package org.sakaiproject.lti2;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.TreeMap;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.httpclient.HttpStatus;
import org.apache.commons.httpclient.cookie.CookieSpec;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.codehaus.jackson.map.ObjectMapper;
import org.codehaus.jackson.map.ObjectWriter;
import org.imsglobal.basiclti.BasicLTIConstants;
import org.imsglobal.json.IMSJSONRequest;
import org.imsglobal.lti2.LTI2Config;
import org.imsglobal.lti2.LTI2Constants;
import org.imsglobal.lti2.LTI2Util;
import org.imsglobal.lti2.objects.Service_offered;
import org.imsglobal.lti2.objects.StandardServices;
import org.imsglobal.lti2.objects.ToolConsumer;
import org.json.simple.JSONArray;
import org.json.simple.JSONObject;
import org.json.simple.JSONValue;
import org.sakaiproject.basiclti.util.SakaiBLTIUtil;
import org.sakaiproject.component.cover.ComponentManager;
import org.sakaiproject.component.cover.ServerConfigurationService;
import org.sakaiproject.lti.api.LTIService;
import org.sakaiproject.util.ResourceLoader;
import org.sakaiproject.util.foorm.SakaiFoorm;

/* loaded from: input_file:WEB-INF/classes/org/sakaiproject/lti2/LTI2Service.class */
public class LTI2Service extends HttpServlet {
    private static final long serialVersionUID = 1;
    private static Log M_log = LogFactory.getLog(LTI2Service.class);
    private static ResourceLoader rb = new ResourceLoader("blis");
    protected static SakaiFoorm foorm = new SakaiFoorm();
    protected static LTIService ltiService = null;
    protected String resourceUrl = null;
    protected Service_offered LTI2ResultItem = null;
    protected Service_offered LTI2LtiLinkSettings = null;
    protected Service_offered LTI2ToolProxyBindingSettings = null;
    protected Service_offered LTI2ToolProxySettings = null;
    private static final String SVC_tc_profile = "tc_profile";
    private static final String SVC_tc_registration = "tc_registration";
    private static final String SVC_Settings = "Settings";
    private static final String SVC_Result = "Result";
    private static final String LTI1_PATH = "/imsblis/service/";
    private static final String LTI2_PATH = "/imsblis/lti2/";
    private static final String APPLICATION_JSON = "application/json";

    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        if (ltiService == null) {
            ltiService = (LTIService) ComponentManager.get("org.sakaiproject.lti.api.LTIService");
        }
        this.resourceUrl = SakaiBLTIUtil.getOurServerUrl() + "/imsblis/lti2/";
        this.LTI2ResultItem = StandardServices.LTI2ResultItem(this.resourceUrl + "Result/{" + BasicLTIConstants.LIS_RESULT_SOURCEDID + "}");
        this.LTI2LtiLinkSettings = StandardServices.LTI2LtiLinkSettings(this.resourceUrl + "Settings" + CookieSpec.PATH_DELIM + LTI2Util.SCOPE_LtiLink + "/{" + BasicLTIConstants.RESOURCE_LINK_ID + "}");
        this.LTI2ToolProxyBindingSettings = StandardServices.LTI2ToolProxySettings(this.resourceUrl + "Settings" + CookieSpec.PATH_DELIM + LTI2Util.SCOPE_ToolProxyBinding + "/{" + BasicLTIConstants.RESOURCE_LINK_ID + "}");
        this.LTI2ToolProxySettings = StandardServices.LTI2ToolProxySettings(this.resourceUrl + "Settings" + CookieSpec.PATH_DELIM + "ToolProxy/{" + LTI2Constants.TOOL_PROXY_GUID + "}");
    }

    protected void doPut(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doPost(httpServletRequest, httpServletResponse);
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doPost(httpServletRequest, httpServletResponse);
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        try {
            doRequest(httpServletRequest, httpServletResponse);
        } catch (Exception e) {
            M_log.warn("General LTI2 Failure URI=" + httpServletRequest.getRequestURI() + " IP=" + httpServletRequest.getRemoteAddr());
            e.printStackTrace();
            httpServletResponse.setStatus(HttpStatus.SC_INTERNAL_SERVER_ERROR);
            doErrorJSON(httpServletRequest, httpServletResponse, null, "General failure", e);
        }
    }

    protected void doRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        M_log.debug("LTI Service request from IP=" + httpServletRequest.getRemoteAddr());
