package org.jahia.bin;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.net.URLDecoder;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.regex.Pattern;
import javax.jcr.AccessDeniedException;
import javax.jcr.PathNotFoundException;
import javax.jcr.PropertyIterator;
import javax.jcr.RepositoryException;
import javax.servlet.ServletConfig;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import net.htmlparser.jericho.Attribute;
import net.htmlparser.jericho.Element;
import net.htmlparser.jericho.EndTag;
import net.htmlparser.jericho.OutputDocument;
import net.htmlparser.jericho.Source;
import net.htmlparser.jericho.StartTag;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.fileupload.disk.DiskFileItem;
import org.apache.commons.io.FilenameUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.tika.io.IOUtils;
import org.jahia.api.Constants;
import org.jahia.content.ObjectKeyInterface;
import org.jahia.services.applications.pluto.JahiaPortalURLParserImpl;
import org.jahia.services.categories.Category;
import org.jahia.services.content.JCRCallback;
import org.jahia.services.content.JCRContentUtils;
import org.jahia.services.content.JCRNodeWrapper;
import org.jahia.services.content.JCRPropertyWrapper;
import org.jahia.services.content.JCRSessionFactory;
import org.jahia.services.content.JCRSessionWrapper;
import org.jahia.services.content.JCRTemplate;
import org.jahia.services.content.nodetypes.Lexer;
import org.jahia.services.logging.MetricsLoggingService;
import org.jahia.services.render.RenderContext;
import org.jahia.services.render.RenderException;
import org.jahia.services.render.RenderService;
import org.jahia.services.render.Resource;
import org.jahia.services.render.URLResolver;
import org.jahia.services.render.URLResolverFactory;
import org.jahia.services.render.View;
import org.jahia.services.scheduler.BackgroundJob;
import org.jahia.services.seo.urlrewrite.SessionidRemovalResponseWrapper;
import org.jahia.services.templates.JahiaTemplateManagerService;
import org.jahia.services.usermanager.JahiaUser;
import org.jahia.settings.SettingsBean;
import org.jahia.tools.files.FileUpload;
import org.jahia.utils.i18n.Messages;
import org.json.JSONException;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.context.ServletConfigAware;
import org.springframework.web.servlet.mvc.Controller;

