package at.gv.egiz.bku.binding;

import at.gv.egiz.bku.conf.MoccaConfigurationFacade;
import at.gv.egiz.bku.slcommands.ErrorResult;
import at.gv.egiz.bku.slcommands.SLCommand;
import at.gv.egiz.bku.slcommands.SLCommandContext;
import at.gv.egiz.bku.slcommands.SLResult;
import at.gv.egiz.bku.slcommands.SLSourceContext;
import at.gv.egiz.bku.slcommands.SLTargetContext;
import at.gv.egiz.bku.slcommands.impl.ErrorResultImpl;
import at.gv.egiz.bku.slexceptions.SLBindingException;
import at.gv.egiz.bku.slexceptions.SLException;
import at.gv.egiz.bku.spring.ConfigurationFactoryBean;
import at.gv.egiz.bku.utils.ConfigurationUtil;
import at.gv.egiz.bku.utils.StreamUtil;
import at.gv.egiz.bku.utils.urldereferencer.URIResolverAdapter;
import at.gv.egiz.bku.utils.urldereferencer.URLDereferencer;
import at.gv.egiz.stal.QuitRequest;
import iaik.pki.utils.DBTypeParser;
import iaik.utils.Base64InputStream;
import java.io.BufferedInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.io.Writer;
import java.net.URL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLSocketFactory;
import javax.xml.XMLConstants;
import javax.xml.transform.Templates;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.stream.StreamResult;
import javax.xml.transform.stream.StreamSource;
import org.apache.commons.fileupload.FileItemHeaders;
import org.apache.commons.httpclient.methods.multipart.FilePart;
import org.apache.commons.httpclient.methods.multipart.StringPart;
import org.apache.xml.serialize.LineSeparator;
import org.apache.xml.serializer.SerializerConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BKULocal.war:WEB-INF/lib/bkucommon-1.4.1.jar:at/gv/egiz/bku/binding/HTTPBindingProcessorImpl.class */
public class HTTPBindingProcessorImpl extends AbstractBindingProcessor implements HTTPBindingProcessor, FormDataURLSupplier {
    public static final Collection<String> XML_REQ_TRANSFER_ENCODING = Arrays.asList(FilePart.DEFAULT_TRANSFER_ENCODING, StringPart.DEFAULT_TRANSFER_ENCODING);
    protected static String XML_MIME_TYPE = HttpUtil.TXT_XML;
    protected static String BINARY_MIME_TYPE = FilePart.DEFAULT_CONTENT_TYPE;
    protected static String CITIZEN_CARD_ENVIRONMENT = "citizen-card-environment/1.2";
    protected SLException bindingProcessorError;
    protected SSLSocketFactory sslSocketFactory;
    protected HostnameVerifier hostnameVerifier;
    protected DataUrlResponse dataUrlResponse;
    protected SLCommand slCommand;
    protected URL srcUrl;
    private final Logger log = LoggerFactory.getLogger(HTTPBindingProcessorImpl.class);
    protected ConfigurationFacade configurationFacade = new ConfigurationFacade();
    protected Map<String, String> headerMap = Collections.EMPTY_MAP;
    protected Map<String, FormParameter> formParameterMap = new HashMap();
    protected SLSourceContext srcContex = new SLSourceContext();
    protected SLTargetContext targetContext = new SLTargetContext();
    protected State currentState = State.INIT;
    protected Templates templates = null;
    protected String resultContentType = null;
    protected SLResult slResult = null;
    protected int responseCode = 200;
    protected Map<String, String> responseHeaders = Collections.EMPTY_MAP;
    protected boolean finished = false;

    /* loaded from: input_file:BKULocal.war:WEB-INF/lib/bkucommon-1.4.1.jar:at/gv/egiz/bku/binding/HTTPBindingProcessorImpl$ConfigurationFacade.class */
    public class ConfigurationFacade implements MoccaConfigurationFacade {
        public static final String DATAURLCLIENT_MAXHOPS = "DataURLConnection.MaxHops";
        public static final String DATAURL_WHITELIST = "DataURLConnection.Whitelist";
        public static final String USE_STYLESHEETURL_PROPERTY = "UseStylesheetURL";
        public static final String USE_XADES_1_4 = "UseXAdES14";
        public static final String USE_XADES_1_4_BLACKLIST = "UseXAdES14Blacklist";
        public static final String XADES_1_4_BLACKLIST_URL = "http://www.buergerkarte.at/BKU_XAdES_14_blacklist.txt";
        public static final int XADES_1_4_BLACKLIST_EXPIRY = 86400;
        public static final String ALLOW_OTHER_REDIRECTS = "AllowOtherRedirects";
        public static final String SSL_DISSABLE_HOSTNAME_VERIFICATION = "SSL.disableHostnameVerification";
        public static final String SSL_DISSABLE_ALL_CHECKS = "SSL.disableAllChecks";

