package com.mxgraph.online;

import com.mxgraph.online.Utils;
import java.io.BufferedInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLConnection;
import java.net.UnknownHostException;
import java.util.Arrays;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:classes/draw/WEB-INF/classes/com/mxgraph/online/ProxyServlet.class */
public class ProxyServlet extends HttpServlet {
    private static final Logger log = Logger.getLogger(HttpServlet.class.getName());
    private static int BUFFER_SIZE = 3072;
    private static byte[] emptyBytes = new byte[0];

    @Override // javax.servlet.http.HttpServlet
    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String parameter = httpServletRequest.getParameter("url");
        if (!checkUrlParameter(parameter)) {
            httpServletResponse.setStatus(400);
            log.log(Level.SEVERE, "proxy request with invalid URL parameter: url=" + (parameter != null ? parameter : "[null]"));
            return;
        }
        String header = httpServletRequest.getHeader("referer");
        String header2 = httpServletRequest.getHeader("User-Agent");
        String corsDomain = getCorsDomain(header, header2);
        try {
            httpServletRequest.setCharacterEncoding("UTF-8");
            httpServletResponse.setCharacterEncoding("UTF-8");
            URLConnection openConnection = new URL(parameter).openConnection();
            ServletOutputStream outputStream = httpServletResponse.getOutputStream();
            httpServletResponse.setHeader("Cache-Control", "private, max-age=86400");
            openConnection.setRequestProperty("User-Agent", "draw.io");
            if (corsDomain != null && corsDomain.length() > 0) {
                httpServletResponse.addHeader("Access-Control-Allow-Origin", corsDomain);
            }
            if (openConnection instanceof HttpURLConnection) {
                ((HttpURLConnection) openConnection).setInstanceFollowRedirects(true);
                int responseCode = ((HttpURLConnection) openConnection).getResponseCode();
                int i = 0;
                while (true) {
                    int i2 = i;
                    i++;
                    if (i2 >= 2 || !(responseCode == 301 || responseCode == 302)) {
                        break;
                    }
                    openConnection = new URL(openConnection.getHeaderField("Location")).openConnection();
                    ((HttpURLConnection) openConnection).setInstanceFollowRedirects(true);
                    openConnection.setRequestProperty("User-Agent", "draw.io");
                    responseCode = ((HttpURLConnection) openConnection).getResponseCode();
                }
                httpServletResponse.setStatus(responseCode);
                InputStream inputStream = openConnection.getInputStream();
                byte[] checkStreamContent = contentAlwaysAllowed(parameter) ? emptyBytes : Utils.checkStreamContent(inputStream);
                httpServletResponse.setContentType("application/octet-stream");
                String parameter2 = httpServletRequest.getParameter("base64");
                copyResponse(inputStream, outputStream, checkStreamContent, parameter2 != null && parameter2.equals("1"));
            }
            outputStream.flush();
            outputStream.close();
            log.log(Level.FINEST, "processed proxy request: url=" + (parameter != null ? parameter : "[null]") + ", referer=" + (header != null ? header : "[null]") + ", user agent=" + (header2 != null ? header2 : "[null]"));
        } catch (Utils.UnsupportedContentException e) {
            httpServletResponse.setStatus(403);
            log.log(Level.SEVERE, "proxy request with invalid content: url=" + (parameter != null ? parameter : "[null]") + ", referer=" + (header != null ? header : "[null]") + ", user agent=" + (header2 != null ? header2 : "[null]"));
        } catch (FileNotFoundException | UnknownHostException e2) {
            httpServletResponse.setStatus(404);
        } catch (Exception e3) {
            httpServletResponse.setStatus(500);
            log.log(Level.FINE, "proxy request failed: url=" + (parameter != null ? parameter : "[null]") + ", referer=" + (header != null ? header : "[null]") + ", user agent=" + (header2 != null ? header2 : "[null]"));
            e3.printStackTrace();
        }
    }

    protected void copyResponse(InputStream inputStream, OutputStream outputStream, byte[] bArr, boolean z) throws IOException {
        int read;
        if (!z) {
            outputStream.write(bArr);
            Utils.copy(inputStream, outputStream);
            return;
        }
        BufferedInputStream bufferedInputStream = new BufferedInputStream(inputStream, BUFFER_SIZE);
        Throwable th = null;
        try {
            try {
                StringBuilder sb = new StringBuilder();
                sb.append(mxBase64.encodeToString(bArr, false));
                byte[] bArr2 = new byte[BUFFER_SIZE];
                while (true) {
                    read = bufferedInputStream.read(bArr2);
                    if (read != BUFFER_SIZE) {
                        break;
                    } else {
                        sb.append(mxBase64.encodeToString(bArr2, false));
                    }
                }
                if (read > 0) {
                    sb.append(mxBase64.encodeToString(Arrays.copyOf(bArr2, read), false));
                }
                outputStream.write(sb.toString().getBytes());
                if (bufferedInputStream != null) {
                    if (0 == 0) {
                        bufferedInputStream.close();
                        return;
                    }
                    try {
                        bufferedInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (bufferedInputStream != null) {
                if (th != null) {
                    try {
                        bufferedInputStream.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    bufferedInputStream.close();
                }
            }
            throw th4;
        }
    }

    public boolean checkUrlParameter(String str) {
        return str != null && (str.startsWith("http://") || str.startsWith("https://")) && !str.toLowerCase().contains("://metadata.google.internal/");
    }

    public boolean contentAlwaysAllowed(String str) {
        return str.toLowerCase().startsWith("https://trello-attachments.s3.amazonaws.com/");
    }

    protected String getCorsDomain(String str, String str2) {
        String str3 = null;
        if (str != null && str.toLowerCase().matches("https?://([a-z0-9,-]+[.])*draw[.]io/.*")) {
            str3 = str.toLowerCase().substring(0, str.indexOf(".draw.io/") + 8);
        } else if (str != null && str.toLowerCase().matches("https?://([a-z0-9,-]+[.])*quipelements[.]com/.*")) {
            str3 = str.toLowerCase().substring(0, str.indexOf(".quipelements.com/") + 17);
        } else if ((str != null && str.equals("draw.io Proxy Confluence Server")) || (str2 != null && str2.equals("Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:50.0) Gecko/20100101 Firefox/50.0"))) {
            str3 = "";
        }
        return str3;
    }
}