/* loaded from: input_file:org/jahia/bin/Render.class */
public class Render extends HttpServlet implements Controller, ServletConfigAware {
    private static final long serialVersionUID = 5377039107890340659L;
    public static final String METHOD_DELETE = "DELETE";
    public static final String METHOD_HEAD = "HEAD";
    public static final String METHOD_GET = "GET";
    public static final String METHOD_OPTIONS = "OPTIONS";
    public static final String METHOD_POST = "POST";
    public static final String METHOD_PUT = "PUT";
    public static final String METHOD_TRACE = "TRACE";
    protected static final String HEADER_IFMODSINCE = "If-Modified-Since";
    protected static final String HEADER_LASTMOD = "Last-Modified";
    public static final String NODE_TYPE = "jcrNodeType";
    public static final String NODE_NAME = "jcrNodeName";
    public static final String NODE_NAME_PROPERTY = "jcrNodeNameProperty";
    public static final String NEW_NODE_OUTPUT_FORMAT = "jcrNewNodeOutputFormat";
    public static final String REDIRECT_TO = "jcrRedirectTo";
    public static final String REDIRECT_HTTP_RESPONSE_CODE = "jcrRedirectResponseCode";
    public static final String METHOD_TO_CALL = "jcrMethodToCall";
    public static final String AUTO_CHECKIN = "jcrAutoCheckin";
    public static final String CAPTCHA = "jcrCaptcha";
    public static final String TARGETDIRECTORY = "jcrTargetDirectory";
    public static final String TARGETNAME = "jcrTargetName";
    public static final String NORMALIZE_NODE_NAME = "jcrNormalizeNodeName";
    public static final String VERSION = "jcrVersion";
    public static final String SUBMIT = "jcrSubmit";
    public static final String AUTO_ASSIGN_ROLE = "jcrAutoAssignRole";
    public static final String ALIAS_USER = "alias";
    public static final String PARENT_TYPE = "jcrParentType";
    public static final String RETURN_CONTENTTYPE = "jcrReturnContentType";
    public static final String RETURN_CONTENTTYPE_OVERRIDE = "jcrReturnContentTypeOverride";
    public static final String RESOURCE_ID = "jcrResourceID";
    public static final String REMOVE_MIXIN = "jcrRemoveMixin";
    public static final String COOKIE_VALUE = "jcrCookieValue";
    public static final String COOKIE_NAME = "jcrCookieName";
    public static final String COOKIE_PATH = "jcrCookiePath";
    public static final String CONTRIBUTE_POST = "jcrContributePost";
    public static final String MARK_FOR_DELETION = "jcrMarkForDeletion";
    public static final String MARK_FOR_DELETION_MESSAGE = "jcrDeletionMessage";
    public static final String PREVIEW_DATE = "prevdate";
    public static final String DISABLE_XSS_FILTERING = "disableXSSFiltering";
    public static final String ALLOWS_MULTIPLE_SUBMITS = "allowsMultipleSubmits";
    public static final String PLUTO_PREFIX = "__";
    public static final String PLUTO_ACTION = "ac";
    public static final String PLUTO_RESOURCE = "rs";
    private transient String workspace;
    private transient MetricsLoggingService loggingService;
    private transient JahiaTemplateManagerService templateService;
    private transient Action defaultPostAction;
    private transient Action defaultPutAction;
    private transient Action webflowAction;
    protected transient SettingsBean settingsBean;
    private transient RenderService renderService;
    private transient JCRSessionFactory jcrSessionFactory;
    private transient URLResolverFactory urlResolverFactory;
    private transient ServletConfig servletConfig;
    private static Logger logger = LoggerFactory.getLogger(Render.class);
    public static final List<String> EVENT_ATTRIBUTE_NAMES = Arrays.asList("onblur", "onchange", "onclick", "ondblclick", "onfocus", "onkeydown", "onkeypress", "onkeyup", "onload", "onmousedown", "onmousemove", "onmouseover", "onmouseout", "onmouseup", "onselect", "onsubmit", "onabort", "oncanplay", "oncanplaythrough", "oncontextmenu", "ondrag", "ondragend", "ondragenter", "ondragleave", "ondragstart", "ondrop", "ondurationchange", "onemptied", "onended", "onerror", "onformchange", "onforminput", "oninput", "oninvalid", "onloadeddata", "onloadedmetadata", "onloadstart", "onmousewheel", "onpause", "onplay", "onplaying", "onprogress", "onratechange", "onreadystatechange", "onscroll", "onseeked", "onseeking", "onshow", "onstalled", "onsuspend", "ontimeupdate", "onvolumechange", "onwaiting");
    public static final Pattern TAG_MISSING_END_BIGGERTHAN_PATTERN = Pattern.compile("<([^<>]*)(?=<|$)");
    public static final Pattern TAG_MISSING_START_LESSERTHAN_PATTERN = Pattern.compile("(^|(?<=>))([^<>]*)>");
    private static final List<String> REDIRECT_CODE_MOVED_PERMANENTLY = new ArrayList(Arrays.asList(String.valueOf(301)));
    private static final List<String> LIST_WITH_EMPTY_STRING = new ArrayList(Arrays.asList(""));
    private static Integer cookieExpirationInDays = 1;
    protected static final Set<String> reservedParameters = new HashSet();
    private transient Action defaultDeleteAction = new DefaultDeleteAction();
    private transient Map<String, String> defaultContentType = new HashMap();
    private transient Integer sessionExpiryTime = null;
    private Set<String> allowedMethods = new HashSet();

    protected long getLastModified(Resource resource, RenderContext renderContext) throws RepositoryException, IOException {
        return -1L;
    }

    protected void maybeSetLastModified(HttpServletResponse httpServletResponse, long j) {
        if (!httpServletResponse.containsHeader(HEADER_LASTMOD) && j >= 0) {
            httpServletResponse.setDateHeader(HEADER_LASTMOD, j);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public RenderContext createRenderContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, JahiaUser jahiaUser) {
        RenderContext renderContext = new RenderContext(httpServletRequest, httpServletResponse, jahiaUser);
        renderContext.setServletPath(httpServletRequest.getServletPath() + httpServletRequest.getPathInfo().substring(0, httpServletRequest.getPathInfo().indexOf(Category.PATH_DELIMITER, 1)));
        return renderContext;
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, RenderContext renderContext, Resource resource, long j) throws RepositoryException, RenderException, IOException {
        this.loggingService.startProfiler("MAIN");
        httpServletResponse.setCharacterEncoding(this.settingsBean.getCharacterEncoding());
        String trim = this.renderService.render(resource, renderContext).trim();
        if (renderContext.getRedirect() != null && !httpServletResponse.isCommitted()) {
            httpServletResponse.sendRedirect(renderContext.getRedirect());
        } else if (!renderContext.isPortletActionRequest()) {
            httpServletResponse.setContentType(renderContext.getContentType() != null ? renderContext.getContentType() : getDefaultContentType(resource.getTemplateType()));
            httpServletResponse.getWriter().print(trim);
        }
        HttpSession session = httpServletRequest.getSession(false);
        String id = session != null ? session.getId() : "";
        this.loggingService.stopProfiler("MAIN");
        if (this.loggingService.isEnabled()) {
            this.loggingService.logContentEvent(renderContext.getUser().getName(), httpServletRequest.getRemoteAddr(), id, resource.getNode().getIdentifier(), resource.getNode().getPath(), resource.getNode().m268getPrimaryNodeType().getName(), "pageViewed", httpServletRequest.getHeader("User-Agent"), httpServletRequest.getHeader("Referer"), Long.toString(System.currentTimeMillis() - j));
        }
    }

