package com.vaadin.addons.xs.server;

import com.vaadin.Application;
import com.vaadin.terminal.gwt.server.AbstractApplicationServlet;
import com.vaadin.terminal.gwt.server.ApplicationServlet;
import com.vaadin.terminal.gwt.server.CommunicationManager;
import com.vaadin.terminal.gwt.server.JsonPaintTarget;
import com.vaadin.terminal.gwt.server.SessionExpiredException;
import com.vaadin.terminal.gwt.server.SystemMessageException;
import com.vaadin.terminal.gwt.server.WebApplicationContext;
import com.vaadin.ui.Window;
import java.io.BufferedWriter;
import java.io.IOException;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Date;
import java.util.Enumeration;
import java.util.Properties;
import java.util.logging.Logger;
import javax.servlet.ServletConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:com/vaadin/addons/xs/server/XSApplicationServlet.class */
public class XSApplicationServlet extends ApplicationServlet {
    private static final String REFERER = "referer";
    private static final String INIT_PARAM_WHITELIST = "allowedReferrers";
    private static final String CRYPT = "cryptPayload";
    private String[] whiteList;
    private String currentReferer;
    private boolean encryptionOn;
    private static Application sharedApp;

    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        String initParameter = getInitParameter(INIT_PARAM_WHITELIST);
        if (initParameter != null) {
            this.whiteList = initParameter.split(" ");
        }
        String applicationProperty = getApplicationProperty(CRYPT);
        if (applicationProperty == null || applicationProperty.equals("true")) {
            setClientToServerEncryptionOn(true);
        }
    }

    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        this.currentReferer = httpServletRequest.getHeader(REFERER);
        if (isTrustedReferrer(httpServletRequest)) {
            String pathInfo = httpServletRequest.getPathInfo();
            if (pathInfo != null) {
                if (pathInfo.startsWith("/")) {
                    pathInfo = pathInfo.substring(1);
                }
                if (pathInfo.startsWith("createSession")) {
                    writeSessionHtml(httpServletRequest, httpServletResponse);
                    return;
                } else if (pathInfo.startsWith("getBodySnippet")) {
                    writeBodyHtml(httpServletRequest, httpServletResponse);
                    return;
                } else if (pathInfo.startsWith("getEmbedJs")) {
                    getEmbedJs(httpServletRequest, httpServletResponse);
                    return;
                }
            }
            if (checkForExpiredSession(httpServletRequest, httpServletResponse)) {
                return;
            } else {
                super.service(httpServletRequest, httpServletResponse);
            }
        } else {
            httpServletResponse.setStatus(403);
        }
        this.currentReferer = null;
    }

    private boolean checkForExpiredSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        boolean z = getRequestType(httpServletRequest) == AbstractApplicationServlet.RequestType.UIDL;
        boolean z2 = httpServletRequest.getSession(false) == null;
        boolean z3 = httpServletRequest.getParameter("repaintAll") == null;
        if (!z || !z2 || !z3) {
            return false;
        }
        Application.SystemMessages systemMessages = getSystemMessages();
        String sessionExpiredCaption = systemMessages.getSessionExpiredCaption();
        if (sessionExpiredCaption != null) {
            sessionExpiredCaption = "\"" + JsonPaintTarget.escapeJSON(sessionExpiredCaption) + "\"";
        }
        String sessionExpiredMessage = systemMessages.getSessionExpiredMessage();
        if (sessionExpiredMessage != null) {
            sessionExpiredMessage = "\"" + JsonPaintTarget.escapeJSON(sessionExpiredMessage) + "\"";
        }
        String sessionExpiredURL = systemMessages.getSessionExpiredURL();
        if (sessionExpiredURL != null) {
            sessionExpiredURL = "\"" + JsonPaintTarget.escapeJSON(sessionExpiredURL) + "\"";
        }
        httpServletResponse.setContentType("text/javascript");
        httpServletResponse.getOutputStream().print(httpServletRequest.getParameter("callback") + "({\"changes\":[], \"meta\" : {\"appError\": {\"caption\":" + sessionExpiredCaption + ",\"message\" : " + sessionExpiredMessage + ",\"url\" : " + sessionExpiredURL + "}}, \"resources\": {}, \"locales\":[]});");
        return true;
    }