        httpServletRequest.getPathInfo();
        String requestURI = httpServletRequest.getRequestURI();
        String[] split = requestURI.split(CookieSpec.PATH_DELIM);
        if (split.length < 4) {
            httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
            doErrorJSON(httpServletRequest, httpServletResponse, null, "Incorrect url format", null);
            return;
        }
        String str = split[3];
        if ("tc_profile".equals(str) && split.length == 5) {
            getToolConsumerProfile(httpServletRequest, httpServletResponse, split[4]);
            return;
        }
        if ("tc_registration".equals(str) && split.length == 5) {
            registerToolProviderProfile(httpServletRequest, httpServletResponse, split[4]);
            return;
        }
        if ("Result".equals(str) && split.length == 5) {
            handleResultRequest(httpServletRequest, httpServletResponse, split[4]);
            return;
        }
        if ("Settings".equals(str) && split.length >= 6) {
            handleSettingsRequest(httpServletRequest, httpServletResponse, split);
            return;
        }
        IMSJSONRequest iMSJSONRequest = new IMSJSONRequest(httpServletRequest);
        if (iMSJSONRequest.valid) {
            System.out.println(iMSJSONRequest.getPostBody());
        }
        httpServletResponse.setStatus(HttpStatus.SC_NOT_IMPLEMENTED);
        M_log.warn("Unknown request=" + requestURI);
        doErrorJSON(httpServletRequest, httpServletResponse, null, "Unknown request=" + requestURI, null);
    }

    protected void getToolConsumerProfile(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        Map<String, Object> deployForConsumerKeyDao = ltiService.getDeployForConsumerKeyDao(str);
        if (deployForConsumerKeyDao == null) {
            httpServletResponse.setStatus(HttpStatus.SC_NOT_FOUND);
            return;
        }
        ToolConsumer toolConsumerProfile = getToolConsumerProfile(deployForConsumerKeyDao, str);
        try {
            ObjectWriter defaultPrettyPrintingWriter = new ObjectMapper().defaultPrettyPrintingWriter();
            httpServletResponse.setContentType(APPLICATION_JSON);
            httpServletResponse.getWriter().println(defaultPrettyPrintingWriter.writeValueAsString(toolConsumerProfile));
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    protected ToolConsumer getToolConsumerProfile(Map<String, Object> map, String str) {
        LTI2Config sakaiLTI2Config = new SakaiLTI2Config();
        if (sakaiLTI2Config.getGuid() == null) {
            M_log.error("*********************************************");
            M_log.error("* LTI2 NOT CONFIGURED - Using Sample Data   *");
            M_log.error("* Do not use this in production.  Test only *");
            M_log.error("*********************************************");
            sakaiLTI2Config = new SakaiLTI2Base();
        }
        String ourServerUrl = SakaiBLTIUtil.getOurServerUrl();
        ToolConsumer toolConsumer = new ToolConsumer(str + "", this.resourceUrl, sakaiLTI2Config);
        List<String> capability_offered = toolConsumer.getCapability_offered();
        if (foorm.getLong(map.get("sendemailaddr")).longValue() > 0) {
            LTI2Util.allowEmail(capability_offered);
        }
        if (foorm.getLong(map.get("sendname")).longValue() > 0) {
            LTI2Util.allowName(capability_offered);
        }
        List<Service_offered> service_offered = toolConsumer.getService_offered();
        service_offered.add(StandardServices.LTI2Registration(ourServerUrl + "/imsblis/lti2/tc_registration" + CookieSpec.PATH_DELIM + str));
        if ("true".equals(ServerConfigurationService.getString(SakaiBLTIUtil.BASICLTI_OUTCOMES_ENABLED, "true")) && foorm.getLong(map.get("allowoutcomes")).longValue() > 0) {
            LTI2Util.allowResult(capability_offered);
            service_offered.add(this.LTI2ResultItem);
            service_offered.add(StandardServices.LTI1Outcomes(ourServerUrl + "/imsblis/service/"));
            service_offered.add(SakaiLTI2Services.BasicOutcomes(ourServerUrl + "/imsblis/service/"));
