package org.jivesoftware.openfire.net;

import java.io.IOException;
import java.io.StringReader;
import java.nio.charset.StandardCharsets;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
import org.dom4j.Document;
import org.dom4j.DocumentHelper;
import org.dom4j.Element;
import org.dom4j.Namespace;
import org.dom4j.QName;
import org.dom4j.io.XMPPPacketReader;
import org.jivesoftware.admin.FlashMessageTag;
import org.jivesoftware.openfire.Connection;
import org.jivesoftware.openfire.PacketRouter;
import org.jivesoftware.openfire.StreamIDFactory;
import org.jivesoftware.openfire.XMPPServer;
import org.jivesoftware.openfire.auth.UnauthorizedException;
import org.jivesoftware.openfire.disco.IQDiscoInfoHandler;
import org.jivesoftware.openfire.net.SASLAuthentication;
import org.jivesoftware.openfire.session.LocalSession;
import org.jivesoftware.openfire.session.Session;
import org.jivesoftware.openfire.spi.BasicStreamIDFactory;
import org.jivesoftware.openfire.streammanagement.StreamManager;
import org.jivesoftware.util.JiveGlobals;
import org.jivesoftware.util.LocaleUtils;
import org.jivesoftware.util.StreamErrorException;
import org.jivesoftware.util.StringUtils;
import org.jivesoftware.util.SystemProperty;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xmlpull.v1.XmlPullParser;
import org.xmlpull.v1.XmlPullParserException;
import org.xmpp.packet.IQ;
import org.xmpp.packet.JID;
import org.xmpp.packet.Message;
import org.xmpp.packet.Packet;
import org.xmpp.packet.PacketError;
import org.xmpp.packet.Presence;
import org.xmpp.packet.Roster;
import org.xmpp.packet.StreamError;

/* loaded from: input_file:org/jivesoftware/openfire/net/StanzaHandler.class */
public abstract class StanzaHandler {
    private static final Logger Log = LoggerFactory.getLogger(StanzaHandler.class);
    public static final SystemProperty<Boolean> PROPERTY_OVERWRITE_EMPTY_TO = SystemProperty.Builder.ofType(Boolean.class).setKey("xmpp.server.rewrite.replace-missing-to").setDefaultValue(true).setDynamic(true).build();
    private static final StreamIDFactory STREAM_ID_FACTORY = new BasicStreamIDFactory();
    protected Connection connection;
    protected SASLAuthentication.Status saslStatus;
    protected LocalSession session;
    protected PacketRouter router;
    protected boolean sessionCreated = false;
    protected boolean startedTLS = false;
    protected boolean startedSASL = false;
    protected boolean waitingCompressionACK = false;

    public StanzaHandler(PacketRouter packetRouter, Connection connection) {
        this.router = packetRouter;
        this.connection = connection;
    }

    public void setSession(LocalSession localSession) {
        this.session = localSession;
    }

    public void process(String str, XMPPPacketReader xMPPPacketReader) throws Exception {
        if (isStartOfStream(str) || !this.sessionCreated) {
            initiateSession(str, xMPPPacketReader);
        } else {
            processStanza(str, xMPPPacketReader);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v18, types: [org.jivesoftware.openfire.net.MXParser, org.xmlpull.v1.XmlPullParser] */
    /* JADX WARN: Type inference failed for: r0v24, types: [org.jivesoftware.openfire.net.MXParser, org.xmlpull.v1.XmlPullParser] */
    protected void initiateSession(String str, XMPPPacketReader xMPPPacketReader) throws Exception {
        if (isStartOfStream(str)) {
            if (!this.sessionCreated) {
                this.sessionCreated = true;
                ?? xPPParser = xMPPPacketReader.getXPPParser();
                xPPParser.setInput(new StringReader(str));
                createSession(xPPParser);
                return;
            }
            if (this.startedTLS) {
                ?? xPPParser2 = xMPPPacketReader.getXPPParser();
                xPPParser2.setInput(new StringReader(str));
                tlsNegotiated(xPPParser2);
                this.startedTLS = false;
                return;
            }
            if (this.startedSASL && this.saslStatus == SASLAuthentication.Status.authenticated) {
                this.startedSASL = false;
                saslSuccessful();
            } else if (this.waitingCompressionACK) {
                this.waitingCompressionACK = false;
                compressionSuccessful();
            }
        }
    }

