package org.eclipse.leshan.server.core.demo.json.servlet;

import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.core.JsonParseException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.module.SimpleModule;
import com.fasterxml.jackson.databind.node.JsonNodeFactory;
import com.fasterxml.jackson.databind.node.ObjectNode;
import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.eclipse.leshan.server.core.demo.json.JacksonSecurityDeserializer;
import org.eclipse.leshan.server.core.demo.json.JacksonSecuritySerializer;
import org.eclipse.leshan.server.core.demo.json.PublicKeySerDes;
import org.eclipse.leshan.server.core.demo.json.X509CertificateSerDes;
import org.eclipse.leshan.server.security.EditableSecurityStore;
import org.eclipse.leshan.server.security.NonUniqueSecurityInfoException;
import org.eclipse.leshan.server.security.SecurityInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/leshan/server/core/demo/json/servlet/SecurityServlet.class */
public class SecurityServlet extends HttpServlet {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) SecurityServlet.class);
    private static final long serialVersionUID = 1;
    private final EditableSecurityStore store;
    private final PublicKey serverPublicKey;
    private final X509Certificate serverCertificate;
    private final X509CertificateSerDes certificateSerDes;
    private final PublicKeySerDes publicKeySerDes;
    private final ObjectMapper mapper;

    public SecurityServlet(EditableSecurityStore editableSecurityStore, X509Certificate x509Certificate) {
        this(editableSecurityStore, null, x509Certificate);
    }

    public SecurityServlet(EditableSecurityStore editableSecurityStore, PublicKey publicKey) {
        this(editableSecurityStore, publicKey, null);
    }

    protected SecurityServlet(EditableSecurityStore editableSecurityStore, PublicKey publicKey, X509Certificate x509Certificate) {
        this.store = editableSecurityStore;
        this.serverPublicKey = publicKey;
        this.serverCertificate = x509Certificate;
        this.certificateSerDes = new X509CertificateSerDes();
        this.publicKeySerDes = new PublicKeySerDes();
        this.mapper = new ObjectMapper();
        this.mapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
        SimpleModule simpleModule = new SimpleModule();
        simpleModule.addDeserializer(SecurityInfo.class, new JacksonSecurityDeserializer());
        simpleModule.addSerializer(SecurityInfo.class, new JacksonSecuritySerializer());
        this.mapper.registerModule(simpleModule);
    }

    @Override // javax.servlet.http.HttpServlet
    protected void doPut(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String[] split = StringUtils.split(httpServletRequest.getPathInfo(), '/');
        if (split.length != 1 && "clients".equals(split[0])) {
            httpServletResponse.sendError(400);
            return;
        }
        try {
            SecurityInfo securityInfo = (SecurityInfo) this.mapper.readValue(new InputStreamReader(httpServletRequest.getInputStream()), SecurityInfo.class);
            LOG.debug("New security info for end-point {}: {}", securityInfo.getEndpoint(), securityInfo);
            this.store.add(securityInfo);
            httpServletResponse.setStatus(200);
        } catch (JsonParseException e) {
            LOG.warn("Could not parse request body", (Throwable) e);
            httpServletResponse.setStatus(400);
            httpServletResponse.getWriter().append("Invalid request body");
            if (e.getMessage() != null) {
                httpServletResponse.getWriter().append(": ").append((CharSequence) e.getMessage());
            }
            httpServletResponse.getWriter().flush();
        } catch (RuntimeException e2) {
            LOG.warn("unexpected error for request " + httpServletRequest.getPathInfo(), (Throwable) e2);
            httpServletResponse.sendError(500);
        } catch (NonUniqueSecurityInfoException e3) {
            LOG.warn("Non unique security info: " + e3.getMessage());
            httpServletResponse.setStatus(400);
            httpServletResponse.getWriter().append((CharSequence) e3.getMessage()).flush();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.servlet.http.HttpServlet
    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String[] split = StringUtils.split(httpServletRequest.getPathInfo(), '/');
        if (split.length != 1) {
            httpServletResponse.sendError(400);
            return;
        }
        if ("clients".equals(split[0])) {
            String writeValueAsString = this.mapper.writeValueAsString(this.store.getAll());
            httpServletResponse.setContentType("application/json");
            httpServletResponse.getOutputStream().write(writeValueAsString.getBytes(StandardCharsets.UTF_8));
            httpServletResponse.setStatus(200);
            return;
        }
        if (!"server".equals(split[0])) {
            httpServletResponse.sendError(400);
            return;
        }
        ObjectNode objectNode = JsonNodeFactory.instance.objectNode();
        if (this.serverPublicKey != null) {
            objectNode.set("pubkey", this.publicKeySerDes.jSerialize(this.serverPublicKey));
        } else if (this.serverCertificate != null) {
            objectNode.set("certificate", this.certificateSerDes.jSerialize(this.serverCertificate));
        }
        httpServletResponse.setContentType("application/json");
        httpServletResponse.getOutputStream().write(objectNode.toString().getBytes(StandardCharsets.UTF_8));
        httpServletResponse.setStatus(200);
    }

    @Override // javax.servlet.http.HttpServlet
    protected void doDelete(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String substringAfter = StringUtils.substringAfter(httpServletRequest.getPathInfo(), "/clients/");
        if (StringUtils.isEmpty(substringAfter)) {
            httpServletResponse.sendError(400);
            return;
        }
        LOG.debug("Removing security info for end-point {}", substringAfter);
        if (this.store.remove(substringAfter, true) != null) {
            httpServletResponse.setStatus(200);
            return;
        }
        httpServletResponse.setContentType("application/json");
        httpServletResponse.getOutputStream().write("{\"message\":\"not_found\"}".getBytes(StandardCharsets.UTF_8));
        httpServletResponse.setStatus(200);
    }
}
