package org.apache.shindig.gadgets.servlet;

import com.google.inject.Inject;
import com.google.inject.Singleton;
import java.io.IOException;
import java.util.Collections;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shindig.auth.AuthInfo;
import org.apache.shindig.auth.SecurityToken;
import org.apache.shindig.common.JsonSerializer;
import org.apache.shindig.common.uri.Uri;
import org.apache.shindig.common.util.Utf8UrlCoder;
import org.apache.shindig.gadgets.AuthType;
import org.apache.shindig.gadgets.FeedProcessor;
import org.apache.shindig.gadgets.FetchResponseUtils;
import org.apache.shindig.gadgets.GadgetException;
import org.apache.shindig.gadgets.http.HttpRequest;
import org.apache.shindig.gadgets.http.HttpResponse;
import org.apache.shindig.gadgets.http.RequestPipeline;
import org.apache.shindig.gadgets.oauth.OAuthArguments;
import org.apache.shindig.gadgets.rewrite.RequestRewriterRegistry;
import org.apache.shindig.gadgets.rewrite.RewritingException;

@Singleton
/* loaded from: input_file:org/apache/shindig/gadgets/servlet/MakeRequestHandler.class */
public class MakeRequestHandler extends ProxyBase {
    public static final String UNPARSEABLE_CRUFT = "throw 1; < don't be evil' >";
    public static final String POST_DATA_PARAM = "postData";
    public static final String METHOD_PARAM = "httpMethod";
    public static final String HEADERS_PARAM = "headers";
    public static final String NOCACHE_PARAM = "nocache";
    public static final String CONTENT_TYPE_PARAM = "contentType";
    public static final String NUM_ENTRIES_PARAM = "numEntries";
    public static final String DEFAULT_NUM_ENTRIES = "3";
    public static final String GET_SUMMARIES_PARAM = "getSummaries";
    public static final String AUTHZ_PARAM = "authz";
    private final RequestPipeline requestPipeline;
    private final RequestRewriterRegistry contentRewriterRegistry;

    @Inject
    public MakeRequestHandler(RequestPipeline requestPipeline, RequestRewriterRegistry requestRewriterRegistry) {
        this.requestPipeline = requestPipeline;
        this.contentRewriterRegistry = requestRewriterRegistry;
    }

    @Override // org.apache.shindig.gadgets.servlet.ProxyBase
    protected void doFetch(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws GadgetException, IOException {
        HttpRequest buildHttpRequest = buildHttpRequest(httpServletRequest);
        HttpResponse execute = this.requestPipeline.execute(buildHttpRequest);
        if (this.contentRewriterRegistry != null) {
            try {
                execute = this.contentRewriterRegistry.rewriteHttpResponse(buildHttpRequest, execute);
            } catch (RewritingException e) {
                throw new GadgetException(GadgetException.Code.INTERNAL_SERVER_ERROR, e);
            }
        }
        String convertResponseToJson = convertResponseToJson(buildHttpRequest.getSecurityToken(), httpServletRequest, execute);
        setResponseHeaders(httpServletRequest, httpServletResponse, execute);
        httpServletResponse.setStatus(HttpResponse.SC_OK);
        httpServletResponse.setContentType("application/json");
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.getWriter().write(UNPARSEABLE_CRUFT + convertResponseToJson);
    }

    protected HttpRequest buildHttpRequest(HttpServletRequest httpServletRequest) throws GadgetException {
        if (httpServletRequest.getCharacterEncoding() == null) {
        }
        HttpRequest container = new HttpRequest(validateUrl(httpServletRequest.getParameter(ProxyBase.URL_PARAM))).setMethod(getParameter(httpServletRequest, METHOD_PARAM, "GET")).setPostBody(getParameter(httpServletRequest, POST_DATA_PARAM, "").getBytes()).setContainer(getContainer(httpServletRequest));
        String parameter = getParameter(httpServletRequest, HEADERS_PARAM, "");
        if (parameter.length() > 0) {
            for (String str : parameter.split("&")) {
                String[] split = str.split("=");
                if (split.length != 2) {
                    throw new GadgetException(GadgetException.Code.INTERNAL_SERVER_ERROR, "Malformed header specified,");
                }
                String decode = Utf8UrlCoder.decode(split[0]);
                if (!HttpRequestHandler.BAD_HEADERS.contains(decode.toUpperCase())) {
                    container.addHeader(decode, Utf8UrlCoder.decode(split[1]));
                }
            }
        }
        if ("POST".equals(container.getMethod()) && container.getHeader("Content-Type") == null) {
            container.addHeader("Content-Type", "application/x-www-form-urlencoded");
        }
        container.setIgnoreCache("1".equals(httpServletRequest.getParameter("nocache")));
        if (httpServletRequest.getParameter(ProxyBase.GADGET_PARAM) != null) {
            container.setGadget(Uri.parse(httpServletRequest.getParameter(ProxyBase.GADGET_PARAM)));
        }
        if (httpServletRequest.getParameter(ProxyBase.REFRESH_PARAM) != null) {
            try {
                container.setCacheTtl(Integer.parseInt(httpServletRequest.getParameter(ProxyBase.REFRESH_PARAM)));
            } catch (NumberFormatException e) {
            }
        }
        container.setRewriteMimeType(httpServletRequest.getParameter(ProxyBase.REWRITE_MIME_TYPE_PARAM));
        AuthType parse = AuthType.parse(getParameter(httpServletRequest, AUTHZ_PARAM, null));
        container.setAuthType(parse);
        if (parse != AuthType.NONE) {
            container.setSecurityToken(extractAndValidateToken(httpServletRequest));
            container.setOAuthArguments(new OAuthArguments(parse, httpServletRequest));
        }
        setRequestHeaders(httpServletRequest, container);
        return container;
    }

    protected String convertResponseToJson(SecurityToken securityToken, HttpServletRequest httpServletRequest, HttpResponse httpResponse) throws GadgetException {
        String updatedToken;
        String parameter = httpServletRequest.getParameter(ProxyBase.URL_PARAM);
        String responseAsString = httpResponse.getResponseAsString();
        if (responseAsString.length() > 0 && "FEED".equals(httpServletRequest.getParameter(CONTENT_TYPE_PARAM))) {
            responseAsString = processFeed(parameter, httpServletRequest, responseAsString);
        }
        Map<String, Object> responseAsJson = FetchResponseUtils.getResponseAsJson(httpResponse, null, responseAsString);
        if (securityToken != null && (updatedToken = securityToken.getUpdatedToken()) != null) {
            responseAsJson.put("st", updatedToken);
        }
        return JsonSerializer.serialize(Collections.singletonMap(parameter, responseAsJson));
    }

    protected RequestPipeline getRequestPipeline() {
        return this.requestPipeline;
    }

    private SecurityToken extractAndValidateToken(HttpServletRequest httpServletRequest) throws GadgetException {
        SecurityToken securityToken = new AuthInfo(httpServletRequest).getSecurityToken();
        if (securityToken == null) {
            throw new GadgetException(GadgetException.Code.INVALID_SECURITY_TOKEN);
        }
        return securityToken;
    }

    private String processFeed(String str, HttpServletRequest httpServletRequest, String str2) throws GadgetException {
        return new FeedProcessor().process(str, str2, Boolean.parseBoolean(getParameter(httpServletRequest, GET_SUMMARIES_PARAM, "false")), Integer.parseInt(getParameter(httpServletRequest, NUM_ENTRIES_PARAM, DEFAULT_NUM_ENTRIES))).toString();
    }
}