    private void getEmbedJs(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String str;
        String staticFilesLocation;
        URL applicationUrl = getApplicationUrl(httpServletRequest);
        httpServletRequest.setAttribute(REQUEST_VAADIN_STATIC_FILE_PATH, stripTrailingSlash(applicationUrl.toString()));
        String applicationProperty = getApplicationProperty("widgetset");
        if (applicationProperty == null) {
            applicationProperty = getSystemProperty("widgetset");
            if (applicationProperty == null) {
                applicationProperty = "com.vaadin.terminal.gwt.DefaultWidgetSet";
            }
        }
        httpServletRequest.setAttribute(REQUEST_SHARED_WIDGETSET, applicationProperty);
        httpServletRequest.setAttribute("Resources", applicationUrl.toExternalForm());
        httpServletResponse.setContentType("text/javascript");
        Application applicationForWritingHtmlSnippet = getApplicationForWritingHtmlSnippet(httpServletRequest);
        String path = applicationUrl.getPath();
        if (path.endsWith("/")) {
            path = path.substring(0, path.length() - 1);
        }
        Window mainWindow = applicationForWritingHtmlSnippet.getMainWindow();
        String theme = mainWindow.getTheme();
        if (theme == null) {
            theme = getDefaultTheme();
        }
        String themeUri = getThemeUri(httpServletRequest, theme);
        BufferedWriter bufferedWriter = new BufferedWriter(new OutputStreamWriter(httpServletResponse.getOutputStream()));
        String parameter = httpServletRequest.getParameter("appId");
        if (parameter == null) {
            String str2 = path;
            if ("".equals(path)) {
                str2 = "ROOT";
            }
            String replaceAll = str2.replaceAll("[^a-zA-Z0-9]", "");
            int hashCode = replaceAll.hashCode();
            if (hashCode < 0) {
                hashCode = -hashCode;
            }
            parameter = replaceAll + "-" + hashCode;
        }
        String url = applicationUrl.toString();
        bufferedWriter.write("document.write('<div id=\"" + parameter + "\" class=\"" + ("v-app v-app-loading " + (theme != null ? "v-theme-" + theme.replaceAll("[^a-zA-Z0-9]", "") : "v-theme-" + getDefaultTheme().replaceAll("[^a-zA-Z0-9]", "")) + " " + ("v-app-" + getApplicationCSSClassName())) + "\"></div>');\n");
        String str3 = (String) httpServletRequest.getAttribute(REQUEST_WIDGETSET);
        String str4 = (String) httpServletRequest.getAttribute(REQUEST_SHARED_WIDGETSET);
        if (str3 == null && str4 == null) {
            str3 = getApplicationOrSystemProperty("widgetset", "com.vaadin.terminal.gwt.DefaultWidgetSet");
        }
        if (str3 != null) {
            str = str3;
            staticFilesLocation = getWebApplicationsStaticFileLocation(httpServletRequest);
        } else {
            str = str4;
            staticFilesLocation = getStaticFilesLocation(httpServletRequest);
        }
        String stripSpecialChars = stripSpecialChars(str);
        String str5 = staticFilesLocation + "/VAADIN/widgetsets/" + stripSpecialChars + "/" + stripSpecialChars + ".nocache.js?" + new Date().getTime();
        try {
            Application.SystemMessages systemMessages = getSystemMessages();
            bufferedWriter.write("if(!vaadin || !vaadin.vaadinConfigurations) {\n if(!vaadin) { var vaadin = {}} \nvaadin.vaadinConfigurations = {};\nif (!vaadin.themesLoaded) { vaadin.themesLoaded = {}; }\n");
            if (!isProductionMode()) {
                bufferedWriter.write("vaadin.debug = true;\n");
            }
            bufferedWriter.write("document.write('<iframe tabIndex=\"-1\" id=\"__gwt_historyFrame\" style=\"position:absolute;width:0;height:0;border:0;overflow:hidden;\" src=\"javascript:false\"></iframe>');\n");
            bufferedWriter.write("document.write(\"<script language='javascript' src='" + str5 + "'><\\/script>\");\n}\n");
            bufferedWriter.write("vaadin.vaadinConfigurations[\"" + parameter + "\"] = {");
