package com.atlassian.bamboo.security;

import com.atlassian.bamboo.build.CookieCutterImpl;
import com.atlassian.bamboo.user.authentication.BambooElevatedSecurityGuard;
import com.atlassian.bamboo.util.RequestCacheThreadLocal;
import com.atlassian.bamboo.ww2.BambooActionSupport;
import com.atlassian.bamboo.ww2.aware.permissions.GlobalBypassSecurityAware;
import com.atlassian.seraph.config.SecurityConfig;
import com.atlassian.seraph.config.SecurityConfigFactory;
import java.net.MalformedURLException;
import java.net.URL;
import javax.annotation.Nullable;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.apache.struts2.ServletActionContext;

/* loaded from: input_file:com/atlassian/bamboo/security/Login.class */
public class Login extends BambooActionSupport implements GlobalBypassSecurityAware {
    @Override // com.atlassian.bamboo.ww2.BambooActionSupport
    public String doDefault() throws Exception {
        this.cookieCutter.getValueFromConglomerateCookie(CookieCutterImpl.AJS_CONGLOMERATE_COOKIE, "ASDQWE");
        return getLoginUrl() == null ? "input" : "login";
    }

    public String execute() throws Exception {
        if (isElevatedSecurityFailed()) {
            addFieldError("captcha", getText("user.captcha.error"));
        }
        String authStatus = getAuthStatus();
        if (StringUtils.isNotEmpty(authStatus)) {
            if (authStatus.equals("failed")) {
                addActionError(getText("user.login.invalid"));
            }
            if (authStatus.equals("error")) {
                addActionError(getText("user.login.error"));
            }
            if (authStatus.equals("adminNeeded")) {
                addActionError(getText("user.login.adminNeeded"));
            }
        }
        String bambooAuthStatus = getBambooAuthStatus();
        if (StringUtils.isNotEmpty(bambooAuthStatus) && bambooAuthStatus.equals("adminNeeded")) {
            addActionError(getText("user.login.adminNeeded"));
        }
        return super.execute();
    }

    public boolean isElevatedSecurityRequired() {
        return BambooElevatedSecurityGuard.isElevatedSecurityRequired(ServletActionContext.getRequest());
    }

    public boolean isElevatedSecurityFailed() {
        return BambooElevatedSecurityGuard.isElevatedSecurityFailed(ServletActionContext.getRequest());
    }

    @Nullable
    public String getLoginUrl() {
        HttpServletRequest nonNullRequest = RequestCacheThreadLocal.getNonNullRequest();
        try {
            SecurityConfig securityConfigFactory = SecurityConfigFactory.getInstance();
            URL url = new URL(nonNullRequest.getRequestURL().toString());
            URL url2 = new URL(getBaseUrl() + LogoutSupport.getCompleteUrlString(securityConfigFactory.getLoginURL(), nonNullRequest));
            if (url.getPath().startsWith(url2.getPath())) {
                return null;
            }
            return url2.toString();
        } catch (MalformedURLException e) {
            return null;
        }
    }

    private String getAuthStatus() {
        return (String) ServletActionContext.getRequest().getAttribute("os_authstatus");
    }

    private String getBambooAuthStatus() {
        return (String) ServletActionContext.getRequest().getAttribute("bam_authstatus");
    }
}
