package org.sakaiproject.blti;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.TreeMap;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.xpath.XPath;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathExpression;
import javax.xml.xpath.XPathFactory;
import net.oauth.OAuth;
import net.oauth.OAuthAccessor;
import net.oauth.OAuthConsumer;
import net.oauth.OAuthMessage;
import net.oauth.SimpleOAuthValidator;
import net.oauth.server.OAuthServlet;
import net.oauth.signature.OAuthSignatureMethod;
import org.apache.commons.httpclient.HttpStatus;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.azeckoski.reflectutils.transcoders.JSONTranscoder;
import org.imsglobal.basiclti.BasicLTIConstants;
import org.imsglobal.basiclti.BasicLTIUtil;
import org.imsglobal.basiclti.XMLMap;
import org.imsglobal.pox.IMSPOXRequest;
import org.sakaiproject.authz.api.Member;
import org.sakaiproject.authz.api.Role;
import org.sakaiproject.authz.api.SecurityAdvisor;
import org.sakaiproject.authz.cover.SecurityService;
import org.sakaiproject.basiclti.util.SakaiBLTIUtil;
import org.sakaiproject.basiclti.util.ShaUtil;
import org.sakaiproject.component.cover.ComponentManager;
import org.sakaiproject.component.cover.ServerConfigurationService;
import org.sakaiproject.lessonbuildertool.SimplePageItem;
import org.sakaiproject.lti.api.LTIService;
import org.sakaiproject.service.gradebook.shared.Assignment;
import org.sakaiproject.service.gradebook.shared.ConflictingAssignmentNameException;
import org.sakaiproject.service.gradebook.shared.GradebookService;
import org.sakaiproject.site.api.Site;
import org.sakaiproject.site.api.ToolConfiguration;
import org.sakaiproject.site.cover.SiteService;
import org.sakaiproject.tool.api.Session;
import org.sakaiproject.tool.cover.SessionManager;
import org.sakaiproject.user.api.User;
import org.sakaiproject.user.cover.UserDirectoryService;
import org.sakaiproject.util.FormattedText;
import org.sakaiproject.util.ResourceLoader;
import org.sakaiproject.util.foorm.FoormUtil;
import org.sakaiproject.util.foorm.SakaiFoorm;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:WEB-INF/classes/org/sakaiproject/blti/ServiceServlet.class */
public class ServiceServlet extends HttpServlet {
    private static final long serialVersionUID = 1;
    private static Log M_log = LogFactory.getLog(ServiceServlet.class);
    private static ResourceLoader rb = new ResourceLoader("blis");
    protected static SakaiFoorm foorm = new SakaiFoorm();
    protected static LTIService ltiService = null;
    protected static XPath xpath = null;
    protected static XPathExpression LESSONS_RESOURCES_EXPR = null;
    protected static XPathExpression LESSONS_FOLDER_EXPR = null;
    protected static XPathExpression LESSONS_TYPE_EXPR = null;
    protected static XPathExpression LESSONS_TITLE_EXPR = null;
    protected static XPathExpression LESSONS_TEMPID_EXPR = null;
    protected static XPathExpression LESSONS_URL_EXPR = null;
    protected static XPathExpression LESSONS_CUSTOM_EXPR = null;
    private final String returnHTML = "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n\t\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n<html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"en\" xml:lang=\"en\">\n<body>\n<script language=\"javascript\">\n$message = '<div align=\"center\" style=\"text-align:left;width:80%;margin-top:5px;margin-left:auto;margin-right:auto;border-width:1px 1px 1px 1px;border-style:solid;border-color: gray;padding:.5em;font-family:Verdana,Arial,Helvetica,sans-serif;font-size:.8em\"><p>MESSAGE</p>';\n$closeText = '<p><a href=\"javascript: self.close()\">CLOSETEXT</a></p>';\n$gotMessage = GOTMESSAGE;\nif(self.location==top.location) {\n  if ( $gotMessage ) {\n    document.write($message);\n    document.write($closeText);\n  } else {\n    self.close();\n  }\n} else {\n  document.write($message);\n}\n</script>\n</div></body>\n</html>\n";

    public void pushAdvisor() {
        SecurityService.pushAdvisor(new SecurityAdvisor() { // from class: org.sakaiproject.blti.ServiceServlet.1
            public SecurityAdvisor.SecurityAdvice isAllowed(String str, String str2, String str3) {
                return SecurityAdvisor.SecurityAdvice.ALLOWED;
            }
        });
    }

    public void popAdvisor() {
        SecurityService.popAdvisor();
    }

    public void doError(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map<String, Object> map, String str, String str2, Exception exc) throws IOException {
        if (exc != null) {
            M_log.error(exc.getLocalizedMessage(), exc);
        }
        map.put("/message_response/statusinfo/codemajor", "Fail");
        map.put("/message_response/statusinfo/severity", "Error");
        String str3 = rb.getString(str) + ": " + str2;
        M_log.info(str3);
        map.put("/message_response/statusinfo/description", FormattedText.escapeHtmlFormattedText(str3));
        httpServletResponse.getWriter().println(XMLMap.getXML(map, true));
    }

    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        LessonsFacade.init();
        if (ltiService == null) {
            ltiService = (LTIService) ComponentManager.get("org.sakaiproject.lti.api.LTIService");
        }
        try {
            xpath = XPathFactory.newInstance().newXPath();
            LESSONS_RESOURCES_EXPR = xpath.compile("params/resources/*");
            LESSONS_FOLDER_EXPR = xpath.compile("resources/*");
            LESSONS_TYPE_EXPR = xpath.compile("type");
            LESSONS_TITLE_EXPR = xpath.compile("title");
            LESSONS_TEMPID_EXPR = xpath.compile("tempId");
            LESSONS_URL_EXPR = xpath.compile("launchUrl");
            LESSONS_CUSTOM_EXPR = xpath.compile("launchParams");
        } catch (Exception e) {
            M_log.error("Error compiling XPath expressions.");
            throw new ServletException();
        }
    }

