package com.screensnipe.confluence;

import com.atlassian.confluence.core.ContentEntityObject;
import com.atlassian.confluence.importexport.resource.DownloadResourceNotFoundException;
import com.atlassian.confluence.importexport.resource.UnauthorizedDownloadResourceException;
import com.atlassian.confluence.pages.Attachment;
import com.atlassian.confluence.pages.AttachmentManager;
import com.atlassian.confluence.pages.PageManager;
import com.atlassian.confluence.security.Permission;
import com.atlassian.confluence.security.PermissionManager;
import com.atlassian.confluence.util.GeneralUtil;
import com.atlassian.plugin.servlet.DownloadException;
import com.atlassian.user.User;
import com.screensnipe.confluence.atlassian.SecureUserTokenManager;
import java.io.IOException;
import java.io.InputStream;
import javax.annotation.Nullable;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:com/screensnipe/confluence/SecureTokenAwareAttachmentDownload.class */
public class SecureTokenAwareAttachmentDownload extends HttpServlet {
    private final SecureUserTokenManager secureUserTokenManager;
    private final AttachmentManager attachmentManager;
    private final PageManager pageManager;
    private final PermissionManager permissionManager;

    public SecureTokenAwareAttachmentDownload(SecureUserTokenManager secureUserTokenManager, AttachmentManager attachmentManager, PageManager pageManager, PermissionManager permissionManager) {
        this.secureUserTokenManager = secureUserTokenManager;
        this.attachmentManager = attachmentManager;
        this.pageManager = pageManager;
        this.permissionManager = permissionManager;
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        try {
            serveFile(httpServletRequest, httpServletResponse);
        } catch (DownloadException e) {
            if (httpServletResponse.isCommitted()) {
                return;
            }
            httpServletResponse.sendError(500, "Error while serving file");
        }
    }

    protected Attachment getAttachment(@Nullable User user, int i, String str) throws DownloadResourceNotFoundException, UnauthorizedDownloadResourceException {
        ContentEntityObject byId = this.pageManager.getById(i);
        if (byId == null || byId.getContentStatus().equals("deleted")) {
            throw new DownloadResourceNotFoundException();
        }
        if (!this.permissionManager.hasPermission(user, Permission.VIEW, byId)) {
            throw new UnauthorizedDownloadResourceException("User is unauthorised to download attachment");
        }
        Attachment attachment = this.attachmentManager.getAttachment(byId, str);
        if (attachment == null) {
            throw new DownloadResourceNotFoundException();
        }
        return attachment;
    }

    private Attachment getAttachment(@Nullable User user, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, UnauthorizedDownloadResourceException, DownloadResourceNotFoundException {
        String parameter = httpServletRequest.getParameter("fileName");
        String parameter2 = httpServletRequest.getParameter("entityId");
        if (parameter == null || parameter2 == null) {
            httpServletResponse.sendError(400);
            return null;
        }
        Integer convertToInteger = GeneralUtil.convertToInteger(parameter2);
        if (convertToInteger != null) {
            return getAttachment(user, convertToInteger.intValue(), parameter);
        }
        httpServletResponse.sendError(400);
        return null;
    }

    @Nullable
    public InputStream getStreamForDownload(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter("secureToken");
        if (!StringUtils.isNotEmpty(parameter)) {
            return null;
        }
        User useToken = this.secureUserTokenManager.useToken(parameter, SecureUserTokenManager.TokenType.SCREENSHOT_DOWNLOAD);
        try {
            Attachment attachment = getAttachment(useToken, httpServletRequest, httpServletResponse);
            InputStream attachmentData = this.attachmentManager.getAttachmentData(attachment);
            if (attachmentData == null) {
                httpServletResponse.sendError(404);
                return null;
            }
            setHeadersForAttachment(attachment.getFileName(), attachment.getFileSize(), attachment.getContentType(), httpServletRequest, httpServletResponse);
            return attachmentData;
        } catch (DownloadResourceNotFoundException e) {
            httpServletResponse.sendError(404);
            return null;
        } catch (UnauthorizedDownloadResourceException e2) {
            if (useToken == null) {
                httpServletResponse.sendError(401);
                return null;
            }
            httpServletResponse.sendError(404);
            return null;
        }
    }

    protected void setHeadersForAttachment(String str, long j, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        httpServletResponse.setContentType(str2);
        httpServletResponse.setHeader("Content-Length", Long.toString(j));
    }

    public final void serveFile(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws DownloadException {
        try {
            InputStream streamForDownload = getStreamForDownload(httpServletRequest, httpServletResponse);
            try {
                if (streamForDownload == null) {
                    return;
                }
                try {
                    ServletOutputStream outputStream = httpServletResponse.getOutputStream();
                    IOUtils.copy(streamForDownload, outputStream);
                    outputStream.flush();
                    IOUtils.closeQuietly(streamForDownload);
                } catch (IOException e) {
                    throw new DownloadException(e);
                }
            } catch (Throwable th) {
                IOUtils.closeQuietly(streamForDownload);
                throw th;
            }
        } catch (IOException e2) {
            throw new DownloadException(e2);
        }
    }
}
