package at.gv.egiz.pdfas.web.servlets;

import at.gv.egiz.pdfas.api.ws.PDFASSignParameters;
import at.gv.egiz.pdfas.api.ws.PDFASSignResponse;
import at.gv.egiz.pdfas.common.exceptions.PDFASError;
import at.gv.egiz.pdfas.lib.api.verify.VerifyParameter;
import at.gv.egiz.pdfas.lib.api.verify.VerifyResult;
import at.gv.egiz.pdfas.web.config.WebConfiguration;
import at.gv.egiz.pdfas.web.exception.PdfAsWebException;
import at.gv.egiz.pdfas.web.filter.UserAgentFilter;
import at.gv.egiz.pdfas.web.helper.DigestHelper;
import at.gv.egiz.pdfas.web.helper.JSONStartResponse;
import at.gv.egiz.pdfas.web.helper.PdfAsHelper;
import at.gv.egiz.pdfas.web.stats.StatisticEvent;
import at.gv.egiz.pdfas.web.stats.StatisticFrontend;
import java.io.IOException;
import java.util.HashMap;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.IOUtils;
import org.json.JSONArray;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:at/gv/egiz/pdfas/web/servlets/JSONAPIServlet.class */
public class JSONAPIServlet extends HttpServlet {
    private static final String JSON_PROFILE = "profile";
    private static final String JSON_POSITION = "position";
    private static final String JSON_CONNECTOR = "connector";
    private static final String JSON_REQUEST_ID = "reqID";
    private static final String JSON_INPUT = "input";
    private static final String JSON_OUTPUT = "output";
    private static final String JSON_OUTPUT_SIG = "verifySignature";
    private static final String JSON_OUTPUT_CER = "verifyCertificate";
    private static final String JSON_DATAURL = "dataUrl";
    private static final String JSON_BKUURL = "bkuUrl";
    private static final String JSON_SLREQUEST = "slRequest";
    private static final String JSON_SBP = "sbp";
    private static final Logger logger = LoggerFactory.getLogger(JSONAPIServlet.class);

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (!WebConfiguration.isJSONAPIEnabled()) {
            logger.info("Access to JSON API, but JSON API is disabled. Returning 404 error.");
            httpServletResponse.sendError(404);
            return;
        }
        String iOUtils = IOUtils.toString(httpServletRequest.getInputStream(), "UTF-8");
        logger.debug("Reading json String {}", iOUtils);
        JSONObject jSONObject = new JSONObject(iOUtils);
        logger.debug("JSON parsed: {}", jSONObject.toString());
        process(httpServletRequest, httpServletResponse, jSONObject);
    }