    protected void doPut(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, RenderContext renderContext, URLResolver uRLResolver) throws Exception {
        doAction(httpServletRequest, httpServletResponse, uRLResolver, renderContext, null, this.defaultPutAction, toParameterMapOfListOfString(httpServletRequest));
    }

    public static void addCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (httpServletRequest.getParameter(COOKIE_NAME) == null || httpServletRequest.getParameter(COOKIE_VALUE) == null) {
            return;
        }
        Cookie cookie = new Cookie(httpServletRequest.getParameter(COOKIE_NAME), httpServletRequest.getParameter(COOKIE_VALUE));
        cookie.setMaxAge(86400 * cookieExpirationInDays.intValue());
        if (httpServletRequest.getParameter(COOKIE_PATH) != null) {
            cookie.setPath(httpServletRequest.getParameter(COOKIE_PATH));
        } else {
            cookie.setPath(Category.PATH_DELIMITER);
        }
        httpServletResponse.addCookie(cookie);
    }

    public static JSONObject serializeNodeToJSON(JCRNodeWrapper jCRNodeWrapper) throws RepositoryException, IOException, JSONException {
        PropertyIterator properties = jCRNodeWrapper.getProperties();
        HashMap hashMap = new HashMap();
        while (properties.hasNext()) {
            JCRPropertyWrapper jCRPropertyWrapper = (JCRPropertyWrapper) properties.next();
            int type = jCRPropertyWrapper.getType();
            String replaceColon = JCRContentUtils.replaceColon(jCRPropertyWrapper.getName());
            if (!Constants.forbiddenPropertiesToSerialize.contains(jCRPropertyWrapper.getDefinition().getName())) {
                if (type == 10 || type == 9) {
                    if (!jCRPropertyWrapper.isMultiple()) {
                        hashMap.put(replaceColon, ((JCRNodeWrapper) jCRPropertyWrapper.getNode()).getUrl());
                    }
                } else if (!jCRPropertyWrapper.isMultiple()) {
                    hashMap.put(replaceColon, jCRPropertyWrapper.m221getValue().getString());
                }
            }
        }
        return new JSONObject(hashMap);
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, RenderContext renderContext, URLResolver uRLResolver) throws Exception {
        Resource resource;
        Action action;
        if (httpServletRequest.getParameter(JahiaPortalURLParserImpl.PORTLET_INFO) != null) {
            Resource resource2 = uRLResolver.getResource();
            renderContext.setMainResource(resource2);
            renderContext.setSite(resource2.getNode().getResolveSite());
            doGet(httpServletRequest, httpServletResponse, renderContext, resource2, System.currentTimeMillis());
            return;
        }
        Map<String, List<String>> hashMap = new HashMap();
        if (checkForUploadedFiles(httpServletRequest, httpServletResponse, uRLResolver.getWorkspace(), uRLResolver.getLocale(), hashMap, uRLResolver) && hashMap.isEmpty()) {
            return;
        }
        if (hashMap.isEmpty()) {
            hashMap = toParameterMapOfListOfString(httpServletRequest);
        }
        if (uRLResolver.getPath().endsWith(".do") || isWebflowRequest(httpServletRequest)) {
            resource = uRLResolver.getResource();
            renderContext.setMainResource(resource);
            try {
                renderContext.setSite(resource.getNode().getResolveSite());
            } catch (RepositoryException e) {
                logger.warn("Cannot get site for action context", e);
            }
            action = isWebflowRequest(httpServletRequest) ? this.webflowAction : this.templateService.getActions().get(resource.getResolvedTemplate());
        } else {
            final String path = uRLResolver.getPath();
            resource = uRLResolver.getResource(((String) JCRTemplate.getInstance().doExecuteWithSystemSession(null, uRLResolver.getWorkspace(), uRLResolver.getLocale(), new JCRCallback<String>() { // from class: org.jahia.bin.Render.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // org.jahia.services.content.JCRCallback
                public String doInJCR(JCRSessionWrapper jCRSessionWrapper) throws RepositoryException {
                    String substringBeforeLast = path.endsWith("*") ? StringUtils.substringBeforeLast(path, Category.PATH_DELIMITER) : path;
                    do {
                        try {
                            jCRSessionWrapper.m231getNode(substringBeforeLast);
                            break;
                        } catch (PathNotFoundException e2) {
                            substringBeforeLast = StringUtils.substringBeforeLast(substringBeforeLast, Category.PATH_DELIMITER);
                        }
                    } while (substringBeforeLast.contains(Category.PATH_DELIMITER));
                    return substringBeforeLast;
                }
            })) + ".html");
            renderContext.setMainResource(resource);
            try {
                renderContext.setSite(resource.getNode().getResolveSite());
            } catch (RepositoryException e2) {
            }
            action = this.defaultPostAction;
        }
        if (action != null) {
            doAction(httpServletRequest, httpServletResponse, uRLResolver, renderContext, resource, action, hashMap);
            return;
        }
        if (uRLResolver.getPath().endsWith(".do")) {
            logger.error("Couldn't resolve action named [" + resource.getResolvedTemplate() + "]");
        }
        httpServletResponse.sendError(501);
    }

