package org.sakaiproject.basiclti.impl;

import java.io.PrintWriter;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.Stack;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.configuration.tree.DefaultExpressionEngine;
import org.apache.commons.httpclient.cookie.CookieSpec;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.sakaiproject.authz.cover.SecurityService;
import org.sakaiproject.basiclti.LocalEventTrackingService;
import org.sakaiproject.basiclti.util.SakaiBLTIUtil;
import org.sakaiproject.component.cover.ComponentManager;
import org.sakaiproject.component.cover.ServerConfigurationService;
import org.sakaiproject.entity.api.Entity;
import org.sakaiproject.entity.api.EntityAccessOverloadException;
import org.sakaiproject.entity.api.EntityCopyrightException;
import org.sakaiproject.entity.api.EntityNotDefinedException;
import org.sakaiproject.entity.api.EntityPermissionException;
import org.sakaiproject.entity.api.EntityProducer;
import org.sakaiproject.entity.api.HttpAccess;
import org.sakaiproject.entity.api.Reference;
import org.sakaiproject.entity.api.ResourceProperties;
import org.sakaiproject.entity.cover.EntityManager;
import org.sakaiproject.exception.IdUnusedException;
import org.sakaiproject.exception.PermissionException;
import org.sakaiproject.lti.api.LTIService;
import org.sakaiproject.site.api.Site;
import org.sakaiproject.site.api.SitePage;
import org.sakaiproject.site.api.ToolConfiguration;
import org.sakaiproject.site.cover.SiteService;
import org.sakaiproject.tool.cover.SessionManager;
import org.sakaiproject.tool.cover.ToolManager;
import org.sakaiproject.util.FormattedText;
import org.sakaiproject.util.ResourceLoader;
import org.sakaiproject.util.StringUtil;
import org.sakaiproject.util.foorm.SakaiFoorm;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:WEB-INF/lib/basiclti-impl-2.1.2.jar:org/sakaiproject/basiclti/impl/BasicLTISecurityServiceImpl.class */
public class BasicLTISecurityServiceImpl implements EntityProducer {
    public static final String MIME_TYPE_BLTI = "ims/basiclti";
    public static final String REFERENCE_ROOT = "/basiclti";
    public static final String APPLICATION_ID = "sakai:basiclti";
    public static final String TOOL_REGISTRATION = "sakai.basiclti";
    public static final String EVENT_BASICLTI_LAUNCH = "basiclti.launch";
    private Log logger = LogFactory.getLog(BasicLTISecurityServiceImpl.class);
    public static final String SERVICE_NAME = BasicLTISecurityServiceImpl.class.getName();
    private static ResourceLoader rb = new ResourceLoader("basicltisvc");
    protected static SakaiFoorm foorm = new SakaiFoorm();
    protected static LTIService ltiService = null;

    protected boolean checkSecurity(Reference reference) {
        try {
            return SiteService.getSiteVisit(reference.getContext()) != null;
        } catch (IdUnusedException e) {
            return false;
        } catch (PermissionException e2) {
            return false;
        }
    }

    public void init() {
        this.logger.info(this + ".init()");
        if (ServerConfigurationService.getString(SakaiBLTIUtil.BASICLTI_ENCRYPTION_KEY, (String) null) == null) {
            this.logger.warn("BasicLTI secrets in database unencrypted, please set basiclti.encryption.key");
        }
        try {
            EntityManager.registerEntityProducer(this, REFERENCE_ROOT);
        } catch (Throwable th) {
            this.logger.warn("init(): ", th);
        }
        if (ltiService == null) {
            ltiService = (LTIService) ComponentManager.get("org.sakaiproject.lti.api.LTIService");
        }
    }

    public void destroy() {
        this.logger.info(this + ".destroy()");
    }

    public boolean isSuperUser(String str) {
        return SecurityService.isSuperUser(str);
    }

