package com.atlassian.bamboo.ww2.actions.websudo;

import com.atlassian.bamboo.exception.AccessDeniedException;
import com.atlassian.bamboo.sal.BambooWebSudoManager;
import com.atlassian.bamboo.security.LogoutSupport;
import com.atlassian.bamboo.user.LoginInformationManager;
import com.atlassian.bamboo.util.RequestCacheThreadLocal;
import com.atlassian.bamboo.util.UrlUtils;
import com.atlassian.bamboo.utils.EscapeChars;
import com.atlassian.bamboo.ww2.BambooActionSupport;
import com.atlassian.seraph.config.SecurityConfigFactory;
import com.atlassian.user.User;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:com/atlassian/bamboo/ww2/actions/websudo/WebSudoAction.class */
public class WebSudoAction extends BambooActionSupport {
    private String password;

    @Autowired
    private LoginInformationManager loginInformationManager;

    @Autowired
    private BambooWebSudoManager webSudoManager;

    @Override // com.atlassian.bamboo.ww2.BambooActionSupport
    public String doDefault() throws Exception {
        if (mo381getUser() == null) {
            return "login";
        }
        if (this.webSudoManager.isUnableToHoldWebSudo(RequestCacheThreadLocal.getRequest())) {
            throw new AccessDeniedException(getText("error.403.heading"));
        }
        return super.doDefault();
    }

    public String execute() throws Exception {
        HttpServletRequest request = RequestCacheThreadLocal.getRequest();
        HttpServletResponse response = RequestCacheThreadLocal.getResponse();
        if (request == null || response == null) {
            addActionError(getText("user.websudo.request.response.required"));
            return "error";
        }
        if (mo381getUser() == null) {
            return "login";
        }
        if (this.webSudoManager.isUnableToHoldWebSudo(request)) {
            throw new AccessDeniedException(getText("error.403.heading"));
        }
        if (validateInput()) {
            LogoutSupport.logout((ServletRequest) request, (ServletResponse) response);
            return "login";
        }
        if (hasErrors()) {
            return "error";
        }
        LogoutSupport.logout((ServletRequest) request, (ServletResponse) response);
        SecurityConfigFactory.getInstance().getAuthenticator().login(request, response, getUsername(), this.password);
        this.webSudoManager.setWebSudoSession(request, response);
        response.sendRedirect(StringUtils.stripToEmpty(request.getContextPath()) + "/" + UrlUtils.stripLeadingSlashes(request.getParameter("web_sudo_destination")));
        return "none";
    }

    public String getEncodedCurrentUrl() {
        return EscapeChars.forUrl(getCurrentUrl());
    }

    public void setPassword(String str) {
        this.password = str;
    }

    private String getUsername() {
        User user = mo381getUser();
        return user == null ? "" : user.getName();
    }

    private boolean validateInput() {
        if (StringUtils.isBlank(this.password)) {
            addFieldError("password", getText("user.password.error.required"));
            return this.loginInformationManager.incrementFailedCountAndCheckThreshold(getUsername());
        }
        if (getBambooUserManager().authenticate(getUsername(), this.password)) {
            return false;
        }
        addFieldError("password", getText("user.password.change.current.invalid"));
        return this.loginInformationManager.incrementFailedCountAndCheckThreshold(getUsername());
    }
}
