package com.day.cq.dam.core.impl.servlet;

import com.adobe.granite.activitystreams.Activity;
import com.adobe.granite.activitystreams.ActivityManager;
import com.adobe.granite.activitystreams.utils.GenericAggregateOptions;
import com.day.cq.commons.PathInfo;
import com.day.cq.dam.api.Asset;
import com.day.cq.dam.api.DamEvent;
import com.day.cq.dam.api.Rendition;
import com.day.cq.dam.commons.util.DamUtil;
import com.day.cq.dam.core.impl.AssetImpl;
import com.day.cq.dam.core.impl.LicenseActivityStreamFilter;
import com.day.cq.wcm.api.WCMMode;
import java.io.IOException;
import java.net.URI;
import java.util.Calendar;
import javax.annotation.Nonnull;
import javax.jcr.Node;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import org.apache.commons.lang3.StringUtils;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Properties;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.ReferenceCardinality;
import org.apache.felix.scr.annotations.ReferencePolicy;
import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.api.binary.BinaryDownload;
import org.apache.jackrabbit.api.binary.BinaryDownloadOptions;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.resource.LoginException;
import org.apache.sling.api.resource.Resource;
import org.apache.sling.api.resource.ResourceResolver;
import org.apache.sling.api.servlets.OptingServlet;
import org.apache.sling.api.servlets.SlingAllMethodsServlet;
import org.apache.sling.caconfig.resource.ConfigurationResourceResolver;
import org.apache.sling.commons.osgi.OsgiUtil;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.event.EventAdmin;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Service
@Component(metatype = true, label = "Day CQ DAM Binary Provider Servlet")
@Properties({@Property(name = "sling.servlet.resourceTypes", value = {"dam/asset", AssetImpl.RESOURCE_TYPE}), @Property(name = "sling.servlet.methods", value = {"GET", "HEAD"})})
/* loaded from: input_file:com/day/cq/dam/core/impl/servlet/BinaryProviderServlet.class */
public class BinaryProviderServlet extends SlingAllMethodsServlet implements OptingServlet {
    private static final long serialVersionUID = 2138470595710406273L;
    private static final Logger LOG = LoggerFactory.getLogger(BinaryProviderServlet.class);
    private static final String DRM_LICENSE_PATH = "xmpRights:WebStatement";
    private static final String DRM_LICENSES_CACONFIG_BUCKET = "settings";
    private static final String DRM_LICENSES_LEGACY_BUCKET = "/etc/";

    @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY, policy = ReferencePolicy.STATIC)
    private EventAdmin eventAdmin;

    @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY, policy = ReferencePolicy.STATIC)
    private ActivityManager activityMgr;

    @Property(boolValue = {true}, label = "Enable Digital Rights Management", description = "Enable Digital Rights Management.")
    public static final String ENABLE_DRM = "cq.dam.drm.enable";

    @Reference
    private ConfigurationResourceResolver configResolver;
    private boolean enableDRM;

    protected void doGet(SlingHttpServletRequest slingHttpServletRequest, @Nonnull SlingHttpServletResponse slingHttpServletResponse) throws ServletException, IOException {
        Asset asset = (Asset) slingHttpServletRequest.getResource().adaptTo(Asset.class);
        if (asset == null) {
            LOG.warn("The resource is not an asset: {}", slingHttpServletRequest.getResource());
            return;
        }
        ResourceResolver resourceResolver = slingHttpServletRequest.getResourceResolver();
        Session session = (Session) resourceResolver.adaptTo(Session.class);
        String licensePath = getLicensePath(asset);
        try {
            WCMMode fromRequest = WCMMode.fromRequest(slingHttpServletRequest);
            Node node = (Node) asset.adaptTo(Node.class);
            if (fromRequest == WCMMode.DISABLED && !isValid(node)) {
                LOG.warn("Requested asset is not valid: {}", asset.getPath());
                slingHttpServletResponse.sendError(404);
                return;
            }
            StringBuilder sb = new StringBuilder();
            if (this.enableDRM && isValidLicensePath(licensePath, sb, resourceResolver) && !hasAgreedWithLicense(asset.getPath(), licensePath, resourceResolver, session)) {
                LOG.debug("GET: {}, Serving License page: {}", asset.getPath(), licensePath);
                serveTheLicensePage(slingHttpServletRequest, slingHttpServletResponse, sb.toString());
            } else {
                serveTheBits(slingHttpServletRequest, slingHttpServletResponse, asset);
                String parameter = slingHttpServletRequest.getParameter("logActivity");
                if (parameter != null && parameter.equals("true")) {
                    this.eventAdmin.postEvent(DamEvent.downloaded(asset.getPath(), session.getUserID()).toNonDistributableEvent());
                }
            }
        } catch (RepositoryException e) {
            LOG.error("error determining license state", e);
        }
    }