    protected void handleReturnUrl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter("lti_errorlog");
        if (parameter != null) {
            M_log.error(parameter);
        }
        String parameter2 = httpServletRequest.getParameter("lti_errormsg");
        if (parameter2 != null) {
            M_log.error(parameter2);
        }
        String parameter3 = httpServletRequest.getParameter("lti_log");
        if (parameter3 != null) {
            M_log.info(parameter3);
        }
        String parameter4 = httpServletRequest.getParameter("lti_msg");
        if (parameter4 != null) {
            M_log.info(parameter4);
        }
        String string = rb.getString("outcome.tool.finished");
        CharSequence charSequence = "false";
        if (parameter4 != null) {
            string = rb.getString("outcome.tool.lti_msg") + " " + parameter4;
            charSequence = JSONTranscoder.BOOLEAN_TRUE;
        } else if (parameter2 != null) {
            string = rb.getString("outcome.tool.lti_errormsg") + " " + parameter2;
            charSequence = JSONTranscoder.BOOLEAN_TRUE;
        }
        String pathInfo = httpServletRequest.getPathInfo();
        if (pathInfo.length() > 11) {
            pathInfo = pathInfo.substring(11);
        }
        String replace = "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n\t\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n<html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"en\" xml:lang=\"en\">\n<body>\n<script language=\"javascript\">\n$message = '<div align=\"center\" style=\"text-align:left;width:80%;margin-top:5px;margin-left:auto;margin-right:auto;border-width:1px 1px 1px 1px;border-style:solid;border-color: gray;padding:.5em;font-family:Verdana,Arial,Helvetica,sans-serif;font-size:.8em\"><p>MESSAGE</p>';\n$closeText = '<p><a href=\"javascript: self.close()\">CLOSETEXT</a></p>';\n$gotMessage = GOTMESSAGE;\nif(self.location==top.location) {\n  if ( $gotMessage ) {\n    document.write($message);\n    document.write($closeText);\n  } else {\n    self.close();\n  }\n} else {\n  document.write($message);\n}\n</script>\n</div></body>\n</html>\n".replace("URL", ServerConfigurationService.getPortalUrl() + pathInfo).replace("GOTMESSAGE", charSequence).replace("MESSAGE", string).replace("CLOSETEXT", rb.getString("outcome.tool.close.window"));
        httpServletResponse.setContentType("text/html");
        httpServletResponse.getWriter().println(replace);
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (httpServletRequest.getPathInfo().startsWith("/return-url")) {
            handleReturnUrl(httpServletRequest, httpServletResponse);
        } else {
            doPost(httpServletRequest, httpServletResponse);
        }
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String contentType = httpServletRequest.getContentType();
        if (contentType != null && contentType.startsWith("application/json")) {
            doPostJSON(httpServletRequest, httpServletResponse);
        } else if (contentType == null || !contentType.startsWith("application/xml")) {
            doPostForm(httpServletRequest, httpServletResponse);
        } else {
            doPostXml(httpServletRequest, httpServletResponse);
        }
    }