        public ConfigurationFacade() {
        }

        public int getMaxDataUrlHops() {
            return HTTPBindingProcessorImpl.this.configuration.getInt(DATAURLCLIENT_MAXHOPS, 10);
        }

        public String getProductName() {
            return HTTPBindingProcessorImpl.this.configuration.getString(ConfigurationFactoryBean.MOCCA_IMPLEMENTATIONNAME_PROPERTY, "MOCCA");
        }

        public String getProductVersion() {
            return HTTPBindingProcessorImpl.this.configuration.getString(ConfigurationFactoryBean.MOCCA_IMPLEMENTATIONVERSION_PROPERTY, "UNKNOWN") + (getUseXAdES14() ? "-X14" : "");
        }

        public String getSignatureLayout() {
            String string = HTTPBindingProcessorImpl.this.configuration.getString("SignatureLayout");
            if (getUseXAdES14() && "1.0".equals(string)) {
                string = SerializerConstants.XMLVERSION11;
            }
            return string;
        }

        public boolean getEnableStylesheetURL() {
            return HTTPBindingProcessorImpl.this.configuration.getBoolean(USE_STYLESHEETURL_PROPERTY, false);
        }

        public List<String> getDataURLWhitelist() {
            return ConfigurationUtil.getStringListFromObjectList(HTTPBindingProcessorImpl.this.configuration.getList(DATAURL_WHITELIST));
        }

        public boolean hasDataURLWhitelist() {
            return HTTPBindingProcessorImpl.this.configuration.containsKey(DATAURL_WHITELIST);
        }

        public boolean matchesDataURLWhitelist(String str) {
            List<String> dataURLWhitelist = getDataURLWhitelist();
            HTTPBindingProcessorImpl.this.log.debug("DataURL Whitelist: " + dataURLWhitelist.toString());
            for (String str2 : dataURLWhitelist) {
                HTTPBindingProcessorImpl.this.log.debug("Matching " + str2);
                if (str.matches(str2)) {
                    return true;
                }
            }
            return false;
        }

        public boolean getUseXAdES14() {
            return HTTPBindingProcessorImpl.this.configuration.getBoolean("UseXAdES14", true);
        }

        public boolean getAllowOtherRedirects() {
            return HTTPBindingProcessorImpl.this.configuration.getBoolean(ALLOW_OTHER_REDIRECTS, false);
        }

        public boolean disableSslHostnameVerification() {
            return HTTPBindingProcessorImpl.this.configuration.getBoolean("SSL.disableHostnameVerification", false);
        }

        public boolean disableAllSslChecks() {
            return HTTPBindingProcessorImpl.this.configuration.getBoolean("SSL.disableAllChecks", false);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BKULocal.war:WEB-INF/lib/bkucommon-1.4.1.jar:at/gv/egiz/bku/binding/HTTPBindingProcessorImpl$State.class */
    public enum State {
        INIT,
        PROCESS,
        DATAURL,
        TRANSFORM,
        FINISHED
    }

    @Override // at.gv.egiz.bku.binding.AbstractBindingProcessor
    public void setUrlDereferencer(URLDereferencer uRLDereferencer) {
        super.setUrlDereferencer(new FormDataURLDereferencer(uRLDereferencer, this));
    }

    public SSLSocketFactory getSslSocketFactory() {
        return this.sslSocketFactory;
    }

    public void setSslSocketFactory(SSLSocketFactory sSLSocketFactory) {
        this.sslSocketFactory = sSLSocketFactory;
    }

    public HostnameVerifier getHostnameVerifier() {
        return this.hostnameVerifier;
    }

    public void setHostnameVerifier(HostnameVerifier hostnameVerifier) {
        this.hostnameVerifier = hostnameVerifier;
    }

    protected void sendSTALQuit() {
        this.log.debug("Sending QUIT command to STAL.");
        ArrayList arrayList = new ArrayList(1);
        arrayList.add(new QuitRequest());
        getSTAL().handleRequest(arrayList);
    }

    protected String getFormParameterAsString(String str) {
        return getFormParameterAsString(this.formParameterMap.get(str));
    }

    protected String getFormParameterAsString(FormParameter formParameter) {
        if (formParameter == null) {
            return null;
        }
        try {
            return StreamUtil.asString(formParameter.getFormParameterValue(), HttpUtil.getCharset(formParameter.getFormParameterContentType(), true));
        } catch (IOException e) {
            return null;
        }
    }

    protected String getDataUrl() {
        return getFormParameterAsString(FixedFormParameters.DATAURL);
    }

    protected String getStyleSheetUrl() {
        return getFormParameterAsString(FixedFormParameters.STYLESHEETURL);
    }

