package org.apache.shindig.gadgets.servlet;

import com.google.inject.Inject;
import com.google.inject.Singleton;
import java.io.IOException;
import java.util.Map;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.math.NumberUtils;
import org.apache.shindig.common.uri.Uri;
import org.apache.shindig.gadgets.GadgetException;
import org.apache.shindig.gadgets.LockedDomainService;
import org.apache.shindig.gadgets.http.HttpRequest;
import org.apache.shindig.gadgets.http.HttpResponse;
import org.apache.shindig.gadgets.http.RequestPipeline;
import org.apache.shindig.gadgets.rewrite.RequestRewriterRegistry;
import org.apache.shindig.gadgets.rewrite.RewritingException;
import org.apache.shindig.gadgets.rewrite.image.BasicImageRewriter;
import org.apache.xerces.impl.xs.SchemaSymbols;
import org.mortbay.jetty.HttpHeaders;

@Singleton
/* loaded from: input_file:shindig-gadgets-r910768.jar:org/apache/shindig/gadgets/servlet/ProxyHandler.class */
public class ProxyHandler extends ProxyBase {
    private static final Logger logger = Logger.getLogger(ProxyHandler.class.getName());
    private static final String[] INTEGER_RESIZE_PARAMS = {BasicImageRewriter.PARAM_RESIZE_HEIGHT, BasicImageRewriter.PARAM_RESIZE_WIDTH, BasicImageRewriter.PARAM_RESIZE_QUALITY, BasicImageRewriter.PARAM_NO_EXPAND};
    static final String FALLBACK_URL_PARAM = "fallback_url";
    private final RequestPipeline requestPipeline;
    private final LockedDomainService lockedDomainService;
    private final RequestRewriterRegistry contentRewriterRegistry;

    @Inject
    public ProxyHandler(RequestPipeline requestPipeline, LockedDomainService lockedDomainService, RequestRewriterRegistry requestRewriterRegistry) {
        this.requestPipeline = requestPipeline;
        this.lockedDomainService = lockedDomainService;
        this.contentRewriterRegistry = requestRewriterRegistry;
    }

    private HttpRequest buildHttpRequest(HttpServletRequest httpServletRequest, String str) throws GadgetException {
        String parameter = httpServletRequest.getParameter(str);
        if (parameter == null) {
            return null;
        }
        HttpRequest container = new HttpRequest(validateUrl(parameter)).setContainer(getContainer(httpServletRequest));
        copySanitizedIntegerParams(httpServletRequest, container);
        if (httpServletRequest.getParameter(ProxyBase.GADGET_PARAM) != null) {
            container.setGadget(Uri.parse(httpServletRequest.getParameter(ProxyBase.GADGET_PARAM)));
        }
        container.setRewriteMimeType(httpServletRequest.getParameter(ProxyBase.REWRITE_MIME_TYPE_PARAM));
        container.setIgnoreCache(getIgnoreCache(httpServletRequest));
        container.setSanitizationRequested(SchemaSymbols.ATTVAL_TRUE_1.equals(httpServletRequest.getParameter(ProxyBase.SANITIZE_CONTENT_PARAM)));
        if (httpServletRequest.getParameter(ProxyBase.REFRESH_PARAM) != null) {
            try {
                container.setCacheTtl(Integer.parseInt(httpServletRequest.getParameter(ProxyBase.REFRESH_PARAM)));
            } catch (NumberFormatException e) {
            }
        }
        setRequestHeaders(httpServletRequest, container);
        return container;
    }

    private void copySanitizedIntegerParams(HttpServletRequest httpServletRequest, HttpRequest httpRequest) {
        for (String str : INTEGER_RESIZE_PARAMS) {
            if (httpServletRequest.getParameter(str) != null) {
                httpRequest.setParam(str, NumberUtils.createInteger(httpServletRequest.getParameter(str)));
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.shindig.gadgets.servlet.ProxyBase
    public void doFetch(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, GadgetException {
        HttpRequest buildHttpRequest;
        if (httpServletRequest.getHeader(HttpHeaders.IF_MODIFIED_SINCE) != null) {
            httpServletResponse.setStatus(304);
            return;
        }
        String header = httpServletRequest.getHeader(HttpHeaders.HOST);
        if (!this.lockedDomainService.isSafeForOpenProxy(header)) {
            String str = "Embed request for url " + getParameter(httpServletRequest, "url", "") + " made to wrong domain " + header;
            logger.info(str);
            throw new GadgetException(GadgetException.Code.INVALID_PARAMETER, str, 400);
        }
        HttpRequest buildHttpRequest2 = buildHttpRequest(httpServletRequest, "url");
        if (buildHttpRequest2 == null) {
            throw new GadgetException(GadgetException.Code.INVALID_PARAMETER, "No url paramater in request", 400);
        }
        HttpResponse execute = this.requestPipeline.execute(buildHttpRequest2);
        if (execute.isError() && (buildHttpRequest = buildHttpRequest(httpServletRequest, FALLBACK_URL_PARAM)) != null) {
            execute = this.requestPipeline.execute(buildHttpRequest);
        }
        if (this.contentRewriterRegistry != null) {
            try {
                execute = this.contentRewriterRegistry.rewriteHttpResponse(buildHttpRequest2, execute);
            } catch (RewritingException e) {
                throw new GadgetException(GadgetException.Code.INTERNAL_SERVER_ERROR, e, e.getHttpStatusCode());
            }
        }
        for (Map.Entry entry : execute.getHeaders().entries()) {
            String str2 = (String) entry.getKey();
            if (!DISALLOWED_RESPONSE_HEADERS.contains(str2.toLowerCase())) {
                httpServletResponse.addHeader(str2, (String) entry.getValue());
            }
        }
        String header2 = execute.getHeader("Content-Type");
        if (!StringUtils.isEmpty(buildHttpRequest2.getRewriteMimeType())) {
            String rewriteMimeType = buildHttpRequest2.getRewriteMimeType();
            if (!rewriteMimeType.endsWith("/*") || StringUtils.isEmpty(header2)) {
                httpServletResponse.setContentType(rewriteMimeType);
            } else {
                String substring = rewriteMimeType.substring(0, rewriteMimeType.length() - 2);
                if (!header2.toLowerCase().startsWith(substring.toLowerCase())) {
                    httpServletResponse.setContentType(substring);
                }
            }
        }
        setResponseHeaders(httpServletRequest, httpServletResponse, execute);
        if (execute.getHttpStatusCode() != 200) {
            if (execute.getHttpStatusCode() == 500) {
                httpServletResponse.sendError(502);
            } else {
                httpServletResponse.sendError(execute.getHttpStatusCode());
            }
        }
        IOUtils.copy(execute.getResponse(), httpServletResponse.getOutputStream());
    }
}
