package hk.hku.cecid.edi.sfrm.admin.listener;

import hk.hku.cecid.corvus.http.PartnershipOpVerifer;
import hk.hku.cecid.edi.sfrm.dao.SFRMPartnershipDAO;
import hk.hku.cecid.edi.sfrm.dao.SFRMPartnershipDVO;
import hk.hku.cecid.edi.sfrm.spa.SFRMException;
import hk.hku.cecid.edi.sfrm.spa.SFRMProcessor;
import hk.hku.cecid.edi.sfrm.spa.SFRMProperties;
import hk.hku.cecid.hermes.api.Constants;
import hk.hku.cecid.piazza.commons.dao.DAOException;
import hk.hku.cecid.piazza.commons.io.IOHandler;
import hk.hku.cecid.piazza.commons.util.PropertyTree;
import hk.hku.cecid.piazza.commons.util.StringUtilities;
import hk.hku.cecid.piazza.corvus.admin.listener.AdminPageletAdaptor;
import hk.hku.cecid.piazza.corvus.core.main.admin.hc.util.AdminProperties;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.MessageDigest;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Hashtable;
import java.util.Iterator;
import javax.servlet.http.HttpServletRequest;
import javax.xml.transform.Source;
import org.apache.commons.fileupload.DiskFileUpload;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.fileupload.FileUpload;
import org.apache.commons.fileupload.FileUploadException;
import org.apache.tools.ant.taskdefs.optional.j2ee.HotDeploymentTool;
import org.apache.xml.security.keys.content.x509.XMLX509Certificate;

/* loaded from: input_file:hermes2_bin.zip:plugins/corvus-sfrm-admin/corvus-sfrm-admin.jar:hk/hku/cecid/edi/sfrm/admin/listener/PartnershipPageletAdaptor.class */
public class PartnershipPageletAdaptor extends AdminPageletAdaptor {
    @Override // hk.hku.cecid.piazza.corvus.admin.listener.AdminPageletAdaptor, hk.hku.cecid.piazza.commons.pagelet.xslt.BorderLayoutPageletAdaptor
    protected Source getCenterSource(HttpServletRequest httpServletRequest) {
        String str;
        PropertyTree propertyTree = new PropertyTree();
        propertyTree.setProperty("/partnerships", "");
        propertyTree.setProperty("add_partnership/", "");
        try {
            if (FileUpload.isMultipartContent(httpServletRequest)) {
                Hashtable hashtable = getHashtable(httpServletRequest);
                if (((String) hashtable.get("request_action")).equalsIgnoreCase("change")) {
                    str = (String) hashtable.get("selected_partnership_id");
                } else {
                    str = (String) hashtable.get("partnership_id");
                    modifyPartnership(hashtable, httpServletRequest, propertyTree);
                }
                getSelectedPartnership(str, propertyTree);
            }
            getAllPartnerships(propertyTree);
            return propertyTree.getSource();
        } catch (Exception e) {
            SFRMProcessor.getInstance().getLogger().debug("Unable to process the partnership page request", e);
            throw new RuntimeException("Unable to process the partnership page request", e);
        }
    }

    private void getAllPartnerships(PropertyTree propertyTree) throws DAOException {
        Iterator it = ((SFRMPartnershipDAO) SFRMProcessor.getInstance().getDAOFactory().createDAO(SFRMPartnershipDAO.class)).findAllPartnerships().iterator();
        int i = 1;
        while (it.hasNext()) {
            propertyTree.setProperty("partnership[" + i + "]/partnership_id", ((SFRMPartnershipDVO) it.next()).getPartnershipId());
            i++;
        }
    }