    private Map<String, List<String>> toParameterMapOfListOfString(HttpServletRequest httpServletRequest) {
        ArrayList arrayList;
        Map map;
        HashMap hashMap = new HashMap();
        Map parameterMap = httpServletRequest.getParameterMap();
        boolean z = true;
        String str = parameterMap.get("form-token") != null ? ((String[]) parameterMap.get("form-token"))[0] : null;
        if (str != null && (map = (Map) httpServletRequest.getSession().getAttribute("form-tokens")) != null && map.containsKey(str)) {
            z = !((Map) map.get(str)).containsKey(DISABLE_XSS_FILTERING) || ((List) ((Map) map.get(str)).get(DISABLE_XSS_FILTERING)).contains(View.VISIBLE_FALSE);
        }
        for (Object obj : parameterMap.keySet()) {
            if (obj != null) {
                String[] strArr = (String[]) parameterMap.get(obj);
                if (!z || reservedParameters.contains(obj)) {
                    arrayList = new ArrayList(Arrays.asList(strArr));
                } else {
                    arrayList = new ArrayList();
                    for (String str2 : strArr) {
                        arrayList.add(xssFilter(str2));
                    }
                }
                hashMap.put((String) obj, arrayList);
            }
        }
        return hashMap;
    }

    private String xssFilter(String str) {
        EndTag endTag;
        if (!str.contains(Lexer.QUEROPS_LESSTHAN) && !str.contains(Lexer.QUEROPS_GREATERTHAN)) {
            return str;
        }
        Source source = new Source(TAG_MISSING_START_LESSERTHAN_PATTERN.matcher(TAG_MISSING_END_BIGGERTHAN_PATTERN.matcher(str).replaceAll("&lt;$1")).replaceAll("$1&gt;"));
        OutputDocument outputDocument = new OutputDocument(source);
        for (Element element : source.getAllElements()) {
            if ("script".equals(element.getName())) {
                StartTag startTag = element.getStartTag();
                outputDocument.remove(startTag);
                if (!startTag.isSyntacticalEmptyElementTag() && (endTag = element.getEndTag()) != null) {
                    outputDocument.remove(endTag);
                }
            }
            Iterator it = element.getAttributes().iterator();
            while (it.hasNext()) {
                Attribute attribute = (Attribute) it.next();
                if (EVENT_ATTRIBUTE_NAMES.contains(attribute.getName())) {
                    outputDocument.remove(attribute);
                }
            }
        }
        return outputDocument.toString();
    }