            bufferedWriter.write("appUri:'" + url + "', ");
            if (mainWindow != applicationForWritingHtmlSnippet.getMainWindow()) {
                bufferedWriter.write("windowName: \"" + JsonPaintTarget.escapeJSON(mainWindow.getName()) + "\", ");
            }
            bufferedWriter.write("themeUri:");
            bufferedWriter.write(themeUri != null ? "\"" + themeUri + "\"" : "null");
            bufferedWriter.write(", versionInfo : {vaadinVersion:\"");
            bufferedWriter.write(VERSION);
            bufferedWriter.write("\",applicationVersion:\"");
            bufferedWriter.write(JsonPaintTarget.escapeJSON(applicationForWritingHtmlSnippet.getVersion()));
            bufferedWriter.write("\"}");
            if (systemMessages != null) {
                String communicationErrorCaption = systemMessages.getCommunicationErrorCaption();
                if (communicationErrorCaption != null) {
                    communicationErrorCaption = "\"" + JsonPaintTarget.escapeJSON(communicationErrorCaption) + "\"";
                }
                String communicationErrorMessage = systemMessages.getCommunicationErrorMessage();
                if (communicationErrorMessage != null) {
                    communicationErrorMessage = "\"" + JsonPaintTarget.escapeJSON(communicationErrorMessage) + "\"";
                }
                String communicationErrorURL = systemMessages.getCommunicationErrorURL();
                if (communicationErrorURL != null) {
                    communicationErrorURL = "\"" + JsonPaintTarget.escapeJSON(communicationErrorURL) + "\"";
                }
                bufferedWriter.write(",\"comErrMsg\": {\"caption\":" + communicationErrorCaption + ",\"message\" : " + communicationErrorMessage + ",\"url\" : " + communicationErrorURL + "}");
                String authenticationErrorCaption = systemMessages.getAuthenticationErrorCaption();
                if (authenticationErrorCaption != null) {
                    authenticationErrorCaption = "\"" + JsonPaintTarget.escapeJSON(authenticationErrorCaption) + "\"";
                }
                String authenticationErrorMessage = systemMessages.getAuthenticationErrorMessage();
                if (authenticationErrorMessage != null) {
                    authenticationErrorMessage = "\"" + JsonPaintTarget.escapeJSON(authenticationErrorMessage) + "\"";
                }
                String authenticationErrorURL = systemMessages.getAuthenticationErrorURL();
                if (authenticationErrorURL != null) {
                    authenticationErrorURL = "\"" + JsonPaintTarget.escapeJSON(authenticationErrorURL) + "\"";
                }
                bufferedWriter.write(",\"authErrMsg\": {\"caption\":" + authenticationErrorCaption + ",\"message\" : " + authenticationErrorMessage + ",\"url\" : " + authenticationErrorURL + "}");
            }
            bufferedWriter.write("};\n\n");
            if (theme != null) {
                bufferedWriter.write("if(!vaadin.themesLoaded['" + theme + "']) {\n");
                bufferedWriter.write("var stylesheet = document.createElement('link');\n");
                bufferedWriter.write("stylesheet.setAttribute('rel', 'stylesheet');\n");
                bufferedWriter.write("stylesheet.setAttribute('type', 'text/css');\n");
                bufferedWriter.write("stylesheet.setAttribute('href', '" + themeUri + "/styles.css');\n");
                bufferedWriter.write("document.getElementsByTagName('head')[0].appendChild(stylesheet);\n");
                bufferedWriter.write("vaadin.themesLoaded['" + theme + "'] = true;\n}\n");
            }
            bufferedWriter.write("setTimeout('if (typeof " + stripSpecialChars.replace('.', '_') + " == \"undefined\") {alert(\"Failed to load the widgetset: " + str5 + "\")};',15000);\n\n");
            bufferedWriter.flush();
            bufferedWriter.close();
        } catch (SystemMessageException e) {
            throw new ServletException("CommunicationError!", e);
        }
    }