    private void getSelectedPartnership(String str, PropertyTree propertyTree) throws DAOException, SFRMException {
        SFRMPartnershipDAO sFRMPartnershipDAO = (SFRMPartnershipDAO) SFRMProcessor.getInstance().getDAOFactory().createDAO(SFRMPartnershipDAO.class);
        SFRMPartnershipDVO sFRMPartnershipDVO = (SFRMPartnershipDVO) sFRMPartnershipDAO.createDVO();
        sFRMPartnershipDVO.setPartnershipId(str);
        SFRMProcessor.getInstance().getLogger().info("Partnership ID: " + str);
        if (sFRMPartnershipDAO.retrieve(sFRMPartnershipDVO)) {
            getPartnership(sFRMPartnershipDVO, propertyTree, "selected_partnership/");
        }
    }

    private void getPartnership(SFRMPartnershipDVO sFRMPartnershipDVO, PropertyTree propertyTree, String str) throws SFRMException {
        propertyTree.setProperty(str + "partnership_id", sFRMPartnershipDVO.getPartnershipId());
        propertyTree.setProperty(str + "description", sFRMPartnershipDVO.getDescription());
        propertyTree.setProperty(str + "partner_endpoint", sFRMPartnershipDVO.getOrgPartnerEndpoint());
        propertyTree.setProperty(str + "partner_cert_fingerprint", sFRMPartnershipDVO.getPartnerCertFingerprint());
        propertyTree.setProperty(str + "is_hostname_verified", Boolean.toString(sFRMPartnershipDVO.isHostnameVerified()));
        propertyTree.setProperty(str + "sign_algorithm", sFRMPartnershipDVO.getSignAlgorithm());
        propertyTree.setProperty(str + "encrypt_algorithm", sFRMPartnershipDVO.getEncryptAlgorithm());
        propertyTree.setProperty(str + "retry_max", Integer.toString(sFRMPartnershipDVO.getRetryMax()));
        propertyTree.setProperty(str + "retry_interval", Integer.toString(sFRMPartnershipDVO.getRetryInterval()));
        propertyTree.setProperty(str + "is_disabled", Boolean.toString(sFRMPartnershipDVO.isDisabled()));
        String partnerCertFingerprint = sFRMPartnershipDVO.getPartnerCertFingerprint();
        if (partnerCertFingerprint == null || partnerCertFingerprint.equals("")) {
            return;
        }
        if (!checkCertificateExist(partnerCertFingerprint)) {
            propertyTree.setProperty(str + "encrypt_cert_warn", "The certificate file with fingerprint (" + partnerCertFingerprint + ") doesn't exist.");
            return;
        }
        X509Certificate verifyX509Certificate = sFRMPartnershipDVO.getVerifyX509Certificate();
        if (verifyX509Certificate != null) {
            propertyTree.setProperty(str + "encrypt_cert/issuer", verifyX509Certificate.getIssuerDN().getName());
            propertyTree.setProperty(str + "encrypt_cert/subject", verifyX509Certificate.getSubjectDN().getName());
            propertyTree.setProperty(str + "encrypt_cert/thumbprint", sFRMPartnershipDVO.getPartnerCertFingerprint());
            propertyTree.setProperty(str + "encrypt_cert/valid-from", StringUtilities.toGMTString(verifyX509Certificate.getNotBefore()));
            propertyTree.setProperty(str + "encrypt_cert/valid-to", StringUtilities.toGMTString(verifyX509Certificate.getNotAfter()));
        }
    }

    private boolean checkCertificateExist(String str) {
        return new File(SFRMProperties.getTrustedCertStore(), str).exists();
    }

    public Hashtable getHashtable(HttpServletRequest httpServletRequest) throws FileUploadException, IOException {
        Hashtable hashtable = new Hashtable();
        for (FileItem fileItem : new DiskFileUpload().parseRequest(httpServletRequest)) {
            if (fileItem.isFormField()) {
                hashtable.put(fileItem.getFieldName(), fileItem.getString());
            } else if (!fileItem.getName().equals("") && fileItem.getSize() != 0) {
                hashtable.put(fileItem.getFieldName(), fileItem.getInputStream());
            }
        }
        return hashtable;
    }

