package de.docware.apps.etk.base.webservice.endpoints;

import com.owlike.genson.JsonBindingException;
import de.docware.apps.etk.base.project.docu.EtkDataDocument;
import de.docware.apps.etk.base.webservice.transferobjects.JWTDefaultClaims;
import de.docware.apps.etk.base.webservice.transferobjects.WSRequestTransferObjectInterface;
import de.docware.framework.modules.config.defaultconfig.webservice.WebserviceSettings;
import de.docware.framework.modules.gui.app.AbstractApplication;
import de.docware.framework.modules.gui.misc.logger.LogType;
import de.docware.framework.modules.gui.misc.logger.d;
import de.docware.framework.modules.webservice.restful.RESTfulEndpoint;
import de.docware.framework.modules.webservice.restful.RESTfulTransferObjectInterface;
import de.docware.framework.modules.webservice.restful.WSErrorResponse;
import de.docware.framework.modules.webservice.restful.annotations.Consumes;
import de.docware.framework.modules.webservice.restful.annotations.Produces;
import de.docware.framework.modules.webservice.restful.annotations.methods.POST;
import de.docware.framework.modules.webservice.restful.e;
import de.docware.framework.modules.webservice.restful.f;
import de.docware.framework.modules.webservice.restful.jwt.JWTKeystore;
import de.docware.framework.modules.webservice.restful.jwt.JWTPublicPrivateKey;
import de.docware.util.h;
import de.docware.util.security.signature.securestart.JWT;
import java.io.UTFDataFormatException;
import java.lang.reflect.Method;
import java.lang.reflect.ParameterizedType;
import java.lang.reflect.Type;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import org.json.JSONException;

/* loaded from: input_file:de/docware/apps/etk/base/webservice/endpoints/c.class */
public abstract class c<REQUEST_CLASS extends WSRequestTransferObjectInterface> extends RESTfulEndpoint {
    protected Class<REQUEST_CLASS> bHN;

    public static void a(int i, f fVar, String str, String str2) throws e {
        if (str2 != null && !str2.isEmpty()) {
            str = "Path '" + str2 + "': " + str;
        }
        throw new e(new de.docware.framework.modules.webservice.restful.c(i, new WSErrorResponse(fVar, str), "application/json"));
    }

    public static void a(f fVar, String str, String str2) throws e {
        a(400, fVar, str, str2);
    }

    public static void amz() throws e {
        a(403, f.qAG, "You are not authorized to access this information", (String) null);
    }

    public static void b(f fVar, String str, String str2) throws e {
        a(EtkDataDocument.DOCUMENT_TIMEOUT_ON_CHECKICON, fVar, str, str2);
    }

    public static void kg(String str) throws e {
        a(404, f.qAH, str, (String) null);
    }

    public static void a(Collection<String> collection, String str, de.docware.apps.etk.base.project.c cVar) {
        List<String> bo = cVar.getConfig().bo();
        for (String str2 : collection) {
            if (h.af(str2) && !bo.contains(str2.toUpperCase())) {
                a(f.qAB, "Invalid language: '" + str2 + "'", str);
            }
        }
    }

    public c(String str) {
        this(str, de.docware.framework.modules.gui.misc.logger.a.pLF, de.docware.framework.modules.gui.misc.logger.a.pLH);
    }

    public c(String str, de.docware.framework.modules.gui.misc.logger.a aVar, de.docware.framework.modules.gui.misc.logger.a aVar2) {
        super(str, aVar, aVar2);
        Class<?> cls = getClass();
        while (true) {
            if (cls == null) {
                break;
            }
            if (cls.getGenericSuperclass() instanceof ParameterizedType) {
                Type type = ((ParameterizedType) cls.getGenericSuperclass()).getActualTypeArguments()[0];
                if (type instanceof Class) {
                    this.bHN = (Class) type;
                    break;
                }
            }
            cls = cls.getSuperclass();
            if (cls == c.class) {
                break;
            }
        }
        wB(true);
        amx();
    }

    @Override // de.docware.framework.modules.webservice.restful.RESTfulEndpoint
    protected Class[] a(Method method) {
        Class[] a = super.a(method);
        return (a.length == 1 && a[0].equals(WSRequestTransferObjectInterface.class)) ? new Class[]{this.bHN} : a;
    }

