package com.atlassian.bamboo.plugin.servlet;

import com.atlassian.bamboo.configuration.AdministrationConfigurationAccessor;
import com.atlassian.bamboo.exception.WebValidationException;
import com.atlassian.bamboo.plugin.servlet.filter.HttpCompressionUtils;
import com.atlassian.bamboo.security.BambooPermissionManager;
import com.atlassian.bamboo.spring.ComponentAccessor;
import com.atlassian.bamboo.storage.location.ArtifactDirectoryBuilderImpl;
import com.atlassian.bamboo.user.BambooAuthenticationContext;
import com.atlassian.bamboo.user.UserNotLoggedInException;
import com.atlassian.bamboo.util.BambooFilenameUtils;
import com.atlassian.bamboo.utils.EscapeChars;
import com.atlassian.bamboo.utils.SystemProperty;
import com.atlassian.plugin.servlet.DownloadException;
import com.atlassian.plugin.servlet.DownloadStrategy;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.Iterables;
import com.google.common.collect.Lists;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.OutputStream;
import java.nio.charset.StandardCharsets;
import java.text.DateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.TimeZone;
import java.util.stream.Stream;
import javax.inject.Inject;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.acegisecurity.AccessDeniedException;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.time.FastDateFormat;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.springframework.http.HttpRange;
import org.springframework.http.server.ServletServerHttpRequest;

/* loaded from: input_file:com/atlassian/bamboo/plugin/servlet/AbstractDownloadStrategy.class */
public abstract class AbstractDownloadStrategy implements DownloadStrategy {
    protected static final Logger log = LogManager.getLogger(AbstractDownloadStrategy.class);
    static final FastDateFormat LAST_MODIFIED_DATEFORMAT = FastDateFormat.getInstance("E, dd MMM yyyy HH:mm:ss z", TimeZone.getTimeZone("GMT"));
    protected final BambooContentTypeResolver bambooContentTypeResolver;
    protected final BambooAuthenticationContext authenticationContext;
    private final AdministrationConfigurationAccessor administrationConfigurationAccessor;
    protected final BambooPermissionManager bambooPermissionManager;

    @Inject
    private ServletContext servletContext;

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractDownloadStrategy(AdministrationConfigurationAccessor administrationConfigurationAccessor, BambooContentTypeResolver bambooContentTypeResolver, BambooAuthenticationContext bambooAuthenticationContext, BambooPermissionManager bambooPermissionManager) {
        this.bambooContentTypeResolver = bambooContentTypeResolver;
        this.authenticationContext = bambooAuthenticationContext;
        this.administrationConfigurationAccessor = administrationConfigurationAccessor;
        this.bambooPermissionManager = bambooPermissionManager;
    }

    @VisibleForTesting
    void setServletContext(ServletContext servletContext) {
        this.servletContext = servletContext;
    }

    public boolean matches(String str) {
        return str.startsWith(this.servletContext.getContextPath() + getServletPath() + "/");
    }

    protected abstract String getServletPath();

    public void serveFile(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws DownloadException {
        try {
            tryServeFile(httpServletRequest, httpServletResponse);
        } catch (IOException e) {
            throw new DownloadException(e);
        }
    }

    private void tryServeFile(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String pathInfo = httpServletRequest.getPathInfo();
        if (BambooFilenameUtils.containsDirectoryTraversalString(pathInfo)) {
            httpServletResponse.sendError(400, "Invalid file path");
            return;
        }
        try {
            TitledFile fileToServe = getFileToServe(new RequestPath(pathInfo), httpServletRequest);
            File file = fileToServe.getFile();
            log.debug("Serving up {} as {}", file.getAbsolutePath(), httpServletRequest.getRequestURI());
            if (file.isDirectory()) {
                serveDirectory(httpServletRequest, httpServletResponse, fileToServe);
            } else {
                serveOrdinaryFile(httpServletRequest, httpServletResponse, fileToServe);
            }
        } catch (UserNotLoggedInException e) {
            httpServletResponse.sendRedirect(this.administrationConfigurationAccessor.getAdministrationConfiguration().getBaseUrl() + "/userlogin.action?os_destination=" + EscapeChars.forUrl(httpServletRequest.getServletPath() + pathInfo));
        } catch (FileNotFoundException e2) {
            httpServletResponse.sendError(404);
        } catch (AccessDeniedException e3) {
            httpServletResponse.sendError(403, e3.getMessage());
        } catch (WebValidationException e4) {
            httpServletResponse.sendError(400, e4.getMessage());
        }
    }