    public boolean accepts(SlingHttpServletRequest slingHttpServletRequest) {
        String extension = slingHttpServletRequest.getRequestPathInfo().getExtension();
        return extension == null || !extension.equals("json");
    }

    private boolean isValidLicensePath(String str, StringBuilder sb, ResourceResolver resourceResolver) {
        try {
            if (!StringUtils.isNotBlank(str)) {
                return false;
            }
            sb.append(resolveAbsoluteLicenseURL(str, resourceResolver));
            return StringUtils.isNotBlank(sb.toString());
        } catch (Exception e) {
            LOG.warn("Exception occured while checking the validity of license path: " + e.getMessage());
            return false;
        }
    }

    private boolean hasAgreedWithLicense(String str, String str2, ResourceResolver resourceResolver, Session session) throws RepositoryException {
        GenericAggregateOptions genericAggregateOptions = new GenericAggregateOptions();
        genericAggregateOptions.setActivityStreamFilter(new LicenseActivityStreamFilter());
        for (Activity activity : this.activityMgr.getActivities(resourceResolver, resourceResolver.getUserID(), genericAggregateOptions).getActivities(0, -1)) {
            if (StringUtils.equals(str, (CharSequence) activity.getObject().getProperties().get("link", String.class))) {
                String str3 = (String) activity.getTarget().getProperties().get("licenseInfo", String.class);
                if (StringUtils.equals(str2, str3)) {
                    return hasAgreedWithLicense(str2, activity.getVerb(), str, session);
                }
                LOG.debug("not serving license-protected asset [{}], user [{}] has accepted/rejected license [" + str3 + "] which is different from the currently active license [" + str2 + "]", str, session.getUserID());
            }
        }
        return false;
    }

    private String getLicensePath(Asset asset) {
        return asset.getMetadataValue(DRM_LICENSE_PATH);
    }

    private boolean hasAgreedWithLicense(String str, String str2, String str3, Session session) {
        if (DamEvent.Type.ACCEPTED.toString().equalsIgnoreCase(str2)) {
            LOG.debug("serving license-protected asset [{}], user [{}] has accepted license [" + str + "]", str3, session.getUserID());
            return true;
        }
        LOG.debug("not serving license-protected asset [{}], user [{}] has rejected license [" + str + "]", str3, session.getUserID());
        return false;
    }

    private void serveTheBits(SlingHttpServletRequest slingHttpServletRequest, SlingHttpServletResponse slingHttpServletResponse, Asset asset) throws IOException, ServletException {
        Rendition original = asset.getOriginal();
        if (null == original) {
            LOG.warn("asset [{}] is missing original binary.", asset.getPath());
            slingHttpServletResponse.sendError(404);
            return;
        }
        BinaryDownload binary = original.getBinary();
        if (binary instanceof BinaryDownload) {
            URI uri = null;
            try {
                uri = binary.getURI(BinaryDownloadOptions.builder().withMediaType(original.getMimeType()).withFileName(asset.getName()).withDispositionTypeAttachment().build());
            } catch (RepositoryException e) {
                LOG.error("error getting binary download URI for asset: " + asset.getPath(), e);
            }
            if (uri != null) {
                slingHttpServletResponse.sendRedirect(uri.toString());
                return;
            }
        }
        RequestDispatcher requestDispatcher = slingHttpServletRequest.getRequestDispatcher((Resource) original.adaptTo(Resource.class));
        if (requestDispatcher != null) {
            requestDispatcher.forward(slingHttpServletRequest, slingHttpServletResponse);
        }
    }

