package com.ibm.ws.security.acme.internal.web;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.acme.AcmeCaException;
import com.ibm.ws.security.acme.AcmeProvider;
import com.ibm.ws.security.acme.internal.TraceConstants;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.concurrent.atomic.AtomicReference;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferenceCardinality;
import org.osgi.service.component.annotations.ReferencePolicy;

@WebServlet({"*"})
@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@Component(configurationPolicy = ConfigurationPolicy.IGNORE, property = {"service.vendor=IBM"})
@TraceOptions
/* loaded from: input_file:com/ibm/ws/security/acme/internal/web/AcmeAuthorizationServlet.class */
public class AcmeAuthorizationServlet extends HttpServlet {
    private static final long serialVersionUID = -8515248242091988849L;
    public static final String APP_NAME_EE8 = "com.ibm.ws.security.acme";
    public static final String APP_NAME_EE9 = "io.openliberty.security.acme.internal";
    private static final TraceComponent tc = Tr.register(AcmeAuthorizationServlet.class, TraceConstants.TRACE_GROUP, TraceConstants.MESSAGE_BUNDLE);
    private static final AtomicReference<AcmeProvider> acmeProviderRef = new AtomicReference<>();
    private static final String NOT_FOUND = "NOT FOUND";

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Processing challenge token request '" + httpServletRequest.getRequestURI() + "' from '" + httpServletRequest.getRemoteAddr() + "'", new Object[0]);
        }
        String replace = httpServletRequest.getRequestURI().replace("/.well-known/acme-challenge/", "");
        if (replace == null || replace.trim().isEmpty()) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "No challenge token found in URI.", new Object[0]);
            }
            httpServletResponse.sendError(404, NOT_FOUND);
            return;
        }
        AcmeProvider acmeProvider = acmeProviderRef.get();
        if (acmeProvider == null) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "The servlet has no AcmeProvider.", new Object[0]);
            }
            httpServletResponse.sendError(404, NOT_FOUND);
            return;
        }
        try {
            String http01Authorization = acmeProvider.getHttp01Authorization(replace);
            if (http01Authorization == null || http01Authorization.trim().isEmpty()) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "The AcmeProvider did not find an authorization for the challange token '" + replace + "'.", new Object[0]);
                }
                httpServletResponse.sendError(404, NOT_FOUND);
                return;
            }
            httpServletResponse.resetBuffer();
            httpServletResponse.getWriter().write(http01Authorization);
            httpServletResponse.getWriter().close();
            httpServletResponse.getWriter().flush();
        } catch (AcmeCaException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.acme.internal.web.AcmeAuthorizationServlet", "117", this, new Object[]{httpServletRequest, httpServletResponse});
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Error encountered from AcmeProvider: ", new Object[]{e});
            }
            httpServletResponse.sendError(404, NOT_FOUND);
        }
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doGet(httpServletRequest, httpServletResponse);
    }

    @Reference(cardinality = ReferenceCardinality.MANDATORY, policy = ReferencePolicy.DYNAMIC)
    protected void setAcmeProvider(AcmeProvider acmeProvider) {
        acmeProviderRef.set(acmeProvider);
    }

    protected void unsetAcmeProvider(AcmeProvider acmeProvider) {
        acmeProviderRef.compareAndSet(acmeProvider, null);
    }
}