    @NotNull
    protected abstract TitledFile getFileToServe(RequestPath requestPath, HttpServletRequest httpServletRequest) throws AccessDeniedException, FileNotFoundException, UserNotLoggedInException, WebValidationException;

    private void serveDirectory(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, TitledFile titledFile) throws IOException {
        File file = titledFile.getFile();
        File welcomePage = getWelcomePage(file);
        if (welcomePage == null) {
            sendDirectoryListing(file, titledFile.getTitleOrElse(file.getName()), httpServletRequest, httpServletResponse);
            return;
        }
        String requestURI = httpServletRequest.getRequestURI();
        log.debug("Redirecting to {}/{}", requestURI, welcomePage.getName());
        httpServletResponse.sendRedirect(requestURI + "/" + welcomePage.getName());
    }

    private void sendDirectoryListing(File file, String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String replace = StringUtils.replace(StringUtils.replace(str, "<", "&lt;"), ">", "&gt;");
        httpServletResponse.setContentType("text/html");
        try {
            httpServletResponse.setCharacterEncoding(StandardCharsets.UTF_8.name());
            httpServletResponse.getWriter().write(createHtmlFile(replace, httpServletRequest, file).toString());
        } catch (IOException e) {
            log.error("Failed to stream html directory : {}", file.getAbsolutePath(), e);
            httpServletResponse.sendError(403);
        }
    }

    private StringBuilder createHtmlFile(String str, HttpServletRequest httpServletRequest, File file) {
        String contextPath = httpServletRequest.getContextPath();
        StringBuilder sb = new StringBuilder(4096);
        sb.append("<html><head><title>");
        sb.append(str);
        sb.append("</title>");
        sb.append("<link rel=\"shortcut icon\" href=\"" + contextPath + "/images/icons/favicon.ico\" type=\"image/x-icon\"/>");
        Stream stream = Arrays.stream(addDarkThemeSupport(contextPath));
        Objects.requireNonNull(sb);
        stream.forEach(sb::append);
        sb.append("</head>");
        sb.append("<body><section id=\"content\">");
        sb.append("<div class=\"aui-page-header\"><div class=\"aui-page-header-inner\"><div class=\"aui-page-header-main\"><h1>");
        sb.append(str);
        sb.append("</h1></div></div></div>");
        sb.append("<div class=\"aui-page-panel\"><div class=\"aui-page-panel-inner\"><main role=\"main\" id=\"main\" class=\"aui-page-panel-content\">");
        sb.append("<table class=\"aui\"><thead><tr>");
        sb.append("<td>Name</td>");
        sb.append("<td>Size</td>");
        sb.append("<td>Date modified</td>");
        sb.append("</tr></thead><tbody>");
        if (!ArtifactDirectoryBuilderImpl.isArtifactDirectory(file)) {
            sb.append("<tr><td>");
            sb.append("<span class=\"aui-icon aui-icon-small aui-iconfont-undo\" role=\"img\" aria-label=\"parent-directory\"></span>\n");
            sb.append("<a href=");
            sb.append("../").append(EscapeChars.forUrl(file.getParentFile().getName()));
            sb.append(">..</a></td><td></td><td></td></tr>");
        }
        DateFormat dateTimeInstance = DateFormat.getDateTimeInstance(2, 2);
        String requestURI = httpServletRequest.getRequestURI();
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        File[] listFiles = file.listFiles();
        if (listFiles != null) {
            Arrays.sort(listFiles);
            for (File file2 : listFiles) {
                if (file2.isDirectory()) {
                    arrayList.add(file2);
                } else {
                    arrayList2.add(file2);
                }
            }
        }
        for (File file3 : Lists.newArrayList(Iterables.concat(arrayList, arrayList2))) {
            sb.append("<tr><td>");
            sb.append(file3.isDirectory() ? "<span class=\"aui-icon aui-icon-small aui-iconfont-folder-filled\" role=\"img\" aria-label=\"dir\"></span>\n" : "<span class=\"aui-icon aui-icon-small aui-iconfont-file\" role=\"img\" aria-label=\"file\"></span>\n");
            sb.append("<a href=\"");
            sb.append(requestURI);
            if (!requestURI.endsWith("/")) {
                sb.append("/");
            }
            sb.append(EscapeChars.forUrl(file3.getName()));
            sb.append("\">");
            sb.append(StringUtils.replace(StringUtils.replace(file3.getName(), "<", "&lt;"), ">", "&gt;"));
            sb.append("</a>&nbsp;");
            sb.append("</td><td>");
            sb.append(file3.length());
            sb.append(" bytes&nbsp;</td><td>");
            sb.append(dateTimeInstance.format(new Date(file3.lastModified())));
            sb.append("</td></tr>");
        }
        sb.append("</tbody></table></main></div></div></section>");
        sb.append("</body></html>");
        return sb;
    }

