/*

 * reserved comment block

 * DO NOT REMOVE OR ALTER!

 */

/**

 * Licensed to the Apache Software Foundation (ASF) under one

 * or more contributor license agreements. See the NOTICE file

 * distributed with this work for additional information

 * regarding copyright ownership. The ASF licenses this file

 * to you under the Apache License, Version 2.0 (the

 * "License"); you may not use this file except in compliance

 * with the License. You may obtain a copy of the License at

 *

 * http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing,

 * software distributed under the License is distributed on an

 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY

 * KIND, either express or implied. See the License for the

 * specific language governing permissions and limitations

 * under the License.

 */

package com.sun.org.apache.xml.internal.security.parser;

import java.io.IOException;

import java.io.InputStream;

import java.security.AccessController;

import java.security.PrivilegedAction;

import java.util.Collections;

import java.util.Map;

import java.util.Queue;

import java.util.WeakHashMap;

import java.util.concurrent.ArrayBlockingQueue;

import javax.xml.parsers.DocumentBuilder;

import javax.xml.parsers.DocumentBuilderFactory;

import javax.xml.parsers.ParserConfigurationException;

import com.sun.org.apache.xml.internal.security.utils.XMLUtils;

import org.w3c.dom.Document;

import org.xml.sax.SAXException;

/**

 * A default implementation of XMLParser that uses two pools of DocumentBuilders.

 */

public class XMLParserImpl implements XMLParser {

    @SuppressWarnings("removal")

    private static int parserPoolSize =

            AccessController.doPrivileged(

                    (PrivilegedAction<Integer>) () -> Integer.getInteger("com.sun.org.apache.xml.internal.security.parser.pool-size", 20));

    private static final Map<ClassLoader, Queue<DocumentBuilder>> DOCUMENT_BUILDERS =

            Collections.synchronizedMap(new WeakHashMap<ClassLoader, Queue<DocumentBuilder>>());

    private static final Map<ClassLoader, Queue<DocumentBuilder>> DOCUMENT_BUILDERS_DISALLOW_DOCTYPE =

            Collections.synchronizedMap(new WeakHashMap<ClassLoader, Queue<DocumentBuilder>>());

    @Override

    public Document parse(InputStream inputStream, boolean disallowDocTypeDeclarations) throws XMLParserException {

        try {

            ClassLoader loader = getContextClassLoader();

            if (loader == null) {

                loader = getClassLoader(XMLUtils.class);

            }

            // If the ClassLoader is null then just create a DocumentBuilder and use it

            if (loader == null) {

                DocumentBuilder documentBuilder = createDocumentBuilder(disallowDocTypeDeclarations);

                return documentBuilder.parse(inputStream);

            }

            Queue<DocumentBuilder> queue = getDocumentBuilderQueue(disallowDocTypeDeclarations, loader);

            DocumentBuilder documentBuilder = getDocumentBuilder(disallowDocTypeDeclarations, queue);

            Document doc = documentBuilder.parse(inputStream);

            repoolDocumentBuilder(documentBuilder, queue);

            return doc;

        } catch (ParserConfigurationException | SAXException | IOException ex) {

            throw new XMLParserException(ex, "empty", new Object[] {"Error parsing the inputstream"});

        }

    }

    private static Queue<DocumentBuilder> getDocumentBuilderQueue(boolean disallowDocTypeDeclarations, ClassLoader loader) throws ParserConfigurationException {

        Map<ClassLoader, Queue<DocumentBuilder>> docBuilderCache =

                disallowDocTypeDeclarations ? DOCUMENT_BUILDERS_DISALLOW_DOCTYPE : DOCUMENT_BUILDERS;

        Queue<DocumentBuilder> queue = docBuilderCache.get(loader);

        if (queue == null) {

            queue = new ArrayBlockingQueue<>(parserPoolSize);

            docBuilderCache.put(loader, queue);

        }

        return queue;

    }

    private static DocumentBuilder getDocumentBuilder(boolean disallowDocTypeDeclarations, Queue<DocumentBuilder> queue) throws ParserConfigurationException {

        DocumentBuilder db = queue.poll();

        if (db == null) {

            db = createDocumentBuilder(disallowDocTypeDeclarations);

        }

        return db;

    }

    private static DocumentBuilder createDocumentBuilder(boolean disallowDocTypeDeclarations) throws ParserConfigurationException {

        DocumentBuilderFactory f = DocumentBuilderFactory.newInstance();

        f.setNamespaceAware(true);

        f.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true);

        f.setFeature("http://apache.org/xml/features/disallow-doctype-decl", disallowDocTypeDeclarations);

        return f.newDocumentBuilder();

    }

    private static void repoolDocumentBuilder(DocumentBuilder db, Queue<DocumentBuilder> queue) {

        if (queue != null) {

            db.reset();

            queue.offer(db);

        }

    }

    @SuppressWarnings("removal")

    private static ClassLoader getContextClassLoader() {

        final SecurityManager sm = System.getSecurityManager();

        if (sm != null) {

            return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {

                public ClassLoader run() {

                    return Thread.currentThread().getContextClassLoader();

                }

            });

        }

        return Thread.currentThread().getContextClassLoader();

    }

    @SuppressWarnings("removal")

    private static ClassLoader getClassLoader(final Class<?> clazz) {

        final SecurityManager sm = System.getSecurityManager();

        if (sm != null) {

            return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {

                public ClassLoader run() {

                    return clazz.getClassLoader();

                }

            });

        }

        return clazz.getClassLoader();

    }

}