package org.coweb.servlet;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.cometd.bayeux.server.BayeuxServer;
import org.cometd.server.ext.AcknowledgedMessagesExtension;
import org.coweb.CowebSecurityPolicy;
import org.coweb.SessionHandler;
import org.coweb.SessionManager;
import org.eclipse.jetty.util.ajax.JSON;

/* loaded from: input_file:WEB-INF/lib/coweb-server-0.4.jar:org/coweb/servlet/AdminServlet.class */
public class AdminServlet extends HttpServlet {
    private static final long serialVersionUID = 1;
    public static final String SESSMGR_ATTRIBUTE = "session.attribute";
    private SessionManager sessionManager = null;
    private CowebSecurityPolicy securityPolicy = null;

    public void init() throws ServletException {
        super.init();
        ServletContext servletContext = getServletContext();
        BayeuxServer bayeuxServer = (BayeuxServer) servletContext.getAttribute(BayeuxServer.ATTRIBUTE);
        bayeuxServer.addExtension(new AcknowledgedMessagesExtension());
        ServletConfig servletConfig = getServletConfig();
        String initParameter = servletConfig.getInitParameter("delegateClass");
        String initParameter2 = servletConfig.getInitParameter("securityClass");
        if (initParameter2 == null) {
            this.securityPolicy = new CowebSecurityPolicy();
        } else {
            try {
                this.securityPolicy = (CowebSecurityPolicy) Class.forName(initParameter2).newInstance();
            } catch (Exception e) {
                this.securityPolicy = new CowebSecurityPolicy();
            }
        }
        bayeuxServer.setSecurityPolicy(this.securityPolicy);
        this.sessionManager = SessionManager.newInstance(servletContext, bayeuxServer, initParameter);
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletResponse.setContentType("appliation/json");
        String remoteUser = httpServletRequest.getRemoteUser();
        if (remoteUser == null) {
            remoteUser = "anonymous";
        }
        boolean z = false;
        try {
            Map map = (Map) JSON.parse(httpServletRequest.getReader());
            String str = (String) map.get("key");
            if (str == null) {
                httpServletResponse.sendError(400, "No confkey in prep request.");
                return;
            }
            if (map.containsKey("collab") && ((Boolean) map.get("collab")).booleanValue()) {
                z = true;
            }
            if (!this.securityPolicy.canAdminRequest(remoteUser, str, z)) {
                httpServletResponse.sendError(403, "user " + remoteUser + "not allowed");
            }
            SessionHandler sessionHandler = this.sessionManager.getSessionHandler(str, z);
            if (sessionHandler == null) {
                sessionHandler = this.sessionManager.createSession(str, z);
            }
            String sessionId = sessionHandler.getSessionId();
            String contextPath = getServletContext().getContextPath();
            HashMap hashMap = new HashMap();
            try {
                hashMap.put("sessionurl", contextPath + "/cometd");
                hashMap.put("sessionid", sessionId);
                hashMap.put("username", remoteUser);
                hashMap.put("key", str);
                hashMap.put("collab", new Boolean(z));
                hashMap.put("info", new HashMap());
                String json = JSON.toString((Map) hashMap);
                PrintWriter writer = httpServletResponse.getWriter();
                writer.print(json);
                writer.flush();
            } catch (Exception e) {
            }
        } catch (Exception e2) {
            httpServletResponse.sendError(400, "bad json");
        }
    }
}