    protected void doPostForm(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String parameter;
        String str;
        String remoteAddr = httpServletRequest.getRemoteAddr();
        M_log.debug("Basic LTI Service request from IP=" + remoteAddr);
        String string = ServerConfigurationService.getString(SakaiBLTIUtil.BASICLTI_OUTCOMES_ENABLED, (String) null);
        if (!JSONTranscoder.BOOLEAN_TRUE.equals(string)) {
            string = null;
        }
        String string2 = ServerConfigurationService.getString(SakaiBLTIUtil.BASICLTI_SETTINGS_ENABLED, (String) null);
        if (!JSONTranscoder.BOOLEAN_TRUE.equals(string2)) {
            string2 = null;
        }
        String string3 = ServerConfigurationService.getString(SakaiBLTIUtil.BASICLTI_ROSTER_ENABLED, (String) null);
        if (!JSONTranscoder.BOOLEAN_TRUE.equals(string3)) {
            string3 = null;
        }
        if (string == null && string2 == null && string3 == null) {
            M_log.warn("LTI Services are disabled IP=" + remoteAddr);
            httpServletResponse.setStatus(HttpStatus.SC_FORBIDDEN);
            return;
        }
        Map<String, Object> treeMap = new TreeMap<>();
        for (Map.Entry entry : httpServletRequest.getParameterMap().entrySet()) {
            M_log.debug(((String) entry.getKey()) + ":" + ((String[]) entry.getValue())[0]);
        }
        String parameter2 = httpServletRequest.getParameter(BasicLTIConstants.LTI_MESSAGE_TYPE);
        treeMap.put("/message_response/lti_message_type", parameter2);
        Object obj = null;
        if (BasicLTIUtil.equals(parameter2, "basic-lis-replaceresult") || BasicLTIUtil.equals(parameter2, "basic-lis-createresult") || BasicLTIUtil.equals(parameter2, "basic-lis-updateresult") || BasicLTIUtil.equals(parameter2, "basic-lis-deleteresult") || BasicLTIUtil.equals(parameter2, "basic-lis-readresult")) {
            parameter = httpServletRequest.getParameter("sourcedid");
            if (string != null) {
                obj = "basicoutcome";
            }
        } else if (BasicLTIUtil.equals(parameter2, "basic-lti-loadsetting") || BasicLTIUtil.equals(parameter2, "basic-lti-savesetting") || BasicLTIUtil.equals(parameter2, "basic-lti-deletesetting")) {
            parameter = httpServletRequest.getParameter("id");
            if (string2 != null) {
                obj = "toolsetting";
            }
        } else if (!BasicLTIUtil.equals(parameter2, "basic-lis-readmembershipsforcontext")) {
            doError(httpServletRequest, httpServletResponse, treeMap, "outcomes.invalid", "lti_message_type=" + parameter2, null);
            return;
        } else {
            parameter = httpServletRequest.getParameter("id");
            if (string3 != null) {
                obj = "roster";
            }
        }
        if (obj == null) {
            doError(httpServletRequest, httpServletResponse, treeMap, "outcomes.invalid", "lti_message_type=" + parameter2, null);
            return;
        }
        if (BasicLTIUtil.isBlank(parameter)) {
            doError(httpServletRequest, httpServletResponse, treeMap, "outcomes.missing", "sourcedid", null);
            return;
        }
        String parameter3 = httpServletRequest.getParameter(BasicLTIConstants.LTI_VERSION);
        if (!BasicLTIUtil.equals(parameter3, "LTI-1p0")) {
            doError(httpServletRequest, httpServletResponse, treeMap, "outcomes.invalid", "lti_version=" + parameter3, null);
            return;
        }
        String parameter4 = httpServletRequest.getParameter(OAuth.OAUTH_CONSUMER_KEY);
        if (BasicLTIUtil.isBlank(parameter4)) {
            doError(httpServletRequest, httpServletResponse, treeMap, "outcomes.missing", OAuth.OAUTH_CONSUMER_KEY, null);
            return;
        }
        if (BasicLTIUtil.equals(parameter2, "basic-lis-deleteresult")) {
            treeMap.put("/message_response/statusinfo/codemajor", "Unsupported");
            treeMap.put("/message_response/statusinfo/severity", "Error");
            treeMap.put("/message_response/statusinfo/codeminor", "cannotdelete");
            httpServletResponse.getWriter().println(XMLMap.getXML(treeMap, true));
            return;
        }
        if (parameter.length() > 2048) {
            parameter = parameter.substring(0, 2048);
        }
        String str2 = null;
        String str3 = null;
        String str4 = null;
        try {
            int indexOf = parameter.indexOf(":::");
            if (indexOf > 0) {
                str3 = parameter.substring(0, indexOf);
                String substring = parameter.substring(indexOf + 3);
                int indexOf2 = substring.indexOf(":::");
                str4 = substring.substring(0, indexOf2);
                str2 = substring.substring(indexOf2 + 3);
            }
        } catch (Exception e) {
            M_log.warn("Unable to decrypt result_sourcedid IP=" + remoteAddr + " Error=" + e.getMessage(), e);
            str3 = null;
            str2 = null;
            str4 = null;
        }
        if (str2 == null || str4 == null) {
            doError(httpServletRequest, httpServletResponse, treeMap, "outcomes.sourcedid", "sourcedid", null);
            return;
        }
        M_log.debug("signature=" + str3);
        M_log.debug("user_id=" + str4);
        M_log.debug("placement_id=" + str2);
        Properties propertiesFromPlacement = getPropertiesFromPlacement(str2);
        if (propertiesFromPlacement == null) {
            M_log.debug("Error retrieving result_sourcedid information");
            doError(httpServletRequest, httpServletResponse, treeMap, "outcomes.sourcedid", "sourcedid", null);
            return;
        }
        String property = propertiesFromPlacement.getProperty("SITE_ID");
        Site site = null;
        try {
            site = SiteService.getSite(property);
        } catch (Exception e2) {
            M_log.debug("Error retrieving result_sourcedid site: " + e2.getLocalizedMessage(), e2);
        }
        if (site == null) {
            doError(httpServletRequest, httpServletResponse, treeMap, "outcomes.sourcedid", "sourcedid", null);
            return;
        }
        String property2 = propertiesFromPlacement.getProperty("secret");
        M_log.debug("oauth_secret: " + property2);
        String decryptSecret = SakaiBLTIUtil.decryptSecret(property2);
        M_log.debug("oauth_secret (decrypted): " + decryptSecret);
        OAuthMessage message = OAuthServlet.getMessage(httpServletRequest, null);
        SimpleOAuthValidator simpleOAuthValidator = new SimpleOAuthValidator();
        OAuthAccessor oAuthAccessor = new OAuthAccessor(new OAuthConsumer("about:blank#OAuth+CallBack+NotUsed", parameter4, decryptSecret, null));
        try {
            str = OAuthSignatureMethod.getBaseString(message);
        } catch (Exception e3) {
            M_log.error(e3.getLocalizedMessage(), e3);
            str = null;
        }
        try {
            simpleOAuthValidator.validateMessage(message, oAuthAccessor);
            String property3 = propertiesFromPlacement.getProperty("placementsecret");
            if (property3 == null) {
                doError(httpServletRequest, httpServletResponse, treeMap, "outcomes.sourcedid", "sourcedid", null);
                return;
            }
            String sha256Hash = ShaUtil.sha256Hash(property3 + ":::" + str4 + ":::" + str2);
            M_log.debug("Received signature=" + str3 + " received=" + sha256Hash);
            boolean equals = str3.equals(sha256Hash);
            if (propertiesFromPlacement.getProperty("oldplacementsecret") != null && !equals) {
                String sha256Hash2 = ShaUtil.sha256Hash(property3 + ":::" + str4 + ":::" + str2);
                M_log.debug("Received signature II=" + str3 + " received=" + sha256Hash2);
                equals = str3.equals(sha256Hash2);
            }
            if (!equals) {
                doError(httpServletRequest, httpServletResponse, treeMap, "outcomes.sourcedid", "sourcedid", null);
                return;
            }
            if ("basicoutcome".equals(obj)) {
                processOutcome(httpServletRequest, httpServletResponse, parameter2, site, property, str2, propertiesFromPlacement, str4, treeMap);
            }
            if ("toolsetting".equals(obj)) {
                processSetting(httpServletRequest, httpServletResponse, parameter2, site, property, str2, propertiesFromPlacement, str4, treeMap);
            }
            if ("roster".equals(obj)) {
                processRoster(httpServletRequest, httpServletResponse, parameter2, site, property, str2, propertiesFromPlacement, str4, treeMap);
            }
        } catch (Exception e4) {
            M_log.warn("Provider failed to validate message");
            M_log.warn(e4.getLocalizedMessage(), e4);
            if (str != null) {
                M_log.warn(str);
            }
            doError(httpServletRequest, httpServletResponse, treeMap, "outcome.no.validate", parameter4, null);
        }
    }

    protected void processSetting(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, Site site, String str2, String str3, Properties properties, String str4, Map<String, Object> map) throws IOException {
        if (!"on".equals(properties.getProperty("allowsettings"))) {
            doError(httpServletRequest, httpServletResponse, map, "outcomes.invalid", "lti_message_type=" + str, null);
            return;
        }
        pushAdvisor();
        boolean z = false;
        try {
            try {
                if ("basic-lti-loadsetting".equals(str)) {
                    String property = properties.getProperty("settings");
                    if (property != null) {
                        map.put("/message_response/setting/value", property);
                    }
                    z = true;
                } else if (isPlacement(str3)) {
                    ToolConfiguration findTool = SiteService.findTool(str3);
                    if ("basic-lti-savesetting".equals(str)) {
                        String parameter = httpServletRequest.getParameter("setting");
                        if (parameter == null) {
                            M_log.warn("No setting parameter");
                            doError(httpServletRequest, httpServletResponse, map, "setting.empty", "", null);
                        } else {
                            if (parameter.length() > 8096) {
                                parameter = parameter.substring(0, 8096);
                            }
                            findTool.getPlacementConfig().setProperty("toolsetting", parameter);
                        }
                    } else if ("basic-lti-deletesetting".equals(str)) {
                        findTool.getPlacementConfig().remove("toolsetting");
                    }
                    try {
                        findTool.save();
                        z = true;
                    } catch (Exception e) {
                        doError(httpServletRequest, httpServletResponse, map, "setting.save.fail", "", e);
                    }
                } else {
                    Map map2 = null;
                    Long longKey = foorm.getLongKey(properties.getProperty("contentKey"));
                    if (longKey.longValue() > 0) {
                        map2 = ltiService.getContentDao(longKey, str2);
                    }
                    if (map2 != null) {
                        if ("basic-lti-savesetting".equals(str)) {
                            String parameter2 = httpServletRequest.getParameter("setting");
                            if (parameter2 == null) {
                                M_log.warn("No setting parameter");
                                doError(httpServletRequest, httpServletResponse, map, "setting.empty", "", null);
                            } else {
                                if (parameter2.length() > 8096) {
                                    parameter2 = parameter2.substring(0, 8096);
                                }
                                map2.put("settings", parameter2);
                                z = true;
                            }
                        } else if ("basic-lti-deletesetting".equals(str)) {
                            map2.put("settings", null);
                            z = true;
                        }
                        if (z && (ltiService.updateContentDao(longKey, map2, str2) instanceof String)) {
                            M_log.warn("Setting update failed");
                            doError(httpServletRequest, httpServletResponse, map, "setting.fail", "", null);
                            z = false;
                        }
                    }
                }
                popAdvisor();
            } catch (Exception e2) {
                doError(httpServletRequest, httpServletResponse, map, "setting.fail", "", e2);
                popAdvisor();
            }
            if (z) {
                map.put("/message_response/statusinfo/codemajor", "Success");
                map.put("/message_response/statusinfo/severity", "Status");
                map.put("/message_response/statusinfo/codeminor", IMSPOXRequest.MINOR_FULLSUCCESS);
                httpServletResponse.getWriter().println(XMLMap.getXML(map, true));
            }
        } catch (Throwable th) {
            popAdvisor();
            throw th;
        }
    }