    private void serveTheLicensePage(SlingHttpServletRequest slingHttpServletRequest, SlingHttpServletResponse slingHttpServletResponse, String str) throws IOException {
        LOG.info("redirecting to license page: {} for asset: {}", str, slingHttpServletRequest.getResource().getPath());
        slingHttpServletRequest.setAttribute(":asset", slingHttpServletRequest.getResource());
        slingHttpServletResponse.sendRedirect(str);
    }

    private boolean isValid(Node node) throws RepositoryException {
        return timeUntilValid(node) == 0;
    }

    private long timeUntilValid(Node node) throws RepositoryException {
        if (!hasContent(node)) {
            return Long.MIN_VALUE;
        }
        Calendar onTime = getOnTime(node);
        Calendar offTime = getOffTime(node);
        if (onTime == null && offTime == null) {
            return 0L;
        }
        long currentTimeMillis = System.currentTimeMillis();
        long timeInMillis = onTime == null ? 0L : onTime.getTimeInMillis() - currentTimeMillis;
        if (timeInMillis > 0) {
            return timeInMillis;
        }
        long timeInMillis2 = offTime == null ? 0L : offTime.getTimeInMillis() - currentTimeMillis;
        if (timeInMillis2 < 0) {
            return timeInMillis2;
        }
        return 0L;
    }

    private boolean hasContent(Node node) throws RepositoryException {
        return node.hasNode("jcr:content");
    }

    private Calendar getOnTime(Node node) throws RepositoryException {
        return getTime(node, "onTime");
    }

    private Calendar getOffTime(Node node) throws RepositoryException {
        return getTime(node, "offTime");
    }

    private Calendar getTime(Node node, String str) throws RepositoryException {
        if (hasContent(node) && node.getNode("jcr:content").hasProperty(str)) {
            return node.getNode("jcr:content").getProperty(str).getDate();
        }
        return null;
    }

    private String resolveAbsoluteLicenseURL(String str, ResourceResolver resourceResolver) {
        String str2 = "";
        String resourcePath = new PathInfo(str).getResourcePath();
        if (resourcePath.startsWith(DRM_LICENSES_LEGACY_BUCKET)) {
            if (resourceResolver.getResource(resourcePath) != null) {
                str2 = str;
            } else {
                String substring = resourcePath.substring(DRM_LICENSES_LEGACY_BUCKET.length());
                String path = this.configResolver.getResource(resourceResolver.getResource(DamUtil.getTenantAssetsRoot(resourceResolver)), DRM_LICENSES_CACONFIG_BUCKET, substring).getPath();
                str2 = path.substring(0, path.indexOf(substring)) + str.substring(DRM_LICENSES_LEGACY_BUCKET.length());
            }
        } else if (null != resourceResolver.getResource(resourcePath)) {
            str2 = str;
        }
        return str2;
    }

    protected void activate(ComponentContext componentContext) throws RepositoryException, LoginException {
        this.enableDRM = OsgiUtil.toBoolean(componentContext.getProperties().get("cq.dam.drm.enable"), true);
    }

    protected void bindEventAdmin(EventAdmin eventAdmin) {
        this.eventAdmin = eventAdmin;
    }

    protected void unbindEventAdmin(EventAdmin eventAdmin) {
        if (this.eventAdmin == eventAdmin) {
            this.eventAdmin = null;
        }
    }

    protected void bindActivityMgr(ActivityManager activityManager) {
        this.activityMgr = activityManager;
    }

    protected void unbindActivityMgr(ActivityManager activityManager) {
        if (this.activityMgr == activityManager) {
            this.activityMgr = null;
        }
    }

    protected void bindConfigResolver(ConfigurationResourceResolver configurationResourceResolver) {
        this.configResolver = configurationResourceResolver;
    }

    protected void unbindConfigResolver(ConfigurationResourceResolver configurationResourceResolver) {
        if (this.configResolver == configurationResourceResolver) {
            this.configResolver = null;
        }
    }
}
