package com.mirth.connect.server.servlets;

import com.mirth.connect.client.core.PropertiesConfigurationUtil;
import com.mirth.connect.model.EncryptionSettings;
import com.mirth.connect.model.ExtensionLibrary;
import com.mirth.connect.model.MetaData;
import com.mirth.connect.model.ServerSettings;
import com.mirth.connect.model.converters.DocumentSerializer;
import com.mirth.connect.model.converters.ObjectXMLSerializer;
import com.mirth.connect.server.controllers.ConfigurationController;
import com.mirth.connect.server.controllers.ControllerFactory;
import com.mirth.connect.server.controllers.DefaultConfigurationController;
import com.mirth.connect.server.controllers.ExtensionController;
import com.mirth.connect.server.tools.ClassPathResource;
import com.mirth.connect.server.util.ResourceUtil;
import com.mirth.connect.util.MirthSSLUtil;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
import java.security.MessageDigest;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Enumeration;
import java.util.HashSet;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.commons.configuration2.PropertiesConfiguration;
import org.apache.commons.configuration2.ex.ConfigurationException;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.util.Arrays;
import org.eclipse.jetty.io.RuntimeIOException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:com/mirth/connect/server/servlets/WebStartServlet.class */
public class WebStartServlet extends HttpServlet {
    private Logger logger = LogManager.getLogger(getClass());
    private ConfigurationController configurationController = ControllerFactory.getFactory().createConfigurationController();
    private ExtensionController extensionController = ControllerFactory.getFactory().createExtensionController();

    protected long getLastModified(HttpServletRequest httpServletRequest) {
        return System.currentTimeMillis();
    }

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletResponse.setCharacterEncoding(EncryptionSettings.DEFAULT_ENCRYPTION_CHARSET);
        try {
            httpServletResponse.setContentType("application/x-java-jnlp-file");
            httpServletResponse.setHeader("Pragma", "no-cache");
            httpServletResponse.setHeader("X-Content-Type-Options", "nosniff");
            PrintWriter writer = httpServletResponse.getWriter();
            Document document = null;
            String contextPathProp = getContextPathProp(getMirthProperties());
            if ((httpServletRequest.getRequestURI().equals(contextPathProp + "/webstart.jnlp") || httpServletRequest.getRequestURI().equals(contextPathProp + "/webstart")) && isWebstartRequestValid(httpServletRequest)) {
                document = getAdministratorJnlp(httpServletRequest);
                httpServletResponse.setHeader("Content-Disposition", "attachment; filename = \"webstart.jnlp\"");
            } else if (httpServletRequest.getServletPath().equals("/webstart/extensions") && isWebstartExtensionsRequestValid(httpServletRequest, contextPathProp)) {
                String extensionPath = getExtensionPath(httpServletRequest);
                document = getExtensionJnlp(getExtensionPath(httpServletRequest));
                httpServletResponse.setHeader("Content-Disposition", "attachment; filename = \"" + extensionPath + ".jnlp\"");
            } else {
                httpServletResponse.setContentType(ServerSettings.DEFAULT_LOGIN_NOTIFICATION_MESSAGE_VALUE);
            }
            new DocumentSerializer(true).toXML(document, writer);
        } catch (RuntimeIOException e) {
            this.logger.debug(e);
        } catch (Throwable th) {
            this.logger.error(ExceptionUtils.getStackTrace(th));
            throw new ServletException(th);
        }
    }

    private boolean isWebstartRequestValid(HttpServletRequest httpServletRequest) {
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            if (!"maxHeapSize".equals(str) && !"time".equals(str)) {
                return false;
            }
            if ("maxHeapSize".equals(str) && !httpServletRequest.getParameter(str).matches("\\d+[kKmMgGtT]")) {
                return false;
            }
            if ("time".equals(str) && !httpServletRequest.getParameter(str).matches("\\d+")) {
                return false;
            }
        }
        return true;
    }