    protected void processOutcome(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, Site site, String str2, String str3, Properties properties, String str4, Map<String, Object> map) throws IOException {
        try {
            if (site.getMember(str4) != null) {
            }
            String property = properties.getProperty("assignment");
            M_log.debug("ASSN=" + property);
            if (property == null) {
                doError(httpServletRequest, httpServletResponse, map, "outcome.no.assignment", "", null);
                return;
            }
            GradebookService gradebookService = (GradebookService) ComponentManager.get("org.sakaiproject.service.gradebook.GradebookService");
            pushAdvisor();
            Assignment orMakeAssignment = getOrMakeAssignment(property, str2, gradebookService);
            popAdvisor();
            if (orMakeAssignment == null) {
                doError(httpServletRequest, httpServletResponse, map, "outcome.no.assignment", "", null);
                return;
            }
            boolean equals = BasicLTIUtil.equals(str, "basic-lis-readresult");
            String parameter = httpServletRequest.getParameter("result_resultscore_textstring");
            if (BasicLTIUtil.isBlank(parameter) && !equals) {
                doError(httpServletRequest, httpServletResponse, map, "outcomes.missing", "result_resultscore_textstring", null);
                return;
            }
            Session currentSession = SessionManager.getCurrentSession();
            pushAdvisor();
            boolean z = false;
            try {
                try {
                    String string = ServerConfigurationService.getString("basiclti.outcomes.userid", "admin");
                    String string2 = ServerConfigurationService.getString("basiclti.outcomes.usereid", string);
                    currentSession.setUserId(string);
                    currentSession.setUserEid(string2);
                    if (equals) {
                        map.put("/message_response/result/resultscore/textstring", Double.valueOf(new Double(gradebookService.getAssignmentScoreString(str2, property, str4)).doubleValue() / orMakeAssignment.getPoints().doubleValue()).toString());
                    } else {
                        gradebookService.setAssignmentScore(str2, property, str4, Double.valueOf(new Double(parameter).doubleValue() * orMakeAssignment.getPoints().doubleValue()), "External Outcome");
                        M_log.info("Stored Score=" + str2 + " assignment=" + property + " user_id=" + str4 + " score=" + parameter);
                    }
                    z = true;
                    map.put("/message_response/statusinfo/codemajor", "Success");
                    map.put("/message_response/statusinfo/severity", "Status");
                    map.put("/message_response/statusinfo/codeminor", IMSPOXRequest.MINOR_FULLSUCCESS);
                    currentSession.invalidate();
                    popAdvisor();
                } catch (Exception e) {
                    doError(httpServletRequest, httpServletResponse, map, "outcome.grade.fail", "siteId=" + str2, e);
                    currentSession.invalidate();
                    popAdvisor();
                }
                if (z) {
                    httpServletResponse.getWriter().println(XMLMap.getXML(map, true));
                }
            } catch (Throwable th) {
                currentSession.invalidate();
                popAdvisor();
                throw th;
            }
        } catch (Exception e2) {
            M_log.warn(e2.getLocalizedMessage() + " siteId=" + str2, e2);
            doError(httpServletRequest, httpServletResponse, map, "outcome.site.membership", "", e2);
        }
    }

    protected void processRoster(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, Site site, String str2, String str3, Properties properties, String str4, Map<String, Object> map) throws IOException {
        if (!"on".equals(properties.getProperty("allowroster"))) {
            doError(httpServletRequest, httpServletResponse, map, "outcomes.invalid", "lti_message_type=" + str, null);
            return;
        }
        String property = properties.getProperty("sendname");
        String property2 = properties.getProperty("sendemailaddr");
        String property3 = properties.getProperty("assignment");
        String string = ServerConfigurationService.getString(SakaiBLTIUtil.BASICLTI_OUTCOMES_ENABLED, (String) null);
        if (!JSONTranscoder.BOOLEAN_TRUE.equals(string)) {
            string = null;
        }
        String maintainRole = site.getMaintainRole();
        pushAdvisor();
        boolean z = false;
        try {
            try {
                ArrayList arrayList = new ArrayList();
                for (Member member : site.getMembers()) {
                    TreeMap treeMap = new TreeMap();
                    Role role = member.getRole();
                    String userId = member.getUserId();
                    treeMap.put("/user_id", userId);
                    Object obj = "Learner";
                    if (maintainRole != null && maintainRole.equals(role.getId())) {
                        obj = "Instructor";
                    }
                    treeMap.put("/role", obj);
                    User user = null;
                    if (JSONTranscoder.BOOLEAN_TRUE.equals(string) && property3 != null) {
                        user = UserDirectoryService.getUser(userId);
                        String sourceDID = SakaiBLTIUtil.getSourceDID(user, str3, properties.getProperty("placementsecret"));
                        if (sourceDID != null) {
                            treeMap.put("/lis_result_sourcedid", sourceDID);
                        }
                    }
                    if ("on".equals(property) || "on".equals(property2)) {
                        if (user == null) {
                            user = UserDirectoryService.getUser(userId);
                        }
                        if ("on".equals(property)) {
                            treeMap.put("/person_name_given", user.getFirstName());
                            treeMap.put("/person_name_family", user.getLastName());
                            treeMap.put("/person_name_full", user.getDisplayName());
                        }
                        if ("on".equals(property2)) {
                            treeMap.put("/person_contact_email_primary", user.getEmail());
                            treeMap.put("/person_sourcedid", user.getEid());
                        }
                    }
                    arrayList.add(treeMap);
                }
                map.put("/message_response/members/member", arrayList);
                z = true;
                popAdvisor();
            } catch (Exception e) {
                doError(httpServletRequest, httpServletResponse, map, "memberships.fail", "", e);
                popAdvisor();
            }
            if (z) {
                map.put("/message_response/statusinfo/codemajor", "Success");
                map.put("/message_response/statusinfo/severity", "Status");
                map.put("/message_response/statusinfo/codeminor", IMSPOXRequest.MINOR_FULLSUCCESS);
                httpServletResponse.getWriter().println(XMLMap.getXML(map, true));
            }
        } catch (Throwable th) {
            popAdvisor();
            throw th;
        }
    }