    private String[] addDarkThemeSupport(String str) {
        String str2 = str + "/layout/setup/dist/aui/";
        String str3 = str + "/layout/setup/lib/";
        return new String[]{getLinkTag(str + "/styles/artifacts.less.css"), getLinkTag(str2 + "aui-prototyping.css"), getScriptTag(str3 + "almond.js"), getScriptTag(str3 + "jquery.js"), getScriptTag(str + "/util/require.js"), getScriptTag(str2 + "aui-prototyping-design-tokens-api.js"), getScriptTag(str2 + "aui-prototyping.js"), getScriptTag(str2 + "themes/dark.js"), getScriptTag(str2 + "themes/spacing.js"), getScriptTag(str2 + "themes/light.js"), getDarkThemeScript()};
    }

    private String getLinkTag(String str) {
        return "<link type=\"text/css\" rel=\"stylesheet\" href=\"" + str + "\" media=\"all\" />";
    }

    private String getScriptTag(String str) {
        return "<script type=\"text/javascript\" charset=\"utf-8\" src=\"" + str + "\"></script>";
    }

    private String getDarkThemeScript() {
        return "<script>(() => {require('@atlassian/aui');if (localStorage.getItem(\"user.theme\") != \"original\") {window.AJS.DesignTokens.setGlobalTheme({colorMode: (localStorage.getItem(\"user.theme\") || \"auto\")});};})();</script>";
    }

    @Nullable
    private File getWelcomePage(File file) {
        if (!this.administrationConfigurationAccessor.getAdministrationConfiguration().getResolveArtifactContentTypeByExtension()) {
            return null;
        }
        File[] listFiles = file.listFiles((file2, str) -> {
            return str.equals("index.html") || str.equals("index.htm");
        });
        if (ArrayUtils.isNotEmpty(listFiles)) {
            return listFiles[0];
        }
        return null;
    }

    private void serveOrdinaryFile(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, TitledFile titledFile) throws IOException {
        File file = titledFile.getFile();
        if (file.exists() && file.canRead()) {
            sendOrdinaryFile(titledFile, (ContentDisposition) Optional.ofNullable(httpServletRequest.getParameter("disposition")).flatMap(ContentDisposition.fFromString).orElse(ContentDisposition.INLINE), httpServletRequest, httpServletResponse);
        } else {
            log.error("File does not exist/can't be read: {}", file.getAbsolutePath());
            httpServletResponse.sendError(404);
        }
    }

    private void sendOrdinaryFile(TitledFile titledFile, ContentDisposition contentDisposition, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        File file = titledFile.getFile();
        String orElseGet = titledFile.getMimeType().orElseGet(() -> {
            return this.bambooContentTypeResolver.getContentType(file.getName());
        });
        log.debug("Starting to serve file: {}", file.getAbsolutePath());
        log.debug("MIME type: {}", orElseGet);
        httpServletResponse.setHeader("Last-Modified", LAST_MODIFIED_DATEFORMAT.format(new Date(file.lastModified())));
        long[] processRangeHeader = processRangeHeader(httpServletRequest, httpServletResponse, file.length());
        long j = processRangeHeader[0];
        long j2 = processRangeHeader[1];
        log.debug("Serving file from position {} for {} bytes", Long.valueOf(j), Long.valueOf(j2));
        ContentDisposition contentDisposition2 = (this.administrationConfigurationAccessor.getAdministrationConfiguration().getResolveArtifactContentTypeByExtension() && inlineable(orElseGet)) ? contentDisposition : orElseGet.startsWith("text/plain") ? contentDisposition : ContentDisposition.ATTACHMENT;
        log.debug("Content disposition: {}", contentDisposition2);
        httpServletResponse.setContentType(orElseGet);
        httpServletResponse.setHeader("Content-disposition", contentDisposition2.withFile(file));
        try {
            OutputStream outputStream = HttpCompressionUtils.getOutputStream(httpServletRequest, httpServletResponse, isCompressionEnabled() ? httpServletRequest.getHeader("Accept-Encoding") : null, file);
            streamFileContent(file, outputStream, j, j2);
            outputStream.flush();
        } catch (IOException e) {
            log.error("Failed to read or stream file: {}", file.getAbsolutePath(), e);
            httpServletResponse.sendError(403);
        }
    }

