package at.gv.egiz.pdfas.web.servlets;

import at.gv.egiz.pdfas.common.exceptions.PDFASError;
import at.gv.egiz.pdfas.common.exceptions.PdfAsException;
import at.gv.egiz.pdfas.lib.api.verify.VerifyParameter;
import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
import at.gv.egiz.pdfas.web.exception.PdfAsWebException;
import at.gv.egiz.pdfas.web.filter.UserAgentFilter;
import at.gv.egiz.pdfas.web.helper.PdfAsHelper;
import at.gv.egiz.pdfas.web.helper.PdfAsParameterExtractor;
import at.gv.egiz.pdfas.web.helper.RemotePDFFetcher;
import at.gv.egiz.pdfas.web.helper.VerifyEncoder;
import at.gv.egiz.pdfas.web.helper.VerifyResultEncoder;
import at.gv.egiz.pdfas.web.stats.StatisticEvent;
import at.gv.egiz.pdfas.web.stats.StatisticFrontend;
import java.io.File;
import java.io.IOException;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.fileupload.disk.DiskFileItemFactory;
import org.apache.commons.fileupload.servlet.ServletFileUpload;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:at/gv/egiz/pdfas/web/servlets/VerifyServlet.class */
public class VerifyServlet extends HttpServlet {
    private static final long serialVersionUID = 1;
    private static final Logger logger = LoggerFactory.getLogger(VerifyServlet.class);
    private static final String UPLOAD_PDF_DATA = "pdf-file";
    private static final String UPLOAD_DIRECTORY = "upload";
    private static final int THRESHOLD_SIZE = 3145728;
    private static final int MAX_FILE_SIZE = 41943040;
    private static final int MAX_REQUEST_SIZE = 52428800;