    public boolean parseEntityReference(String str, Reference reference) {
        if (!str.startsWith(REFERENCE_ROOT)) {
            return false;
        }
        String str2 = null;
        String str3 = null;
        String[] split = StringUtil.split(str, CookieSpec.PATH_DELIM);
        if (split.length == 5 && split[2].equals("site")) {
            str3 = split[3];
            str2 = split[4];
        }
        reference.set(APPLICATION_ID, "site", str2, (String) null, str3);
        return true;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void sendHTMLPage(HttpServletResponse httpServletResponse, String str) {
        try {
            httpServletResponse.setContentType("text/html; charset=UTF-8");
            httpServletResponse.setCharacterEncoding("utf-8");
            httpServletResponse.addDateHeader("Expires", System.currentTimeMillis() - 31536000000L);
            httpServletResponse.addDateHeader("Last-Modified", System.currentTimeMillis());
            httpServletResponse.addHeader("Cache-Control", "no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0");
            httpServletResponse.addHeader("Pragma", "no-cache");
            PrintWriter writer = httpServletResponse.getWriter();
            writer.println("<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">");
            writer.println("<html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"en\" xml:lang=\"en\">");
            writer.println("<html>\n<head>");
            writer.println("<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />");
            writer.println("</head>\n<body>\n");
            writer.println(str);
            writer.println("\n</body>\n</html>");
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void doSplash(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, ResourceLoader resourceLoader) {
        String str2 = httpServletRequest.getRequestURI().toString() + "?splash=bypass";
        resourceLoader.getString("launch.button", "Press to continue to external tool.");
        sendHTMLPage(httpServletResponse, ((("<div align=\"center\" style=\"text-align:left;width:80%;margin-top:5px;margin-left:auto;margin-right:auto;border-width:1px 1px 1px 1px;border-style:solid;border-color: gray;padding:.5em;font-family:Verdana,Arial,Helvetica,sans-serif;font-size:.8em\">" + str + "</div><p>") + "<form><input type=\"submit\" onclick=\"window.location='" + str2 + "';return false;\" value=\"") + resourceLoader.getString("launch.button", "Press to continue to proceed to external tool.")) + "\"></form></p>\n");
    }

    public HttpAccess getHttpAccess() {
        return new HttpAccess() { // from class: org.sakaiproject.basiclti.impl.BasicLTISecurityServiceImpl.1
            public void handleAccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Reference reference, Collection collection) throws EntityPermissionException, EntityNotDefinedException, EntityAccessOverloadException, EntityCopyrightException {
                String[] postLaunchHTML;
                String str;
                String str2;
                if (!BasicLTISecurityServiceImpl.this.checkSecurity(reference)) {
                    throw new EntityPermissionException(SessionManager.getCurrentSessionUserId(), "basiclti", reference.getReference());
                }
                String id = reference.getId();
                if (!id.startsWith("content:") || id.length() <= 8) {
                    postLaunchHTML = SakaiBLTIUtil.postLaunchHTML(id, BasicLTISecurityServiceImpl.rb);
                } else {
                    Map map = null;
                    Map map2 = null;
                    Long longKey = BasicLTISecurityServiceImpl.foorm.getLongKey(id.substring(8));
                    if (longKey.longValue() >= 0) {
                        map = BasicLTISecurityServiceImpl.ltiService.getContentDao(longKey, reference.getContext());
                        if (map != null && ((str2 = (String) map.get("SITE_ID")) == null || !str2.equals(reference.getContext()))) {
                            map = null;
                        }
                        if (map != null) {
                            Long longKey2 = BasicLTISecurityServiceImpl.foorm.getLongKey(map.get("tool_id"));
                            if (longKey2.longValue() >= 0) {
                                map2 = BasicLTISecurityServiceImpl.ltiService.getToolDao(longKey2, reference.getContext());
                            }
                            if (map2 != null && (str = (String) map2.get("SITE_ID")) != null && !str.equals(reference.getContext())) {
                                map2 = null;
                            }
                        }
                        if (map2 != null || map != null) {
                            BasicLTISecurityServiceImpl.ltiService.filterContent(map, map2);
                        }
                    }
                    String str3 = null;
                    if (map2 != null) {
                        str3 = (String) map2.get("splash");
                    }
                    String parameter = httpServletRequest.getParameter("splash");
                    String str4 = null;
                    if (map2 != null) {
                        str4 = (String) map2.get("SITE_ID");
                    }
                    if (parameter == null && str3 != null && str3.trim().length() > 1) {
                        if (str4 != null) {
                            str3 = FormattedText.escapeHtml(str3, false);
                        }
                        BasicLTISecurityServiceImpl.this.doSplash(httpServletRequest, httpServletResponse, str3, BasicLTISecurityServiceImpl.rb);
                        return;
                    }
                    postLaunchHTML = SakaiBLTIUtil.postLaunchHTML((Map<String, Object>) map, (Map<String, Object>) map2, BasicLTISecurityServiceImpl.rb);
                }
                try {
                    BasicLTISecurityServiceImpl.this.sendHTMLPage(httpServletResponse, postLaunchHTML[0]);
                    String reference2 = reference.getReference();
                    if (postLaunchHTML.length > 1) {
                        reference2 = postLaunchHTML[1];
                    }
                    LocalEventTrackingService.post(LocalEventTrackingService.newEvent(BasicLTISecurityServiceImpl.EVENT_BASICLTI_LAUNCH, reference2, reference.getContext(), false, 2));
                } catch (Exception e) {
                    e.printStackTrace();
                }
            }
        };
    }