    private boolean isWebstartExtensionsRequestValid(HttpServletRequest httpServletRequest, String str) {
        return httpServletRequest.getParameterMap().isEmpty() && new StringBuilder().append(str).append(httpServletRequest.getServletPath()).append("/").append(getExtensionPath(httpServletRequest)).toString().equals(StringUtils.removeEnd(httpServletRequest.getRequestURI(), ".jnlp"));
    }

    private String getExtensionPath(HttpServletRequest httpServletRequest) {
        return StringUtils.removeEnd(StringUtils.removeStart(httpServletRequest.getPathInfo(), "/"), ".jnlp");
    }

    protected Document getAdministratorJnlp(HttpServletRequest httpServletRequest) throws Exception {
        InputStream inputStream = null;
        try {
            inputStream = ResourceUtil.getResourceStream(getClass(), "mirth-client.jnlp");
            Document parse = getSecureDocumentBuilderFactory().newDocumentBuilder().parse(inputStream);
            ResourceUtil.closeResourceQuietly(inputStream);
            Element documentElement = parse.getDocumentElement();
            PropertiesConfigurationUtil.create();
            InputStream inputStream2 = null;
            try {
                inputStream2 = ResourceUtil.getResourceStream(getClass(), "version.properties");
                PropertiesConfiguration create = PropertiesConfigurationUtil.create(inputStream2);
                ResourceUtil.closeResourceQuietly(inputStream2);
                String string = create.getString("mirth.version");
                documentElement.setAttribute(ObjectXMLSerializer.VERSION_ATTRIBUTE_NAME, string);
                Element element = (Element) ((Element) documentElement.getElementsByTagName("information").item(0)).getElementsByTagName("title").item(0);
                String str = element.getTextContent() + " " + string;
                String serverName = this.configurationController.getServerSettings().getServerName();
                if (StringUtils.isNotBlank(serverName)) {
                    str = serverName + " - " + str;
                }
                String environmentName = this.configurationController.getServerSettings().getEnvironmentName();
                if (StringUtils.isNotBlank(environmentName)) {
                    str = environmentName + " - " + str;
                }
                element.setTextContent(str);
                String scheme = httpServletRequest.getScheme();
                String serverName2 = httpServletRequest.getServerName();
                String str2 = scheme + "://" + serverName2 + ":" + httpServletRequest.getServerPort() + httpServletRequest.getContextPath();
                PropertiesConfiguration mirthProperties = getMirthProperties();
                inputStream = StringUtils.isNotBlank(mirthProperties.getString("server.url")) ? mirthProperties.getString("server.url") : "https://" + serverName2 + ":" + mirthProperties.getInt("https.port", 8443) + getContextPathProp(mirthProperties);
                documentElement.setAttribute("codebase", str2);
                Element element2 = (Element) documentElement.getElementsByTagName(DefaultConfigurationController.PROPERTIES_RESOURCES).item(0);
                String parameter = httpServletRequest.getParameter("maxHeapSize");
                if (StringUtils.isBlank(parameter)) {
                    parameter = mirthProperties.getString("administrator.maxheapsize");
                }
                if (StringUtils.isNotBlank(parameter)) {
                    NodeList elementsByTagName = element2.getElementsByTagName("j2se");
                    for (int i = 0; i < elementsByTagName.getLength(); i++) {
                        ((Element) elementsByTagName.item(i)).setAttribute("max-heap-size", parameter);
                    }
                }
                ArrayList<String> arrayList = new ArrayList();
                arrayList.add("mirth-client.jar");