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        logger.info("Get verify request");
        PdfAsHelper.setErrorURL(httpServletRequest, httpServletResponse, PdfAsParameterExtractor.getInvokeErrorURL(httpServletRequest));
        StatisticEvent statisticEvent = new StatisticEvent();
        statisticEvent.setStartNow();
        statisticEvent.setSource(StatisticEvent.Source.WEB);
        statisticEvent.setOperation(StatisticEvent.Operation.VERIFY);
        statisticEvent.setUserAgent(UserAgentFilter.getUserAgent());
        try {
            PdfAsHelper.setInvokeURL(httpServletRequest, httpServletResponse, PdfAsParameterExtractor.getInvokeURL(httpServletRequest));
            PdfAsHelper.setInvokeTarget(httpServletRequest, httpServletResponse, PdfAsParameterExtractor.getInvokeTarget(httpServletRequest));
            String pdfUrl = PdfAsParameterExtractor.getPdfUrl(httpServletRequest);
            if (pdfUrl == null) {
                throw new PdfAsWebException("No PDF URL given! Use POST request to sign without PDF URL.");
            }
            doVerify(httpServletRequest, httpServletResponse, RemotePDFFetcher.fetchPdfFile(pdfUrl), statisticEvent);
        } catch (Throwable th) {
            statisticEvent.setStatus(StatisticEvent.Status.ERROR);
            statisticEvent.setException(th);
            if (th instanceof PDFASError) {
                statisticEvent.setErrorCode(th.getCode());
            }
            statisticEvent.setEndNow();
            statisticEvent.setTimestampNow();
            StatisticFrontend.getInstance().storeEvent(statisticEvent);
            statisticEvent.setLogged(true);
            logger.warn("Generic Error: ", th);
            PdfAsHelper.setSessionException(httpServletRequest, httpServletResponse, th.getMessage(), th);
            PdfAsHelper.gotoError(getServletContext(), httpServletRequest, httpServletResponse);
        }
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        logger.info("Post verify request");
        PdfAsHelper.setErrorURL(httpServletRequest, httpServletResponse, PdfAsParameterExtractor.getInvokeErrorURL(httpServletRequest));
        StatisticEvent statisticEvent = new StatisticEvent();
        statisticEvent.setStartNow();
        statisticEvent.setSource(StatisticEvent.Source.WEB);
        statisticEvent.setOperation(StatisticEvent.Operation.VERIFY);
        statisticEvent.setUserAgent(UserAgentFilter.getUserAgent());
        try {
            byte[] bArr = null;
            if (!ServletFileUpload.isMultipartContent(httpServletRequest)) {
                if (PdfAsParameterExtractor.getPdfUrl(httpServletRequest) == null) {
                    throw new PdfAsWebException("No Signature data defined!");
                }
                doGet(httpServletRequest, httpServletResponse);
                return;
            }
            DiskFileItemFactory diskFileItemFactory = new DiskFileItemFactory();
            diskFileItemFactory.setSizeThreshold(THRESHOLD_SIZE);
            diskFileItemFactory.setRepository(new File(System.getProperty("java.io.tmpdir")));
            ServletFileUpload servletFileUpload = new ServletFileUpload(diskFileItemFactory);
            servletFileUpload.setFileSizeMax(41943040L);
            servletFileUpload.setSizeMax(52428800L);
            File file = new File(getServletContext().getRealPath("") + File.separator + UPLOAD_DIRECTORY);
            if (!file.exists()) {
                file.mkdir();
            }
            List parseRequest = servletFileUpload.parseRequest(httpServletRequest);
            logger.debug(parseRequest.size() + " Items in form data");
            if (parseRequest.size() < 1) {
                if (PdfAsParameterExtractor.getPdfUrl(httpServletRequest) == null) {
                    throw new PdfAsWebException("No Signature data defined!");
                }
                doGet(httpServletRequest, httpServletResponse);
                return;
            }
            for (int i = 0; i < parseRequest.size(); i++) {
                Object obj = parseRequest.get(i);
                if (obj instanceof FileItem) {
                    FileItem fileItem = (FileItem) obj;
                    if (fileItem.getFieldName().equals(UPLOAD_PDF_DATA)) {
                        bArr = fileItem.get();
                        try {
                            String name = new File(fileItem.getName()).getName();
                            logger.debug("Got upload: " + fileItem.getName());
                            if (name != null) {
                                if (!name.endsWith(".pdf") && !name.endsWith(".PDF")) {
                                    name = name + ".pdf";
                                }
                                logger.debug("Setting Filename in session: " + name);
                                PdfAsHelper.setPDFFileName(httpServletRequest, name);
                            }
                        } catch (Throwable th) {
                            logger.warn("In resolving filename", th);
                        }
                        if (bArr.length < 10) {
                            bArr = null;
                        } else {
                            logger.debug("Found pdf Data! Size: " + bArr.length);
                        }
                    } else {
                        httpServletRequest.setAttribute(fileItem.getFieldName(), fileItem.getString());
                        logger.debug("Setting " + fileItem.getFieldName() + " = " + fileItem.getString());
                    }
                } else {
                    logger.debug(obj.getClass().getName() + " - " + obj.toString());
                }
            }
            if (bArr == null && PdfAsParameterExtractor.getPdfUrl(httpServletRequest) != null) {
                bArr = RemotePDFFetcher.fetchPdfFile(PdfAsParameterExtractor.getPdfUrl(httpServletRequest));
            }
            if (bArr != null) {
                doVerify(httpServletRequest, httpServletResponse, bArr, statisticEvent);
                return;
            }
            Object attribute = httpServletRequest.getAttribute("source");
            if (attribute == null || !attribute.toString().equals("internal")) {
                throw new PdfAsException("No Signature data available");
            }
            httpServletRequest.setAttribute("FILEERR", true);
            httpServletRequest.getRequestDispatcher("index.jsp").forward(httpServletRequest, httpServletResponse);
            statisticEvent.setStatus(StatisticEvent.Status.ERROR);
            statisticEvent.setException(new Exception("No file uploaded"));
            statisticEvent.setEndNow();
            statisticEvent.setTimestampNow();
            StatisticFrontend.getInstance().storeEvent(statisticEvent);
            statisticEvent.setLogged(true);
        } catch (Throwable th2) {
            statisticEvent.setStatus(StatisticEvent.Status.ERROR);
            statisticEvent.setException(th2);
            if (th2 instanceof PDFASError) {
                statisticEvent.setErrorCode(th2.getCode());
            }
            statisticEvent.setEndNow();
            statisticEvent.setTimestampNow();
            StatisticFrontend.getInstance().storeEvent(statisticEvent);
            statisticEvent.setLogged(true);
            logger.warn("Generic Error: ", th2);
            PdfAsHelper.setSessionException(httpServletRequest, httpServletResponse, th2.getMessage(), th2);
            PdfAsHelper.gotoError(getServletContext(), httpServletRequest, httpServletResponse);
        }
    }

    protected void doVerify(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, byte[] bArr, StatisticEvent statisticEvent) throws Exception {
        VerifyParameter.SignatureVerificationLevel verificationLevel = PdfAsParameterExtractor.getVerificationLevel(httpServletRequest);
        PdfAsHelper.setVerificationLevel(httpServletRequest, verificationLevel);
        String format = PdfAsParameterExtractor.getFormat(httpServletRequest);
        logger.debug("doVerify");
        logger.info("Starting verification of pdf dokument");
        logger.debug("Format: " + format);
        List<VerifyResult> synchronousVerify = PdfAsHelper.synchronousVerify(bArr, -1, verificationLevel, PdfAsParameterExtractor.getPreProcessorMap(httpServletRequest));
        PdfAsHelper.setVerificationResult(httpServletRequest, synchronousVerify);
        VerifyResultEncoder encoder = VerifyEncoder.getEncoder(format);
        if (encoder == null) {
            encoder = VerifyEncoder.getEncoder(PdfAsParameterExtractor.PARAM_HTML);
        }
        statisticEvent.setStatus(StatisticEvent.Status.OK);
        statisticEvent.setEndNow();
        statisticEvent.setTimestampNow();
        StatisticFrontend.getInstance().storeEvent(statisticEvent);
        statisticEvent.setLogged(true);
        encoder.produce(httpServletRequest, httpServletResponse, synchronousVerify);
    }
}