    private boolean checkForUploadedFiles(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, Locale locale, Map<String, List<String>> map, URLResolver uRLResolver) throws RepositoryException, IOException {
        String substringBeforeLast;
        if (!isMultipartRequest(httpServletRequest)) {
            return false;
        }
        if (isPortletRequest(httpServletRequest)) {
            logger.debug("Mulipart request is not processed. It's the task of the portlet");
            return false;
        }
        String tmpContentDiskPath = this.settingsBean.getTmpContentDiskPath();
        File file = new File(tmpContentDiskPath);
        if (!file.exists()) {
            file.mkdirs();
        }
        try {
            FileUpload fileUpload = new FileUpload(httpServletRequest, tmpContentDiskPath, Integer.MAX_VALUE);
            httpServletRequest.setAttribute(FileUpload.FILEUPLOAD_ATTRIBUTE, fileUpload);
            if (fileUpload.getFileItems() != null && fileUpload.getFileItems().size() > 0) {
                boolean contains = fileUpload.getParameterNames().contains(TARGETDIRECTORY);
                boolean endsWith = uRLResolver.getPath().endsWith(".do");
                boolean contains2 = fileUpload.getParameterNames().contains(CONTRIBUTE_POST);
                String header = httpServletRequest.getHeader("x-requested-with");
                boolean z = (httpServletRequest.getHeader("accept") != null && httpServletRequest.getHeader("accept").contains("application/json") && header != null && header.equals("XMLHttpRequest")) || fileUpload.getParameterMap().isEmpty();
                LinkedList linkedList = new LinkedList();
                ArrayList arrayList = new ArrayList();
                LinkedList linkedList2 = new LinkedList();
                if (!endsWith && (contains2 || contains || z)) {
                    JCRSessionWrapper currentUserSession = this.jcrSessionFactory.getCurrentUserSession(str, locale);
                    if (contains) {
                        substringBeforeLast = fileUpload.getParameterValues(TARGETDIRECTORY)[0];
                    } else if (contains2) {
                        String path = uRLResolver.getPath();
                        JCRNodeWrapper m231getNode = currentUserSession.m231getNode(path.endsWith("*") ? StringUtils.substringBeforeLast(path, Category.PATH_DELIMITER) : path);
                        if (m231getNode.getResolveSite() != null) {
                            String str2 = m231getNode.getResolveSite().getPath() + "/files/contributed/";
                            String str3 = JCRContentUtils.replaceColon(m231getNode.getPrimaryNodeTypeName()) + ObjectKeyInterface.KEY_SEPARATOR + m231getNode.getName();
                            substringBeforeLast = str2 + str3;
                            try {
                                currentUserSession.m231getNode(substringBeforeLast);
                            } catch (RepositoryException e) {
                                JCRNodeWrapper m231getNode2 = currentUserSession.m231getNode(str2);
                                currentUserSession.checkout(m231getNode2);
                                m231getNode2.m291addNode(str3, "jnt:folder");
                                currentUserSession.save();
                            }
                        } else {
                            substringBeforeLast = m231getNode.getPath() + "/files";
                            if (!m231getNode.hasNode("files")) {
                                currentUserSession.checkout(m231getNode);
                                m231getNode.m291addNode("files", "jnt:folder");
                                currentUserSession.save();
                            }
                        }
                    } else {
                        String path2 = uRLResolver.getPath();
                        substringBeforeLast = path2.endsWith("*") ? StringUtils.substringBeforeLast(path2, Category.PATH_DELIMITER) : path2;
                    }
                    JCRNodeWrapper m231getNode3 = currentUserSession.m231getNode(substringBeforeLast);
                    boolean equals = fileUpload.getParameterNames().contains(VERSION) ? fileUpload.getParameterValues(VERSION)[0].equals("true") : false;
                    for (Map.Entry<String, DiskFileItem> entry : fileUpload.getFileItems().entrySet()) {
                        String name2 = entry.getValue().getName();
                        if (fileUpload.getParameterNames().contains(TARGETNAME)) {
                            name2 = fileUpload.getParameterValues(TARGETNAME)[0];
                        }
                        String escapeLocalNodeName = JCRContentUtils.escapeLocalNodeName(FilenameUtils.getName(name2));
                        JCRNodeWrapper mo195getNode = m231getNode3.hasNode(escapeLocalNodeName) ? m231getNode3.mo195getNode(escapeLocalNodeName) : null;
                        if (mo195getNode != null && equals) {
                            currentUserSession.checkout(mo195getNode);
                        }
                        currentUserSession.checkout(m231getNode3);
                        InputStream inputStream = null;
                        try {
                            inputStream = entry.getValue().getInputStream();
                            JCRNodeWrapper uploadFile = m231getNode3.uploadFile(escapeLocalNodeName, inputStream, JCRContentUtils.getMimeType(escapeLocalNodeName, entry.getValue().getContentType()));
                            IOUtils.closeQuietly(inputStream);
                            linkedList.add(uploadFile.getIdentifier());
                            linkedList2.add(uploadFile.getAbsoluteUrl(httpServletRequest));
                            arrayList.add(entry.getValue().getName());
                            if (equals) {
                                if (!uploadFile.isVersioned()) {
                                    uploadFile.versionFile();
                                }
                                currentUserSession.save();
                                currentUserSession.m233getNodeByIdentifier(uploadFile.getIdentifier()).checkpoint();
                            }
                        } catch (Throwable th) {
                            IOUtils.closeQuietly(inputStream);
                            throw th;
                        }
                    }
                    fileUpload.disposeItems();
                    fileUpload.markFilesAsConsumed();
                    currentUserSession.save();
                }
                if (endsWith || !(z || contains2)) {
                    map.putAll(fileUpload.getParameterMap());
                    if (!contains) {
                        return true;
                    }
                    map.put(NODE_NAME, arrayList);
                    return true;
                }
                try {
                    httpServletResponse.setStatus(201);
                    LinkedHashMap linkedHashMap = new LinkedHashMap();
                    linkedHashMap.put("uuids", linkedList);
                    linkedHashMap.put("urls", linkedList2);
                    new JSONObject(linkedHashMap).write(httpServletResponse.getWriter());
                    return true;
                } catch (JSONException e2) {
                    logger.error(e2.getMessage(), e2);
                }
            }
            if (fileUpload.getParameterMap() != null && !fileUpload.getParameterMap().isEmpty()) {
                map.putAll(fileUpload.getParameterMap());
            }
            return false;
        } catch (IOException e3) {
            logger.error("Cannot parse multipart data !", e3);
            return false;
        }
    }