    public void doErrorXML(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, IMSPOXRequest iMSPOXRequest, String str, String str2, Exception exc) throws IOException {
        if (exc != null) {
            M_log.error(exc.getLocalizedMessage(), exc);
        }
        String str3 = rb.getString(str) + ": " + str2;
        M_log.info(str3);
        httpServletResponse.setContentType("application/xml");
        httpServletResponse.getWriter().println(iMSPOXRequest == null ? IMSPOXRequest.getFatalResponse(str3) : iMSPOXRequest.getResponseFailure(str3, null));
    }

    protected void doPostJSON(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        M_log.warn("LTI JSON Services not implemented IP=" + httpServletRequest.getRemoteAddr());
        httpServletResponse.setStatus(HttpStatus.SC_FORBIDDEN);
    }

    protected void doPostXml(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String str;
        Object obj;
        String remoteAddr = httpServletRequest.getRemoteAddr();
        M_log.debug("LTI POX Service request from IP=" + remoteAddr);
        String string = ServerConfigurationService.getString(SakaiBLTIUtil.BASICLTI_OUTCOMES_ENABLED, (String) null);
        if (!JSONTranscoder.BOOLEAN_TRUE.equals(string)) {
            string = null;
        }
        String string2 = ServerConfigurationService.getString(SakaiBLTIUtil.BASICLTI_LORI_ENABLED, (String) null);
        if (!JSONTranscoder.BOOLEAN_TRUE.equals(string2)) {
            string2 = null;
        }
        if (string == null && string2 == null) {
            M_log.warn("LTI Services are disabled IP=" + remoteAddr);
            httpServletResponse.setStatus(HttpStatus.SC_FORBIDDEN);
            return;
        }
        IMSPOXRequest iMSPOXRequest = new IMSPOXRequest(httpServletRequest);
        if (!iMSPOXRequest.valid) {
            doErrorXML(httpServletRequest, httpServletResponse, iMSPOXRequest, "pox.invalid", iMSPOXRequest.errorMessage, null);
            return;
        }
        String operation = iMSPOXRequest.getOperation();
        if (M_log.isDebugEnabled()) {
            M_log.debug("POST\n" + XMLMap.prettyPrint(iMSPOXRequest.postBody));
        }
        Map<String, String> bodyMap = iMSPOXRequest.getBodyMap();
        if (("replaceResultRequest".equals(operation) || "readResultRequest".equals(operation) || "deleteResultRequest".equals(operation)) && string != null) {
            str = bodyMap.get("/resultRecord/sourcedGUID/sourcedId");
            obj = "basicoutcome";
        } else if ("getCourseStructureRequest".equals(operation)) {
            str = bodyMap.get("/params/sourcedGUID/sourcedId");
            obj = "getstructure";
        } else {
            if (!"addCourseResourcesRequest".equals(operation)) {
                String responseUnsupported = iMSPOXRequest.getResponseUnsupported("Not supported " + operation);
                httpServletResponse.setContentType("application/xml");
                httpServletResponse.getWriter().println(responseUnsupported);
                return;
            }
            str = bodyMap.get("/params/sourcedGUID/sourcedId");
            obj = "addstructure";
        }
        if (BasicLTIUtil.isBlank(str)) {
            doErrorXML(httpServletRequest, httpServletResponse, iMSPOXRequest, "outcomes.missing", "sourcedid", null);
            return;
        }
        if (str.length() > 2048) {
            str = str.substring(0, 2048);
        }
        String str2 = null;
        String str3 = null;
        String str4 = null;
        try {
            int indexOf = str.indexOf(":::");
            if (indexOf > 0) {
                str3 = str.substring(0, indexOf);
                String substring = str.substring(indexOf + 3);
                int indexOf2 = substring.indexOf(":::");
                str4 = substring.substring(0, indexOf2);
                str2 = substring.substring(indexOf2 + 3);
            }
        } catch (Exception e) {
            M_log.warn("Unable to decrypt result_sourcedid IP=" + remoteAddr + " Error=" + e.getMessage(), e);
            str3 = null;
            str2 = null;
            str4 = null;
        }
        if (str2 == null || str4 == null) {
            doErrorXML(httpServletRequest, httpServletResponse, iMSPOXRequest, "outcomes.sourcedid", "sourcedid", null);
            return;
        }
        M_log.debug("signature=" + str3);
        M_log.debug("user_id=" + str4);
        M_log.debug("placement_id=" + str2);
        Properties propertiesFromPlacement = getPropertiesFromPlacement(str2);
        if (propertiesFromPlacement == null) {
            M_log.debug("Error retrieving result_sourcedid information");
            doError(httpServletRequest, httpServletResponse, null, "outcomes.sourcedid", "sourcedid", null);
            return;
        }
        String property = propertiesFromPlacement.getProperty("SITE_ID");
        Site site = null;
        try {
            site = SiteService.getSite(property);
        } catch (Exception e2) {
            M_log.debug("Error retrieving result_sourcedid site: " + e2.getLocalizedMessage(), e2);
        }
        if (site == null) {
            doError(httpServletRequest, httpServletResponse, null, "outcomes.sourcedid", "sourcedid", null);
            return;
        }
        String oAuthConsumerKey = iMSPOXRequest.getOAuthConsumerKey();
        String property2 = propertiesFromPlacement.getProperty("secret");
        M_log.debug("oauth_secret: " + property2);
        String decryptSecret = SakaiBLTIUtil.decryptSecret(property2);
        M_log.debug("oauth_secret (decrypted): " + decryptSecret);
        iMSPOXRequest.validateRequest(oAuthConsumerKey, decryptSecret, httpServletRequest);
        if (!iMSPOXRequest.valid) {
            if (iMSPOXRequest.base_string != null) {
                M_log.warn(iMSPOXRequest.base_string);
            }
            doErrorXML(httpServletRequest, httpServletResponse, iMSPOXRequest, "outcome.no.validate", oAuthConsumerKey, null);
            return;
        }
        String property3 = propertiesFromPlacement.getProperty("placementsecret");
        if (property3 == null) {
            M_log.debug("placement_secret is null");
            doErrorXML(httpServletRequest, httpServletResponse, iMSPOXRequest, "outcomes.sourcedid", "sourcedid", null);
            return;
        }
        String sha256Hash = ShaUtil.sha256Hash(property3 + ":::" + str4 + ":::" + str2);
        M_log.debug("Received signature=" + str3 + " received=" + sha256Hash);
        boolean equals = str3.equals(sha256Hash);
        if (propertiesFromPlacement.getProperty("oldplacementsecret") != null && !equals) {
            String sha256Hash2 = ShaUtil.sha256Hash(property3 + ":::" + str4 + ":::" + str2);
            M_log.debug("Received signature II=" + str3 + " received=" + sha256Hash2);
            equals = str3.equals(sha256Hash2);
        }
        if (!equals) {
            doErrorXML(httpServletRequest, httpServletResponse, iMSPOXRequest, "outcomes.sourcedid", "sourcedid", null);
            return;
        }
        String property4 = propertiesFromPlacement.getProperty("allowlori");
        if (string != null && "basicoutcome".equals(obj)) {
            processOutcomeXml(httpServletRequest, httpServletResponse, operation, site, property, propertiesFromPlacement, str4, iMSPOXRequest);
            return;
        }
        if (string2 != null && "on".equals(property4) && "getstructure".equals(obj)) {
            processCourseStructureXml(httpServletRequest, httpServletResponse, operation, property, iMSPOXRequest);
            return;
        }
        if (string2 != null && "on".equals(property4) && "addstructure".equals(obj)) {
            processAddResourceXML(httpServletRequest, httpServletResponse, operation, property, iMSPOXRequest);
        } else {
            httpServletResponse.setContentType("application/xml");
            httpServletResponse.getWriter().println(iMSPOXRequest.getResponseUnsupported("Message received and validated operation=" + iMSPOXRequest.getOperation()));
        }
    }