    private void modifyPartnership(Hashtable hashtable, HttpServletRequest httpServletRequest, PropertyTree propertyTree) throws DAOException, SFRMException {
        String str = (String) hashtable.get("request_action");
        if (str.equalsIgnoreCase("update")) {
            updatePartnership(hashtable, propertyTree, httpServletRequest);
        } else if (str.equalsIgnoreCase("add")) {
            addPartnership(hashtable, propertyTree, httpServletRequest);
        } else if (str.equalsIgnoreCase(HotDeploymentTool.ACTION_DELETE)) {
            deletePartnership((String) hashtable.get("partnership_id"), httpServletRequest);
        }
    }

    private boolean addPartnership(Hashtable hashtable, PropertyTree propertyTree, HttpServletRequest httpServletRequest) throws DAOException, SFRMException {
        SFRMPartnershipDAO sFRMPartnershipDAO = (SFRMPartnershipDAO) SFRMProcessor.getInstance().getDAOFactory().createDAO(SFRMPartnershipDAO.class);
        SFRMPartnershipDVO sFRMPartnershipDVO = (SFRMPartnershipDVO) sFRMPartnershipDAO.createDVO();
        boolean partnershipDVO = setPartnershipDVO(sFRMPartnershipDVO, hashtable, httpServletRequest);
        if (sFRMPartnershipDAO.findPartnershipById((String) hashtable.get("partnership_id")) != null) {
            httpServletRequest.setAttribute(ATTR_MESSAGE, "Partnership ID already exist");
            partnershipDVO = false;
        }
        if (partnershipDVO) {
            sFRMPartnershipDAO.create(sFRMPartnershipDVO);
            try {
                if (hashtable.get("partner_cert") != null) {
                    uploadCertificate(sFRMPartnershipDVO.getPartnerCertFingerprint(), (InputStream) hashtable.get("partner_cert"));
                }
            } catch (Exception e) {
                SFRMProcessor.getInstance().getLogger().error("Error when uploading the partnership certificate file", e);
            }
            httpServletRequest.setAttribute(ATTR_MESSAGE, PartnershipOpVerifer.OP_ADD_SUCCESS);
            propertyTree.removeProperty("/partnerships/add_partnership");
        } else {
            getPartnership(sFRMPartnershipDVO, propertyTree, "add_partnership/");
        }
        return partnershipDVO;
    }

    private boolean updatePartnership(Hashtable hashtable, PropertyTree propertyTree, HttpServletRequest httpServletRequest) throws DAOException {
        SFRMPartnershipDAO sFRMPartnershipDAO = (SFRMPartnershipDAO) SFRMProcessor.getInstance().getDAOFactory().createDAO(SFRMPartnershipDAO.class);
        SFRMPartnershipDVO sFRMPartnershipDVO = (SFRMPartnershipDVO) sFRMPartnershipDAO.createDVO();
        sFRMPartnershipDVO.setPartnershipId((String) hashtable.get("partnership_id"));
        sFRMPartnershipDAO.retrieve(sFRMPartnershipDVO);
        boolean partnershipDVO = setPartnershipDVO(sFRMPartnershipDVO, hashtable, httpServletRequest);
        if (partnershipDVO) {
            sFRMPartnershipDAO.persist(sFRMPartnershipDVO);
            if (hashtable.get("partner_cert") != null) {
                uploadCertificate(sFRMPartnershipDVO.getPartnerCertFingerprint(), (InputStream) hashtable.get("partner_cert"));
            }
            httpServletRequest.setAttribute(ATTR_MESSAGE, PartnershipOpVerifer.OP_UPDATE_SUCCESS);
        }
        return partnershipDVO;
    }