    protected void processStanza(String str, XMPPPacketReader xMPPPacketReader) throws Exception {
        Element element;
        if (isEndOfStream(str)) {
            if (this.session != null) {
                this.session.getStreamManager().formalClose();
                Log.debug("Closing session as an end-of-stream was received: {}", this.session);
                this.session.close();
                return;
            }
            return;
        }
        if (str.startsWith("<?xml")) {
            return;
        }
        Set<Namespace> additionalNamespaces = this.connection.getAdditionalNamespaces();
        if (additionalNamespaces.isEmpty()) {
            element = xMPPPacketReader.read(new StringReader(str)).getRootElement();
        } else {
            Log.trace("Connection '{}' defined namespace prefixes on its original 'stream' element: {}", this.connection.getAddress(), additionalNamespaces.stream().map((v0) -> {
                return v0.asXML();
            }).collect(Collectors.joining(", ")));
            StringBuilder sb = new StringBuilder();
            sb.append("<stream:stream");
            additionalNamespaces.forEach(namespace -> {
                sb.append(" ").append(namespace.asXML());
            });
            if (additionalNamespaces.stream().noneMatch(namespace2 -> {
                return namespace2.getPrefix().equals("stream");
            })) {
                sb.append(" ").append(Namespace.get("stream", "http://etherx.jabber.org/streams").asXML());
            }
            sb.append(">").append(str).append("</stream:stream>");
            element = (Element) xMPPPacketReader.read(new StringReader(sb.toString())).getRootElement().elementIterator().next();
            element.detach();
        }
        if (element == null) {
            return;
        }
        String name = element.getName();
        if ("starttls".equals(name)) {
            if (negotiateTLS()) {
                this.startedTLS = true;
                return;
            } else {
                this.connection.close();
                this.session = null;
                return;
            }
        }
        if ("auth".equals(name)) {
            this.startedSASL = true;
            this.saslStatus = SASLAuthentication.handle(this.session, element);
            return;
        }
        if ((this.startedSASL && "response".equals(name)) || "abort".equals(name)) {
            this.saslStatus = SASLAuthentication.handle(this.session, element);
            return;
        }
        if ("compress".equals(name)) {
            if (compressClient(element)) {
                this.waitingCompressionACK = true;
            }
        } else if (!isStreamManagementStanza(element)) {
            process(element);
        } else {
            Log.trace("Client '{}' is sending stream management stanza.", this.session.getAddress());
            this.session.getStreamManager().process(element);
        }
    }

