package com.atlassian.confluence.plugins.emailtracker.impl;

import com.atlassian.confluence.plugins.emailtracker.EmailUrlValidator;
import com.atlassian.confluence.plugins.emailtracker.InvalidTrackingRequestException;
import com.atlassian.confluence.setup.settings.SettingsManager;
import com.atlassian.security.random.SecureTokenGenerator;
import com.google.common.collect.Maps;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
import java.util.Map;
import java.util.TreeSet;
import javax.xml.bind.DatatypeConverter;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/confluence/plugins/emailtracker/impl/EmailUrlValidatorImpl.class */
public class EmailUrlValidatorImpl implements EmailUrlValidator {
    private static final Logger log = LoggerFactory.getLogger(EmailTrackerServiceImpl.class);
    static final String PLUGIN_TOKEN_SETTING_KEY = "com.atlassian.confluence.plugins.confluence-email-tracker:url-validator-token";
    static final String HASH = "hash";
    private final SecureTokenGenerator secureTokenGenerator;
    private final SettingsManager settingsManager;
    private String token;

    public EmailUrlValidatorImpl(SecureTokenGenerator secureTokenGenerator, SettingsManager settingsManager) {
        this.secureTokenGenerator = secureTokenGenerator;
        this.settingsManager = settingsManager;
    }

    @Override // com.atlassian.confluence.plugins.emailtracker.EmailUrlValidator
    public Map<String, String> addValidationDataToQueryParameters(String str, Map<String, String> map) {
        HashMap newHashMap = Maps.newHashMap(map);
        newHashMap.put(HASH, makeHash(str, map));
        return newHashMap;
    }

    @Override // com.atlassian.confluence.plugins.emailtracker.EmailUrlValidator
    public Map<String, String> validateQueryParameters(String str, Map<String, String> map) throws InvalidTrackingRequestException {
        HashMap newHashMap = Maps.newHashMap(map);
        String remove = newHashMap.remove(HASH);
        if (StringUtils.isBlank(remove)) {
            throw new InvalidTrackingRequestException("No tracking hash included in request");
        }
        if (makeHash(str, newHashMap).equals(remove)) {
            return newHashMap;
        }
        throw new InvalidTrackingRequestException("Invalid hash included in request");
    }

    private String makeHash(String str, Map<String, String> map) {
        String convertToSortedString = convertToSortedString(map);
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("MD5");
            messageDigest.update(str.getBytes("UTF-8"));
            messageDigest.update(convertToSortedString.getBytes("UTF-8"));
            messageDigest.update(getSecureToken().getBytes("UTF-8"));
            return DatatypeConverter.printBase64Binary(messageDigest.digest());
        } catch (UnsupportedEncodingException e) {
            log.warn("Can't make MD5 hash for email-tracking URL: UnsupportedEncodingException. Leaving blank.");
            return "";
        } catch (NoSuchAlgorithmException e2) {
            log.warn("Can't make MD5 hash for email-tracking URL: NoSuchAlgorithmException. Leaving blank.");
            return "";
        }
    }

    private String getSecureToken() {
        if (this.token == null) {
            this.token = (String) this.settingsManager.getPluginSettings(PLUGIN_TOKEN_SETTING_KEY);
            if (this.token == null) {
                this.token = this.secureTokenGenerator.generateToken();
                this.settingsManager.updatePluginSettings(PLUGIN_TOKEN_SETTING_KEY, this.token);
            }
        }
        return this.token;
    }

    private String convertToSortedString(Map<String, String> map) {
        StringBuilder sb = new StringBuilder();
        for (String str : new TreeSet(map.keySet())) {
            sb.append(str + '=' + map.get(str) + '&');
        }
        return sb.toString();
    }
}