    protected void doDelete(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, RenderContext renderContext, URLResolver uRLResolver) throws Exception {
        doAction(httpServletRequest, httpServletResponse, uRLResolver, renderContext, null, this.defaultDeleteAction, toParameterMapOfListOfString(httpServletRequest));
    }

    public boolean isMultipartRequest(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("Content-Type");
        return header != null && header.indexOf("multipart/form-data") >= 0;
    }

    public boolean isPortletRequest(HttpServletRequest httpServletRequest) {
        String pathInfo = httpServletRequest.getPathInfo();
        if (pathInfo == null || !pathInfo.contains("__")) {
            return false;
        }
        StringTokenizer stringTokenizer = new StringTokenizer(pathInfo, Category.PATH_DELIMITER, false);
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            if (nextToken.startsWith("__rs") || nextToken.startsWith("__ac")) {
                return true;
            }
        }
        return false;
    }

    public static void performRedirect(String str, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map<String, List<String>> map, boolean z) throws IOException {
        String str3 = null;
        List<String> list = map.get(NEW_NODE_OUTPUT_FORMAT);
        String str4 = (CollectionUtils.isEmpty(list) || list.get(0) == null) ? "html" : list.get(0);
        List<String> list2 = map.get(REDIRECT_HTTP_RESPONSE_CODE);
        int parseInt = (CollectionUtils.isEmpty(list2) || StringUtils.isBlank(list2.get(0))) ? 303 : Integer.parseInt(list2.get(0));
        List<String> list3 = map.get(REDIRECT_TO);
        String substringBeforeLast = (CollectionUtils.isEmpty(list3) || StringUtils.isBlank(list3.get(0))) ? "" : StringUtils.substringBeforeLast(list3.get(0), ";");
        if (!StringUtils.isEmpty(substringBeforeLast)) {
            str3 = substringBeforeLast + (!StringUtils.isEmpty(str4) ? "." + str4 : "");
        } else if (!StringUtils.isEmpty(str)) {
            String decode = URLDecoder.decode(httpServletRequest.getRequestURI(), "UTF-8");
            str3 = decode.substring(0, decode.indexOf(str2)) + str + (!StringUtils.isEmpty(str4) ? "." + str4 : "");
        }
        if (z) {
            List<String> list4 = map.get(RESOURCE_ID);
            String str5 = (CollectionUtils.isEmpty(list4) || StringUtils.isBlank(list4.get(0))) ? null : list4.get(0);
            if (str5 != null) {
                str3 = str3 + "?ec=" + str5;
            }
        }
        if (StringUtils.isEmpty(str3)) {
            return;
        }
        String encodeRedirectURL = httpServletResponse.encodeRedirectURL(str3);
        if (SettingsBean.getInstance().isDisableJsessionIdParameter() && encodeRedirectURL.contains(";" + SettingsBean.getInstance().getJsessionIdParameterName())) {
            encodeRedirectURL = SessionidRemovalResponseWrapper.removeJsessionId(encodeRedirectURL);
        }
        if (StringUtils.isEmpty(substringBeforeLast)) {
            httpServletResponse.setHeader("Location", encodeRedirectURL);
        } else if (parseInt == 303) {
            httpServletResponse.setHeader("Location", encodeRedirectURL);
        }
        if (parseInt == 302) {
            httpServletResponse.sendRedirect(encodeRedirectURL);
        } else {
            httpServletResponse.setStatus(parseInt);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:116:0x03fd, code lost:
    
        if (r20.getLanguagesAsLocales().contains(r0.getLocale()) == false) goto L114;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public org.springframework.web.servlet.ModelAndView handleRequest(javax.servlet.http.HttpServletRequest r10, javax.servlet.http.HttpServletResponse r11) throws java.lang.Exception {
        /*
            Method dump skipped, instructions count: 2005
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.jahia.bin.Render.handleRequest(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse):org.springframework.web.servlet.ModelAndView");
    }

    private boolean isWebflowRequest(HttpServletRequest httpServletRequest) {
        boolean z = false;
        if (httpServletRequest.getMethod().equals(METHOD_POST)) {
            Enumeration parameterNames = httpServletRequest.getParameterNames();
            while (true) {
                if (!parameterNames.hasMoreElements()) {
                    break;
                }
                if (((String) parameterNames.nextElement()).startsWith("webflowexecution")) {
                    z = true;
                    break;
                }
            }
        }
        return z;
    }