    private void process(Element element) throws UnauthorizedException {
        if (element == null) {
            return;
        }
        if (this.connection.isInitialized() && this.connection.getConfiguration().getTlsPolicy() == Connection.TLSPolicy.required && !this.connection.isEncrypted()) {
            closeNeverEncryptedConnection();
            return;
        }
        String name = element.getName();
        if (FlashMessageTag.ERROR_MESSAGE_KEY.equals(name)) {
            Log.info("The stream is being closed by the peer ('{}'), which sent this stream error: {}", this.session.getAddress(), element.asXML());
            this.session.close();
            return;
        }
        if ("message".equals(name)) {
            try {
                processMessage(new Message(element, !validateJIDs()));
                return;
            } catch (IllegalArgumentException e) {
                Log.debug("Rejecting stanza from '{}'. JID malformed", this.session.getAddress(), e);
                Packet message = new Message();
                message.setID(element.attributeValue("id"));
                message.setTo(this.session.getAddress());
                message.getElement().addAttribute("from", element.attributeValue("to"));
                message.setError(PacketError.Condition.jid_malformed);
                this.session.process(message);
                return;
            }
        }
        if ("presence".equals(name)) {
            try {
                Presence presence = new Presence(element, !validateJIDs());
                try {
                    presence.getType();
                } catch (IllegalArgumentException e2) {
                    Log.warn("Invalid presence type '{}' received from '{}'", new Object[]{presence.getElement().attributeValue("type"), this.session.getAddress(), e2});
                    presence.setType((Presence.Type) null);
                }
                try {
                    presence.getShow();
                } catch (IllegalArgumentException e3) {
                    Log.debug("Invalid presence show '{}' received from '{}'", presence.getElement().elementText("show"), e3);
                    presence.setShow((Presence.Show) null);
                }
                if (this.session.getStatus() == Session.Status.CLOSED && presence.isAvailable()) {
                    Log.warn("Ignoring available presence packet received on closed session '{}': {} ", this.session.getAddress(), presence);
                    return;
                } else {
                    processPresence(presence);
                    return;
                }
            } catch (IllegalArgumentException e4) {
                Log.debug("Rejecting stanza from '{}'. JID malformed", this.session.getAddress(), e4);
                Packet presence2 = new Presence();
                presence2.setID(element.attributeValue("id"));
                presence2.setTo(this.session.getAddress());
                presence2.getElement().addAttribute("from", element.attributeValue("to"));
                presence2.setError(PacketError.Condition.jid_malformed);
                this.session.process(presence2);
                return;
            }
        }
        if (!"iq".equals(name)) {
            if (processUnknowPacket(element)) {
                return;
            }
            Log.warn(LocaleUtils.getLocalizedString("admin.error.packet.tag") + "{}. Closing session: {}", element.asXML(), this.session);
            this.session.close();
            return;
        }
        try {
            IQ iq = getIQ(element);
            if (iq.getID() != null || !JiveGlobals.getBooleanProperty("xmpp.server.validation.enabled", false)) {
                processIQ(iq);
                return;
            }
            Log.debug("Closing session, as it sent us an IQ packet that has no ID attribute: {}. Affected session: {}", iq.toXML(), this.session);
            this.session.deliverRawText(new StreamError(StreamError.Condition.invalid_xml, "Stanza is missing 'id' attribute.").toXML());
            this.session.close();
        } catch (IllegalArgumentException e5) {
            Log.debug("Rejecting packet from '{}'. JID malformed", this.session.getAddress(), e5);
            Packet iq2 = new IQ();
            if (!element.elements().isEmpty()) {
                iq2.setChildElement(((Element) element.elements().get(0)).createCopy());
            }
            iq2.setID(element.attributeValue("id"));
            iq2.setTo(this.session.getAddress());
            if (element.attributeValue("to") != null) {
                iq2.getElement().addAttribute("from", element.attributeValue("to"));
            }
            iq2.setError(PacketError.Condition.jid_malformed);
            this.session.process(iq2);
        }
    }

    private IQ getIQ(Element element) {
        Element element2 = element.element("query");
        if (element2 != null && "jabber:iq:roster".equals(element2.getNamespaceURI())) {
            return new Roster(element);
        }
        if (element2 == null || !"jabber:iq:version".equals(element2.getNamespaceURI())) {
            if (element2 == null || !IQDiscoInfoHandler.NAMESPACE_DISCO_INFO.equals(element2.getNamespaceURI())) {
                return new IQ(element, !validateJIDs());
            }
            IQDiscoInfoHandler.setSoftwareVersionDataFormFromDiscoInfo(element2, this.session);
            return new IQ(element, !validateJIDs());
        }
        try {
            List<Element> elements = element2.elements();
            if (!elements.isEmpty()) {
                for (Element element3 : elements) {
                    this.session.setSoftwareVersionData(element3.getName(), element3.getStringValue());
                }
            }
        } catch (Exception e) {
            Log.error("Unexpected exception while processing IQ Version stanza from '{}'", this.session.getAddress(), e);
        }
        return new IQ(element, !validateJIDs());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void processIQ(IQ iq) throws UnauthorizedException {
        if (iq.getTo() == null && PROPERTY_OVERWRITE_EMPTY_TO.getValue().booleanValue()) {
            iq.setTo(iq.getFrom().asBareJID());
        }
        this.router.route(iq);
        this.session.incrementClientPacketCount();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void processPresence(Presence presence) throws UnauthorizedException {
        this.router.route(presence);
        this.session.incrementClientPacketCount();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void processMessage(Message message) throws UnauthorizedException {
        if (message.getTo() == null && PROPERTY_OVERWRITE_EMPTY_TO.getValue().booleanValue()) {
            message.setTo(message.getFrom().asBareJID());
        }
        this.router.route(message);
        this.session.incrementClientPacketCount();
    }

    abstract boolean processUnknowPacket(Element element) throws UnauthorizedException;