    protected void processCourseStructureXml(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, IMSPOXRequest iMSPOXRequest) throws IOException {
        String str3 = iMSPOXRequest.getBodyMap().get("/params/courseId");
        if (str3 == null || !str3.equals(str2)) {
            doErrorXML(httpServletRequest, httpServletResponse, iMSPOXRequest, "outcomes.sourcedid", "sourcedid", null);
            M_log.warn("mis-match courseId=" + str3 + " siteId=" + str2);
            return;
        }
        List<Map<String, Object>> iteratePagesXML = iteratePagesXML(LessonsFacade.findItemsInSite(str3), new ArrayList(), 0);
        httpServletResponse.setContentType("application/xml");
        String responseUnsupported = iMSPOXRequest.getResponseUnsupported("No Lessons content found in site");
        if (iteratePagesXML.size() > 0) {
            TreeMap treeMap = new TreeMap();
            treeMap.put("/getCourseStructureResponse/resources/resource", iteratePagesXML);
            responseUnsupported = iMSPOXRequest.getResponseSuccess("processCourseStructureXml", XMLMap.getXMLFragment(treeMap, true));
        }
        httpServletResponse.getWriter().println(responseUnsupported);
        M_log.debug(responseUnsupported);
    }

    protected void processAddResourceXML(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, IMSPOXRequest iMSPOXRequest) throws IOException {
        Long l;
        NodeList nodeList;
        Map<String, String> bodyMap = iMSPOXRequest.getBodyMap();
        String str3 = bodyMap.get("/params/courseId");
        if (str3 == null || !str3.equals(str2)) {
            doErrorXML(httpServletRequest, httpServletResponse, iMSPOXRequest, "outcomes.sourcedid", "sourcedid", null);
            M_log.warn("mis-match courseId=" + str3 + " siteId=" + str2);
            return;
        }
        try {
            l = new Long(bodyMap.get("/params/folderId"));
        } catch (Exception e) {
            l = null;
        }
        ArrayList arrayList = new ArrayList();
        List<SimplePageItem> findItemsInSite = LessonsFacade.findItemsInSite(str3);
        SimplePageItem findFolder = LessonsFacade.findFolder(findItemsInSite, l, arrayList, 1);
        if (findFolder == null) {
            M_log.debug("Inserting at top...");
            Iterator<SimplePageItem> it = findItemsInSite.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                SimplePageItem next = it.next();
                if (next.getType() == 2) {
                    findFolder = next;
                    break;
                }
            }
        }
        if (findFolder == null) {
            doErrorXML(httpServletRequest, httpServletResponse, iMSPOXRequest, "lessons.page.notfound", "Unable to find page in structure at " + l, null);
            return;
        }
        try {
            nodeList = (NodeList) LESSONS_RESOURCES_EXPR.evaluate(iMSPOXRequest.bodyElement, XPathConstants.NODESET);
        } catch (Exception e2) {
            e2.printStackTrace();
            nodeList = null;
        }
        if (nodeList == null || nodeList.getLength() < 1) {
            doErrorXML(httpServletRequest, httpServletResponse, iMSPOXRequest, "lessons.page.noresources", "No resources to add", null);
            return;
        }
        int size = LessonsFacade.findItemsOnPage(Long.valueOf(findFolder.getSakaiId())).size() + 1;
        ArrayList arrayList2 = new ArrayList();
        recursivelyAddResourcesXML(str3, findFolder, nodeList, size, arrayList2);
        TreeMap treeMap = new TreeMap();
        treeMap.put("/addCourseResourcesResponse/resources/resource", arrayList2);
        String xMLFragment = XMLMap.getXMLFragment(treeMap, true);
        httpServletResponse.setContentType("application/xml");
        String responseSuccess = iMSPOXRequest.getResponseSuccess("Items Added", xMLFragment);
        httpServletResponse.getWriter().println(responseSuccess);
        M_log.debug(responseSuccess);
    }

