package org.jivesoftware.openfire.plugin.userService;

import gnu.inet.encoding.Stringprep;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.jivesoftware.admin.AuthCheckFilter;
import org.jivesoftware.openfire.SharedGroupException;
import org.jivesoftware.openfire.XMPPServer;
import org.jivesoftware.openfire.plugin.UserServicePlugin;
import org.jivesoftware.openfire.user.UserAlreadyExistsException;
import org.jivesoftware.openfire.user.UserNotFoundException;
import org.jivesoftware.util.Log;
import org.xmpp.packet.JID;

/* loaded from: input_file:lib/plugin-userservice.jar:org/jivesoftware/openfire/plugin/userService/UserServiceServlet.class */
public class UserServiceServlet extends HttpServlet {
    private UserServicePlugin plugin;

    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        this.plugin = (UserServicePlugin) XMPPServer.getInstance().getPluginManager().getPlugin("userservice");
        AuthCheckFilter.addExclude("userService/userservice");
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        PrintWriter writer = httpServletResponse.getWriter();
        if (!this.plugin.getAllowedIPs().isEmpty()) {
            String header = httpServletRequest.getHeader("x-forwarded-for");
            if (header == null) {
                header = httpServletRequest.getHeader("X_FORWARDED_FOR");
                if (header == null) {
                    header = httpServletRequest.getHeader("X-Forward-For");
                    if (header == null) {
                        header = httpServletRequest.getRemoteAddr();
                    }
                }
            }
            if (!this.plugin.getAllowedIPs().contains(header)) {
                Log.warn("User service rejected service to IP address: " + header);
                replyError("RequestNotAuthorised", httpServletResponse, writer);
                return;
            }
        }
        String parameter = httpServletRequest.getParameter("username");
        String parameter2 = httpServletRequest.getParameter("password");
        String parameter3 = httpServletRequest.getParameter("name");
        String parameter4 = httpServletRequest.getParameter("email");
        String parameter5 = httpServletRequest.getParameter("type");
        String parameter6 = httpServletRequest.getParameter("secret");
        String parameter7 = httpServletRequest.getParameter("groups");
        String parameter8 = httpServletRequest.getParameter("item_jid");
        String parameter9 = httpServletRequest.getParameter("subscription");
        if (!this.plugin.isEnabled()) {
            Log.warn("User service plugin is disabled: " + httpServletRequest.getQueryString());
            replyError("UserServiceDisabled", httpServletResponse, writer);
            return;
        }
        if (parameter6 == null || !parameter6.equals(this.plugin.getSecret())) {
            Log.warn("An unauthorised user service request was received: " + httpServletRequest.getQueryString());
            replyError("RequestNotAuthorised", httpServletResponse, writer);
            return;
        }
        if (parameter == null) {
            replyError("IllegalArgumentException", httpServletResponse, writer);
            return;
        }
        if ((parameter5.equals("add_roster") || parameter5.equals("update_roster") || parameter5.equals("delete_roster")) && (parameter8 == null || !(parameter9 == null || parameter9.equals("-1") || parameter9.equals("0") || parameter9.equals("1") || parameter9.equals("2") || parameter9.equals("3")))) {
            replyError("IllegalArgumentException", httpServletResponse, writer);
            return;
        }
        try {
            String nodeprep = Stringprep.nodeprep(JID.escapeNode(parameter.trim().toLowerCase()));
            if ("add".equals(parameter5)) {
                this.plugin.createUser(nodeprep, parameter2, parameter3, parameter4, parameter7);
                replyMessage("ok", httpServletResponse, writer);
            } else if ("delete".equals(parameter5)) {
                this.plugin.deleteUser(nodeprep);
                replyMessage("ok", httpServletResponse, writer);
            } else if ("enable".equals(parameter5)) {
                this.plugin.enableUser(nodeprep);
                replyMessage("ok", httpServletResponse, writer);
            } else if ("disable".equals(parameter5)) {
                this.plugin.disableUser(nodeprep);
                replyMessage("ok", httpServletResponse, writer);
            } else if ("update".equals(parameter5)) {
                this.plugin.updateUser(nodeprep, parameter2, parameter3, parameter4, parameter7);
                replyMessage("ok", httpServletResponse, writer);
            } else if ("add_roster".equals(parameter5)) {
                this.plugin.addRosterItem(nodeprep, parameter8, parameter3, parameter9, parameter7);
                replyMessage("ok", httpServletResponse, writer);
            } else if ("update_roster".equals(parameter5)) {
                this.plugin.updateRosterItem(nodeprep, parameter8, parameter3, parameter9, parameter7);
                replyMessage("ok", httpServletResponse, writer);
            } else if ("delete_roster".equals(parameter5)) {
                this.plugin.deleteRosterItem(nodeprep, parameter8);
                replyMessage("ok", httpServletResponse, writer);
            } else {
                Log.warn("The userService servlet received an invalid request of type: " + parameter5);
            }
        } catch (IllegalArgumentException e) {
            replyError("IllegalArgumentException", httpServletResponse, writer);
        } catch (Exception e2) {
            replyError(e2.toString(), httpServletResponse, writer);
        } catch (UserNotFoundException e3) {
            replyError("UserNotFoundException", httpServletResponse, writer);
        } catch (UserAlreadyExistsException e4) {
            replyError("UserAlreadyExistsException", httpServletResponse, writer);
        } catch (SharedGroupException e5) {
            replyError("SharedGroupException", httpServletResponse, writer);
        }
    }

    private void replyMessage(String str, HttpServletResponse httpServletResponse, PrintWriter printWriter) {
        httpServletResponse.setContentType("text/xml");
        printWriter.println("<result>" + str + "</result>");
        printWriter.flush();
    }

    private void replyError(String str, HttpServletResponse httpServletResponse, PrintWriter printWriter) {
        httpServletResponse.setContentType("text/xml");
        printWriter.println("<error>" + str + "</error>");
        printWriter.flush();
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doGet(httpServletRequest, httpServletResponse);
    }

    public void destroy() {
        super.destroy();
        AuthCheckFilter.removeExclude("userService/userservice");
    }
}