    protected List<FormParameter> getFormParameters(String str) {
        ArrayList arrayList = new ArrayList();
        for (String str2 : this.formParameterMap.keySet()) {
            if (str2.endsWith(str)) {
                arrayList.add(this.formParameterMap.get(str2));
            }
        }
        return arrayList;
    }

    protected List<FormParameter> getTransferHeaders() {
        return getFormParameters("__");
    }

    protected List<FormParameter> getTransferForms() {
        ArrayList arrayList = new ArrayList();
        for (String str : this.formParameterMap.keySet()) {
            if (str.endsWith("_") && !str.endsWith("__")) {
                arrayList.add(this.formParameterMap.get(str));
            }
        }
        return arrayList;
    }

    protected void closeDataUrlConnection() {
        InputStream stream;
        this.log.debug("Closing data url input stream.");
        if (this.dataUrlResponse == null || (stream = this.dataUrlResponse.getStream()) == null) {
            return;
        }
        try {
            stream.close();
        } catch (IOException e) {
            this.log.info("Error closing input stream to dataurl server.", (Throwable) e);
        }
    }

    protected void init() {
        this.log.info("Starting Bindingprocessor : {}.", this.id);
        if (this.bindingProcessorError != null) {
            this.log.debug("Detected binding processor error, sending quit command.");
            this.currentState = State.FINISHED;
        } else {
            if (this.slCommand != null) {
                this.currentState = State.PROCESS;
                return;
            }
            this.log.error("SLCommand not set. (consumeRequest not called?)");
            this.bindingProcessorError = new SLException(2000);
            this.currentState = State.FINISHED;
        }
    }

