package com.atlassian.jira.web.action.admin;

import com.atlassian.crowd.embedded.api.User;
import com.atlassian.jira.bc.project.ProjectAction;
import com.atlassian.jira.bc.project.ProjectService;
import com.atlassian.jira.bc.whitelist.DefaultWhitelistManager;
import com.atlassian.jira.config.properties.ApplicationProperties;
import com.atlassian.jira.security.JiraAuthenticationContext;
import com.atlassian.jira.security.login.LoginManager;
import com.atlassian.jira.security.websudo.InternalWebSudoManager;
import com.atlassian.jira.util.UrlBuilder;
import com.atlassian.jira.util.http.JiraUrl;
import com.atlassian.jira.util.velocity.VelocityRequestContext;
import com.atlassian.jira.util.velocity.VelocityRequestContextFactory;
import com.atlassian.jira.util.velocity.VelocityRequestSession;
import com.atlassian.jira.web.SessionKeys;
import com.atlassian.jira.web.action.JiraWebActionSupport;
import com.atlassian.seraph.util.RedirectUtils;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import webwork.action.ActionContext;
import webwork.action.ServletActionContext;

/* loaded from: input_file:com/atlassian/jira/web/action/admin/WebSudoAuthenticate.class */
public class WebSudoAuthenticate extends JiraWebActionSupport {
    private InternalWebSudoManager webSudoManager;
    private final JiraAuthenticationContext authenticationContext;
    private final VelocityRequestContextFactory contextFactory;
    private final ProjectService projectService;
    private final ApplicationProperties applicationProperties;
    private String password;
    private String destination;
    private LoginManager loginManager;
    private Map<String, List<String>> allParams = new HashMap();
    private boolean isPost;

    public WebSudoAuthenticate(LoginManager loginManager, InternalWebSudoManager internalWebSudoManager, JiraAuthenticationContext jiraAuthenticationContext, VelocityRequestContextFactory velocityRequestContextFactory, ProjectService projectService, ApplicationProperties applicationProperties) {
        this.loginManager = loginManager;
        this.webSudoManager = internalWebSudoManager;
        this.authenticationContext = jiraAuthenticationContext;
        this.contextFactory = velocityRequestContextFactory;
        this.projectService = projectService;
        this.applicationProperties = applicationProperties;
    }

    public String doDefault() throws Exception {
        User loggedInUser = getLoggedInUser();
        HttpServletRequest request = ActionContext.getRequest();
        if (loggedInUser == null) {
            return getRedirect(stripContextPath(RedirectUtils.getLoginUrl(request), request));
        }
        this.password = null;
        setWebSudoIsPost(request.getMethod().equals("POST"));
        this.allParams.put("webSudoIsPost", Arrays.asList(Boolean.toString(getWebSudoIsPost())));
        Enumeration parameterNames = request.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            this.allParams.put(str, Arrays.asList(request.getParameterValues(str)));
        }
        return super.doDefault();
    }

    private String stripContextPath(String str, HttpServletRequest httpServletRequest) {
        String trimToEmpty = StringUtils.trimToEmpty(httpServletRequest.getContextPath());
        int indexOf = str.indexOf(trimToEmpty);
        if (indexOf == 0) {
            str = str.substring(indexOf + trimToEmpty.length());
        }
        return str;
    }

    public String doExecute() throws Exception {
        this.webSudoManager.startSession(ServletActionContext.getRequest(), ServletActionContext.getResponse());
        if (!getWebSudoIsPost()) {
            setReturnUrl(null);
            return getRedirect(getWebSudoDestination());
        }
        Enumeration parameterNames = this.request.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            if (!str.toLowerCase().startsWith("websudo")) {
                this.allParams.put(str, Arrays.asList(this.request.getParameterValues(str)));
            }
        }
        return "repostform";
    }

    public void doValidation() {
        if (StringUtils.isBlank(this.password)) {
            addError("webSudoPassword", getText("websudo.password.empty"));
            copyAllParams();
        } else {
            if (this.loginManager.authenticateWithoutElevatedCheck(getLoggedInUser(), this.password).isOK()) {
                return;
            }
            addError("webSudoPassword", getText("websudo.password.wrong"));
            copyAllParams();
        }
    }

    public String getCancelUrl() {
        VelocityRequestContext jiraVelocityRequestContext = this.contextFactory.getJiraVelocityRequestContext();
        VelocityRequestSession session = jiraVelocityRequestContext.getSession();
        String str = (String) session.getAttribute(SessionKeys.CURRENT_ADMIN_PROJECT);
        StringBuilder sb = new StringBuilder(jiraVelocityRequestContext.getBaseUrl());
        if (StringUtils.isNotBlank(str)) {
            ProjectService.GetProjectResult projectByKeyForAction = this.projectService.getProjectByKeyForAction(this.authenticationContext.getLoggedInUser(), str, ProjectAction.EDIT_PROJECT_CONFIG);
            if (projectByKeyForAction.isValid()) {
                sb.append("/plugins/servlet/project-config");
                sb.append(DefaultWhitelistManager.REGEX_PREFIX).append(projectByKeyForAction.getProject().getKey());
                String str2 = (String) session.getAttribute(SessionKeys.CURRENT_ADMIN_PROJECT_TAB);
                if (StringUtils.isNotBlank(str2)) {
                    sb.append(DefaultWhitelistManager.REGEX_PREFIX).append(str2);
                } else {
                    sb.append("/summary");
                }
            } else {
                sb.append("/secure/AdminSummary.jspa");
            }
        } else {
            sb.append("/secure/AdminSummary.jspa");
        }
        return new UrlBuilder(sb.toString(), this.applicationProperties.getEncoding(), false).asUrlString();
    }

    private void copyAllParams() {
        Enumeration parameterNames = this.request.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            this.allParams.put(str, Arrays.asList(this.request.getParameterValues(str)));
        }
    }

    public String getUsername() {
        return getLoggedInUser().getName();
    }

    public String getWebSudoPassword() {
        return this.password;
    }

    public void setWebSudoPassword(String str) {
        this.password = str;
    }

    public String getWebSudoDestination() {
        return StringUtils.isNotBlank(this.destination) ? this.destination : "/secure/admin/AdminSummary.jspa";
    }

    public void setWebSudoDestination(String str) {
        String safeUri = str != null ? getUriValidator().getSafeUri(JiraUrl.constructBaseUrl(this.request), str) : null;
        if (safeUri == null || getRedirectChecker().canRedirectTo(safeUri)) {
            this.destination = safeUri;
        }
    }

    public Map<String, List<String>> getRequestParameters() {
        return this.allParams;
    }

    public boolean getWebSudoIsPost() {
        return this.isPost;
    }

    public void setWebSudoIsPost(boolean z) {
        this.isPost = z;
    }
}