        }
        if ("true".equals(ServerConfigurationService.getString(SakaiBLTIUtil.BASICLTI_ROSTER_ENABLED, "true")) && foorm.getLong(map.get("allowroster")).longValue() > 0) {
            service_offered.add(SakaiLTI2Services.BasicRoster(ourServerUrl + "/imsblis/service/"));
        }
        if ("true".equals(ServerConfigurationService.getString(SakaiBLTIUtil.BASICLTI_SETTINGS_ENABLED, "true")) && foorm.getLong(map.get("allowsettings")).longValue() > 0) {
            LTI2Util.allowSettings(capability_offered);
            service_offered.add(SakaiLTI2Services.BasicSettings(ourServerUrl + "/imsblis/service/"));
            service_offered.add(this.LTI2LtiLinkSettings);
            service_offered.add(this.LTI2ToolProxySettings);
            service_offered.add(this.LTI2ToolProxyBindingSettings);
        }
        if ("true".equals(ServerConfigurationService.getString(SakaiBLTIUtil.BASICLTI_LORI_ENABLED, "true")) && foorm.getLong(map.get("allowlori")).longValue() > 0) {
            service_offered.add(SakaiLTI2Services.LORI_XML(ourServerUrl + "/imsblis/service/"));
        }
        return toolConsumer;
    }

    public void registerToolProviderProfile(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        String str2;
        String str3;
        Map<String, Object> deployForConsumerKeyDao = ltiService.getDeployForConsumerKeyDao(str);
        if (deployForConsumerKeyDao == null) {
            httpServletResponse.setStatus(HttpStatus.SC_NOT_FOUND);
            return;
        }
        Long l = foorm.getLong(deployForConsumerKeyDao.get("id"));
        if (foorm.getLong(deployForConsumerKeyDao.get("reg_state")).longValue() == 0) {
            str2 = (String) deployForConsumerKeyDao.get(LTI2Constants.REG_KEY);
            str3 = (String) deployForConsumerKeyDao.get(LTI2Constants.REG_PASSWORD);
        } else {
            str2 = (String) deployForConsumerKeyDao.get("consumerkey");
            str3 = (String) deployForConsumerKeyDao.get("secret");
        }
        IMSJSONRequest iMSJSONRequest = new IMSJSONRequest(httpServletRequest);
        if (!iMSJSONRequest.valid) {
            httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "Request is not in a valid format", null);
            return;
        }
        if (str2 == null || str3 == null) {
            httpServletResponse.setStatus(HttpStatus.SC_FORBIDDEN);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "Deployment is missing credentials", null);
            return;
        }
        iMSJSONRequest.validateRequest(str2, str3, httpServletRequest);
        if (!iMSJSONRequest.valid) {
            httpServletResponse.setStatus(HttpStatus.SC_FORBIDDEN);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "OAuth signature failure", null);
            return;
        }
        JSONObject jSONObject = (JSONObject) JSONValue.parse(iMSJSONRequest.getPostBody());
        if (jSONObject == null) {
            httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "JSON parse failed", null);
            return;
        }
        JSONObject jSONObject2 = (JSONObject) jSONObject.get(LTI2Constants.CUSTOM);
        JSONObject jSONObject3 = (JSONObject) jSONObject.get(LTI2Constants.SECURITY_CONTRACT);
        if (jSONObject3 == null) {
            httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "JSON missing security_contract", null);
            return;
        }
        String str4 = (String) jSONObject3.get(LTI2Constants.SHARED_SECRET);
        if (str4 == null) {
            httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "JSON missing shared_secret", null);
            return;
        }
        jSONObject3.put(LTI2Constants.SHARED_SECRET, "*********");
        ToolConsumer toolConsumerProfile = getToolConsumerProfile(deployForConsumerKeyDao, str);
        String validateServices = LTI2Util.validateServices(toolConsumerProfile, jSONObject);
        if (validateServices != null) {
            httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, validateServices, null);
            return;
        }
        String validateCapabilities = LTI2Util.validateCapabilities(toolConsumerProfile, jSONObject);
        if (validateCapabilities != null) {
            httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, validateCapabilities, null);
            return;
        }
        TreeMap treeMap = new TreeMap();
        treeMap.put("secret", SakaiBLTIUtil.encryptSecret(str4));
        treeMap.put("reg_state", "1");
        treeMap.put(LTI2Constants.REG_KEY, "");
        treeMap.put(LTI2Constants.REG_PASSWORD, "");
        if (jSONObject2 != null) {
            treeMap.put("settings", jSONObject2.toString());
        }
        treeMap.put("reg_profile", jSONObject.toString());
        M_log.debug("deployUpdate=" + treeMap);
        Object updateDeployDao = ltiService.updateDeployDao(l, treeMap);
        if (!((updateDeployDao instanceof Boolean) && ((Boolean) updateDeployDao) == Boolean.TRUE)) {
            M_log.warn("updateDeployDao fail deployKey=" + l + "\nretval=" + updateDeployDao + "\ndata=" + treeMap);
            httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "Failed update of deployment=" + l, null);
            return;
        }
        TreeMap treeMap2 = new TreeMap();
        treeMap2.put(LTI2Constants.CONTEXT, StandardServices.TOOLPROXY_ID_CONTEXT);
        treeMap2.put(LTI2Constants.TYPE, "ToolProxy");
        ServerConfigurationService.getServerUrl();
        treeMap2.put(LTI2Constants.JSONLD_ID, this.resourceUrl + "tc_registration" + CookieSpec.PATH_DELIM + str);
        treeMap2.put(LTI2Constants.TOOL_PROXY_GUID, str);
        treeMap2.put(LTI2Constants.CUSTOM_URL, this.resourceUrl + "Settings" + CookieSpec.PATH_DELIM + "ToolProxy" + CookieSpec.PATH_DELIM + str);
        httpServletResponse.setContentType(StandardServices.TOOLPROXY_ID_FORMAT);
        httpServletResponse.setStatus(HttpStatus.SC_CREATED);
        String jSONString = JSONValue.toJSONString(treeMap2);
        M_log.debug(jSONString);
        httpServletResponse.getWriter().println(jSONString);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v43, types: [java.lang.Object] */
    /* JADX WARN: Type inference failed for: r12v7 */
    public void handleResultRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        String str2;
        String str3;
        if (!"true".equals(ServerConfigurationService.getString(SakaiBLTIUtil.BASICLTI_OUTCOMES_ENABLED, "true"))) {
            httpServletResponse.setStatus(HttpStatus.SC_FORBIDDEN);
            doErrorJSON(httpServletRequest, httpServletResponse, null, "Result resources not available", null);
            return;
        }
        IMSJSONRequest iMSJSONRequest = null;
        if ("GET".equals(httpServletRequest.getMethod())) {
            ?? grade = SakaiBLTIUtil.getGrade(str, httpServletRequest, ltiService);
            if (!(grade instanceof Map)) {
                httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
                doErrorJSON(httpServletRequest, httpServletResponse, null, (String) grade, null);
                return;
            }
            Map map = (Map) grade;
            TreeMap treeMap = new TreeMap();
            TreeMap treeMap2 = new TreeMap();
            treeMap.put(LTI2Constants.CONTEXT, StandardServices.RESULT_CONTEXT);
            treeMap.put(LTI2Constants.TYPE, "Result");
            treeMap.put("comment", map.get("comment"));
            treeMap2.put(LTI2Constants.TYPE, LTI2Constants.GRADE_TYPE_DECIMAL);
            treeMap2.put(LTI2Constants.VALUE, map.get(LTI2Constants.GRADE));
            treeMap.put(LTI2Constants.RESULTSCORE, treeMap2);
            httpServletResponse.setContentType(StandardServices.RESULT_FORMAT);
            httpServletResponse.setStatus(200);
            String jSONString = JSONValue.toJSONString(treeMap);
            M_log.debug(jSONString);
            httpServletResponse.getWriter().println(jSONString);
            str2 = grade;
        } else if ("PUT".equals(httpServletRequest.getMethod())) {
            try {
                iMSJSONRequest = new IMSJSONRequest(httpServletRequest);
                JSONObject jSONObject = (JSONObject) JSONValue.parse(iMSJSONRequest.getPostBody());
                str3 = SakaiBLTIUtil.setGrade(str, httpServletRequest, ltiService, new Double((String) ((JSONObject) jSONObject.get(LTI2Constants.RESULTSCORE)).get(LTI2Constants.VALUE)), (String) jSONObject.get("comment"));