    protected void processRequest() {
        this.log.info("Entered State: {}, Processing {}.", State.PROCESS, this.slCommand.getName());
        this.commandInvoker.setCommand(new SLCommandContext(getSTAL(), new FormDataURLDereferencer(this.urlDereferencer, this), getDataUrl(), this.locale), this.slCommand);
        this.responseCode = 200;
        this.responseHeaders = Collections.EMPTY_MAP;
        this.dataUrlResponse = null;
        try {
            this.commandInvoker.invoke(this.srcContex);
        } catch (SLException e) {
            this.log.info("Failed to invoke command.", (Throwable) e);
            this.bindingProcessorError = e;
            this.currentState = State.TRANSFORM;
        }
        if (getDataUrl() != null) {
            this.log.debug("DataUrl set to: {}.", getDataUrl());
            this.currentState = State.DATAURL;
        } else {
            this.log.debug("No data url set.");
            this.currentState = State.TRANSFORM;
        }
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:66:0x0289. Please report as an issue. */
    protected void handleDataUrl() {
        String dataUrl = getDataUrl();
        this.log.info("Entered State: {}, DataURL={}.", State.DATAURL, dataUrl);
        try {
            if (this.configurationFacade.hasDataURLWhitelist()) {
                this.log.debug("Checking DataURL against whitelist");
                if (!this.configurationFacade.matchesDataURLWhitelist(dataUrl)) {
                    this.log.error("DataURL doesn't match whitelist");
                    throw new SLBindingException(2001);
                }
            }
            HttpsDataURLConnection httpsDataURLConnection = (HttpsDataURLConnection) new DataUrl(dataUrl).openConnection();
            httpsDataURLConnection.setHTTPHeader(HttpUtil.HTTP_HEADER_USER_AGENT, getServerHeaderValue());
            httpsDataURLConnection.setHTTPHeader("SignatureLayout", getSignatureLayoutHeaderValue());
            if (this.configurationFacade.disableAllSslChecks() || this.configurationFacade.disableSslHostnameVerification()) {
                httpsDataURLConnection.setHostnameVerifier(this.hostnameVerifier);
            }
            httpsDataURLConnection.setSSLSocketFactory(this.sslSocketFactory);
            Iterator<FormParameter> it = getTransferHeaders().iterator();
            while (it.hasNext()) {
                String formParameterAsString = getFormParameterAsString(it.next());
                if (formParameterAsString == null) {
                    this.log.error("Got empty transfer header, ignoring this.");
                } else {
                    String[] split = formParameterAsString.split(DBTypeParser.SEPARATOR, 2);
                    String str = split[0];
                    if (split.length != 2) {
                        this.log.error("Invalid transfer header encoding: {}.", formParameterAsString);
                        throw new SLBindingException(2005);
                    }
                    String trim = split[1].trim();
                    this.log.debug("Setting header '{}' to value '{}'.", str, trim);
                    httpsDataURLConnection.setHTTPHeader(str, trim);
                }
            }
            for (FormParameter formParameter : getTransferForms()) {
                String str2 = null;
                String formParameterContentType = formParameter.getFormParameterContentType();
                String charset = HttpUtil.getCharset(formParameterContentType, false);
                if (charset != null) {
                    formParameterContentType = formParameterContentType.substring(0, formParameterContentType.lastIndexOf(HttpUtil.SEPARATOR[0]));
                }
                Iterator<String> headerNames = formParameter.getHeaderNames();
                while (headerNames.hasNext()) {
                    if (HttpUtil.CONTENT_TRANSFER_ENCODING.equalsIgnoreCase(headerNames.next())) {
                        str2 = getFormParameterAsString(formParameter);
                    }
                }
                if (this.log.isDebugEnabled()) {
                    this.log.debug("Setting form parameter '{}' (content-type {}, charset {}, content transfer encoding {})", new Object[]{formParameter.getFormParameterName(), formParameterContentType, charset, str2});
                }
                httpsDataURLConnection.setHTTPFormParameter(formParameter.getFormParameterName(), formParameter.getFormParameterValue(), formParameterContentType, charset, str2);
            }
            httpsDataURLConnection.connect();
            this.targetContext.setTargetIsDataURL(true);
            X509Certificate x509Certificate = httpsDataURLConnection.getServerCertificates() instanceof X509Certificate[] ? (X509Certificate) httpsDataURLConnection.getServerCertificates()[0] : null;
            this.targetContext.setTargetCertificate(x509Certificate);
            this.targetContext.setTargetUrl(httpsDataURLConnection.getURL());
            httpsDataURLConnection.transmit(this.commandInvoker.getResult(this.targetContext));
            this.dataUrlResponse = httpsDataURLConnection.getResponse();
            int responseCode = this.dataUrlResponse.getResponseCode();
            this.log.debug("Received data url response code: {}.", Integer.valueOf(responseCode));
            if (this.configurationFacade.getAllowOtherRedirects() && responseCode >= 301 && responseCode <= 303) {
                responseCode = 307;
            }
            switch (responseCode) {
                case 200:
                    String contentType = this.dataUrlResponse.getContentType();
                    this.log.debug("Got dataurl response content type: {}.", contentType);
                    if (contentType == null) {
                        this.log.info("Content type not set in dataurl response.");
                        closeDataUrlConnection();
                        throw new SLBindingException(2007);
                    }
                    if (contentType.startsWith("application/x-www-form-urlencoded") || contentType.startsWith("multipart/form-data")) {
                        this.log.debug("Detected SL Request in dataurl response.");
                        setHTTPHeaders(this.dataUrlResponse.getResponseHeaders());
                        consumeRequestStream(this.dataUrlResponse.getUrl(), this.dataUrlResponse.getStream());
                        closeDataUrlConnection();
                        this.srcContex.setSourceCertificate(x509Certificate);
                        this.srcContex.setSourceIsDataURL(true);
                        this.srcContex.setSourceUrl(httpsDataURLConnection.getURL());
                        this.currentState = State.PROCESS;
                    } else if ((contentType.startsWith("text/html") || contentType.startsWith("text/plain") || contentType.startsWith(HttpUtil.TXT_XML)) && this.dataUrlResponse.isHttpResponseXMLOK()) {
                        this.log.info("Dataurl response matches <ok/> with content type: {}.", contentType);
                        this.currentState = State.TRANSFORM;
                    } else if (!contentType.startsWith(HttpUtil.TXT_XML) || this.dataUrlResponse.isHttpResponseXMLOK()) {
                        this.resultContentType = contentType;
                        this.responseHeaders = this.dataUrlResponse.getResponseHeaders();
                        this.responseCode = this.dataUrlResponse.getResponseCode();
                        this.currentState = State.FINISHED;
                    } else {
                        this.log.debug("Detected text/xml  dataurl response with content != <ok/>");
                        this.headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType);
                        assignXMLRequest(this.dataUrlResponse.getStream(), HttpUtil.getCharset(contentType, true));
                        closeDataUrlConnection();
                        this.srcContex.setSourceCertificate(x509Certificate);
                        this.srcContex.setSourceIsDataURL(true);
                        this.srcContex.setSourceUrl(httpsDataURLConnection.getURL());
                        this.currentState = State.PROCESS;
                        this.srcContex.setSourceHTTPReferer(this.dataUrlResponse.getResponseHeaders().get(HttpUtil.HTTP_HEADER_REFERER));
                    }
                    return;
                case 307:
                    String contentType2 = this.dataUrlResponse.getContentType();
                    if (contentType2 != null && contentType2.startsWith(HttpUtil.TXT_XML)) {
                        this.log.debug("Received dataurl response code 307 with XML content.");
                        String str3 = this.dataUrlResponse.getResponseHeaders().get(HttpUtil.HTTP_HEADER_LOCATION);
                        if (str3 == null) {
                            this.log.error("Did not get a location header for a 307 data url response.");
                            throw new SLBindingException(2003);
                        }
                        FormParameterStore formParameterStore = new FormParameterStore();
                        formParameterStore.init(str3.getBytes("ISO-8859-1"), FixedFormParameters.DATAURL, (String) null, (FileItemHeaders) null);
                        this.formParameterMap.put(FixedFormParameters.DATAURL, formParameterStore);
                        this.headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType2);
                        assignXMLRequest(this.dataUrlResponse.getStream(), HttpUtil.getCharset(this.dataUrlResponse.getContentType(), true));
                        closeDataUrlConnection();
                        this.srcContex.setSourceCertificate(x509Certificate);
                        this.srcContex.setSourceIsDataURL(true);
                        this.srcContex.setSourceUrl(httpsDataURLConnection.getURL());
                        this.currentState = State.PROCESS;
                        this.srcContex.setSourceHTTPReferer(this.dataUrlResponse.getResponseHeaders().get(HttpUtil.HTTP_HEADER_REFERER));
                        this.responseHeaders = this.dataUrlResponse.getResponseHeaders();
                        this.responseCode = this.dataUrlResponse.getResponseCode();
                        return;
                    }
                    this.log.debug("Received dataurl response code 307 with non XML content: {}.", this.dataUrlResponse.getContentType());
                    break;
                case 301:
                case 302:
                case 303:
                    this.responseHeaders = this.dataUrlResponse.getResponseHeaders();
                    this.responseCode = this.dataUrlResponse.getResponseCode();
                    this.resultContentType = this.dataUrlResponse.getContentType();
                    this.currentState = State.FINISHED;
                    return;
                default:
                    this.log.info("Unexpected response code from dataurl server: {}.", Integer.valueOf(this.dataUrlResponse.getResponseCode()));
                    throw new SLBindingException(2007);
            }
        } catch (SLException e) {
            this.bindingProcessorError = e;
            this.log.error("Error during dataurl communication.", (Throwable) e);
            this.resultContentType = HttpUtil.TXT_XML;
            this.currentState = State.TRANSFORM;
        } catch (SSLHandshakeException e2) {
            this.bindingProcessorError = new SLException(2010);
            this.log.info("Error during dataurl communication.", (Throwable) e2);
            this.resultContentType = HttpUtil.TXT_XML;
            this.currentState = State.TRANSFORM;
        } catch (IOException e3) {
            this.bindingProcessorError = new SLBindingException(2001);
            this.log.error("Error while data url handling", (Throwable) e3);
            this.resultContentType = HttpUtil.TXT_XML;
            this.currentState = State.TRANSFORM;
        }
    }

