package org.ifsoft.galene.openfire;

import java.io.IOException;
import java.time.LocalDateTime;
import java.time.ZoneOffset;
import java.util.Iterator;
import java.util.stream.Collectors;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sf.json.JSONArray;
import net.sf.json.JSONObject;
import org.apache.log4j.spi.Configurator;
import org.apache.log4j.spi.LocationInfo;
import org.apache.xerces.impl.xs.SchemaSymbols;
import org.apache.xpath.compiler.PsuedoNames;
import org.jivesoftware.openfire.SessionManager;
import org.jivesoftware.openfire.XMPPServer;
import org.jivesoftware.openfire.muc.MUCRole;
import org.jivesoftware.openfire.muc.MUCRoom;
import org.jivesoftware.openfire.session.ClientSession;
import org.jivesoftware.util.JiveGlobals;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xmpp.packet.JID;

/* loaded from: input_file:lib/galene-0.1.0-SNAPSHOT.jar:org/ifsoft/galene/openfire/AuthServer.class */
public class AuthServer extends HttpServlet {
    private static final Logger Log = LoggerFactory.getLogger((Class<?>) AuthServer.class);

    private String normaliseLocation(String str) {
        if (str.indexOf("/group/") > -1) {
            return str;
        }
        int indexOf = str.indexOf(LocationInfo.NA);
        if (indexOf > -1) {
            String[] split = str.substring(indexOf + 1).split("&");
            String substring = str.substring(0, indexOf);
            if (!substring.endsWith(PsuedoNames.PSEUDONAME_ROOT)) {
                String str2 = substring + "/";
            }
            for (String str3 : split) {
                String[] split2 = str3.split("=");
                if ("room".equals(split2[0])) {
                    Galene galene = Galene.self;
                    return "http://localhost:" + Galene.getPort() + "/group/" + split2[1] + "/";
                }
            }
        }
        return str;
    }

