package com.day.crx.packaging.impl;

import com.day.cq.replication.Replicator;
import com.day.crx.packaging.impl.response.BaseResponse;
import com.day.crx.packaging.impl.response.HtmlConsoleResponse;
import com.day.crx.packaging.impl.response.JsonResponse;
import com.day.crx.packaging.impl.response.Response;
import com.day.crx.packaging.impl.response.StreamedScriptResponse;
import com.day.crx.packaging.impl.response.ValidateJsonResponse;
import com.day.crx.packaging.validation.impl.ContentPackageValidator;
import java.io.IOException;
import javax.jcr.Session;
import javax.servlet.Servlet;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.jackrabbit.vault.packaging.Packaging;
import org.apache.jackrabbit.vault.packaging.registry.PackageRegistry;
import org.apache.sling.api.resource.ResourceResolver;
import org.apache.sling.commons.classloader.DynamicClassLoaderManager;
import org.apache.sling.xss.XSSAPI;
import org.osgi.framework.BundleContext;
import org.osgi.framework.InvalidSyntaxException;
import org.osgi.service.cm.Configuration;
import org.osgi.service.cm.ConfigurationAdmin;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferenceCardinality;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.osgi.service.metatype.annotations.AttributeDefinition;
import org.osgi.service.metatype.annotations.AttributeType;
import org.osgi.service.metatype.annotations.Designate;
import org.osgi.service.metatype.annotations.ObjectClassDefinition;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Designate(ocd = PackageManagerValidationConfiguration.class)
@Component(service = {Servlet.class}, immediate = true, property = {"service.vendor=Adobe Systems Incorporated", "osgi.http.whiteboard.servlet.pattern=/packmgr/service/*", "osgi.http.whiteboard.context.select=(osgi.http.whiteboard.context.name=com.adobe.granite.crx)"})
/* loaded from: input_file:com/day/crx/packaging/impl/PackageManagerServlet.class */
public class PackageManagerServlet extends HttpServlet {
    private static final Logger log = LoggerFactory.getLogger(PackageManagerServlet.class);

    @Reference
    private Packaging packaging;

    @Reference
    private DynamicClassLoaderManager dynLoaderMgr;

    @Reference
    private Replicator replicator;

    @Reference
    private SlingInstallerSupport slingInstaller;

    @Reference
    private ContentPackageValidator validator;

    @Reference
    private XSSAPI xssapi;

    @Reference(cardinality = ReferenceCardinality.OPTIONAL, policy = ReferencePolicy.DYNAMIC)
    private volatile PackageRegistry fsRegistry;
    private boolean isCompositeNodeStoreConfigured = false;
    private long packageSizeLimit;
    private int timeLimitForValidation;

    @ObjectClassDefinition(name = "Package Manager Validation Configuration")
    /* loaded from: input_file:com/day/crx/packaging/impl/PackageManagerServlet$PackageManagerValidationConfiguration.class */
    @interface PackageManagerValidationConfiguration {
        @AttributeDefinition(name = "Package Size Limit for Validation (in bytes)", description = "Configuration to set maximum package size limit to be allowed for validating a package - in bytes", type = AttributeType.LONG)
        long packageSizeLimit() default 300000000;

        @AttributeDefinition(name = "Time Limit for Package Validation (in Seconds)", description = "Configuration to set maximum time limit to be allowed for validating a package", type = AttributeType.INTEGER)
        int packageInstallationTimeLimit() default 300;
    }

    @Activate
    protected void activate(BundleContext bundleContext, PackageManagerValidationConfiguration packageManagerValidationConfiguration) throws InvalidSyntaxException, IOException {
        Configuration configuration = ((ConfigurationAdmin) bundleContext.getService(bundleContext.getServiceReference(ConfigurationAdmin.class))).getConfiguration("org.apache.jackrabbit.oak.composite.CompositeNodeStoreService", (String) null);
        this.packageSizeLimit = packageManagerValidationConfiguration.packageSizeLimit();
        this.timeLimitForValidation = packageManagerValidationConfiguration.packageInstallationTimeLimit();
        if (configuration == null || configuration.getProperties() == null) {
            return;
        }
        this.isCompositeNodeStoreConfigured = ((Boolean) configuration.getProperties().get("enabled")).booleanValue();
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        log.warn("PackageConsoleServlet requested with GET");
        httpServletResponse.sendError(405, "Method GET is not allowed, use POST");
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        RequestWrapper requestWrapper = new RequestWrapper(httpServletRequest);
        try {
            String pathInfo = httpServletRequest.getPathInfo();
            if (pathInfo == null || pathInfo.length() == 0 || "/".equals(pathInfo)) {
                log.error("no suffix");
                httpServletResponse.sendError(500);
                requestWrapper.discard();
                return;
            }
            int indexOf = pathInfo.indexOf(47, 1);
            String str = pathInfo;
            String str2 = "";
            if (indexOf > 0) {
                str = pathInfo.substring(0, indexOf);
                str2 = pathInfo.substring(indexOf);
            }
            Session session = (Session) ((ResourceResolver) httpServletRequest.getAttribute("org.apache.sling.auth.core.ResourceResolver")).adaptTo(Session.class);
            new J2EEPackageManager(this.packaging.getPackageManager(session), this.dynLoaderMgr.getDynamicClassLoader(), this.replicator, this.slingInstaller, this.validator, this.fsRegistry != null, this.isCompositeNodeStoreConfigured, this.packageSizeLimit, this.timeLimitForValidation).doPost(getResponse(str, requestWrapper, httpServletResponse, session), str2);
            requestWrapper.discard();
        } catch (Throwable th) {
            requestWrapper.discard();
            throw th;
        }
    }

    private Response getResponse(String str, RequestWrapper requestWrapper, HttpServletResponse httpServletResponse, Session session) {
        BaseResponse streamedScriptResponse = str.endsWith("script.html") ? new StreamedScriptResponse(requestWrapper.getParameter("pid"), requestWrapper.getParameter("callback"), session, this.xssapi) : str.endsWith("console.html") ? new HtmlConsoleResponse(session, this.xssapi) : str.endsWith(".json") ? requestWrapper.getParameter("cmd").equals("addOnValidate") ? new ValidateJsonResponse() : new JsonResponse("true".equals(requestWrapper.getParameter("jsonInTextarea")), "true".equals(requestWrapper.getParameter("verbose"))) : new HtmlConsoleResponse(session, this.xssapi);
        streamedScriptResponse.setCRXRequestResponse(requestWrapper, httpServletResponse);
        return streamedScriptResponse;
    }
}