    protected boolean negotiateTLS() {
        if (this.connection.getConfiguration().getTlsPolicy() == Connection.TLSPolicy.disabled) {
            this.connection.close(new StreamError(StreamError.Condition.not_authorized, "A request to negotiate TLS is denied, as TLS has been disabled by configuration."));
            Log.warn("TLS requested by initiator when TLS was never offered by server. Closing connection: {}", this.connection);
            return false;
        }
        try {
            startTLS();
            return true;
        } catch (Exception e) {
            Log.error("Error while negotiating TLS with connection {}", this.connection, e);
            this.connection.deliverRawText("<failure xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\"/>");
            this.connection.close();
            return false;
        }
    }

    abstract void startTLS() throws Exception;

    /* JADX INFO: Access modifiers changed from: protected */
    public void tlsNegotiated(XmlPullParser xmlPullParser) throws XmlPullParserException, IOException {
        Document streamHeader = getStreamHeader();
        Element createElement = DocumentHelper.createElement(QName.get("features", "stream", "http://etherx.jabber.org/streams"));
        streamHeader.getRootElement().add(createElement);
        Element sASLMechanisms = SASLAuthentication.getSASLMechanisms(this.session);
        if (sASLMechanisms != null) {
            createElement.add(sASLMechanisms);
        }
        List<Element> availableStreamFeatures = this.session.getAvailableStreamFeatures();
        if (availableStreamFeatures != null) {
            Iterator<Element> it = availableStreamFeatures.iterator();
            while (it.hasNext()) {
                createElement.add(it.next());
            }
        }
        this.connection.deliverRawText(StringUtils.asUnclosedStream(streamHeader));
    }

    protected void saslSuccessful() {
        Document streamHeader = getStreamHeader();
        Element createElement = DocumentHelper.createElement(QName.get("features", "stream", "http://etherx.jabber.org/streams"));
        streamHeader.getRootElement().add(createElement);
        List<Element> availableStreamFeatures = this.session.getAvailableStreamFeatures();
        if (availableStreamFeatures != null) {
            Iterator<Element> it = availableStreamFeatures.iterator();
            while (it.hasNext()) {
                createElement.add(it.next());
            }
        }
        this.connection.deliverRawText(StringUtils.asUnclosedStream(streamHeader));
    }

    protected boolean compressClient(Element element) {
        String str = null;
        if (this.connection.getConfiguration().getCompressionPolicy() == Connection.CompressionPolicy.disabled) {
            str = "<failure xmlns='http://jabber.org/protocol/compress'><setup-failed/></failure>";
            Log.warn("Client requested compression while compression is disabled. Closing connection: {}", this.connection);
        } else if (this.connection.isCompressed()) {
            str = "<failure xmlns='http://jabber.org/protocol/compress'><setup-failed/></failure>";
            Log.warn("Client requested compression and connection is already compressed. Closing connection: {}", this.connection);
        } else {
            String elementText = element.elementText("method");
            if (!"zlib".equals(elementText)) {
                str = "<failure xmlns='http://jabber.org/protocol/compress'><unsupported-method/></failure>";
                Log.warn("Requested compression method is not supported: {}. Closing connection: {}", elementText, this.connection);
            }
        }
        if (str != null) {
            this.connection.deliverRawText(str);
            return false;
        }
        this.connection.addCompression();
        this.connection.deliverRawText("<compressed xmlns='http://jabber.org/protocol/compress'/>");
        this.connection.startCompression();
        return true;
    }

    protected void compressionSuccessful() {
        Element sASLMechanisms;
        Document streamHeader = getStreamHeader();
        Element createElement = DocumentHelper.createElement(QName.get("features", "stream", "http://etherx.jabber.org/streams"));
        streamHeader.getRootElement().add(createElement);
        if (!this.session.isAuthenticated() && (sASLMechanisms = SASLAuthentication.getSASLMechanisms(this.session)) != null) {
            createElement.add(sASLMechanisms);
        }
        List<Element> availableStreamFeatures = this.session.getAvailableStreamFeatures();
        if (availableStreamFeatures != null) {
            Iterator<Element> it = availableStreamFeatures.iterator();
            while (it.hasNext()) {
                createElement.add(it.next());
            }
        }
        this.connection.deliverRawText(StringUtils.asUnclosedStream(streamHeader));
    }