    private void sendAcceptedResponse(HttpServletResponse httpServletResponse, JSONArray jSONArray, String str, String str2) {
        JSONObject jSONObject = new JSONObject();
        LocalDateTime minusDays = LocalDateTime.now().minusDays(1L);
        LocalDateTime plusDays = minusDays.plusDays(2L);
        jSONObject.put("sub", str);
        jSONObject.put("aud", str2);
        jSONObject.put("permissions", jSONArray);
        jSONObject.put("iat", minusDays.toEpochSecond(ZoneOffset.UTC));
        jSONObject.put("exp", plusDays.toEpochSecond(ZoneOffset.UTC));
        jSONObject.put("iss", "https://" + XMPPServer.getInstance().getServerInfo().getHostname() + ":" + JiveGlobals.getProperty("httpbind.port.secure", "7443") + "/galene/auth-server");
        String jWebToken = new JWebToken(jSONObject).toString();
        Log.info("AuthServer token\n" + jWebToken);
        httpServletResponse.setHeader("content-type", "application/jwt");
        try {
            httpServletResponse.getOutputStream().print(jWebToken);
            httpServletResponse.setStatus(202);
        } catch (Exception e) {
            httpServletResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // javax.servlet.http.HttpServlet
    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String str = (String) httpServletRequest.getReader().lines().collect(Collectors.joining());
        Log.info("AuthServer post\n" + str);
        try {
            String xMPPDomain = XMPPServer.getInstance().getServerInfo().getXMPPDomain();
            JSONObject jSONObject = new JSONObject(str);
            String string = jSONObject.getString("username");
            String string2 = jSONObject.getString("password");
            String normaliseLocation = normaliseLocation(jSONObject.getString("location"));
            if ("".equals(string) || "".equals(string2) || "undefined".equals(string) || "undefined".equals(string2) || Configurator.NULL.equals(string) || Configurator.NULL.equals(string2)) {
                Log.warn("bad username " + string);
                httpServletResponse.setStatus(204);
                return;
            }
            try {
                JID jid = new JID(string2);
                if (!xMPPDomain.equals(jid.getDomain())) {
                    Log.warn("bad user identification " + jid);
                    httpServletResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
                    return;
                }
                ClientSession session = SessionManager.getInstance().getSession(jid);
                if (session == null) {
                    Log.warn("Can't find a session for " + jid);
                    httpServletResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
                    return;
                }
                if (!string.equals(jid.getNode()) && !session.isAnonymousUser()) {
                    Log.warn("Invalid session for " + jid + " " + string);
                    httpServletResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
                    return;
                }
                if (string.equals(JiveGlobals.getProperty("galene.username", "sfu-admin"))) {
                    JSONArray jSONArray = new JSONArray();
                    jSONArray.put(0, "record");
                    jSONArray.put(1, "op");
                    jSONArray.put(2, "present");
                    jSONArray.put(3, SchemaSymbols.ATTVAL_TOKEN);
                    sendAcceptedResponse(httpServletResponse, jSONArray, string, normaliseLocation);
                    Log.warn("Identified sfu user " + jid);
                    return;
                }
                boolean z = false;
                String str2 = normaliseLocation.split(PsuedoNames.PSEUDONAME_ROOT)[4];
                if (str2 == null) {
                    Log.warn("no room found, bad location " + normaliseLocation);
                    httpServletResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
                    return;
                }
                Log.info("AuthServer location " + str2 + " " + normaliseLocation);
                if ("public".equals(str2)) {
                    Log.info("found public room " + str2);
                    httpServletResponse.setStatus(204);
                    return;
                }
                MUCRoom chatRoom = XMPPServer.getInstance().getMultiUserChatManager().getMultiUserChatService("conference").getChatRoom(str2);
                if (chatRoom == null) {
                    Log.warn("no room found " + str2);
                    httpServletResponse.setStatus(204);
                    return;
                }
                if (session != null && session.isAnonymousUser()) {
                    Log.warn("Anonymous User " + jid);
                    if (chatRoom.isMembersOnly()) {
                        httpServletResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
                        return;
                    } else {
                        httpServletResponse.setStatus(204);
                        return;
                    }
                }
                boolean z2 = false;
                Iterator it = chatRoom.getOccupants().iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    MUCRole mUCRole = (MUCRole) it.next();
                    Log.info("matching room occupant " + mUCRole.getUserAddress() + " with " + jid);
                    if (mUCRole.getUserAddress().getNode().equals(jid.getNode())) {
                        z2 = true;
                        if (MUCRole.Affiliation.member == mUCRole.getAffiliation()) {
                            z = true;
                        }
                        if (MUCRole.Affiliation.admin == mUCRole.getAffiliation()) {
                            z = 2;
                        }
                        if (MUCRole.Affiliation.owner == mUCRole.getAffiliation()) {
                            z = 3;
                        }
                    }
                }
                if (!z2) {
                    Log.warn("Can't find a room occupant for " + jid);
                    httpServletResponse.setStatus(204);
                    return;
                }
                Log.warn("found room occupant with permissions " + z);
                JSONArray jSONArray2 = new JSONArray();
                if (z == 3) {
                    jSONArray2.put(0, "record");
                    jSONArray2.put(1, "op");
                    jSONArray2.put(2, "present");
                    jSONArray2.put(3, SchemaSymbols.ATTVAL_TOKEN);
                } else if (z == 2) {
                    jSONArray2.put(0, "op");
                    jSONArray2.put(1, "present");
                    jSONArray2.put(2, SchemaSymbols.ATTVAL_TOKEN);
                } else if (z) {
                    jSONArray2.put(0, "present");
                    jSONArray2.put(1, SchemaSymbols.ATTVAL_TOKEN);
                } else if (chatRoom.canOccupantsInvite()) {
                    jSONArray2.put(0, SchemaSymbols.ATTVAL_TOKEN);
                }
                sendAcceptedResponse(httpServletResponse, jSONArray2, string, normaliseLocation);
            } catch (Exception e) {
                Log.warn("bad user identification " + string2);
                httpServletResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
            }
        } catch (Exception e2) {
            Log.error("AuthServer post " + e2, (Throwable) e2);
            httpServletResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
        }
    }
}