    protected long[] processRangeHeader(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, long j) {
        httpServletResponse.setHeader("Accept-Ranges", "bytes");
        String first = new ServletServerHttpRequest(httpServletRequest).getHeaders().getFirst("Range");
        String requestURI = httpServletRequest.getRequestURI();
        if (StringUtils.isEmpty(first)) {
            log.debug("Request doesn't contain range request header");
        } else {
            log.debug("Received range request: {}", first);
        }
        try {
            List parseRanges = HttpRange.parseRanges(first);
            if (parseRanges.isEmpty()) {
                setHttpServletResponse(httpServletResponse, 200, j);
                return new long[]{0, j};
            }
            HttpRange httpRange = (HttpRange) parseRanges.get(0);
            return serveRangedResponse(httpServletResponse, httpRange.getRangeStart(j), httpRange.getRangeEnd(j), j);
        } catch (IllegalArgumentException e) {
            log.error("Invalid range request for {}: {}", requestURI, first, e);
            setHttpServletResponse(httpServletResponse, 416, j);
            return null;
        }
    }

    private long[] serveRangedResponse(HttpServletResponse httpServletResponse, long j, long j2, long j3) {
        long j4 = (j2 - j) + 1;
        httpServletResponse.setStatus(206);
        httpServletResponse.setHeader("Content-Range", "bytes " + j + "-" + httpServletResponse + "/" + j2);
        httpServletResponse.setHeader("Content-Length", String.valueOf(j4));
        log.debug("Range request processed: start={}, end={}, contentLength={}", Long.valueOf(j), Long.valueOf(j2), Long.valueOf(j4));
        return new long[]{j, j4};
    }

    private void setHttpServletResponse(HttpServletResponse httpServletResponse, int i, long j) {
        httpServletResponse.setStatus(i);
        if (i == 200) {
            httpServletResponse.setHeader("Content-Length", String.valueOf(j));
        } else if (i == 416) {
            httpServletResponse.setHeader("Content-Range", "bytes */" + j);
        }
    }

    private void streamFileContent(File file, OutputStream outputStream, long j, long j2) throws IOException {
        log.debug("Streaming file content from position {} for {} bytes", Long.valueOf(j), Long.valueOf(j2));
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            try {
                fileInputStream.skip(j);
                byte[] bArr = new byte[1024];
                long j3 = j2;
                int i = 0;
                do {
                    int read = fileInputStream.read(bArr, 0, (int) Math.min(bArr.length, j3));
                    if (read == -1) {
                        break;
                    }
                    outputStream.write(bArr, 0, read);
                    j3 -= read;
                    int i2 = i;
                    i++;
                    if (i2 % 256 == 0) {
                        log.trace("Bytes read: {}, Remaining bytes: {}", Integer.valueOf(read), Long.valueOf(Math.max(j3, 0L)));
                    }
                } while (j3 > 0);
                if (j3 > 0) {
                    log.error("Expected to read {} bytes, but only read {} bytes", Long.valueOf(j2), Long.valueOf(j2 - j3));
                    throw new IOException("Premature end of file content");
                }
                fileInputStream.close();
            } finally {
            }
        } catch (IOException e) {
            log.error("Error streaming file content", e);
            throw e;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void throwPermissionException(RequestPath requestPath) throws UserNotLoggedInException, AccessDeniedException {
        String str = getServletPath() + "/" + requestPath.getRelativePath();
        log.error("Access denied for downloads URL {}", str);
        if (this.authenticationContext.getUser() != null) {
            throw new AccessDeniedException("You do not have access to the item: " + str);
        }
        throw new UserNotLoggedInException();
    }

    protected boolean isCompressionEnabled() {
        return SystemProperty.ARTIFACT_COMPRESSION_DARK_FEATURE.getValue(false) && ComponentAccessor.PROTOTYPE_ADMINISTRATION_CONFIGURATION.get().isUseGzipCompression();
    }

    private boolean inlineable(String str) {
        return str.startsWith("image") || str.startsWith("text") || "application/xml".equals(str);
    }
}