            } catch (Exception e) {
                str3 = "Error: " + e.getMessage();
            }
            if ((str3 instanceof Boolean) && ((Boolean) str3).booleanValue()) {
                httpServletResponse.setStatus(200);
                str2 = str3;
            } else {
                httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
                str2 = str3;
            }
        } else {
            str2 = "Unsupported operation:" + httpServletRequest.getMethod();
            httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
        }
        if (str2 instanceof String) {
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, str2, null);
        }
    }

    public void handleSettingsRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String[] strArr) throws IOException {
        Long longKey;
        String str;
        String str2;
        String postBody;
        JSONArray jSONArray;
        if (!"true".equals(ServerConfigurationService.getString(SakaiBLTIUtil.BASICLTI_SETTINGS_ENABLED, "true"))) {
            httpServletResponse.setStatus(HttpStatus.SC_FORBIDDEN);
            doErrorJSON(httpServletRequest, httpServletResponse, null, "Tool settings not available", null);
            return;
        }
        String ourServletPath = SakaiBLTIUtil.getOurServletPath(httpServletRequest);
        String str3 = strArr[4];
        String parameter = httpServletRequest.getParameter("bubble");
        String header = httpServletRequest.getHeader("Accept");
        String contentType = httpServletRequest.getContentType();
        System.out.println("accept=" + header + " bubble=" + parameter);
        if (parameter != null && parameter.equals("all") && header.indexOf(StandardServices.TOOLSETTINGS_FORMAT) < 0) {
            httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
            doErrorJSON(httpServletRequest, httpServletResponse, null, "Simple format does not allow bubble=all", null);
            return;
        }
        boolean z = parameter != null && "GET".equals(httpServletRequest.getMethod());
        boolean z2 = parameter != null && "distinct".equals(parameter) && "GET".equals(httpServletRequest.getMethod());
        boolean z3 = parameter != null && "all".equals(parameter) && "GET".equals(httpServletRequest.getMethod());
        boolean z4 = header == null || header.indexOf(StandardServices.TOOLSETTINGS_SIMPLE_FORMAT) >= 0;
        boolean z5 = header == null || header.indexOf(StandardServices.TOOLSETTINGS_FORMAT) >= 0;
        System.out.println("as=" + z4 + " ac=" + z5 + " is=" + (contentType == null || contentType.indexOf(StandardServices.TOOLSETTINGS_SIMPLE_FORMAT) >= 0) + " ic=" + (contentType != null && contentType.indexOf(StandardServices.TOOLSETTINGS_FORMAT) >= 0));
        IMSJSONRequest iMSJSONRequest = null;
        JSONObject jSONObject = null;
        if ("PUT".equals(httpServletRequest.getMethod())) {
            try {
                iMSJSONRequest = new IMSJSONRequest(httpServletRequest);
                jSONObject = (JSONObject) JSONValue.parse(iMSJSONRequest.getPostBody());
            } catch (Exception e) {
                httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
                doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "Could not parse JSON", e);
                return;
            }
        }
        String str4 = null;
        String str5 = null;
        Map map = null;
        Long l = null;
        Map map2 = null;
        Long l2 = null;
        Map map3 = null;
        Long l3 = null;
        Map map4 = null;
        if (LTI2Util.SCOPE_LtiLink.equals(str3) || LTI2Util.SCOPE_ToolProxyBinding.equals(str3)) {
            str5 = strArr[5];
            System.out.println("placement_id=" + str5);
            l = SakaiBLTIUtil.getLongKey(str5.substring(8));
            if (l.longValue() >= 0) {
                map = ltiService.getContentDao(l);
                if (map != null) {
                    str4 = (String) map.get("SITE_ID");
                }
            }
            if (map == null || str4 == null) {
                httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
                doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "Bad content item", null);
                return;
            }
            l2 = SakaiBLTIUtil.getLongKey(map.get("tool_id"));
            if (l2.longValue() >= 0) {
                map2 = ltiService.getToolDao(l2, str4);
            }
            if (map2 == null) {
                httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
                doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "Bad tool item", null);
                return;
            }
            ltiService.filterContent(map, map2);
            if (foorm.getLong(map.get("allowoutcomes")).longValue() <= 0 && foorm.getLong(map2.get("allowoutcomes")).longValue() <= 0) {
                httpServletResponse.setStatus(HttpStatus.SC_FORBIDDEN);
                doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "Item does not allow tool settings", null);
                return;
            }
        }
        if (LTI2Util.SCOPE_ToolProxyBinding.equals(str3) || LTI2Util.SCOPE_LtiLink.equals(str3)) {
            map3 = ltiService.getProxyBindingDao(l2, str4);
            if (map3 != null) {
                l3 = SakaiBLTIUtil.getLongKey(map3.get("id"));
            }
        }
        if ("ToolProxy".equals(str3)) {
            str = strArr[5];
            map4 = ltiService.getDeployForConsumerKeyDao(str);
            if (map4 == null) {
                httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
                doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "Bad deploy item", null);
                return;
            }
            longKey = SakaiBLTIUtil.getLongKey(map4.get("id"));
        } else {
            if (map2 == null) {
                httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
                doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "Bad tool item", null);
                return;
            }
            longKey = SakaiBLTIUtil.getLongKey(map2.get("deployment_id"));
            if (longKey.longValue() >= 0) {
                map4 = ltiService.getDeployDao(longKey);
            }
            if (map4 == null) {
                httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
                doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "Bad deploy item", null);
                return;
            }
            str = (String) map4.get("consumerkey");
        }
        if (map4 != null && foorm.getLong(map4.get("allowoutcomes")).longValue() <= 0) {
            httpServletResponse.setStatus(HttpStatus.SC_FORBIDDEN);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "Deployment does not allow tool settings", null);
            return;
        }
        String str6 = SakaiBLTIUtil.getOurServerUrl() + "/imsblis/lti2/Settings";
        String str7 = str6 + CookieSpec.PATH_DELIM + "ToolProxy" + CookieSpec.PATH_DELIM + str;
        String str8 = str6 + CookieSpec.PATH_DELIM + LTI2Util.SCOPE_ToolProxyBinding + CookieSpec.PATH_DELIM + str5;
        String str9 = str6 + CookieSpec.PATH_DELIM + LTI2Util.SCOPE_LtiLink + CookieSpec.PATH_DELIM + str5;
        JSONObject jSONObject2 = new JSONObject();
        JSONObject jSONObject3 = new JSONObject();
        JSONObject jSONObject4 = new JSONObject();
        if (map != null) {
            jSONObject2 = LTI2Util.parseSettings((String) map.get("settings"));
        }
        if (map3 != null) {
            jSONObject3 = LTI2Util.parseSettings((String) map3.get("settings"));
        }
        if (map4 != null) {
            jSONObject4 = LTI2Util.parseSettings((String) map4.get("settings"));
        }
        if (LTI2Util.SCOPE_LtiLink.equals(str3)) {
            str2 = (String) map.get("secret");
            if (str2 == null || str2.length() < 1) {
                str2 = (String) map2.get("secret");
            }
        } else if (LTI2Util.SCOPE_ToolProxyBinding.equals(str3)) {
            str2 = (String) map2.get("secret");
        } else {
            if (!"ToolProxy".equals(str3)) {
                httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
                doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "Bad Setttings Scope=" + str3, null);