    protected void transformResult() {
        this.log.info("Entered State: {}.", State.TRANSFORM);
        if (this.bindingProcessorError != null) {
            this.resultContentType = HttpUtil.TXT_XML;
        } else if (this.dataUrlResponse != null) {
            this.resultContentType = this.dataUrlResponse.getContentType();
        } else {
            this.targetContext.setTargetIsDataURL(false);
            this.targetContext.setTargetUrl(this.srcUrl);
            try {
                this.slResult = this.commandInvoker.getResult(this.targetContext);
                this.resultContentType = this.slResult.getMimeType();
                this.log.debug("Successfully got SLResult from commandinvoker, setting mimetype to: {}.", this.resultContentType);
            } catch (SLException e) {
                this.log.info("Cannot get result from invoker:", (Throwable) e);
                this.bindingProcessorError = new SLException(6002);
                this.resultContentType = HttpUtil.TXT_XML;
            }
        }
        String styleSheetUrl = getStyleSheetUrl();
        if (this.configurationFacade.getEnableStylesheetURL()) {
            this.templates = getTemplates(styleSheetUrl);
        } else {
            this.templates = null;
            if (styleSheetUrl != null) {
                this.log.info("Ignoring StylesheetURL ({})", styleSheetUrl);
            }
        }
        if (this.templates != null) {
            this.log.debug("Output transformation required.");
            this.resultContentType = this.templates.getOutputProperties().getProperty("media-type");
            this.log.debug("Got media type from stylesheet: {}.", this.resultContentType);
            if (this.resultContentType == null) {
                this.log.debug("Setting to default text/xml result conent type.");
                this.resultContentType = HttpUtil.TXT_XML;
            }
            this.log.debug("Deferring sytylesheet processing.");
        }
        this.currentState = State.FINISHED;
    }

    protected void finished() {
        this.log.info("Entered State: {}.", State.FINISHED);
        if (this.bindingProcessorError != null) {
            this.log.debug("Binding processor error, sending quit command.");
            this.resultContentType = HttpUtil.TXT_XML;
        }
        sendSTALQuit();
        this.log.info("Terminating Bindingprocessor : {}.", this.id);
        this.finished = true;
    }

    public String getServerHeaderValue() {
        return CITIZEN_CARD_ENVIRONMENT + " " + this.configurationFacade.getProductName() + "/" + this.configurationFacade.getProductVersion();
    }

    public String getSignatureLayoutHeaderValue() {
        return this.configurationFacade.getSignatureLayout();
    }

