package org.apache.sling.jcr.davex.impl.servlets;

import java.util.Hashtable;
import java.util.Map;
import javax.jcr.LoginException;
import javax.jcr.Repository;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.SimpleCredentials;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import org.apache.felix.scr.annotations.Activate;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Deactivate;
import org.apache.felix.scr.annotations.Properties;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Reference;
import org.apache.jackrabbit.server.SessionProvider;
import org.apache.jackrabbit.server.remoting.davex.JcrRemotingServlet;
import org.apache.jackrabbit.webdav.jcr.JCRWebdavServerServlet;
import org.apache.sling.api.resource.ResourceResolver;
import org.apache.sling.auth.core.AuthenticationSupport;
import org.apache.sling.commons.osgi.OsgiUtil;
import org.apache.sling.jcr.api.SlingRepository;
import org.osgi.framework.BundleContext;
import org.osgi.framework.ServiceRegistration;
import org.osgi.service.http.HttpService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Component(metatype = true, label = "%dav.name", description = "%dav.description")
@Properties({@Property(name = "service.description", value = {"Sling JcrRemoting Servlet"}), @Property(name = "service.vendor", value = {"The Apache Software Foundation"})})
/* loaded from: input_file:org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.class */
public class SlingDavExServlet extends JcrRemotingServlet {
    private static final String DEFAULT_DAV_ROOT = "/server";

    @Property({DEFAULT_DAV_ROOT})
    private static final String PROP_DAV_ROOT = "alias";
    private static final boolean DEFAULT_CREATE_ABSOLUTE_URI = true;

    @Property(boolValue = {true})
    private static final String PROP_CREATE_ABSOLUTE_URI = "dav.create-absolute-uri";
    private static final String PAR_AUTH_REQ = "sling.auth.requirements";
    private static char[] EMPTY_PW = new char[0];
    private final Logger log = LoggerFactory.getLogger(getClass());

    @Reference
    private SlingRepository repository;

    @Reference
    private HttpService httpService;

    @Reference
    private AuthenticationSupport authSupport;
    private String servletAlias;
    private ServiceRegistration dummyService;

    @Activate
    protected void activate(BundleContext bundleContext, Map<String, ?> map) {
        String osgiUtil = OsgiUtil.toString(map.get(PROP_DAV_ROOT), DEFAULT_DAV_ROOT);
        boolean z = OsgiUtil.toBoolean(map.get(PROP_CREATE_ABSOLUTE_URI), true);
        AuthHttpContext authHttpContext = new AuthHttpContext(osgiUtil);
        authHttpContext.setAuthenticationSupport(this.authSupport);
        Hashtable hashtable = new Hashtable();
        hashtable.put(JCRWebdavServerServlet.INIT_PARAM_RESOURCE_PATH_PREFIX, osgiUtil);
        hashtable.put("createAbsoluteURI", Boolean.toString(z));
        hashtable.put("csrf-protection", "disabled");
        try {
            this.httpService.registerServlet(osgiUtil, this, hashtable, authHttpContext);
            this.servletAlias = osgiUtil;
            java.util.Properties properties = new java.util.Properties();
            properties.put("service.vendor", map.get("service.vendor"));
            properties.put("service.description", "Helper for " + map.get("service.description"));
            properties.put(PAR_AUTH_REQ, "-" + osgiUtil);
            this.dummyService = bundleContext.registerService("java.lang.Object", new Object(), properties);
        } catch (Exception e) {
            this.log.error("activate: Failed registering DavEx Servlet at " + osgiUtil, e);
        }
    }

    @Deactivate
    protected void deactivate() {
        if (this.dummyService != null) {
            this.dummyService.unregister();
            this.dummyService = null;
        }
        if (this.servletAlias != null) {
            this.httpService.unregister(this.servletAlias);
            this.servletAlias = null;
        }
    }

    @Override // org.apache.jackrabbit.webdav.jcr.JCRWebdavServerServlet
    protected Repository getRepository() {
        return this.repository;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.jackrabbit.webdav.jcr.JCRWebdavServerServlet
    public SessionProvider getSessionProvider() {
        return new SessionProvider() { // from class: org.apache.sling.jcr.davex.impl.servlets.SlingDavExServlet.1
            @Override // org.apache.jackrabbit.server.SessionProvider
            public Session getSession(HttpServletRequest httpServletRequest, Repository repository, String str) throws LoginException, RepositoryException, ServletException {
                Session session;
                ResourceResolver resourceResolver = (ResourceResolver) httpServletRequest.getAttribute("org.apache.sling.auth.core.ResourceResolver");
                if (resourceResolver == null || (session = (Session) resourceResolver.adaptTo(Session.class)) == null) {
                    throw new ServletException("ResourceResolver missing or not providing on JCR Session");
                }
                Session longLivedSession = getLongLivedSession(session);
                SlingDavExServlet.this.log.debug("getSession: Creating new Session ({}) for {}", longLivedSession, longLivedSession.getUserID());
                return longLivedSession;
            }

            @Override // org.apache.jackrabbit.server.SessionProvider
            public void releaseSession(Session session) {
                SlingDavExServlet.this.log.debug("releaseSession: Logging out long lived Session ({})", session);
                session.logout();
            }

            private Session getLongLivedSession(Session session) throws RepositoryException {
                Session session2 = null;
                String userID = session.getUserID();
                try {
                    try {
                        SimpleCredentials simpleCredentials = new SimpleCredentials(userID, SlingDavExServlet.EMPTY_PW);
                        session2 = SlingDavExServlet.this.repository.loginAdministrative(session.getWorkspace().getName());
                        Session impersonate = session2.impersonate(simpleCredentials);
                        if (session2 != null) {
                            session2.logout();
                        }
                        return impersonate;
                    } catch (RepositoryException e) {
                        throw new RepositoryException("Cannot get session for " + userID, e);
                    }
                } catch (Throwable th) {
                    if (session2 != null) {
                        session2.logout();
                    }
                    throw th;
                }
            }
        };
    }

    protected void bindRepository(SlingRepository slingRepository) {
        this.repository = slingRepository;
    }

    protected void unbindRepository(SlingRepository slingRepository) {
        if (this.repository == slingRepository) {
            this.repository = null;
        }
    }

    protected void bindHttpService(HttpService httpService) {
        this.httpService = httpService;
    }

    protected void unbindHttpService(HttpService httpService) {
        if (this.httpService == httpService) {
            this.httpService = null;
        }
    }

    protected void bindAuthSupport(AuthenticationSupport authenticationSupport) {
        this.authSupport = authenticationSupport;
    }

    protected void unbindAuthSupport(AuthenticationSupport authenticationSupport) {
        if (this.authSupport == authenticationSupport) {
            this.authSupport = null;
        }
    }
}