    private boolean deletePartnership(String str, HttpServletRequest httpServletRequest) throws DAOException {
        SFRMPartnershipDAO sFRMPartnershipDAO = (SFRMPartnershipDAO) SFRMProcessor.getInstance().getDAOFactory().createDAO(SFRMPartnershipDAO.class);
        SFRMPartnershipDVO sFRMPartnershipDVO = (SFRMPartnershipDVO) sFRMPartnershipDAO.createDVO();
        sFRMPartnershipDVO.setPartnershipId(str);
        boolean remove = sFRMPartnershipDAO.remove(sFRMPartnershipDVO);
        if (remove) {
            httpServletRequest.setAttribute(ATTR_MESSAGE, PartnershipOpVerifer.OP_DELETE_SUCCESS);
        } else {
            httpServletRequest.setAttribute(ATTR_MESSAGE, "Fail on deleting the Partnership with ID: " + str);
        }
        return remove;
    }

    private Hashtable validatePartnership(Hashtable hashtable) {
        String protocol;
        Hashtable hashtable2 = new Hashtable();
        String str = (String) hashtable.get("partnership_id");
        String str2 = (String) hashtable.get("partner_endpoint");
        String str3 = (String) hashtable.get("retry_max");
        String str4 = (String) hashtable.get("retry_interval");
        boolean z = true;
        if (str == null || str.trim().equals("")) {
            hashtable2.put("partnership_id", "Partnership ID cannot be empty");
            z = false;
        }
        if (z && !str.matches(SFRMPartnershipDVO.PARTNERSHIPID_REGEXP)) {
            hashtable2.put("partnership_id", "Partnership ID should contains the alphanumeric characters and @ _ + - only");
        }
        if (str2 == null || str2.trim().equals("")) {
            hashtable2.put("partner_endpoint", "Transport Endpoint cannot be empty");
        } else {
            URL url = null;
            try {
                url = new URL(str2);
            } catch (Exception e) {
                hashtable2.put("partner_endpoint", "Transport Endpoint is invalid");
            }
            if (url != null && (protocol = url.getProtocol()) != null && !protocol.equals(Constants.DEFAULT_EBMS_PARTNERSHIP_TRANSPORT_PROTOCOL) && !protocol.equals("https")) {
                hashtable2.put("partner_endpoint", "Transport Endpoint protocol is invalid");
            }
        }
        try {
            boolean z2 = true;
            if (str3.trim().equals("")) {
                hashtable2.put("retry_max", "Maximum Retries should have a value");
                z2 = false;
            }
            if (z2) {
                long parseLong = Long.parseLong(str3);
                if (parseLong < -2147483648L || parseLong > 2147483647L) {
                    hashtable2.put("retry_max", "Maximum Retries out of range");
                }
            }
        } catch (NumberFormatException e2) {
            hashtable2.put("retry_max", "Maximum Retries must be an integer");
        }
        try {
            boolean z3 = true;
            if (str4.trim().equals("")) {
                hashtable2.put("retry_interval", "Retry Interval should have a value");
                z3 = false;
            }
            if (z3) {
                long parseLong2 = Long.parseLong(str4);
                if (parseLong2 < -2147483648L || parseLong2 > 2147483647L) {
                    hashtable2.put("retry_interval", "Retry Interval out of range");
                }
            }
        } catch (NumberFormatException e3) {
            hashtable2.put("retry_interval", "Retry Interval must be an integer");
        }
        if (hashtable.get("partner_cert") != null) {
            try {
                generateX509CertificateFingerprint((InputStream) hashtable.get("partner_cert"));
            } catch (IOException e4) {
                hashtable2.put("partner_cert", "Error when reading the partnership certificate");
            } catch (Exception e5) {
                hashtable2.put("partner_cert", "Uploaded cert is not an X.509 cert");
            }
        }
        return hashtable2;
    }