    protected boolean isDisabled() {
        return false;
    }

    private void doAction(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, URLResolver uRLResolver, RenderContext renderContext, Resource resource, final Action action, Map<String, List<String>> map) throws Exception {
        String header = httpServletRequest.getHeader("x-requested-with");
        boolean z = httpServletRequest.getHeader("accept") != null && httpServletRequest.getHeader("accept").contains("application/json") && header != null && header.equals("XMLHttpRequest");
        switch (isWebflowRequest(httpServletRequest) ? 0 : TokenChecker.checkToken(httpServletRequest, httpServletResponse, map)) {
            case 1:
                action = new SystemAction() { // from class: org.jahia.bin.Render.2
                    @Override // org.jahia.bin.SystemAction
                    public ActionResult doExecuteAsSystem(HttpServletRequest httpServletRequest2, RenderContext renderContext2, JCRSessionWrapper jCRSessionWrapper, Resource resource2, Map<String, List<String>> map2, URLResolver uRLResolver2) throws Exception {
                        return action.doExecute(httpServletRequest2, renderContext2, resource2, jCRSessionWrapper, map2, uRLResolver2);
                    }
                };
                break;
            case 2:
                throw new AccessDeniedException("Invalid token.");
            case 3:
                throw new AccessDeniedException();
            case 4:
                HashMap hashMap = new HashMap();
                for (Map.Entry<String, List<String>> entry : map.entrySet()) {
                    hashMap.put(entry.getKey(), entry.getValue().toArray(new String[entry.getValue().size()]));
                }
                String internal = Messages.getInternal("failure.captcha", uRLResolver.getLocale(), "Your captcha is invalid");
                if (!z) {
                    httpServletRequest.getSession().setAttribute("formDatas", hashMap);
                    httpServletRequest.getSession().setAttribute("formError", internal);
                    performRedirect(renderContext.getMainResource().getNode().getPath(), uRLResolver.getPath(), httpServletRequest, httpServletResponse, map, true);
                    return;
                } else {
                    httpServletResponse.setContentType("application/json; charset=UTF-8");
                    HashMap hashMap2 = new HashMap();
                    hashMap2.put(BackgroundJob.JOB_STATUS, internal);
                    new JSONObject(hashMap2).write(httpServletResponse.getWriter());
                    return;
                }
        }
        if (!(action instanceof SystemAction)) {
            if (action.getRequiredWorkspace() != null && !action.getRequiredWorkspace().equals(uRLResolver.getWorkspace())) {
                throw new PathNotFoundException("Action is not supported for this workspace");
            }
            if (action.isRequireAuthenticatedUser() && !renderContext.isLoggedIn()) {
                throw new AccessDeniedException("Action '" + action.getName() + "' requires an authenticated user");
            }
            if (!action.isPermitted(uRLResolver.getNode())) {
                throw new AccessDeniedException("Action '" + action.getName() + "' requires '" + action.getRequiredPermission() + "' permission.");
            }
        } else if (action instanceof LicensedAction) {
            LicensedAction licensedAction = (LicensedAction) action;
            if (!licensedAction.isAllowedByLicense()) {
                logger.error("Action '{}' requires a licene feature '{}' which is not allowed by the current license terms", action.getName(), licensedAction.getLicenseFeature());
                throw new AccessDeniedException("Action '" + action.getName() + "' requires a licene feature '" + licensedAction.getLicenseFeature() + "' which is not allowed by the current license terms");
            }
        }
        try {
            ActionResult doExecute = action.doExecute(httpServletRequest, renderContext, resource, resource != null ? resource.getNode().m293getSession() : JCRSessionFactory.getInstance().getCurrentUserSession(uRLResolver.getWorkspace(), uRLResolver.getLocale()), map, uRLResolver);
            if (doExecute != null) {
                boolean z2 = "json".equals(map.get(RETURN_CONTENTTYPE) != null ? map.get(RETURN_CONTENTTYPE).get(0) : "") || (httpServletRequest.getHeader("accept") != null && httpServletRequest.getHeader("accept").contains("application/json"));
                if (doExecute.getResultCode() >= 300 && !z2) {
                    httpServletResponse.sendError(doExecute.getResultCode());
                    return;
                }
                httpServletResponse.setStatus(doExecute.getResultCode());
                addCookie(httpServletRequest, httpServletResponse);
                if (doExecute.getJson() == null || !z2) {
                    if (doExecute.isAbsoluteUrl()) {
                        httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(doExecute.getUrl()));
                        return;
                    } else {
                        performRedirect(doExecute.getUrl(), uRLResolver.getPath(), httpServletRequest, httpServletResponse, map, false);
                        return;
                    }
                }
                try {
                    String defaultIfEmpty = map.get(RETURN_CONTENTTYPE_OVERRIDE) != null ? StringUtils.defaultIfEmpty(map.get(RETURN_CONTENTTYPE_OVERRIDE).get(0), (String) null) : null;
                    if (defaultIfEmpty == null) {
                        defaultIfEmpty = "application/json; charset=UTF-8";
                    } else if (!defaultIfEmpty.toLowerCase().contains("charset")) {
                        defaultIfEmpty = defaultIfEmpty + "; charset=UTF-8";
                    }
                    httpServletResponse.setContentType(defaultIfEmpty);
                    doExecute.getJson().write(httpServletResponse.getWriter());
                } catch (JSONException e) {
                    logger.error(e.getMessage(), e);
                }
            }
        } catch (Exception e2) {
            logger.error("An error occurs when executing action {}", action.getName(), e2);
            throw e2;
        }
    }