    @Override // at.gv.egiz.bku.binding.HTTPBindingProcessor
    public void setHTTPHeaders(Map<String, String> map) {
        this.headerMap = new HashMap();
        if (map != null) {
            for (String str : map.keySet()) {
                if (str != null) {
                    this.headerMap.put(str.toLowerCase(), map.get(str));
                    if (str.equalsIgnoreCase(HttpUtil.HTTP_HEADER_REFERER)) {
                        String str2 = map.get(str);
                        this.log.debug("Got referer header: {}.", str2);
                        this.srcContex.setSourceHTTPReferer(str2);
                    }
                }
            }
        }
    }

    public void setSourceCertificate(X509Certificate x509Certificate) {
        this.srcContex.setSourceCertificate(x509Certificate);
    }

    @Override // at.gv.egiz.bku.binding.HTTPBindingProcessor
    public String getRedirectURL() {
        String formParameterAsString = getFormParameterAsString(FixedFormParameters.REDIRECTURL);
        this.log.debug("Evaluating redirectURL: " + formParameterAsString);
        if (formParameterAsString == null || formParameterAsString.trim().isEmpty() || formParameterAsString.contains(LineSeparator.Macintosh) || formParameterAsString.contains("\n") || formParameterAsString.contains("<") || formParameterAsString.toLowerCase().contains("javascript:")) {
            return null;
        }
        return formParameterAsString;
    }

    @Override // at.gv.egiz.bku.binding.FormDataURLSupplier
    public String getFormDataContentType(String str) {
        FormParameter formParameter = this.formParameterMap.get(str);
        if (formParameter != null) {
            return formParameter.getFormParameterContentType();
        }
        return null;
    }

    @Override // at.gv.egiz.bku.binding.HTTPBindingProcessor, at.gv.egiz.bku.binding.FormDataURLSupplier
    public InputStream getFormData(String str) {
        FormParameter formParameter = this.formParameterMap.get(str);
        if (formParameter == null) {
            return null;
        }
        final String headerValue = formParameter.getHeaderValue(HttpUtil.CONTENT_TRANSFER_ENCODING);
        return (headerValue == null || FilePart.DEFAULT_TRANSFER_ENCODING.equals(headerValue) || StringPart.DEFAULT_TRANSFER_ENCODING.equals(headerValue)) ? formParameter.getFormParameterValue() : "base64".equals(headerValue) ? new Base64InputStream(formParameter.getFormParameterValue()) : new InputStream() { // from class: at.gv.egiz.bku.binding.HTTPBindingProcessorImpl.1
            @Override // java.io.InputStream
            public int read() throws IOException {
                throw new IOException("Content-Transfer-Encoding : " + headerValue + " is not supported.");
            }
        };
    }

    protected void assignXMLRequest(InputStream inputStream, String str) throws IOException, SLException {
        this.slCommand = this.slCommandFactory.createSLCommand(new StreamSource(new InputStreamReader(new BufferedInputStream(inputStream), str)));
        this.log.info("XMLRequest={}. Created new command: {}.", this.slCommand.getName(), this.slCommand.getClass().getName());
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:9:0x0021. Please report as an issue. */
    @Override // at.gv.egiz.bku.binding.AbstractBindingProcessor
    public void process() {
        boolean z = false;
        int i = 0;
        if (this.bindingProcessorError != null) {
            this.currentState = State.FINISHED;
        }
        while (!z) {
            try {
                try {
                } catch (RuntimeException e) {
                    throw e;
                } catch (Exception e2) {
                    this.log.error("Caught unexpected exception.", (Throwable) e2);
                    this.responseCode = 200;
                    this.resultContentType = HttpUtil.TXT_XML;
                    this.responseHeaders = Collections.EMPTY_MAP;
                    this.bindingProcessorError = new SLException(2000);
                    this.currentState = State.FINISHED;
                }
                switch (this.currentState) {
                    case INIT:
                        init();
                    case PROCESS:
                        processRequest();
                    case DATAURL:
                        handleDataUrl();
                        i++;
                        if (i > this.configurationFacade.getMaxDataUrlHops()) {
                            this.log.error("Maximum number ({}) of dataurl hops reached.", Integer.valueOf(this.configurationFacade.getMaxDataUrlHops()));
                            this.bindingProcessorError = new SLBindingException(2000);
                            this.currentState = State.FINISHED;
                        }
                    case TRANSFORM:
                        transformResult();
                    case FINISHED:
                        z = true;
                        finished();
                }
            } catch (Throwable th) {
                this.log.error("Caught unexpected exception.", th);
                this.responseCode = 200;
                this.resultContentType = HttpUtil.TXT_XML;
                this.responseHeaders = Collections.EMPTY_MAP;
                this.bindingProcessorError = new SLException(2000);
                this.currentState = State.FINISHED;
            }
        }
        this.log.debug("Terminated http binding processor.");
        this.finished = true;
    }

