package com.adobe.granite.security.user.internal.servlets;

import com.adobe.granite.security.user.UserPropertiesService;
import com.adobe.granite.security.user.util.AuthorizableJSONWriter;
import com.adobe.granite.security.user.util.PropConstants;
import com.adobe.granite.security.user.util.SkipIterator;
import com.adobe.granite.xss.XSSFilter;
import java.io.IOException;
import java.util.Collections;
import java.util.Set;
import javax.jcr.AccessDeniedException;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.servlet.ServletException;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Properties;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.commons.jackrabbit.user.AuthorizableQueryManager;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.request.RequestParameterMap;
import org.apache.sling.api.resource.ResourceResolver;
import org.apache.sling.api.servlets.HtmlResponse;
import org.apache.sling.commons.json.JSONException;
import org.apache.sling.commons.json.JSONObject;
import org.apache.sling.commons.json.io.JSONWriter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Service
@Component(metatype = false)
@Properties({@Property(name = "sling.servlet.extensions", value = {"json"}), @Property(name = "sling.servlet.methods", value = {"GET"}), @Property(name = "sling.servlet.paths", value = {"/libs/granite/security/search/authorizables"})})
/* loaded from: input_file:com/adobe/granite/security/user/internal/servlets/AuthorizableSearchServlet.class */
public class AuthorizableSearchServlet extends AbstractServlet {
    private static final Logger log = LoggerFactory.getLogger(AuthorizableSearchServlet.class);
    private static final String PARAM_OMIT_COUNT = "oc";

    @Reference
    private UserPropertiesService upService;

    @Reference
    private XSSFilter xss;

    protected void doGet(SlingHttpServletRequest slingHttpServletRequest, SlingHttpServletResponse slingHttpServletResponse) throws ServletException, IOException {
        SkipIterator create;
        HtmlResponse htmlResponse = null;
        ResourceResolver resourceResolver = slingHttpServletRequest.getResourceResolver();
        try {
            try {
                try {
                    Session session = (Session) resourceResolver.adaptTo(Session.class);
                    UserManager userManager = (UserManager) resourceResolver.adaptTo(UserManager.class);
                    RequestParameterMap requestParameterMap = slingHttpServletRequest.getRequestParameterMap();
                    long nonNegativeValue = getNonNegativeValue(requestParameterMap, PropConstants.OFFSET, 0L);
                    long nonNegativeValue2 = getNonNegativeValue(requestParameterMap, "max", -1L);
                    long nonNegativeValue3 = getNonNegativeValue(requestParameterMap, "ml", -1L);
                    boolean parseBoolean = Boolean.parseBoolean(slingHttpServletRequest.getParameter(PARAM_OMIT_COUNT));
                    Set<String> props = getProps(requestParameterMap);
                    if (requestParameterMap.getValue("query") == null) {
                        log.debug("empty query");
                        create = new SkipIterator(Collections.emptySet().iterator());
                    } else {
                        String string = requestParameterMap.getValue("query").getString();
                        if (parseBoolean) {
                            JSONObject jSONObject = new JSONObject(string);
                            JSONObject jSONObject2 = jSONObject.has("limit") ? jSONObject.getJSONObject("limit") : new JSONObject();
                            if (jSONObject2.has(PropConstants.OFFSET)) {
                                jSONObject2.put(PropConstants.OFFSET, jSONObject2.getLong(PropConstants.OFFSET) + nonNegativeValue);
                            } else {
                                jSONObject2.put(PropConstants.OFFSET, nonNegativeValue);
                            }
                            jSONObject2.put("max", nonNegativeValue2);
                            jSONObject.put("limit", jSONObject2);
                            string = jSONObject.toString();
                        }
                        create = SkipIterator.create(new AuthorizableQueryManager(userManager, session.getValueFactory()).execute(string));
                    }
                    if (!parseBoolean) {
                        create.skip(nonNegativeValue);
                    }
                    setJsonResponseHeader(slingHttpServletResponse);
                    JSONWriter jSONWriter = new JSONWriter(slingHttpServletResponse.getWriter());
                    jSONWriter.object();
                    jSONWriter.key(PropConstants.AUTHORIZABLES);
                    jSONWriter.array();
                    AuthorizableJSONWriter authorizableJSONWriter = new AuthorizableJSONWriter(this.upService.createUserPropertiesManager(session, resourceResolver), resourceResolver, session, props, this.xss);
                    authorizableJSONWriter.setLimit(PropConstants.MEMBERS, nonNegativeValue3);
                    while (create.hasNext() && (parseBoolean || nonNegativeValue2 < 0 || create.getPosition() < nonNegativeValue + nonNegativeValue2)) {
                        authorizableJSONWriter.write(jSONWriter, (Authorizable) create.next());
                    }
                    jSONWriter.endArray();
                    create.skip(2147483647L);
                    jSONWriter.key(PropConstants.CNT.toLowerCase()).value(parseBoolean ? -1L : create.getPosition());
                    jSONWriter.endObject();
                    if (0 != 0) {
                        htmlResponse.send(slingHttpServletResponse, true);
                    }
                } catch (RepositoryException e) {
                    HtmlResponse createErrorResponse = createErrorResponse(e);
                    if (createErrorResponse != null) {
                        createErrorResponse.send(slingHttpServletResponse, true);
                    }
                } catch (AccessDeniedException e2) {
                    HtmlResponse createErrorResponse2 = createErrorResponse(401, (Exception) e2);
                    if (createErrorResponse2 != null) {
                        createErrorResponse2.send(slingHttpServletResponse, true);
                    }
                }
            } catch (IOException e3) {
                HtmlResponse createErrorResponse3 = createErrorResponse(e3);
                if (createErrorResponse3 != null) {
                    createErrorResponse3.send(slingHttpServletResponse, true);
                }
            } catch (JSONException e4) {
                HtmlResponse createErrorResponse4 = createErrorResponse(e4);
                if (createErrorResponse4 != null) {
                    createErrorResponse4.send(slingHttpServletResponse, true);
                }
            }
        } catch (Throwable th) {
            if (0 != 0) {
                htmlResponse.send(slingHttpServletResponse, true);
            }
            throw th;
        }
    }

    protected void bindUpService(UserPropertiesService userPropertiesService) {
        this.upService = userPropertiesService;
    }

    protected void unbindUpService(UserPropertiesService userPropertiesService) {
        if (this.upService == userPropertiesService) {
            this.upService = null;
        }
    }

    protected void bindXss(XSSFilter xSSFilter) {
        this.xss = xSSFilter;
    }

    protected void unbindXss(XSSFilter xSSFilter) {
        if (this.xss == xSSFilter) {
            this.xss = null;
        }
    }
}