    protected boolean isMethodAllowed(String str) {
        return this.allowedMethods.isEmpty() || this.allowedMethods.contains(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean hasAccess(JCRNodeWrapper jCRNodeWrapper) {
        return true;
    }

    public void setServletConfig(ServletConfig servletConfig) {
        this.servletConfig = servletConfig;
    }

    public ServletConfig getServletConfig() {
        return this.servletConfig;
    }

    public String getServletName() {
        return getServletConfig().getServletName();
    }

    public static String getRenderServletPath() {
        return "/cms/render";
    }

    public void setWorkspace(String str) {
        this.workspace = str;
    }

    public void setLoggingService(MetricsLoggingService metricsLoggingService) {
        this.loggingService = metricsLoggingService;
    }

    public void setTemplateService(JahiaTemplateManagerService jahiaTemplateManagerService) {
        this.templateService = jahiaTemplateManagerService;
    }

    public void setSessionExpiryTime(int i) {
        this.sessionExpiryTime = Integer.valueOf(i);
    }

    public void setDefaultPostAction(Action action) {
        this.defaultPostAction = action;
    }

    public void setDefaultPutAction(Action action) {
        this.defaultPutAction = action;
    }

    public void setWebflowAction(Action action) {
        this.webflowAction = action;
    }

    public static Set<String> getReservedParameters() {
        return reservedParameters;
    }

    public void setSettingsBean(SettingsBean settingsBean) {
        this.settingsBean = settingsBean;
    }

    public void setRenderService(RenderService renderService) {
        this.renderService = renderService;
    }

    public void setJcrSessionFactory(JCRSessionFactory jCRSessionFactory) {
        this.jcrSessionFactory = jCRSessionFactory;
    }

    public void setCookieExpirationInDays(Integer num) {
        cookieExpirationInDays = num;
    }

    public void setUrlResolverFactory(URLResolverFactory uRLResolverFactory) {
        this.urlResolverFactory = uRLResolverFactory;
    }

    public void setAllowedMethods(Set<String> set) {
        this.allowedMethods = new HashSet(set.size());
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            this.allowedMethods.add(it.next().toUpperCase());
        }
    }

    public String getDefaultContentType(String str) {
        return (str == null || this.defaultContentType.get(str) == null) ? "text/html; charset=UTF-8" : this.defaultContentType.get(str);
    }

    public void setDefaultContentType(Map<String, String> map) {
        this.defaultContentType = map;
    }

    static {
        reservedParameters.add(NODE_TYPE);
        reservedParameters.add(NODE_NAME);
        reservedParameters.add(NODE_NAME_PROPERTY);
        reservedParameters.add(NEW_NODE_OUTPUT_FORMAT);
        reservedParameters.add(REDIRECT_TO);
        reservedParameters.add(METHOD_TO_CALL);
        reservedParameters.add(AUTO_CHECKIN);
        reservedParameters.add(CAPTCHA);
        reservedParameters.add(TARGETDIRECTORY);
        reservedParameters.add(TARGETNAME);
        reservedParameters.add("jcr:mixinTypes");
        reservedParameters.add(NORMALIZE_NODE_NAME);
        reservedParameters.add(VERSION);
        reservedParameters.add(SUBMIT);
        reservedParameters.add(AUTO_ASSIGN_ROLE);
        reservedParameters.add(PARENT_TYPE);
        reservedParameters.add(RETURN_CONTENTTYPE);
        reservedParameters.add(RETURN_CONTENTTYPE_OVERRIDE);
        reservedParameters.add(COOKIE_NAME);
        reservedParameters.add(COOKIE_VALUE);
        reservedParameters.add(COOKIE_PATH);
        reservedParameters.add(CONTRIBUTE_POST);
        reservedParameters.add(MARK_FOR_DELETION);
        reservedParameters.add(DISABLE_XSS_FILTERING);
        reservedParameters.add(ALLOWS_MULTIPLE_SUBMITS);
    }
}