    private boolean setPartnershipDVO(SFRMPartnershipDVO sFRMPartnershipDVO, Hashtable hashtable, HttpServletRequest httpServletRequest) {
        boolean z = true;
        try {
            Hashtable validatePartnership = validatePartnership(hashtable);
            if (validatePartnership.size() != 0) {
                httpServletRequest.setAttribute(ATTR_MESSAGE, validatePartnership.get((String) validatePartnership.keys().nextElement()));
                if (validatePartnership.get("retry_max") != null) {
                    sFRMPartnershipDVO.setRetryMax(3);
                }
                if (validatePartnership.get("retry_interval") != null) {
                    sFRMPartnershipDVO.setRetryInterval(60000);
                }
                z = false;
            }
            if (validatePartnership.get("retry_max") == null) {
                sFRMPartnershipDVO.setRetryMax(Integer.parseInt((String) hashtable.get("retry_max")));
            }
            if (validatePartnership.get("retry_interval") == null) {
                sFRMPartnershipDVO.setRetryInterval(Integer.parseInt((String) hashtable.get("retry_interval")));
            }
            sFRMPartnershipDVO.setPartnershipId((String) hashtable.get("partnership_id"));
            sFRMPartnershipDVO.setPartnerEndPoint((String) hashtable.get("partner_endpoint"));
            sFRMPartnershipDVO.setDescription((String) hashtable.get("description"));
            String str = null;
            String str2 = null;
            if (!((String) hashtable.get("sign_algorithm")).equalsIgnoreCase("none")) {
                str = (String) hashtable.get("sign_algorithm");
            }
            if (!((String) hashtable.get("encrypt_algorithm")).equalsIgnoreCase("none")) {
                str2 = (String) hashtable.get("encrypt_algorithm");
            }
            sFRMPartnershipDVO.setSignAlgorithm(str);
            sFRMPartnershipDVO.setEncryptAlgorithm(str2);
            sFRMPartnershipDVO.setIsHostnameVerified(Boolean.valueOf((String) hashtable.get("is_hostname_verified")).booleanValue());
            sFRMPartnershipDVO.setIsDisabled(Boolean.valueOf((String) hashtable.get("is_disabled")).booleanValue());
            if (hashtable.get("encrypt_cert_remove") != null && ((String) hashtable.get("encrypt_cert_remove")).equalsIgnoreCase(AdminProperties.ON)) {
                sFRMPartnershipDVO.setPartnerCertFingerprint(null);
            }
            if (validatePartnership.get("partner_cert") == null) {
                if (hashtable.get("partner_cert") != null) {
                    InputStream inputStream = (InputStream) hashtable.get("partner_cert");
                    try {
                        inputStream.reset();
                        sFRMPartnershipDVO.setPartnerCertFingerprint(generateX509CertificateFingerprint(inputStream).toUpperCase());
                    } catch (IOException e) {
                        httpServletRequest.setAttribute(ATTR_MESSAGE, "Error when reading the partnership certificate");
                        z = false;
                    } catch (Exception e2) {
                        httpServletRequest.setAttribute(ATTR_MESSAGE, "Partnership Certificate Error");
                    }
                }
            }
        } catch (Exception e3) {
            SFRMProcessor.getInstance().getLogger().error("Error which uplaoding the cert", e3);
        }
        return z;
    }

    private String generateX509CertificateFingerprint(InputStream inputStream) throws Exception {
        return toHexString(MessageDigest.getInstance("SHA-1").digest(((X509Certificate) CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID).generateCertificate(new BufferedInputStream(inputStream))).getEncoded()));
    }

    private String toHexString(byte[] bArr) throws Exception {
        String str = "";
        for (byte b : bArr) {
            str = str + Integer.toString((b & 255) + 256, 16).substring(1);
        }
        return str;
    }

    private void uploadCertificate(String str, InputStream inputStream) {
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(new File(SFRMProperties.getTrustedCertStore(), str));
            inputStream.reset();
            IOHandler.pipe(inputStream, fileOutputStream);
            fileOutputStream.close();
        } catch (Exception e) {
            SFRMProcessor.getInstance().getLogger().error("Error when uploading the partnership certificate file", e);
        }
    }
}