    @Override // at.gv.egiz.bku.binding.BindingProcessor
    public void consumeRequestStream(String str, InputStream inputStream) {
        try {
            try {
                this.srcUrl = new URL(str);
                this.srcContex.setSourceUrl(this.srcUrl);
                this.srcContex.setSourceIsDataURL(false);
                this.log.debug("Start consuming request stream.");
                FormParameter formParameter = this.formParameterMap.get(FixedFormParameters.REDIRECTURL);
                FormParameter formParameter2 = this.formParameterMap.get(FixedFormParameters.REDIRECTTARGET);
                this.formParameterMap.clear();
                if (formParameter != null) {
                    this.formParameterMap.put(FixedFormParameters.REDIRECTURL, formParameter);
                }
                if (formParameter2 != null) {
                    this.formParameterMap.put(FixedFormParameters.REDIRECTTARGET, formParameter2);
                }
                String str2 = this.headerMap.get(HttpUtil.HTTP_HEADER_CONTENT_TYPE.toLowerCase());
                if (str2 == null) {
                    this.log.info("No content type set in http header.");
                    throw new SLBindingException(2006);
                }
                InputDecoder decoder = InputDecoderFactory.getDecoder(str2, inputStream);
                if (decoder == null) {
                    this.log.error("Cannot get inputdecoder for content type {}.", str2);
                    throw new SLException(2006);
                }
                Iterator<FormParameter> formParameterIterator = decoder.getFormParameterIterator();
                while (formParameterIterator.hasNext()) {
                    FormParameter next = formParameterIterator.next();
                    this.log.debug("Got request parameter with name: {}.", next.getFormParameterName());
                    if (next.getFormParameterName().equals(FixedFormParameters.XMLREQUEST)) {
                        this.log.debug("Creating XML Request.");
                        Iterator<String> headerNames = next.getHeaderNames();
                        while (headerNames.hasNext()) {
                            String next2 = headerNames.next();
                            if (HttpUtil.CONTENT_TRANSFER_ENCODING.equalsIgnoreCase(next2)) {
                                String headerValue = next.getHeaderValue(next2);
                                this.log.debug("Got transfer encoding for xmlrequest: {}.", headerValue);
                                if (!XML_REQ_TRANSFER_ENCODING.contains(headerValue)) {
                                    this.log.error("Transfer encoding '{}' not supported.", headerValue);
                                    throw new SLBindingException(2005);
                                }
                                this.log.debug("Supported transfer encoding: {}.", headerValue);
                            }
                        }
                        assignXMLRequest(next.getFormParameterValue(), HttpUtil.getCharset(str2, true));
                    } else if (next.getFormParameterName().equals(FixedFormParameters.REDIRECTURL) && this.formParameterMap.containsKey(FixedFormParameters.REDIRECTURL)) {
                        this.log.info("Not updating previously set RedirectURL!");
                    } else {
                        FormParameterStore formParameterStore = new FormParameterStore();
                        formParameterStore.init(next);
                        this.log.debug("Setting form parameter: {}.", formParameterStore.getFormParameterName());
                        this.formParameterMap.put(formParameterStore.getFormParameterName(), formParameterStore);
                    }
                }
                if (this.slCommand == null) {
                    throw new SLBindingException(2004);
                }
                try {
                    if (inputStream.read() != -1) {
                        this.log.warn("Request input stream not completely read.");
                        do {
                        } while (inputStream.read() != -1);
                    }
                    this.log.debug("Finished consuming request stream.");
                } catch (IOException e) {
                    this.log.error("Failed to read request input stream.", (Throwable) e);
                }
            } catch (SLException e2) {
                this.log.info("Error while consuming input stream.", (Throwable) e2);
                this.bindingProcessorError = e2;
                try {
                    if (inputStream.read() != -1) {
                        this.log.warn("Request input stream not completely read.");
                        do {
                        } while (inputStream.read() != -1);
                    }
                    this.log.debug("Finished consuming request stream.");
                } catch (IOException e3) {
                    this.log.error("Failed to read request input stream.", (Throwable) e3);
                }
            } catch (Throwable th) {
                this.log.info("Error while consuming input stream.", th);
                this.bindingProcessorError = new SLException(2000);
                try {
                    if (inputStream.read() != -1) {
                        this.log.warn("Request input stream not completely read.");
                        do {
                        } while (inputStream.read() != -1);
                    }
                    this.log.debug("Finished consuming request stream.");
                } catch (IOException e4) {
                    this.log.error("Failed to read request input stream.", (Throwable) e4);
                }
            }
        } catch (Throwable th2) {
            try {
                if (inputStream.read() != -1) {
                    this.log.warn("Request input stream not completely read.");
                    do {
                    } while (inputStream.read() != -1);
                }
                this.log.debug("Finished consuming request stream.");
            } catch (IOException e5) {
                this.log.error("Failed to read request input stream.", (Throwable) e5);
            }
            throw th2;
        }
    }