                arrayList.add("mirth-client-core.jar");
                arrayList.add("mirth-crypto.jar");
                arrayList.add("mirth-vocab.jar");
                File file = new File(getClientLibPath());
                for (String str3 : arrayList) {
                    Element createElement = parse.createElement("jar");
                    createElement.setAttribute("download", "eager");
                    createElement.setAttribute("href", "webstart/client-lib/" + str3);
                    if (str3.equals("mirth-client.jar")) {
                        createElement.setAttribute("main", "true");
                    }
                    createElement.setAttribute("sha256", getDigest(file, str3));
                    element2.appendChild(createElement);
                }
                for (String str4 : ControllerFactory.getFactory().createExtensionController().getClientLibraries()) {
                    if (!arrayList.contains(str4)) {
                        Element createElement2 = parse.createElement("jar");
                        createElement2.setAttribute("download", "eager");
                        createElement2.setAttribute("href", "webstart/client-lib/" + str4);
                        createElement2.setAttribute("sha256", getDigest(file, str4));
                        element2.appendChild(createElement2);
                    }
                }
                ArrayList<MetaData> arrayList2 = new ArrayList();
                arrayList2.addAll(ControllerFactory.getFactory().createExtensionController().getConnectorMetaData().values());
                arrayList2.addAll(ControllerFactory.getFactory().createExtensionController().getPluginMetaData().values());
                HashSet<String> hashSet = new HashSet();
                for (MetaData metaData : arrayList2) {
                    if (this.extensionController.isExtensionEnabled(metaData.getName()) && doesExtensionHaveClientOrSharedLibraries(metaData)) {
                        hashSet.add(metaData.getPath());
                    }
                }
                for (String str5 : hashSet) {
                    Element createElement3 = parse.createElement("extension");
                    createElement3.setAttribute("href", "webstart/extensions/" + str5 + ".jnlp");
                    element2.appendChild(createElement3);
                }
                Element element3 = (Element) documentElement.getElementsByTagName("application-desc").item(0);
                element3.appendChild(parse.createElement("argument"));
                Element createElement4 = parse.createElement("argument");
                createElement4.setTextContent(string);
                element3.appendChild(createElement4);
                String[] httpsClientProtocols = this.configurationController.getHttpsClientProtocols();
                String[] httpsCipherSuites = this.configurationController.getHttpsCipherSuites();
                if (!Arrays.areEqual(httpsClientProtocols, MirthSSLUtil.DEFAULT_HTTPS_CLIENT_PROTOCOLS) || !Arrays.areEqual(httpsCipherSuites, MirthSSLUtil.DEFAULT_HTTPS_CIPHER_SUITES)) {
                    Element createElement5 = parse.createElement("argument");
                    createElement5.setTextContent("-ssl");
                    element3.appendChild(createElement5);
                    Element createElement6 = parse.createElement("argument");
                    createElement6.setTextContent(StringUtils.join(httpsClientProtocols, ','));
                    element3.appendChild(createElement6);
                    Element createElement7 = parse.createElement("argument");
                    createElement7.setTextContent(StringUtils.join(httpsCipherSuites, ','));
                    element3.appendChild(createElement7);
                }
                return parse;
            } finally {
            }
        } finally {
        }
    }