    protected void recursivelyAddResourcesXML(String str, SimplePageItem simplePageItem, NodeList nodeList, int i, List<Map<String, String>> list) {
        String str2;
        String str3;
        String str4;
        String str5;
        String str6;
        String str7;
        int length = nodeList.getLength();
        for (int i2 = 0; i2 < length; i2++) {
            Node item = nodeList.item(i2);
            if (item.getNodeType() == 1) {
                M_log.debug("Node=" + item.getNodeName());
                if ("resource".equals(item.getNodeName())) {
                    try {
                        str2 = LESSONS_TYPE_EXPR.evaluate(item);
                    } catch (Exception e) {
                        str2 = null;
                    }
                    try {
                        str3 = LESSONS_TITLE_EXPR.evaluate(item);
                    } catch (Exception e2) {
                        str3 = null;
                    }
                    try {
                        str4 = LESSONS_TEMPID_EXPR.evaluate(item);
                    } catch (Exception e3) {
                        str4 = null;
                    }
                    if ("folder".equals(str2)) {
                        SimplePageItem addLessonsFolder = LessonsFacade.addLessonsFolder(simplePageItem, str3, i);
                        if (str4 != null) {
                            TreeMap treeMap = new TreeMap();
                            treeMap.put("/tempId", str4);
                            treeMap.put("/id", addLessonsFolder.getSakaiId());
                            list.add(treeMap);
                        }
                        i++;
                        NodeList nodeList2 = null;
                        try {
                            Object evaluate = LESSONS_FOLDER_EXPR.evaluate(item, XPathConstants.NODESET);
                            nodeList2 = (NodeList) evaluate;
                            M_log.debug("children of the folder = " + evaluate + " count=" + nodeList2.getLength());
                        } catch (Exception e4) {
                            e4.printStackTrace();
                            nodeList = null;
                        }
                        M_log.debug("===== DOWN THE RABIT HOLE ==========");
                        recursivelyAddResourcesXML(str, addLessonsFolder, nodeList2, 1, list);
                    } else if (BasicLTIConstants.NEW_SITE_TYPE.equals(str2)) {
                        try {
                            str5 = LESSONS_URL_EXPR.evaluate(item);
                        } catch (Exception e5) {
                            str5 = null;
                        }
                        try {
                            str6 = LESSONS_CUSTOM_EXPR.evaluate(item);
                        } catch (Exception e6) {
                            str6 = null;
                        }
                        if (str3 == null || str5 == null || str6 == null) {
                            M_log.warn("Missing required value type, name, url, launch, parms");
                        } else {
                            M_log.debug("type=" + str2 + " name=" + str3 + " launchUrl=" + str5 + " lanchParams=" + str6);
                            TreeMap treeMap2 = new TreeMap();
                            treeMap2.put("/tempId", str4);
                            try {
                                str7 = LessonsFacade.doImportTool(str, str5, str3, null, str6);
                                if (str7 == null) {
                                    treeMap2.put("/status", "failure");
                                    treeMap2.put("/description", "doImportTool failed");
                                    M_log.warn("Unable to add LTI Placement " + str3);
                                } else {
                                    treeMap2.put("/status", "success");
                                    treeMap2.put("/description", "doImportTool success");
                                    treeMap2.put("/id", str7);
                                }
                            } catch (Exception e7) {
                                str7 = null;
                                e7.printStackTrace();
                                treeMap2.put("/status", "failure");
                                treeMap2.put("/description", e7.getMessage());
                            }
                            list.add(treeMap2);
                            if (str7 != null) {
                                LessonsFacade.addLessonsLaunch(simplePageItem, str7, str3, i);
                            }
                        }
                    } else {
                        M_log.warn("No support for type:" + str2);
                    }
                }
            }
        }
    }

    protected List<Map<String, Object>> iteratePagesXML(List<SimplePageItem> list, List<Long> list2, int i) {
        ArrayList arrayList = new ArrayList();
        if (i > 10) {
            return null;
        }
        for (SimplePageItem simplePageItem : list) {
            if (list2.size() > 50) {
                return arrayList;
            }
            if (simplePageItem.getType() == 2) {
                Long valueOf = Long.valueOf(simplePageItem.getSakaiId());
                String name = simplePageItem.getName();
                if (list2.size() == 50) {
                    name = " ... ";
                }
                list2.add(Long.valueOf(simplePageItem.getId()));
                TreeMap treeMap = new TreeMap();
                treeMap.put("/folderId", simplePageItem.getSakaiId());
                treeMap.put("/title", name);
                treeMap.put("/description", name);
                treeMap.put("/type", "folder");
                List<Map<String, Object>> iteratePagesXML = iteratePagesXML(LessonsFacade.findItemsOnPage(valueOf), list2, i + 1);
                if (iteratePagesXML != null && iteratePagesXML.size() > 0) {
                    treeMap.put("/resources/resource", iteratePagesXML);
                }
                arrayList.add(treeMap);
            }
        }
        return arrayList;
    }

    protected void processOutcomeXml(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, Site site, String str2, Properties properties, String str3, IMSPOXRequest iMSPOXRequest) throws IOException {
        try {
            if (site.getMember(str3) != null) {
            }
            String property = properties.getProperty("assignment");
            M_log.debug("ASSN=" + property);
            if (property == null) {
                doErrorXML(httpServletRequest, httpServletResponse, iMSPOXRequest, "outcome.no.assignment", "", null);
                return;
            }
            GradebookService gradebookService = (GradebookService) ComponentManager.get("org.sakaiproject.service.gradebook.GradebookService");
            pushAdvisor();
            Assignment orMakeAssignment = getOrMakeAssignment(property, str2, gradebookService);
            popAdvisor();
            if (orMakeAssignment == null) {
                doErrorXML(httpServletRequest, httpServletResponse, iMSPOXRequest, "outcome.no.assignment", "", null);
                return;
            }
            boolean equals = BasicLTIUtil.equals(str, "readResultRequest");
            boolean equals2 = BasicLTIUtil.equals(str, "deleteResultRequest");
            Map<String, String> bodyMap = iMSPOXRequest.getBodyMap();
            String str4 = bodyMap.get("/resultRecord/result/resultScore/textString");
            String str5 = bodyMap.get("/resultRecord/result/sourcedId");
            if (BasicLTIUtil.isBlank(str4) && !equals && !equals2) {
                doErrorXML(httpServletRequest, httpServletResponse, iMSPOXRequest, "outcomes.missing", "result_resultscore_textstring", null);
                return;
            }
            TreeMap treeMap = new TreeMap();
            Session currentSession = SessionManager.getCurrentSession();
            pushAdvisor();
            boolean z = false;
            String str6 = null;
            try {
                try {
                    String string = ServerConfigurationService.getString("basiclti.outcomes.userid", "admin");
                    String string2 = ServerConfigurationService.getString("basiclti.outcomes.usereid", string);
                    currentSession.setUserId(string);
                    currentSession.setUserEid(string2);
                    if (equals) {
                        Double valueOf = Double.valueOf(new Double(gradebookService.getAssignmentScoreString(str2, property, str3)).doubleValue() / orMakeAssignment.getPoints().doubleValue());
                        String d = valueOf.doubleValue() != 0.0d ? valueOf.toString() : "";
                        treeMap.put("/readResultResponse/result/sourcedId", str5);
                        treeMap.put("/readResultResponse/result/resultScore/textString", d);
                        treeMap.put("/readResultResponse/result/resultScore/language", "en");
                        str6 = "Result read";
                    } else if (equals2) {
                        gradebookService.setAssignmentScore(str2, property, str3, new Double(0.0d), "External Outcome");
                        M_log.info("Delete Score site=" + str2 + " assignment=" + property + " user_id=" + str3);
                        treeMap.put("/deleteResultResponse", "");
                        str6 = "Result deleted";
                    } else {
                        Double d2 = new Double(str4);
                        if (d2.doubleValue() < 0.0d || d2.doubleValue() > 1.0d) {
                            throw new Exception("Grade out of range");
                        }
                        gradebookService.setAssignmentScore(str2, property, str3, Double.valueOf(d2.doubleValue() * orMakeAssignment.getPoints().doubleValue()), "External Outcome");
                        M_log.info("Stored Score=" + str2 + " assignment=" + property + " user_id=" + str3 + " score=" + str4);
                        treeMap.put("/replaceResultResponse", "");
                        str6 = "Result replaced";
                    }
                    z = true;
                    currentSession.invalidate();
                    popAdvisor();
                } catch (Exception e) {
                    doErrorXML(httpServletRequest, httpServletResponse, iMSPOXRequest, "outcome.grade.fail", e.getMessage() + " siteId=" + str2, e);
                    currentSession.invalidate();
                    popAdvisor();
                }
                if (z) {
                    String responseSuccess = iMSPOXRequest.getResponseSuccess(str6, treeMap.size() > 0 ? XMLMap.getXMLFragment(treeMap, true) : "");
                    httpServletResponse.setContentType("application/xml");
                    httpServletResponse.getWriter().println(responseSuccess);
                }
            } catch (Throwable th) {
                currentSession.invalidate();
                popAdvisor();
                throw th;
            }
        } catch (Exception e2) {
            M_log.warn(e2.getLocalizedMessage() + " siteId=" + str2, e2);
            doErrorXML(httpServletRequest, httpServletResponse, iMSPOXRequest, "outcome.site.membership", "", e2);
        }
    }