    protected boolean isStreamManagementStanza(Element element) {
        return StreamManager.NAMESPACE_V2.equals(element.getNamespace().getStringValue()) || StreamManager.NAMESPACE_V3.equals(element.getNamespace().getStringValue());
    }

    protected Document getStreamHeader() {
        Element createElement = DocumentHelper.createElement(QName.get("stream", "stream", "http://etherx.jabber.org/streams"));
        Document createDocument = DocumentHelper.createDocument(createElement);
        createDocument.setXMLEncoding(StandardCharsets.UTF_8.toString());
        createElement.add(getNamespace());
        createElement.addAttribute("from", XMPPServer.getInstance().getServerInfo().getXMPPDomain());
        createElement.addAttribute("id", this.session.getStreamID().getID());
        createElement.addAttribute(QName.get("lang", Namespace.XML_NAMESPACE), this.session.getLanguage().toLanguageTag());
        createElement.addAttribute("version", "1.0");
        return createDocument;
    }

    protected void closeNeverEncryptedConnection() {
        this.connection.close(new StreamError(StreamError.Condition.not_authorized, "TLS is mandatory, but was established."));
        Log.warn("TLS was required by the server and connection was never encrypted. Closing connection: {}", this.connection);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void createSession(XmlPullParser xmlPullParser) throws XmlPullParserException, IOException {
        int eventType = xmlPullParser.getEventType();
        while (eventType != 2) {
            eventType = xmlPullParser.next();
        }
        String xMPPDomain = XMPPServer.getInstance().getServerInfo().getXMPPDomain();
        String attributeValue = xmlPullParser.getAttributeValue("", "to");
        try {
            if (validateHost() && isHostUnknown(attributeValue)) {
                throw new StreamErrorException(StreamError.Condition.host_unknown, "Incorrect hostname in stream header: " + attributeValue);
            }
            if (!"http://etherx.jabber.org/streams".equals(xmlPullParser.getNamespace())) {
                throw new StreamErrorException(StreamError.Condition.invalid_namespace, "Invalid namespace in stream header: " + xmlPullParser.getNamespace());
            }
            if (!getNamespace().getURI().equals(xmlPullParser.getNamespace(null))) {
                throw new StreamErrorException(StreamError.Condition.invalid_namespace, "Invalid namespace in stream header. Expected: '" + getNamespace().getURI() + "'. Received: '" + xmlPullParser.getNamespace(null) + "'.");
            }
            createSession(xMPPDomain, xmlPullParser, this.connection);
            if (this.session == null) {
                throw new StreamErrorException(StreamError.Condition.internal_server_error, "Unable to create a session.");
            }
        } catch (StreamErrorException e) {
            Log.warn("Failed to create a session. Closing connection: {}", this.connection, e);
            Element createElement = DocumentHelper.createElement(QName.get("stream", "stream", "http://etherx.jabber.org/streams"));
            Document createDocument = DocumentHelper.createDocument(createElement);
            createDocument.setXMLEncoding(StandardCharsets.UTF_8.toString());
            createElement.add(Namespace.get(xmlPullParser.getNamespace(null)));
            createElement.addAttribute("from", attributeValue);
            createElement.addAttribute("id", STREAM_ID_FACTORY.createStreamID().getID());
            createElement.addAttribute("version", "1.0");
            createElement.add(e.getStreamError().getElement());
            this.connection.deliverRawText(StringUtils.asUnclosedStream(createDocument));
            this.connection.close();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isHostUnknown(String str) {
        return (str == null || XMPPServer.getInstance().getServerInfo().getXMPPDomain().equals(str)) ? false : true;
    }

    public JID getAddress() {
        if (this.session == null) {
            return null;
        }
        return this.session.getAddress();
    }

    abstract Namespace getNamespace();

    abstract boolean validateHost();

    abstract boolean validateJIDs();

    abstract void createSession(String str, XmlPullParser xmlPullParser, Connection connection) throws XmlPullParserException;

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isStartOfStream(String str) {
        return str.startsWith("<stream:stream") || (str.startsWith("<?xml ") && str.contains("<stream:stream"));
    }

    protected boolean isEndOfStream(String str) {
        return str.equals("</stream:stream>");
    }
}