    private String getApplicationOrSystemProperty(String str, String str2) {
        String applicationProperty = getApplicationProperty(str);
        if (applicationProperty != null) {
            return applicationProperty;
        }
        String systemProperty = getSystemProperty(str);
        return systemProperty != null ? systemProperty : str2;
    }

    private String getWebApplicationsStaticFileLocation(HttpServletRequest httpServletRequest) {
        String applicationOrSystemProperty = getApplicationOrSystemProperty("Resources", null);
        if (applicationOrSystemProperty != null) {
            return applicationOrSystemProperty;
        }
        String contextPath = httpServletRequest.getContextPath();
        if (contextPath.length() == 0 && httpServletRequest.getAttribute("javax.servlet.include.context_path") != null) {
            contextPath = (String) httpServletRequest.getAttribute("javax.servlet.include.context_path");
        }
        String removeHeadingOrTrailing = removeHeadingOrTrailing(contextPath, "/");
        return removeHeadingOrTrailing.equals("") ? "" : "/" + removeHeadingOrTrailing;
    }

    private static String removeHeadingOrTrailing(String str, String str2) {
        while (str.startsWith(str2)) {
            str = str.substring(1);
        }
        while (str.endsWith(str2)) {
            str = str.substring(0, str.length() - 1);
        }
        return str;
    }

    protected void writeBodyHtml(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        URL applicationUrl = getApplicationUrl(httpServletRequest);
        httpServletRequest.setAttribute(REQUEST_VAADIN_STATIC_FILE_PATH, stripTrailingSlash(applicationUrl.toString()));
        String applicationProperty = getApplicationProperty("widgetset");
        if (applicationProperty == null) {
            applicationProperty = getSystemProperty("widgetset");
            if (applicationProperty == null) {
                applicationProperty = "com.vaadin.terminal.gwt.DefaultWidgetSet";
            }
        }
        httpServletRequest.setAttribute(REQUEST_SHARED_WIDGETSET, applicationProperty);
        httpServletRequest.setAttribute("Resources", applicationUrl.toExternalForm());
        httpServletResponse.setContentType("text/html");
        Application applicationForWritingHtmlSnippet = getApplicationForWritingHtmlSnippet(httpServletRequest);
        String path = applicationUrl.getPath();
        if (path.endsWith("/")) {
            path = path.substring(0, path.length() - 1);
        }
        Window mainWindow = applicationForWritingHtmlSnippet.getMainWindow();
        String theme = mainWindow.getTheme();
        if (theme == null) {
            theme = getDefaultTheme();
        }
        String themeUri = getThemeUri(httpServletRequest, theme);
        BufferedWriter bufferedWriter = new BufferedWriter(new OutputStreamWriter(httpServletResponse.getOutputStream()));
        String parameter = httpServletRequest.getParameter("appId");
        if (parameter == null) {
            String str = path;
            if ("".equals(path)) {
                str = "ROOT";
            }
            String replaceAll = str.replaceAll("[^a-zA-Z0-9]", "");
            int hashCode = replaceAll.hashCode();
            if (hashCode < 0) {
                hashCode = -hashCode;
            }
            parameter = replaceAll + "-" + hashCode;
        }
        writeAjaxPageHtmlVaadinScripts(mainWindow, theme, applicationForWritingHtmlSnippet, bufferedWriter, applicationUrl.toString(), themeUri, parameter, httpServletRequest);
        writeAjaxPageHtmlMainDiv(bufferedWriter, parameter, "v-app v-app-loading " + (theme != null ? "v-theme-" + theme.replaceAll("[^a-zA-Z0-9]", "") : "v-theme-" + getDefaultTheme().replaceAll("[^a-zA-Z0-9]", "")) + " " + ("v-app-" + getApplicationCSSClassName()), null, httpServletRequest);
        bufferedWriter.flush();
        bufferedWriter.close();
    }

    private Object stripTrailingSlash(String str) {
        return str.endsWith("/") ? str.substring(0, str.length() - 1) : str;
    }

    private Application getApplicationForWritingHtmlSnippet(HttpServletRequest httpServletRequest) throws MalformedURLException, ServletException {
        Application application = null;
        if (httpServletRequest.getSession(false) != null) {
            try {
                application = getExistingApplication(httpServletRequest, false);
            } catch (SessionExpiredException e) {
            }
        }
        if (application == null) {
            application = getSharedFakeApplication(httpServletRequest);
        }
        return application;
    }

    protected String getThemeUri(HttpServletRequest httpServletRequest, String str) throws ServletException {
        try {
            return getApplicationUrl(httpServletRequest).toString() + "VAADIN/themes/" + str;
        } catch (MalformedURLException e) {
            throw new ServletException(e);
        }
    }

    private synchronized Application getSharedFakeApplication(HttpServletRequest httpServletRequest) throws ServletException {
        if (sharedApp == null) {
            sharedApp = getNewApplication(httpServletRequest);
            Properties properties = new Properties();
            Enumeration initParameterNames = getServletConfig().getInitParameterNames();
            while (initParameterNames.hasMoreElements()) {
                String str = (String) initParameterNames.nextElement();
                properties.setProperty(str, getServletConfig().getInitParameter(str));
            }
            ServletContext servletContext = getServletConfig().getServletContext();
            Enumeration initParameterNames2 = servletContext.getInitParameterNames();
            while (initParameterNames2.hasMoreElements()) {
                String str2 = (String) initParameterNames2.nextElement();
                properties.setProperty(str2, servletContext.getInitParameter(str2));
            }
            try {
                sharedApp.start(getApplicationUrl(httpServletRequest), properties, m2getApplicationContext(httpServletRequest.getSession(true)));
            } catch (MalformedURLException e) {
                throw new ServletException(e);
            }
        }
        return sharedApp;
    }

