package com.atlassian.confluence.servlet.download;

import com.atlassian.confluence.event.events.content.attachment.AttachmentViewEvent;
import com.atlassian.confluence.event.events.content.attachment.ProfilePictureViewEvent;
import com.atlassian.confluence.importexport.resource.DownloadResourceManager;
import com.atlassian.confluence.importexport.resource.DownloadResourceNotFoundException;
import com.atlassian.confluence.importexport.resource.DownloadResourceReader;
import com.atlassian.confluence.importexport.resource.PartialDownloadResourceManager;
import com.atlassian.confluence.importexport.resource.PartialDownloadResourceReader;
import com.atlassian.confluence.importexport.resource.UnauthorizedDownloadResourceException;
import com.atlassian.confluence.pages.Attachment;
import com.atlassian.confluence.util.GeneralUtil;
import com.atlassian.confluence.util.HtmlUtil;
import com.atlassian.confluence.util.SeraphUtils;
import com.atlassian.confluence.web.rangerequest.RangeNotSatisfiableException;
import com.atlassian.confluence.web.rangerequest.RangeRequest;
import com.atlassian.event.api.EventPublisher;
import com.atlassian.plugin.servlet.util.LastModifiedHandler;
import com.atlassian.xwork.XsrfTokenGenerator;
import com.google.common.collect.Maps;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/confluence/servlet/download/AttachmentDownload.class */
public class AttachmentDownload extends ServeAfterTransactionDownload {
    private static final Logger log = LoggerFactory.getLogger(AttachmentDownload.class);
    private DownloadResourceManager downloadResourceManager;
    private AttachmentUrlParser attachmentUrlParser;
    private EventPublisher eventPublisher;
    private XsrfTokenGenerator tokenGenerator;
    private SafeContentHeaderGuesser guesser;

    public boolean matches(String str) {
        return str.contains("download/" + getUrlPrefix());
    }

    public void setDownloadResourceManager(DownloadResourceManager downloadResourceManager) {
        this.downloadResourceManager = downloadResourceManager;
    }

    public void setAttachmentUrlParser(AttachmentUrlParser attachmentUrlParser) {
        this.attachmentUrlParser = attachmentUrlParser;
    }

    public void setEventPublisher(EventPublisher eventPublisher) {
        this.eventPublisher = eventPublisher;
    }

    public void setTokenGenerator(XsrfTokenGenerator xsrfTokenGenerator) {
        this.tokenGenerator = xsrfTokenGenerator;
    }

    @Override // com.atlassian.confluence.servlet.download.ServeAfterTransactionDownload
    public InputStream getStreamForDownload(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        DownloadResourceReader resourceReader;
        String decodedPath = getDecodedPath(httpServletRequest);
        String header = httpServletRequest.getHeader("Range");
        try {
            if (header != null) {
                PartialDownloadResourceReader partialResourceReader = ((PartialDownloadResourceManager) this.downloadResourceManager).getPartialResourceReader(httpServletRequest.getRemoteUser(), decodedPath, httpServletRequest.getParameterMap(), header);
                RangeRequest requestRange = partialResourceReader.getRequestRange();
                httpServletResponse.setStatus(206);
                httpServletResponse.setHeader("Content-Range", String.format("bytes %d-%d/%d", Long.valueOf(requestRange.getOffset()), Long.valueOf(requestRange.getEnd()), Long.valueOf(requestRange.getContentLength())));
                resourceReader = partialResourceReader;
            } else {
                resourceReader = this.downloadResourceManager.getResourceReader(httpServletRequest.getRemoteUser(), decodedPath, httpServletRequest.getParameterMap());
            }
            if (LastModifiedHandler.checkRequest(httpServletRequest, httpServletResponse, resourceReader.getLastModificationDate())) {
                return null;
            }
            InputStream streamForReading = resourceReader.getStreamForReading();
            if (streamForReading == null) {
                httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/attachmentnotfound.action?pageId=" + Long.toString(this.attachmentUrlParser.getEntityId(decodedPath, getUrlPrefix())));
                return null;
            }
            if (!streamForReading.markSupported()) {
                streamForReading = new BufferedInputStream(streamForReading);
            }
            httpServletResponse.setHeader("Accept-Ranges", "bytes");
            setHeadersForAttachment(streamForReading, resourceReader.getName(), header != null ? ((PartialDownloadResourceReader) resourceReader).getRequestRange().getRangeLength() : resourceReader.getContentLength(), resourceReader.getContentType(), httpServletRequest, httpServletResponse);
            getEventToPublish(this.attachmentUrlParser.getAttachment(decodedPath, getUrlPrefix(), httpServletRequest.getParameterMap()));
            return streamForReading;
        } catch (DownloadResourceNotFoundException e) {
            httpServletResponse.sendError(404);
            return null;
        } catch (UnauthorizedDownloadResourceException e2) {
            if (httpServletRequest.getRemoteUser() != null) {
                httpServletResponse.sendError(404);
                return null;
            }
            httpServletRequest.setAttribute("atlassian.core.seraph.original.url", GeneralUtil.getOriginalUrl(httpServletRequest));
            httpServletResponse.sendRedirect(SeraphUtils.getLoginURL(httpServletRequest));
            return null;
        } catch (RangeNotSatisfiableException e3) {
            log.error("User requested range is not satisfiable", e3);
            httpServletResponse.setStatus(416);
            return null;
        }
    }

    private String getDecodedPath(HttpServletRequest httpServletRequest) {
        String requestURI = httpServletRequest.getRequestURI();
        String parameter = httpServletRequest.getParameter(Attachment.API_REVISION);
        if (parameter != null && parameter.equals(Attachment.API_REVISION_V2)) {
            requestURI = requestURI.replaceAll("\\+", "%2B");
        }
        return HtmlUtil.urlDecode(requestURI);
    }

    protected void getEventToPublish(Attachment attachment) {
        if (attachment.isUserProfilePicture()) {
            this.eventPublisher.publish(new ProfilePictureViewEvent(this, attachment));
        } else {
            this.eventPublisher.publish(new AttachmentViewEvent(this, attachment));
        }
    }

    protected String getUrlPrefix() {
        return "attachments";
    }

    protected void setHeadersForAttachment(InputStream inputStream, String str, long j, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Map<String, String> computeAttachmentHeaders = this.guesser.computeAttachmentHeaders(str2, inputStream, str, httpServletRequest.getHeader("User-Agent"), j, hasValidXsrfToken(httpServletRequest), httpServletRequest.getParameterMap());
        Set<Map.Entry> entrySet = Maps.filterEntries(computeAttachmentHeaders, entry -> {
            return !"Content-Type".equals(entry.getKey());
        }).entrySet();
        httpServletResponse.setContentType(computeAttachmentHeaders.get("Content-Type"));
        for (Map.Entry entry2 : entrySet) {
            httpServletResponse.setHeader((String) entry2.getKey(), (String) entry2.getValue());
        }
    }

    @Deprecated
    protected void setHeadersForAttachment(String str, long j, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            setHeadersForAttachment(new ByteArrayInputStream(new byte[0]), str, j, str2, httpServletRequest, httpServletResponse);
        } catch (IOException e) {
            throw new IllegalStateException(e);
        }
    }

    private boolean hasValidXsrfToken(HttpServletRequest httpServletRequest) {
        return this.tokenGenerator.validateToken(httpServletRequest, httpServletRequest.getParameter(this.tokenGenerator.getXsrfTokenName()));
    }

    public void setAttachmentSafeContentHeaderGuesser(SafeContentHeaderGuesser safeContentHeaderGuesser) {
        this.guesser = safeContentHeaderGuesser;
    }
}