    public Entity getEntity(Reference reference) {
        return null;
    }

    public Collection<String> getEntityAuthzGroups(Reference reference, String str) {
        return null;
    }

    public String getEntityDescription(Reference reference) {
        return null;
    }

    public ResourceProperties getEntityResourceProperties(Reference reference) {
        return null;
    }

    public String getEntityUrl(Reference reference) {
        return ServerConfigurationService.getAccessUrl() + reference.getReference();
    }

    public String getLabel() {
        return "basiclti";
    }

    public boolean willArchiveMerge() {
        return true;
    }

    public String merge(String str, Element element, String str2, String str3, Map map, Map map2, Set set) {
        StringBuilder sb = new StringBuilder("Merging BasicLTI ");
        NodeList elementsByTagName = element.getElementsByTagName(BasicLTIArchiveBean.ALIAS);
        try {
            Site site = SiteService.getSite(str);
            for (int i = 0; i < elementsByTagName.getLength(); i++) {
                BasicLTIArchiveBean basicLTIArchiveBean = new BasicLTIArchiveBean(elementsByTagName.item(i));
                this.logger.info("BASIC LTI: " + basicLTIArchiveBean);
                sb.append(", merging basicLTI tool " + basicLTIArchiveBean.getPageTitle());
                SitePage addPage = site.addPage();
                addPage.setTitle(basicLTIArchiveBean.getPageTitle());
                addPage.setTitleCustom(true);
                ToolConfiguration addTool = addPage.addTool();
                addTool.setTool("sakai.basiclti", ToolManager.getTool("sakai.basiclti"));
                addTool.setTitle(basicLTIArchiveBean.getToolTitle());
                for (Object obj : basicLTIArchiveBean.getSiteToolProperties().keySet()) {
                    addTool.getPlacementConfig().setProperty((String) obj, (String) basicLTIArchiveBean.getSiteToolProperties().get(obj));
                }
                SiteService.save(site);
            }
        } catch (PermissionException e) {
            e.printStackTrace();
        } catch (IdUnusedException e2) {
            e2.printStackTrace();
        } catch (Exception e3) {
            e3.printStackTrace();
        }
        sb.append(DefaultExpressionEngine.DEFAULT_PROPERTY_DELIMITER);
        return sb.toString();
    }

    public String archive(String str, Document document, Stack stack, String str2, List list) {
        this.logger.info("-------basic-lti-------- archive('" + StringUtils.join(new Object[]{str, document, stack, str2, list}, "','") + "')");
        StringBuilder sb = new StringBuilder("archiving basiclti " + str + "\n");
        int i = 0;
        try {
            Site site = SiteService.getSite(str);
            this.logger.info("SITE: " + site.getId() + " : " + site.getTitle());
            Element createElement = document.createElement("org.sakaiproject.basiclti.service.BasicLTISecurityService");
            for (SitePage sitePage : site.getPages()) {
                for (ToolConfiguration toolConfiguration : sitePage.getTools()) {
                    if (toolConfiguration.getTool() != null) {
                        if (toolConfiguration.getTool().getId().equals("sakai.basiclti")) {
                            i++;
                            BasicLTIArchiveBean basicLTIArchiveBean = new BasicLTIArchiveBean();
                            basicLTIArchiveBean.setPageTitle(sitePage.getTitle());
                            basicLTIArchiveBean.setToolTitle(toolConfiguration.getTitle());
                            basicLTIArchiveBean.setSiteToolProperties(toolConfiguration.getConfig());
                            createElement.appendChild(basicLTIArchiveBean.toNode(document));
                        }
                    }
                }
            }
            ((Element) stack.peek()).appendChild(createElement);
            stack.push(createElement);
            stack.pop();
        } catch (IdUnusedException e) {
            this.logger.info("SITE ID " + str + " DOES NOT EXIST.");
            sb.append("Basic LTI Site does not exist\n");
        } catch (Exception e2) {
            e2.printStackTrace();
            sb.append("basiclti exception:" + e2.getClass().getName() + "\n");
        }
        sb.append("archiving basiclti (" + i + ") tools archived\n");
        return sb.toString();
    }
}