    public static String getClientLibPath() {
        return ClassPathResource.getResourceURI("client-lib") != null ? ClassPathResource.getResourceURI("client-lib").getPath() + File.separator : ControllerFactory.getFactory().createConfigurationController().getBaseDir() + File.separator + "client-lib" + File.separator;
    }

    private boolean doesExtensionHaveClientOrSharedLibraries(MetaData metaData) {
        for (ExtensionLibrary extensionLibrary : metaData.getLibraries()) {
            if (extensionLibrary.getType().equals(ExtensionLibrary.Type.CLIENT) || extensionLibrary.getType().equals(ExtensionLibrary.Type.SHARED)) {
                return true;
            }
        }
        return false;
    }

    protected Document getExtensionJnlp(String str) throws Exception {
        ArrayList<MetaData> arrayList = new ArrayList();
        arrayList.addAll(ControllerFactory.getFactory().createExtensionController().getConnectorMetaData().values());
        arrayList.addAll(ControllerFactory.getFactory().createExtensionController().getPluginMetaData().values());
        HashSet<String> hashSet = new HashSet();
        ArrayList arrayList2 = new ArrayList();
        for (MetaData metaData : arrayList) {
            if (metaData.getPath().equals(str)) {
                arrayList2.add(metaData.getName());
                for (ExtensionLibrary extensionLibrary : metaData.getLibraries()) {
                    if (extensionLibrary.getType().equals(ExtensionLibrary.Type.CLIENT) || extensionLibrary.getType().equals(ExtensionLibrary.Type.SHARED)) {
                        hashSet.add(extensionLibrary.getPath());
                    }
                }
            }
        }
        if (arrayList2.isEmpty()) {
            throw new Exception("Extension metadata could not be located for the path: " + str);
        }
        Document newDocument = getSecureDocumentBuilderFactory().newDocumentBuilder().newDocument();
        Element createElement = newDocument.createElement("jnlp");
        Element createElement2 = newDocument.createElement("information");
        Element createElement3 = newDocument.createElement("title");
        createElement3.setTextContent("Mirth Connect Extension - [" + StringUtils.join(arrayList2, ",") + "]");
        createElement2.appendChild(createElement3);
        Element createElement4 = newDocument.createElement("vendor");
        createElement4.setTextContent("NextGen Healthcare");
        createElement2.appendChild(createElement4);
        createElement.appendChild(createElement2);
        Element createElement5 = newDocument.createElement("security");
        createElement5.appendChild(newDocument.createElement("all-permissions"));
        createElement.appendChild(createElement5);
        Element createElement6 = newDocument.createElement(DefaultConfigurationController.PROPERTIES_RESOURCES);
        File file = new File(ExtensionController.getExtensionsPath() + str);
        for (String str2 : hashSet) {
            Element createElement7 = newDocument.createElement("jar");
            createElement7.setAttribute("download", "eager");
            createElement7.setAttribute("href", "libs/" + str + "/" + str2);
            createElement7.setAttribute("sha256", getDigest(file, str2));
            createElement6.appendChild(createElement7);
        }
        createElement.appendChild(createElement6);
        createElement.appendChild(newDocument.createElement("component-desc"));
        newDocument.appendChild(createElement);
        return newDocument;
    }

    private String getDigest(File file, String str) throws Exception {
        try {
            String canonicalPath = file.getCanonicalPath();
            File file2 = new File(file, str);
            if (!StringUtils.startsWith(file2.getCanonicalPath(), canonicalPath + File.separator)) {
                throw new Exception("File " + str + " does not reside within directory " + file);
            }
            FileInputStream fileInputStream = new FileInputStream(file2);
            BufferedInputStream bufferedInputStream = new BufferedInputStream(fileInputStream);
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            byte[] bArr = new byte[4096];
            while (true) {
                int read = bufferedInputStream.read(bArr);
                if (read == -1) {
                    String encodeToString = Base64.getEncoder().encodeToString(messageDigest.digest());
                    ResourceUtil.closeResourceQuietly(bufferedInputStream);
                    ResourceUtil.closeResourceQuietly(fileInputStream);
                    return encodeToString;
                }
                messageDigest.update(bArr, 0, read);
            }
        } catch (Throwable th) {
            ResourceUtil.closeResourceQuietly(null);
            ResourceUtil.closeResourceQuietly(null);
            throw th;
        }
    }

    protected PropertiesConfiguration getMirthProperties() throws FileNotFoundException, ConfigurationException {
        PropertiesConfigurationUtil.create();
        InputStream inputStream = null;
        try {
            inputStream = ResourceUtil.getResourceStream(getClass(), "mirth.properties");
            PropertiesConfiguration create = PropertiesConfigurationUtil.create(inputStream);
            ResourceUtil.closeResourceQuietly(inputStream);
            return create;
        } catch (Throwable th) {
            ResourceUtil.closeResourceQuietly(inputStream);
            throw th;
        }
    }

    private String getContextPathProp(PropertiesConfiguration propertiesConfiguration) {
        String string = propertiesConfiguration.getString("http.contextpath", ServerSettings.DEFAULT_LOGIN_NOTIFICATION_MESSAGE_VALUE);
        if (!string.startsWith("/")) {
            string = "/" + string;
        }
        if (string.endsWith("/")) {
            string = string.substring(0, string.length() - 1);
        }
        return string;
    }

    private static DocumentBuilderFactory getSecureDocumentBuilderFactory() throws Exception {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
        return newInstance;
    }
}
