package com.vaadin.flow.server;

import com.vaadin.flow.function.DeploymentConfiguration;
import com.vaadin.flow.internal.ResponseWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLDecoder;
import java.nio.charset.StandardCharsets;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/vaadin/flow/server/StaticFileServer.class */
public class StaticFileServer implements StaticFileHandler {
    static final String PROPERTY_FIX_INCORRECT_WEBJAR_PATHS = "vaadin.fixIncorrectWebjarPaths";
    private static final Pattern INCORRECT_WEBJAR_PATH_REGEX;
    private static final Pattern PARENT_DIRECTORY_REGEX;
    private final ResponseWriter responseWriter;
    private final VaadinServletService servletService;
    private DeploymentConfiguration deploymentConfiguration;
    static final /* synthetic */ boolean $assertionsDisabled;

    public StaticFileServer(VaadinServletService vaadinServletService) {
        this.servletService = vaadinServletService;
        this.deploymentConfiguration = vaadinServletService.getDeploymentConfiguration();
        this.responseWriter = new ResponseWriter(this.deploymentConfiguration);
    }

    @Override // com.vaadin.flow.server.StaticFileHandler
    public boolean isStaticResourceRequest(HttpServletRequest httpServletRequest) {
        String requestFilename = getRequestFilename(httpServletRequest);
        if (requestFilename.endsWith("/")) {
            return false;
        }
        if (requestFilename.startsWith("/VAADIN/static/") || requestFilename.startsWith("/VAADIN/build/")) {
            return true;
        }
        URL staticResource = this.servletService.getStaticResource(requestFilename);
        return (staticResource == null && shouldFixIncorrectWebjarPaths() && isIncorrectWebjarPath(requestFilename)) || staticResource != null;
    }

    @Override // com.vaadin.flow.server.StaticFileHandler
    public boolean serveStaticResource(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String requestFilename = getRequestFilename(httpServletRequest);
        if (!isPathSafe(requestFilename)) {
            getLogger().info("Blocked attempt to access file: {}", requestFilename);
            httpServletResponse.setStatus(304);
            return true;
        }
        URL url = null;
        if (isAllowedVAADINBuildUrl(requestFilename)) {
            url = this.servletService.getClassLoader().getResource("META-INF" + requestFilename);
        }
        if (url == null) {
            url = this.servletService.getStaticResource(requestFilename);
        }
        if (url == null && shouldFixIncorrectWebjarPaths() && isIncorrectWebjarPath(requestFilename)) {
            url = this.servletService.getStaticResource(fixIncorrectWebjarPath(requestFilename));
        }
        if (url == null) {
            httpServletResponse.sendError(404);
            return true;
        }
        writeCacheHeaders(requestFilename, httpServletResponse);
        if (browserHasNewestVersion(httpServletRequest, writeModificationTimestamp(url, httpServletRequest, httpServletResponse))) {
            httpServletResponse.setStatus(304);
            return true;
        }
        this.responseWriter.writeResponseContents(requestFilename, url, httpServletRequest, httpServletResponse);
        return true;
    }

    private boolean shouldFixIncorrectWebjarPaths() {
        return this.deploymentConfiguration.isProductionMode() && this.deploymentConfiguration.getBooleanProperty(PROPERTY_FIX_INCORRECT_WEBJAR_PATHS, false);
    }

    private boolean isIncorrectWebjarPath(String str) {
        return INCORRECT_WEBJAR_PATH_REGEX.matcher(str).lookingAt();
    }

    private String fixIncorrectWebjarPath(String str) {
        return INCORRECT_WEBJAR_PATH_REGEX.matcher(str).replaceAll("/webjars/");
    }

    private boolean isPathSafe(String str) {
        try {
            return !PARENT_DIRECTORY_REGEX.matcher(URLDecoder.decode(str, StandardCharsets.UTF_8.name())).find();
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException("An error occurred during decoding URL.", e);
        }
    }

    private boolean isAllowedVAADINBuildUrl(String str) {
        if (!this.deploymentConfiguration.isCompatibilityMode()) {
            return str.startsWith("/VAADIN/build/");
        }
        getLogger().trace("Serving from the classpath in legacy mode is not accepted. Letting request for '{}' go to servlet context.", str);
        return false;
    }

    protected long writeModificationTimestamp(URL url, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        URLConnection uRLConnection = null;
        try {
            try {
                uRLConnection = url.openConnection();
                long lastModified = uRLConnection.getLastModified();
                long j = lastModified - (lastModified % 1000);
                httpServletResponse.setDateHeader("Last-Modified", j);
                if (uRLConnection != null) {
                    try {
                        InputStream inputStream = uRLConnection.getInputStream();
                        if (inputStream != null) {
                            inputStream.close();
                        }
                    } catch (IOException e) {
                        getLogger().warn("Error closing URLConnection input stream", e);
                    }
                }
                return j;
            } catch (Exception e2) {
                getLogger().trace("Failed to find out last modified timestamp. Continuing without it.", e2);
                if (uRLConnection != null) {
                    try {
                        InputStream inputStream2 = uRLConnection.getInputStream();
                        if (inputStream2 != null) {
                            inputStream2.close();
                        }
                    } catch (IOException e3) {
                        getLogger().warn("Error closing URLConnection input stream", e3);
                        return -1L;
                    }
                }
                return -1L;
            }
        } catch (Throwable th) {
            if (uRLConnection != null) {
                try {
                    InputStream inputStream3 = uRLConnection.getInputStream();
                    if (inputStream3 != null) {
                        inputStream3.close();
                    }
                } catch (IOException e4) {
                    getLogger().warn("Error closing URLConnection input stream", e4);
                    throw th;
                }
            }
            throw th;
        }
    }

    protected void writeCacheHeaders(String str, HttpServletResponse httpServletResponse) {
        int cacheTime = getCacheTime(str);
        httpServletResponse.setHeader("Cache-Control", !this.deploymentConfiguration.isProductionMode() ? "no-cache" : cacheTime > 0 ? "max-age=" + cacheTime : "public, max-age=0, must-revalidate");
    }

    String getRequestFilename(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getPathInfo() == null ? httpServletRequest.getServletPath() : httpServletRequest.getPathInfo().startsWith("/VAADIN/") ? httpServletRequest.getPathInfo() : httpServletRequest.getServletPath() + httpServletRequest.getPathInfo();
    }

    protected int getCacheTime(String str) {
        if (str.contains(".nocache.")) {
            return 0;
        }
        return str.contains(".cache.") ? 31536000 : 3600;
    }

    protected boolean browserHasNewestVersion(HttpServletRequest httpServletRequest, long j) {
        if (!$assertionsDisabled && j < -1) {
            throw new AssertionError();
        }
        if (j == -1) {
            return false;
        }
        try {
            return httpServletRequest.getDateHeader("If-Modified-Since") >= j;
        } catch (Exception e) {
            getLogger().trace("Unable to parse If-Modified-Since", e);
            return false;
        }
    }

    private static Logger getLogger() {
        return LoggerFactory.getLogger(StaticFileServer.class.getName());
    }

    static {
        $assertionsDisabled = !StaticFileServer.class.desiredAssertionStatus();
        INCORRECT_WEBJAR_PATH_REGEX = Pattern.compile("^/frontend[-\\w/]*/webjars/");
        PARENT_DIRECTORY_REGEX = Pattern.compile("(/|\\\\)\\.\\.(/|\\\\)", 2);
    }
}