                return;
            }
            str2 = (String) map4.get("secret");
        }
        if (str2 == null || str == null) {
            httpServletResponse.setStatus(HttpStatus.SC_FORBIDDEN);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "Key or secret is null, key=" + str, null);
            return;
        }
        Object validateMessage = SakaiBLTIUtil.validateMessage(httpServletRequest, ourServletPath, str2, str);
        if (validateMessage instanceof String) {
            httpServletResponse.setStatus(HttpStatus.SC_FORBIDDEN);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, (String) validateMessage, null);
            return;
        }
        if ("GET".equals(httpServletRequest.getMethod())) {
            Object settings = LTI2Util.getSettings(httpServletRequest, str3, jSONObject2, jSONObject3, jSONObject4, str9, str8, str7);
            if (settings instanceof String) {
                httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
                doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, (String) settings, null);
                return;
            }
            if (z5) {
                httpServletResponse.setContentType(StandardServices.TOOLSETTINGS_FORMAT);
            } else {
                httpServletResponse.setContentType(StandardServices.TOOLSETTINGS_SIMPLE_FORMAT);
            }
            JSONObject jSONObject5 = (JSONObject) settings;
            httpServletResponse.setStatus(200);
            PrintWriter writer = httpServletResponse.getWriter();
            System.out.println("jsonResponse=" + jSONObject5);
            writer.println(jSONObject5.toString());
            return;
        }
        if (!"PUT".equals(httpServletRequest.getMethod())) {
            httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "Method not handled=" + httpServletRequest.getMethod(), null);
            return;
        }
        try {
            jSONArray = (JSONArray) jSONObject.get(LTI2Constants.GRAPH);
        } catch (Exception e2) {
            postBody = iMSJSONRequest.getPostBody();
        }
        if (jSONArray.size() != 1) {
            httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, "Only one graph entry allowed", null);
            return;
        }
        postBody = ((JSONObject) ((JSONObject) jSONArray.get(0)).get(LTI2Constants.CUSTOM)).toString();
        Object obj = null;
        if (LTI2Util.SCOPE_LtiLink.equals(str3)) {
            map.put("settings", postBody);
            obj = ltiService.updateContentDao(l, map, str4);
        } else if (LTI2Util.SCOPE_ToolProxyBinding.equals(str3)) {
            if (map3 != null) {
                map3.put("settings", postBody);
                obj = ltiService.updateProxyBindingDao(l3, map3);
            } else {
                Properties properties = new Properties();
                properties.setProperty("SITE_ID", str4);
                properties.setProperty("tool_id", l2 + "");
                properties.setProperty("settings", postBody);
                obj = ltiService.insertProxyBindingDao(properties);
                M_log.info("inserted ProxyBinding setting=" + properties);
            }
        } else if ("ToolProxy".equals(str3)) {
            map4.put("settings", postBody);
            obj = ltiService.updateDeployDao(longKey, map4);
        }
        if (!(obj instanceof String) && (!(obj instanceof Boolean) || ((Boolean) obj) == Boolean.TRUE)) {
            httpServletResponse.setStatus(200);
        } else {
            httpServletResponse.setStatus(HttpStatus.SC_BAD_REQUEST);
            doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, (String) obj, null);
        }
    }

    public void doErrorJSON(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, IMSJSONRequest iMSJSONRequest, String str, Exception exc) throws IOException {
        if (exc != null) {
            M_log.error(exc.getLocalizedMessage(), exc);
        }
        M_log.info(str);
        System.out.println(IMSJSONRequest.doErrorJSON(httpServletRequest, httpServletResponse, iMSJSONRequest, str, exc));
    }

    public void destroy() {
    }
}