    protected void writeSessionHtml(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        httpServletRequest.getSession(true);
        httpServletResponse.getOutputStream().print("<html><head></head><body>SessionStarted</body></html>");
    }

    protected Application getExistingApplication(HttpServletRequest httpServletRequest, boolean z) throws MalformedURLException, SessionExpiredException {
        HttpSession session = httpServletRequest.getSession(z);
        if (session == null) {
            throw new SessionExpiredException();
        }
        JsonpWebApplicationContext m2getApplicationContext = m2getApplicationContext(session);
        for (Application application : m2getApplicationContext.getApplications()) {
            if (getApplicationUrl(httpServletRequest).getPath().equals(application.getURL().getPath()) && isSameReferer(m2getApplicationContext.m1getApplicationManager(application, (AbstractApplicationServlet) this).getReferer(), this.currentReferer)) {
                if (application.isRunning()) {
                    return application;
                }
                m2getApplicationContext(session).removeApplication(application);
                return null;
            }
        }
        return null;
    }

    private boolean isSameReferer(String str, String str2) {
        return str == str2 || (str != null && str.equals(str2));
    }

    public boolean isTrustedReferrer(HttpServletRequest httpServletRequest) {
        if (this.whiteList == null) {
            Logger.getLogger(getClass().getName()).info("Warning: no whitelist provided, all requests are accepted.");
            return true;
        }
        if (this.currentReferer == null) {
            if (getRequestType(httpServletRequest) == AbstractApplicationServlet.RequestType.OTHER) {
                this.currentReferer = httpServletRequest.getRequestURL().toString();
                return true;
            }
            Logger.getLogger(getClass().getName()).info("Request blocked: request contained no referrer url");
            return false;
        }
        for (int i = 0; i < this.whiteList.length; i++) {
            if (this.currentReferer.startsWith(this.whiteList[i])) {
                return true;
            }
        }
        Logger.getLogger(getClass().getName()).severe("Request blocked by referrer. Referrer:" + this.currentReferer);
        return false;
    }

    public CommunicationManager createCommunicationManager(Application application) {
        throw new UnsupportedOperationException();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* renamed from: getApplicationContext, reason: merged with bridge method [inline-methods] */
    public JsonpWebApplicationContext m2getApplicationContext(HttpSession httpSession) {
        JsonpWebApplicationContext jsonpWebApplicationContext = (JsonpWebApplicationContext) httpSession.getAttribute(WebApplicationContext.class.getName());
        if (jsonpWebApplicationContext == null) {
            jsonpWebApplicationContext = new JsonpWebApplicationContext();
            httpSession.setAttribute(WebApplicationContext.class.getName(), jsonpWebApplicationContext);
        }
        jsonpWebApplicationContext.setSession(httpSession);
        return jsonpWebApplicationContext;
    }

    public String getCurrentReferer() {
        return this.currentReferer;
    }

    public void setClientToServerEncryptionOn(boolean z) {
        this.encryptionOn = z;
    }

    public boolean isEncryptionOn() {
        return this.encryptionOn;
    }

    protected void criticalNotification(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, String str3, String str4) throws IOException {
        if (getRequestType(httpServletRequest) != AbstractApplicationServlet.RequestType.UIDL) {
            super.criticalNotification(httpServletRequest, httpServletResponse, str, str2, str3, str4);
            return;
        }
        httpServletResponse.setContentType("text/javascript");
        ServletOutputStream outputStream = httpServletResponse.getOutputStream();
        PrintWriter printWriter = new PrintWriter(new BufferedWriter(new OutputStreamWriter((OutputStream) outputStream, "UTF-8")));
        String escapeJSON = str != null ? JsonPaintTarget.escapeJSON(str) : "Server error";
        if (str2 != null) {
            escapeJSON = escapeJSON + ": " + JsonPaintTarget.escapeJSON(str2);
        }
        if (str3 != null) {
            escapeJSON = escapeJSON + ": " + JsonPaintTarget.escapeJSON(str3);
        }
        printWriter.print("alert(\" " + escapeJSON + "\");");
        printWriter.flush();
        printWriter.close();
        outputStream.flush();
        outputStream.close();
    }
}