    public Assignment getOrMakeAssignment(String str, String str2, GradebookService gradebookService) {
        Assignment assignment = null;
        try {
            Iterator it = gradebookService.getAssignments(str2).iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                Assignment assignment2 = (Assignment) it.next();
                if (!assignment2.isExternallyMaintained() && str.equals(assignment2.getName())) {
                    assignment = assignment2;
                    break;
                }
            }
        } catch (Exception e) {
            assignment = null;
        }
        if (assignment == null && gradebookService.isGradebookDefined(str2)) {
            try {
                assignment = new Assignment();
                assignment.setPoints(Double.valueOf(100.0d));
                assignment.setExternallyMaintained(false);
                assignment.setName(str);
                assignment.setReleased(true);
                assignment.setUngraded(false);
                gradebookService.addAssignment(str2, assignment);
                M_log.info("Added assignment: " + str);
            } catch (Exception e2) {
                M_log.warn("GradebookNotFoundException (may be because GradeBook has not yet been added to the Site) " + e2.getMessage());
                M_log.warn(this + ":addGradeItem " + e2.getMessage());
            } catch (ConflictingAssignmentNameException e3) {
                M_log.warn("ConflictingAssignmentNameException while adding assignment" + e3.getMessage());
                assignment = null;
            }
        }
        return assignment;
    }

    protected Properties getPropertiesFromPlacement(String str) {
        Map contentDao;
        String str2;
        Map toolDao;
        String[] strArr = {"key", "secret", "placementsecret", "oldplacementsecret", "allowsettings", "assignment", "allowroster", "releasename", "releaseemail", "toolsetting", "allowlori"};
        Properties properties = new Properties();
        if (isPlacement(str)) {
            try {
                ToolConfiguration findTool = SiteService.findTool(str);
                Properties config = findTool.getConfig();
                String siteId = findTool.getSiteId();
                properties.setProperty("placementId", str);
                properties.setProperty("SITE_ID", siteId);
                int length = strArr.length;
                for (int i = 0; i < length; i++) {
                    String str3 = strArr[i];
                    String str4 = SakaiBLTIUtil.toNull(SakaiBLTIUtil.getCorrectProperty(config, str3, findTool));
                    if (str3.equals("toolsetting")) {
                        str4 = config.getProperty("toolsetting", null);
                        str3 = "settings";
                    }
                    if (str4 != null) {
                        if (str3.equals("releasename")) {
                            str3 = "sendname";
                        }
                        if (str3.equals("releaseemail")) {
                            str3 = "sendemailaddr";
                        }
                        if (str3.equals("key")) {
                            str3 = "consumerkey";
                        }
                        properties.setProperty(str3, str4);
                    }
                }
            } catch (Exception e) {
                M_log.debug("Error getPropertiesFromPlacement: " + e.getLocalizedMessage(), e);
                return null;
            }
        } else {
            String substring = str.substring(8);
            Long longKey = foorm.getLongKey(substring);
            if (longKey.longValue() < 0 || (contentDao = ltiService.getContentDao(longKey)) == null || (str2 = (String) contentDao.get("SITE_ID")) == null) {
                return null;
            }
            properties.setProperty("contentKey", substring);
            properties.setProperty("SITE_ID", str2);
            Long longKey2 = foorm.getLongKey(contentDao.get("tool_id"));
            if (longKey2.longValue() < 0 || (toolDao = ltiService.getToolDao(longKey2, str2)) == null) {
                return null;
            }
            if (toolDao != null || contentDao != null) {
                ltiService.filterContent(contentDao, toolDao);
            }
            for (String str5 : LTIService.TOOL_MODEL) {
                Properties parseFormString = foorm.parseFormString(str5);
                String property = parseFormString.getProperty("field", null);
                String property2 = parseFormString.getProperty("type", null);
                Object obj = toolDao.get(property);
                if (obj instanceof String) {
                    properties.setProperty(property, (String) obj);
                } else if ("checkbox".equals(property2)) {
                    if (getInt(obj) == 1) {
                        properties.setProperty(property, "on");
                    } else {
                        properties.setProperty(property, "off");
                    }
                }
            }
            for (String str6 : LTIService.CONTENT_MODEL) {
                Properties parseFormString2 = foorm.parseFormString(str6);
                String property3 = parseFormString2.getProperty("field", null);
                String property4 = parseFormString2.getProperty("type", null);
                Object obj2 = contentDao.get(property3);
                if (obj2 instanceof String) {
                    properties.setProperty(property3, (String) obj2);
                } else if ("checkbox".equals(property4)) {
                    if (getInt(obj2) == 1) {
                        properties.setProperty(property3, "on");
                    } else {
                        properties.setProperty(property3, "off");
                    }
                }
            }
            properties.setProperty("assignment", (String) contentDao.get("title"));
        }
        return properties;
    }

    boolean isPlacement(String str) {
        if (str == null) {
            return false;
        }
        return !str.startsWith("content:") || str.length() <= 8;
    }

    public static int getInt(Object obj) {
        return FoormUtil.getInt(obj);
    }

    public void destroy() {
    }
}
