sessionContext.equals(SessionHandler.ANONYMOUS)) {
            LogContext.updateContext(sessionId, sessionContext.getName(), ip);
            SecurityContextHolder.getContext().setAuthentication(sessionContext);
        }
        if (sessionContext == null && SessionHandler.ANONYMOUS.equals(SecurityContextHolder.getContext().getAuthentication()) && (this.loginService.isAllPermissionPolicySet() || isBypassAuthenticationAllowed(sepHttpRequest.getUri(), sepHttpRequest.method()))) {
            sessionContext = SessionHandler.ANONYMOUS;
        }
        if (sessionContext == null) {
            NettyServerUtils.writeError(fullHttpResponse, sepHttpRequest, HttpStatus.CLIENT_ERROR_FORBIDDEN, new OperationNotPossibleException(OperationNotPossibleException.ONPMessage.INVALID_REQUEST, sepHttpRequest.getUri(), "not authorized").toError());
        } else {
            try {
                if (sepHttpRequest.getUri().startsWith("/sep/cli") || sepHttpRequest.getUri().startsWith("/sep/cliService")) {
                    doHandleCli(sepHttpRequest, fullHttpResponse);
                } else {
                    doHandle(sepHttpRequest, fullHttpResponse);
                }
            } catch (Exception e5) {
                this.logger.error("handle", e5, new Object[0]);
                Exception exc = e5;
                if (e5 instanceof InvocationTargetException) {
                    InvocationTargetException invocationTargetException = (InvocationTargetException) e5;
                    if (invocationTargetException.getCause() != null) {
                        exc = invocationTargetException.getCause();
                    }
                }
                StringWriter stringWriter = new StringWriter();
                exc.printStackTrace(new PrintWriter(stringWriter));
                NettyServerUtils.writeError(fullHttpResponse, sepHttpRequest, HttpStatus.SERVER_ERROR_INTERNAL, new OperationNotPossibleException(OperationNotPossibleException.ONPMessage.INTERNAL_ERROR, stringWriter.toString()).toError());
            }
        }
        LogContext.destroy();
        if (!z || sessionId == null) {
            return;
        }
        SessionHandler.remove(sessionId);
    }

    private boolean isBypassAuthenticationAllowed(String str, HttpMethod httpMethod) {
        if (str == null) {
            return false;
        }
        if (str.equals("/sep/api/server/getInfo") || str.equals("/sep/api/server/login") || str.equals("/sep/api/server/logout") || str.matches("/sep/api/server/[^/]+/update") || str.matches("/sep/api/server/splash/[^/]+/update") || str.equals("/sep/ui") || str.startsWith("/sep/ui/")) {
            return true;
        }
        if (str.equals("/sep/api") && HttpMethod.GET.equals(httpMethod)) {
            return true;
        }
        return (str.equals("/sep/api/") && HttpMethod.GET.equals(httpMethod)) || str.startsWith("/sep/api/info") || str.startsWith("/sep/api/mailer/") || str.startsWith("/sep/api/v2/server/download");
    }

    private void doHandleCli(SepHttpRequest sepHttpRequest, FullHttpResponse fullHttpResponse) throws IOException {
        String bodyAsString = sepHttpRequest.getBodyAsString();
        String[] strArr = bodyAsString.startsWith("[[") ? (String[]) JsonUtil.readList(bodyAsString.substring(1, bodyAsString.length() - 1), String.class).toArray(new String[0]) : bodyAsString.startsWith(PropertyAccessor.PROPERTY_KEY_PREFIX) ? (String[]) JsonUtil.readList(bodyAsString, String.class).toArray(new String[0]) : (String[]) ArgumentTokenizer.tokenize(bodyAsString).toArray(new String[0]);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        PrintStream printStream = new PrintStream(byteArrayOutputStream);
        new CliMainImpl(this.executor).doMain(strArr, System.in, printStream, printStream);
        NettyServerUtils.write(fullHttpResponse, NettyServerUtils.ContentType.TEXT, byteArrayOutputStream.toByteArray());
    }

    public BaseRestlet getRestlet(String str, boolean z) {
        lock.lock();
        if (z) {
            try {
                str = "v2-" + str;
            } catch (Throwable th) {
                lock.unlock();
                throw th;
            }
        }
        BaseRestlet baseRestlet = restlets.get(str);
        lock.unlock();
        return baseRestlet;
    }

    public CertificateAuthenticationHandler getAuthenticationHandler() {
        return this.authenticationHandler;
    }

    static {
        $assertionsDisabled = !RestHandler.class.desiredAssertionStatus();
        lock = new ReentrantLock();
        serviceClasses = new Class[]{InfoService.class, LoaderInventoryService.class, MailerService.class, MountService.class, NotificationService.class, SavesetsService.class, StatisticService.class, VMService.class};
        serviceClassesV2 = new Class[]{AclsService.class, AuthService.class, ClientsService.class, BackupsService.class, LocationsService.class, RestoresService.class, PersistenceService.class, DefaultsService.class, LogsService.class, RendererService.class, ServerService.class};
        daoClasses = new Class[]{InterfacesDao.class};
        crudEntities = new Class[]{Acls.class, Accounts.class, AllResults.class, AllEvents.class, CalSheets.class, Capacities.class, Calendars.class, Clients.class, CommandEvents.class, Commands.class, Credentials.class, DataStores.class, DataStoreTypes.class, Defaults.class, DriveGroups.class, DriveTypes.class, ExternalGroups.class, ExternalGroupRelations.class, Groups.class, HwDrives.class, HwLoaders.class, LoaderContents.class, LoaderDevices.class, Locations.class, Media.class, MediaActions.class, MediaEvents.class, MediapoolLocations.class, MediapoolRelations.class, MediaPools.class, MediapoolsEvents.class, MediaResults.class, MediaTypes.class, MigrationEvents.class, MigrationResults.class, MigrationTasks.class, NewdayEvents.class, Notifications.class, OperSystems.class, ParamsFix.class, Performance.class, Permissions.class, Preferences.class, Profiles.class, ReplicationTypes.class, RestoreEvents.class, RestoreResults.class, RestoreTasks.class, ResultLbls.class, Results.class, Roles.class, Schedules.class, Servers.class, Syntaxes.class, TaskEvents.class, TaskGroups.class, Tasks.class, TaskTypes.class, Terms.class, Users.class, UserScheds.class};
        restlets = new HashMap<>();
    }
}