    @Override // de.docware.framework.modules.webservice.restful.RESTfulEndpoint
    protected boolean a(RESTfulTransferObjectInterface rESTfulTransferObjectInterface) {
        ((WSRequestTransferObjectInterface) rESTfulTransferObjectInterface).checkIfValid("");
        return true;
    }

    @Override // de.docware.framework.modules.webservice.restful.RESTfulEndpoint
    protected void a(Object obj, StringBuilder sb) {
        if (!(obj instanceof WSRequestTransferObjectInterface)) {
            super.a(obj, sb);
            return;
        }
        sb.append("@DS@");
        String a = a((Method) null, ((WSRequestTransferObjectInterface) obj).createCacheKeyObjectsForResponseCache());
        if (a != null) {
            sb.append(a);
        } else {
            sb.append("null");
        }
        sb.append("@DE@");
    }

    @Produces({"application/json"})
    @POST
    @Consumes({"application/json"})
    public RESTfulTransferObjectInterface handleWebserviceRequest(REQUEST_CLASS request_class) {
        if (amB()) {
            return a((c<REQUEST_CLASS>) request_class);
        }
        a(405, f.qAC, "Invalid HTTP request method for this Web service: POST", (String) null);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public WebserviceSettings amx() {
        WebserviceSettings amA = amA();
        nd(amA.getRestResponseCacheSize());
        ne(amA.getRestResponseCacheLifeTime());
        return amA;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static WebserviceSettings amA() {
        WebserviceSettings webserviceSettings = new WebserviceSettings();
        webserviceSettings.read(AbstractApplication.cVH().cVw(), WebserviceSettings.XML_CONFIG_PATH_BASE);
        return webserviceSettings;
    }

    public RESTfulTransferObjectInterface a(REQUEST_CLASS request_class) {
        de.docware.framework.modules.gui.session.b DL = de.docware.apps.etk.base.misc.c.DL();
        de.docware.apps.etk.base.project.c b = de.docware.apps.etk.base.misc.c.b(DL);
        d dVar = null;
        try {
            try {
                if (b == null) {
                    throw new RuntimeException("EtkProject is null");
                }
                d dVar2 = new d(this.beh, LogType.DEBUG, "executeWebservice(" + this.qzW + ") for session " + DL.getId());
                RESTfulTransferObjectInterface a = a(b, (de.docware.apps.etk.base.project.c) request_class);
                if (dVar2 != null) {
                    dVar2.dxL();
                }
                if (amw()) {
                    if (b != null) {
                        b.r(false, false);
                    }
                    de.docware.framework.modules.gui.session.f.dMl().D(DL);
                }
                return a;
            } catch (e e) {
                throw e;
            } catch (Exception e2) {
                de.docware.framework.modules.gui.misc.logger.b.a(this.gsb, LogType.ERROR, "Error while executing the Web service \"" + this.qzW + "\": " + e2.getMessage());
                de.docware.framework.modules.gui.misc.logger.b.a(this.gsb, LogType.ERROR, e2);
                a(EtkDataDocument.DOCUMENT_TIMEOUT_ON_CHECKICON, f.qAL, e2.getMessage(), (String) null);
                if (0 != 0) {
                    dVar.dxL();
                }
                if (amw()) {
                    if (b != null) {
                        b.r(false, false);
                    }
                    de.docware.framework.modules.gui.session.f.dMl().D(DL);
                }
                return null;
            }
        } catch (Throwable th) {
            if (0 != 0) {
                dVar.dxL();
            }
            if (amw()) {
                if (b != null) {
                    b.r(false, false);
                }
                de.docware.framework.modules.gui.session.f.dMl().D(DL);
            }
            throw th;
        }
    }

    protected boolean amw() {
        return true;
    }

    protected boolean amB() {
        return true;
    }

    protected abstract RESTfulTransferObjectInterface a(de.docware.apps.etk.base.project.c cVar, REQUEST_CLASS request_class) throws e;

