package com.atlassian.confluence.xwork;

import com.atlassian.config.util.BootstrapUtils;
import com.atlassian.confluence.core.ConfluenceActionSupport;
import com.atlassian.confluence.setup.settings.SettingsManager;
import com.atlassian.confluence.user.AuthenticatedUserThreadLocal;
import com.atlassian.confluence.user.ConfluenceUser;
import com.atlassian.confluence.util.I18NSupport;
import com.atlassian.spring.container.ContainerManager;
import com.atlassian.xwork10.interceptors.XsrfTokenInterceptor;
import com.opensymphony.webwork.ServletActionContext;
import com.opensymphony.webwork.dispatcher.multipart.MultiPartRequestWrapper;
import com.opensymphony.xwork.Action;
import com.opensymphony.xwork.ActionInvocation;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:com/atlassian/confluence/xwork/ConfluenceXsrfTokenInterceptor.class */
public class ConfluenceXsrfTokenInterceptor extends XsrfTokenInterceptor {
    private static final String SRC_MAIL_RECIPIENT = "src.mail.recipient";
    private static final String JWT_TOKEN_PARAM = "jwt";
    private SettingsManager settingsManager;

    public String intercept(ActionInvocation actionInvocation) throws Exception {
        return isInspectionDisabledForRequest(actionInvocation) ? actionInvocation.invoke() : super.intercept(actionInvocation);
    }

    private boolean isInspectionDisabledForRequest(ActionInvocation actionInvocation) {
        ConfluenceUser confluenceUser;
        if (!BootstrapUtils.getBootstrapManager().isSetupComplete()) {
            return false;
        }
        String actionName = actionInvocation.getProxy().getActionName();
        if (ServletActionContext.getRequest().getAttribute("Plugin-Key") != null && StringUtils.isNotEmpty(ServletActionContext.getRequest().getParameter(JWT_TOKEN_PARAM))) {
            String parameter = ServletActionContext.getRequest().getParameter(SRC_MAIL_RECIPIENT);
            return (StringUtils.isEmpty(parameter) || (confluenceUser = AuthenticatedUserThreadLocal.get()) == null || !confluenceUser.getKey().getStringValue().equals(parameter)) ? false : true;
        }
        if (!"doattachfile".equals(actionName)) {
            return false;
        }
        MultiPartRequestWrapper request = ServletActionContext.getRequest();
        return (request instanceof MultiPartRequestWrapper) && request.hasErrors();
    }

    protected String internationaliseErrorMessage(Action action, String str) {
        return action instanceof ConfluenceActionSupport ? ((ConfluenceActionSupport) action).getText(str) : I18NSupport.getText(str);
    }

    private SettingsManager getSettingsManager() {
        if (this.settingsManager == null && ContainerManager.isContainerSetup()) {
            this.settingsManager = (SettingsManager) ContainerManager.getComponent("settingsManager");
        }
        return this.settingsManager;
    }
}