    @Override // at.gv.egiz.bku.binding.BindingProcessor
    public String getResultContentType() {
        return this.resultContentType;
    }

    protected Templates getTemplates(String str) {
        if (str == null) {
            this.log.debug("Stylesheet URL not set.");
            return null;
        }
        try {
            TransformerFactory newInstance = TransformerFactory.newInstance();
            newInstance.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
            newInstance.setURIResolver(new URIResolverAdapter(this.urlDereferencer));
            return newInstance.newTemplates(new StreamSource(this.urlDereferencer.dereference(str).getStream()));
        } catch (Exception e) {
            this.log.info("Cannot instantiate transformer.", (Throwable) e);
            this.bindingProcessorError = new SLException(2002);
            return null;
        }
    }

    protected void handleBindingProcessorError(OutputStream outputStream, String str, Templates templates) throws IOException {
        this.log.debug("Writing error as result.");
        new ErrorResultImpl(this.bindingProcessorError, this.locale).writeTo(new StreamResult(writeXMLDeclarationAndProcessingInstruction(outputStream, str)), templates, true);
    }

    protected Writer writeXMLDeclarationAndProcessingInstruction(OutputStream outputStream, String str) throws IOException {
        if (str == null) {
            str = "ISO-8859-1";
        }
        OutputStreamWriter outputStreamWriter = new OutputStreamWriter(outputStream, str);
        outputStreamWriter.write("<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>\n");
        outputStreamWriter.write("<?xml-stylesheet type=\"text/css\" href=\"errorresponse.css\"?>\n");
        return outputStreamWriter;
    }

    @Override // at.gv.egiz.bku.binding.BindingProcessor
    public void writeResultTo(OutputStream outputStream, String str) throws IOException {
        Writer outputStreamWriter;
        if (str == null) {
            str = "ISO-8859-1";
        }
        if (this.bindingProcessorError != null) {
            this.log.debug("Detected error in binding processor, writing error as result.");
            handleBindingProcessorError(outputStream, str, this.templates);
            return;
        }
        if (this.dataUrlResponse != null) {
            this.log.debug("Writing data url response as result.");
            InputStreamReader inputStreamReader = new InputStreamReader(this.dataUrlResponse.getStream(), HttpUtil.getCharset(this.dataUrlResponse.getContentType(), true));
            OutputStreamWriter outputStreamWriter2 = new OutputStreamWriter(outputStream, str);
            if (this.templates == null) {
                StreamUtil.copyStream(inputStreamReader, outputStreamWriter2);
            } else {
                try {
                    this.templates.newTransformer().transform(new StreamSource(inputStreamReader), new StreamResult(outputStreamWriter2));
                } catch (TransformerException e) {
                    this.log.error("Exception occured during result transformation.", (Throwable) e);
                    return;
                }
            }
            outputStreamWriter2.flush();
            inputStreamReader.close();
            return;
        }
        if (this.slResult == null) {
            this.bindingProcessorError = new SLException(6001);
            handleBindingProcessorError(outputStream, str, this.templates);
            return;
        }
        this.log.debug("Getting result from invoker.");
        boolean z = false;
        if (this.slResult instanceof ErrorResult) {
            outputStreamWriter = writeXMLDeclarationAndProcessingInstruction(outputStream, str);
            z = true;
        } else {
            outputStreamWriter = new OutputStreamWriter(outputStream, str);
        }
        this.slResult.writeTo(new StreamResult(outputStreamWriter), this.templates, z);
        outputStreamWriter.flush();
    }

    @Override // at.gv.egiz.bku.binding.HTTPBindingProcessor
    public int getResponseCode() {
        return this.responseCode;
    }

    @Override // at.gv.egiz.bku.binding.HTTPBindingProcessor
    public Map<String, String> getResponseHeaders() {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put(HttpUtil.HTTP_HEADER_SERVER, getServerHeaderValue());
        linkedHashMap.put("SignatureLayout", getSignatureLayoutHeaderValue());
        linkedHashMap.putAll(this.responseHeaders);
        return linkedHashMap;
    }

    public boolean isFinished() {
        return this.finished;
    }
}