    public RESTfulEndpoint.c a(de.docware.framework.modules.gui.misc.http.server.f fVar, String str, String str2, de.docware.util.security.b bVar, long j, int i, List<JWTKeystore> list) {
        try {
            String str3 = null;
            int i2 = 0;
            try {
                try {
                    JWT.b anh = JWT.anh(a(fVar, str, str2));
                    String iss = ((JWTDefaultClaims) getGenson().deserialize(anh.dVd(), JWTDefaultClaims.class)).getIss();
                    if (!h.af(iss)) {
                        de.docware.framework.modules.gui.misc.logger.b.a(this.qAb, LogType.ERROR, "Issuer (iss) attribute not found in token payload");
                        return new RESTfulEndpoint.c(RESTfulEndpoint.SecureReturnCode.TOKEN_WRONG_FORMAT, "Issuer (iss) attribute not found in token payload");
                    }
                    String ani = JWT.ani(anh.cJL());
                    if (ani.equals("SHA256withRSA")) {
                        JWTPublicPrivateKey jWTPublicPrivateKey = null;
                        if (list != null) {
                            Iterator<JWTKeystore> it = list.iterator();
                            while (it.hasNext()) {
                                Iterator it2 = it.next().getKeystore().iterator();
                                while (true) {
                                    if (!it2.hasNext()) {
                                        break;
                                    }
                                    JWTPublicPrivateKey jWTPublicPrivateKey2 = (JWTPublicPrivateKey) it2.next();
                                    if (jWTPublicPrivateKey2.getIssuer().equals(iss)) {
                                        jWTPublicPrivateKey = jWTPublicPrivateKey2;
                                        break;
                                    }
                                }
                                if (jWTPublicPrivateKey != null) {
                                    break;
                                }
                            }
                        }
                        if (jWTPublicPrivateKey == null) {
                            String str4 = "No public key definition found for issuer '" + iss + "'";
                            de.docware.framework.modules.gui.misc.logger.b.a(this.qAb, LogType.ERROR, str4);
                            return new RESTfulEndpoint.c(RESTfulEndpoint.SecureReturnCode.ISSUER_UNKNOWN, str4);
                        }
                        str3 = jWTPublicPrivateKey.getKey();
                        i2 = jWTPublicPrivateKey.getMaxLifeTime();
                    } else if (ani.equals("HmacSHA256")) {
                        if (bVar == null || bVar.isEmpty()) {
                            de.docware.framework.modules.gui.misc.logger.b.a(this.qAb, LogType.ERROR, "Algorithm HS256 supported but not allowed");
                            return new RESTfulEndpoint.c(RESTfulEndpoint.SecureReturnCode.TOKEN_WRONG_FORMAT, "Algorithm HS256 supported but not allowed");
                        }
                        str3 = bVar.dUW();
                    }
                    return a(fVar, str, str2, str3, j, i, i2);
                } catch (de.docware.util.security.signature.securestart.a | JSONException e) {
                    de.docware.framework.modules.gui.misc.logger.b.a(this.qAb, LogType.ERROR, e);
                    return new RESTfulEndpoint.c(RESTfulEndpoint.SecureReturnCode.TOKEN_WRONG_FORMAT, e.getMessage(), e);
                }
            } catch (UTFDataFormatException e2) {
                de.docware.framework.modules.gui.misc.logger.b.a(this.qAb, LogType.ERROR, e2);
                return new RESTfulEndpoint.c(RESTfulEndpoint.SecureReturnCode.TOKEN_WRONG_FORMAT, "Payload has no valid UTF-8 encoding", e2);
            } catch (JsonBindingException e3) {
                de.docware.framework.modules.gui.misc.logger.b.a(this.qAb, LogType.ERROR, (Throwable) e3);
                return new RESTfulEndpoint.c(RESTfulEndpoint.SecureReturnCode.TOKEN_WRONG_FORMAT, "Payload structure or encoding is not valid", e3);
            }
        } catch (de.docware.util.security.signature.securestart.a e4) {
            return new RESTfulEndpoint.c(JWT.a(e4.dVc()), e4.getMessage());
        }
    }

    @Override // de.docware.framework.modules.webservice.restful.RESTfulEndpoint
    protected void a(de.docware.framework.modules.gui.misc.http.server.h hVar, RESTfulEndpoint.c cVar) {
        a(401, a(cVar.dNP()), cVar.getMessage(), (String) null);
    }

    protected f a(RESTfulEndpoint.SecureReturnCode secureReturnCode) {
        return secureReturnCode == RESTfulEndpoint.SecureReturnCode.TOKEN_EXPIRED ? f.qAF : f.qAE;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String kh(String str) {
        return h.ajJ(str);
    }
}
