package org.kawanfw.file.servlet;

import java.io.IOException;
import java.io.OutputStream;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.sql.Connection;
import java.sql.SQLException;
import java.util.List;
import java.util.Vector;
import java.util.logging.Level;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.kawanfw.commons.api.server.CommonsConfigurator;
import org.kawanfw.commons.json.ListOfStringTransport;
import org.kawanfw.commons.server.util.ServerLogger;
import org.kawanfw.commons.util.FrameworkDebug;
import org.kawanfw.commons.util.HtmlConverter;
import org.kawanfw.commons.util.JavaValueBuilder;
import org.kawanfw.commons.util.StringUtil;
import org.kawanfw.commons.util.Tag;
import org.kawanfw.commons.util.TransferStatus;
import org.kawanfw.file.api.server.FileConfigurator;
import org.kawanfw.file.servlet.convert.HttpServletRequestConvertor;
import org.kawanfw.file.servlet.util.CallUtil;
import org.kawanfw.file.util.parms.Action;
import org.kawanfw.file.util.parms.Parameter;

/* loaded from: input_file:org/kawanfw/file/servlet/ServerCallAction.class */
public class ServerCallAction {
    private static boolean DEBUG = FrameworkDebug.isSet(ServerCallAction.class);

    public void call(HttpServletRequest httpServletRequest, CommonsConfigurator commonsConfigurator, FileConfigurator fileConfigurator, OutputStream outputStream, String str) throws SQLException, IOException, ClassNotFoundException, InstantiationException, IllegalAccessException, NoSuchMethodException, IllegalArgumentException, InvocationTargetException, Exception {
        Connection connection = null;
        try {
            debug("in actionCall");
            String parameter = httpServletRequest.getParameter(Parameter.METHOD_NAME);
            String parameter2 = httpServletRequest.getParameter(Parameter.PARAMS_TYPES);
            String parameter3 = httpServletRequest.getParameter(Parameter.PARAMS_VALUES);
            String trimValue = StringUtil.getTrimValue(parameter);
            String trimValue2 = StringUtil.getTrimValue(parameter2);
            String trimValue3 = StringUtil.getTrimValue(parameter3);
            if (httpServletRequest instanceof HttpServletRequestConvertor) {
                debug("request instanceof HttpServletRequestConvertor");
            } else {
                debug("request NOT instanceof HttpServletRequestConvertor");
            }
            debug("methodName: " + trimValue);
            debug("username  : " + str);
            String substringBeforeLast = StringUtils.substringBeforeLast(trimValue, ".");
            Class<?> cls = Class.forName(substringBeforeLast);
            if (!new CallUtil(cls, fileConfigurator).isCallable()) {
                throw new SecurityException(String.valueOf(Tag.PRODUCT_SECURITY) + " Class is forbiden for remote call: " + substringBeforeLast);
            }
            String parameter4 = httpServletRequest.getParameter(Parameter.ACTION);
            if (parameter4.equals(Action.CALL_ACTION)) {
                trimValue2 = StringUtil.fromBase64(trimValue2);
                trimValue3 = StringUtil.fromBase64(trimValue3);
            }
            debug("paramsTypes     : " + trimValue2);
            debug("paramsValues    : " + trimValue3);
            List<String> fromJson = ListOfStringTransport.fromJson(trimValue2);
            List<String> fromJson2 = ListOfStringTransport.fromJson(trimValue3);
            debug("actionInvokeRemoteMethod:listParamsTypes      : " + fromJson);
            debug("actionInvokeRemoteMethod:listParamsValues     : " + fromJson2);
            Class<?>[] clsArr = new Class[fromJson.size()];
            Object[] objArr = new Object[fromJson2.size()];
            Vector vector = new Vector();
            for (int i = 0; i < fromJson.size(); i++) {
                JavaValueBuilder javaValueBuilder = new JavaValueBuilder(fromJson.get(i), fromJson2.get(i));
                clsArr[i] = javaValueBuilder.getClassOfValue();
                objArr[i] = javaValueBuilder.getValue();
                if (clsArr[i] == Connection.class) {
                    connection = commonsConfigurator.getConnection();
                    objArr[i] = connection;
                }
                vector.add(objArr[i]);
            }
            if (connection == null) {
                try {
                    connection = commonsConfigurator.getConnection();
                } catch (Exception e) {
                    debug("commonsConfigurator.getConnection() exception: " + e.toString());
                    if (connection != null) {
                        connection.close();
                    }
                    connection = null;
                }
            }
            if (!fileConfigurator.allowCallAfterAnalysis(str, connection, trimValue, vector)) {
                fileConfigurator.runIfCallRefused(str, connection, httpServletRequest.getRemoteAddr(), trimValue, vector);
                throw new SecurityException(String.valueOf(Tag.PRODUCT_SECURITY) + " Method not authorized for execution by Security Checker: " + trimValue + " parameters: " + vector.toString());
            }
            String substringAfterLast = StringUtils.substringAfterLast(trimValue, ".");
            debug("Before  Object theObject = c.newInstance()");
            Object newInstance = cls.newInstance();
            debug("Before  c.getDeclaredMethod(rawMethodName, argTypes)");
            Method declaredMethod = cls.getDeclaredMethod(substringAfterLast, clsArr);
            debug("Before  main.invoke(theObject, values)");
            Object invoke = declaredMethod.invoke(newInstance, objArr);
            String obj = invoke != null ? invoke.toString() : null;
            debug("result before conversion: " + obj);
            if (obj != null) {
                if (parameter4.equals(Action.CALL_ACTION)) {
                    obj = StringUtil.toBase64(obj);
                } else {
                    if (!parameter4.equals(Action.CALL_ACTION_HTML_ENCODED)) {
                        throw new IllegalArgumentException("call action is invalid: " + parameter4);
                    }
                    obj = HtmlConverter.toHtml(obj);
                }
            }
            debug("actionInvokeRemoteMethod:result: " + obj);
            writeLine(outputStream, TransferStatus.SEND_OK);
            writeLine(outputStream, obj);
            if (connection != null) {
                connection.close();
            }
        } catch (Throwable th) {
            if (connection != null) {
                connection.close();
            }
            throw th;
        }
    }

    private void writeLine(OutputStream outputStream, String str) throws IOException {
        outputStream.write((String.valueOf(str) + StringUtil.CR_LF).getBytes());
    }

    private void debug(String str) {
        if (DEBUG) {
            ServerLogger.getLogger().log(Level.WARNING, str);
        }
    }
}