    protected void process(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, JSONObject jSONObject) throws ServletException, IOException {
        JSONObject jSONObject2 = new JSONObject();
        String string = jSONObject.has("profile") ? jSONObject.getString("profile") : null;
        String string2 = jSONObject.has(JSON_POSITION) ? jSONObject.getString(JSON_POSITION) : null;
        String string3 = jSONObject.getString("connector");
        String string4 = jSONObject.getString(JSON_INPUT);
        String string5 = jSONObject.has(JSON_REQUEST_ID) ? jSONObject.getString(JSON_REQUEST_ID) : null;
        if (string4 == null) {
            throw new ServletException("Invalid input value!");
        }
        byte[] decodeBase64 = Base64.decodeBase64(string4);
        StatisticEvent statisticEvent = new StatisticEvent();
        statisticEvent.setSource(StatisticEvent.Source.JSON);
        statisticEvent.setOperation(StatisticEvent.Operation.SIGN);
        statisticEvent.setUserAgent(UserAgentFilter.getUserAgent());
        statisticEvent.setStartNow();
        try {
            try {
                if (string3 == null) {
                    throw new ServletException("Invalid connector value!");
                }
                PDFASSignParameters.Connector connector = null;
                if (PDFASSignParameters.Connector.MOA.equalsName(string3)) {
                    connector = PDFASSignParameters.Connector.MOA;
                } else if (PDFASSignParameters.Connector.JKS.equalsName(string3)) {
                    connector = PDFASSignParameters.Connector.JKS;
                } else if (PDFASSignParameters.Connector.BKU.equalsName(string3)) {
                    connector = PDFASSignParameters.Connector.BKU;
                } else if (PDFASSignParameters.Connector.MOBILEBKU.equalsName(string3)) {
                    connector = PDFASSignParameters.Connector.MOBILEBKU;
                } else if (PDFASSignParameters.Connector.ONLINEBKU.equalsName(string3)) {
                    connector = PDFASSignParameters.Connector.ONLINEBKU;
                } else if (PDFASSignParameters.Connector.SECLAYER20.equalsName(string3)) {
                    connector = PDFASSignParameters.Connector.SECLAYER20;
                }
                if (connector == null) {
                    throw new ServletException("Invalid connector value!");
                }
                statisticEvent.setFilesize(decodeBase64.length);
                statisticEvent.setProfileId(string);
                statisticEvent.setDevice(string3);
                PDFASSignParameters pDFASSignParameters = new PDFASSignParameters();
                pDFASSignParameters.setConnector(connector);
                pDFASSignParameters.setPosition(string2);
                pDFASSignParameters.setProfile(string);
                HashMap hashMap = new HashMap();
                try {
                    JSONArray jSONArray = jSONObject.getJSONArray(JSON_SBP);
                    if (jSONArray != null) {
                        for (int i = 0; i < jSONArray.length(); i++) {
                            String string6 = jSONArray.getString(0);
                            if (!string6.contains("=")) {
                                throw new Exception("Invalid parameter: " + string6);
                            }
                            String[] split = string6.split("=", 2);
                            hashMap.put(split[0], split[1]);
                        }
                    }
                } catch (Exception e) {
                    e.printStackTrace();
                }
                if (PDFASSignParameters.Connector.MOA.equals(connector) || PDFASSignParameters.Connector.JKS.equals(connector)) {
                    PDFASSignResponse synchronousServerSignature = PdfAsHelper.synchronousServerSignature(decodeBase64, pDFASSignParameters, hashMap);
                    List<VerifyResult> synchronousVerify = PdfAsHelper.synchronousVerify(synchronousServerSignature.getSignedPDF(), -1, VerifyParameter.SignatureVerificationLevel.INTEGRITY_ONLY_VERIFICATION, null);
                    if (synchronousVerify.size() != 1) {
                        throw new ServletException("Document verification failed!");
                    }
                    VerifyResult verifyResult = synchronousVerify.get(0);
                    if (verifyResult.getValueCheckCode().getCode() == 0) {
                        statisticEvent.setStatus(StatisticEvent.Status.OK);
                        statisticEvent.setEndNow();
                        statisticEvent.setTimestampNow();
                        StatisticFrontend.getInstance().storeEvent(statisticEvent);
                        statisticEvent.setLogged(true);
                    } else {
                        statisticEvent.setStatus(StatisticEvent.Status.ERROR);
                        statisticEvent.setErrorCode(verifyResult.getValueCheckCode().getCode());
                        statisticEvent.setEndNow();
                        statisticEvent.setTimestampNow();
                        StatisticFrontend.getInstance().storeEvent(statisticEvent);
                        statisticEvent.setLogged(true);
                    }
                    jSONObject2.put(JSON_OUTPUT, Base64.encodeBase64String(synchronousServerSignature.getSignedPDF()));
                    jSONObject2.put(JSON_OUTPUT_SIG, verifyResult.getValueCheckCode().getCode());
                    jSONObject2.put(JSON_OUTPUT_CER, verifyResult.getCertificateCheck().getCode());
                } else {
                    PdfAsHelper.setStatisticEvent(httpServletRequest, httpServletResponse, statisticEvent);
                    PdfAsHelper.setVerificationLevel(httpServletRequest, VerifyParameter.SignatureVerificationLevel.INTEGRITY_ONLY_VERIFICATION);
                    String hexEncodedHash = DigestHelper.getHexEncodedHash(decodeBase64);
                    PdfAsHelper.setSignatureDataHash(httpServletRequest, hexEncodedHash);
                    logger.debug("Storing signatures data hash: " + hexEncodedHash);
                    logger.debug("Starting signature creation with: " + string3);
                    if (PDFASSignParameters.Connector.BKU.equals(connector) && WebConfiguration.getLocalBKUURL() == null) {
                        throw new PdfAsWebException("Invalid connector bku is not supported");
                    }
                    if (PDFASSignParameters.Connector.ONLINEBKU.equals(connector) && WebConfiguration.getLocalBKUURL() == null) {
                        throw new PdfAsWebException("Invalid connector onlinebku is not supported");
                    }
                    if (PDFASSignParameters.Connector.MOBILEBKU.equals(connector) && WebConfiguration.getLocalBKUURL() == null) {
                        throw new PdfAsWebException("Invalid connector mobilebku is not supported");
                    }
                    if (PDFASSignParameters.Connector.SECLAYER20.equals(connector) && WebConfiguration.getSecurityLayer20URL() == null) {
                        throw new PdfAsWebException("Invalid connector mobilebku is not supported");
                    }
                    PdfAsHelper.startSignatureJson(httpServletRequest, httpServletResponse, getServletContext(), decodeBase64, connector.toString(), string2, null, string, null, null);
                    JSONStartResponse startJsonProcess = PdfAsHelper.startJsonProcess(httpServletRequest, httpServletResponse, getServletContext());
                    if (startJsonProcess == null) {
                        throw new PdfAsWebException("Invalid configuration for json API");
                    }
                    jSONObject2.put(JSON_DATAURL, startJsonProcess.getUrl());
                    jSONObject2.put(JSON_BKUURL, startJsonProcess.getBkuURL());
                    jSONObject2.put(JSON_SLREQUEST, startJsonProcess.getSlRequest());
                }
                httpServletResponse.setContentType("application/json");
                IOUtils.write(jSONObject2.toString(), httpServletResponse.getOutputStream(), "UTF-8");
                logger.debug("Done JSON Sign Request");
            } catch (Throwable th) {
                statisticEvent.setStatus(StatisticEvent.Status.ERROR);
                statisticEvent.setException(th);
                if (th instanceof PDFASError) {
                    statisticEvent.setErrorCode(th.getCode());
                }
                statisticEvent.setEndNow();
                statisticEvent.setTimestampNow();
                StatisticFrontend.getInstance().storeEvent(statisticEvent);
                statisticEvent.setLogged(true);
                logger.warn("Error in JSON Service", th);
                if (th.getCause() == null) {
                    throw new ServletException(th.getMessage());
                }
                throw new ServletException(th.getCause().getMessage());
            }
        } catch (Throwable th2) {
            logger.debug("Done JSON Sign Request");
            throw th2;
        }
    }
}
