package org.qortal.api.restricted.resource;

import io.swagger.v3.oas.annotations.security.SecurityRequirement;
import io.swagger.v3.oas.annotations.tags.Tag;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.GET;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.qortal.api.Security;
import org.qortal.arbitrary.ArbitraryDataFile;
import org.qortal.arbitrary.ArbitraryDataRenderer;
import org.qortal.arbitrary.ArbitraryDataResource;
import org.qortal.arbitrary.misc.Service;
import org.qortal.controller.arbitrary.ArbitraryDataRenderManager;
import org.qortal.settings.Settings;

@Path("/render")
@Tag(name = "Render")
/* loaded from: input_file:org/qortal/api/restricted/resource/RenderResource.class */
public class RenderResource {
    private static final Logger LOGGER = LogManager.getLogger((Class<?>) RenderResource.class);

    @Context
    HttpServletRequest request;

    @Context
    HttpServletResponse response;

    @Context
    ServletContext context;

    @POST
    @SecurityRequirement(name = "apiKey")
    @Path("/authorize/{resourceId}")
    public boolean authorizeResource(@HeaderParam("X-API-KEY") String str, @PathParam("resourceId") String str2) {
        Security.checkApiCallAllowed(this.request);
        Security.disallowLoopbackRequestsIfAuthBypassEnabled(this.request);
        ArbitraryDataRenderManager.getInstance().addToAuthorizedResources(new ArbitraryDataResource(str2, null, null, null));
        return true;
    }

    @POST
    @SecurityRequirement(name = "apiKey")
    @Path("authorize/{service}/{resourceId}")
    public boolean authorizeResource(@HeaderParam("X-API-KEY") String str, @PathParam("service") Service service, @PathParam("resourceId") String str2) {
        Security.checkApiCallAllowed(this.request);
        Security.disallowLoopbackRequestsIfAuthBypassEnabled(this.request);
        ArbitraryDataRenderManager.getInstance().addToAuthorizedResources(new ArbitraryDataResource(str2, null, service, null));
        return true;
    }

    @POST
    @SecurityRequirement(name = "apiKey")
    @Path("authorize/{service}/{resourceId}/{identifier}")
    public boolean authorizeResource(@HeaderParam("X-API-KEY") String str, @PathParam("service") Service service, @PathParam("resourceId") String str2, @PathParam("identifier") String str3) {
        Security.checkApiCallAllowed(this.request);
        Security.disallowLoopbackRequestsIfAuthBypassEnabled(this.request);
        ArbitraryDataRenderManager.getInstance().addToAuthorizedResources(new ArbitraryDataResource(str2, null, service, str3));
        return true;
    }

    @GET
    @SecurityRequirement(name = "apiKey")
    @Path("/signature/{signature}")
    public HttpServletResponse getIndexBySignature(@PathParam("signature") String str, @QueryParam("theme") String str2) {
        if (!Settings.getInstance().isQDNAuthBypassEnabled()) {
            Security.requirePriorAuthorization(this.request, str, Service.WEBSITE, null);
        }
        return get(str, ArbitraryDataFile.ResourceIdType.SIGNATURE, null, null, "/", null, "/render/signature", true, true, str2);
    }

    @GET
    @SecurityRequirement(name = "apiKey")
    @Path("/signature/{signature}/{path:.*}")
    public HttpServletResponse getPathBySignature(@PathParam("signature") String str, @PathParam("path") String str2, @QueryParam("theme") String str3) {
        if (!Settings.getInstance().isQDNAuthBypassEnabled()) {
            Security.requirePriorAuthorization(this.request, str, Service.WEBSITE, null);
        }
        return get(str, ArbitraryDataFile.ResourceIdType.SIGNATURE, null, null, str2, null, "/render/signature", true, true, str3);
    }

    @GET
    @SecurityRequirement(name = "apiKey")
    @Path("/hash/{hash}")
    public HttpServletResponse getIndexByHash(@PathParam("hash") String str, @QueryParam("secret") String str2, @QueryParam("theme") String str3) {
        if (!Settings.getInstance().isQDNAuthBypassEnabled()) {
            Security.requirePriorAuthorization(this.request, str, Service.WEBSITE, null);
        }
        return get(str, ArbitraryDataFile.ResourceIdType.FILE_HASH, Service.ARBITRARY_DATA, null, "/", str2, "/render/hash", true, false, str3);
    }

    @GET
    @SecurityRequirement(name = "apiKey")
    @Path("/hash/{hash}/{path:.*}")
    public HttpServletResponse getPathByHash(@PathParam("hash") String str, @PathParam("path") String str2, @QueryParam("secret") String str3, @QueryParam("theme") String str4) {
        if (!Settings.getInstance().isQDNAuthBypassEnabled()) {
            Security.requirePriorAuthorization(this.request, str, Service.WEBSITE, null);
        }
        return get(str, ArbitraryDataFile.ResourceIdType.FILE_HASH, Service.ARBITRARY_DATA, null, str2, str3, "/render/hash", true, false, str4);
    }

    @GET
    @SecurityRequirement(name = "apiKey")
    @Path("{service}/{name}/{path:.*}")
    public HttpServletResponse getPathByName(@PathParam("service") Service service, @PathParam("name") String str, @PathParam("path") String str2, @QueryParam("identifier") String str3, @QueryParam("theme") String str4) {
        if (!Settings.getInstance().isQDNAuthBypassEnabled()) {
            Security.requirePriorAuthorization(this.request, str, service, null);
        }
        return get(str, ArbitraryDataFile.ResourceIdType.NAME, service, str3, str2, null, String.format("/render/%s", service), true, true, str4);
    }

    @GET
    @SecurityRequirement(name = "apiKey")
    @Path("{service}/{name}")
    public HttpServletResponse getIndexByName(@PathParam("service") Service service, @PathParam("name") String str, @QueryParam("identifier") String str2, @QueryParam("theme") String str3) {
        if (!Settings.getInstance().isQDNAuthBypassEnabled()) {
            Security.requirePriorAuthorization(this.request, str, service, null);
        }
        return get(str, ArbitraryDataFile.ResourceIdType.NAME, service, str2, "/", null, String.format("/render/%s", service), true, true, str3);
    }

    private HttpServletResponse get(String str, ArbitraryDataFile.ResourceIdType resourceIdType, Service service, String str2, String str3, String str4, String str5, boolean z, boolean z2, String str6) {
        ArbitraryDataRenderer arbitraryDataRenderer = new ArbitraryDataRenderer(str, resourceIdType, service, str2, str3, str4, str5, z, z2, "render", this.request, this.response, this.context);
        if (str6 != null) {
            arbitraryDataRenderer.setTheme(str6);
        }
        return arbitraryDataRenderer.render();
    }
}
