package com.atlassian.confluence.security.websudo;

import com.atlassian.confluence.core.ConfluenceSystemProperties;
import com.atlassian.confluence.setup.webwork.AbstractAwareInterceptor;
import com.atlassian.confluence.util.LazyComponentReference;
import com.atlassian.confluence.xwork.WebWorkActionHelper;
import com.atlassian.core.util.map.EasyMap;
import com.atlassian.spring.container.ContainerManager;
import com.atlassian.util.concurrent.Supplier;
import com.opensymphony.webwork.ServletActionContext;
import com.opensymphony.xwork.ActionInvocation;
import com.opensymphony.xwork.config.entities.ActionConfig;
import java.lang.reflect.Method;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/confluence/security/websudo/WebSudoInterceptor.class */
public class WebSudoInterceptor extends AbstractAwareInterceptor {
    private static final Logger log = LoggerFactory.getLogger(WebSudoInterceptor.class);
    private Supplier<WebSudoManager> webSudoManagerSupplier = LazyComponentReference.containerComponent("webSudoManager");

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.atlassian.confluence.setup.webwork.AbstractAwareInterceptor
    public String intercept(ActionInvocation actionInvocation) throws Exception {
        if (skipWebSudoCheck()) {
            log.debug("web sudo check is skipped");
            return actionInvocation.invoke();
        }
        HttpServletRequest request = ServletActionContext.getRequest();
        HttpSession session = request.getSession(false);
        WebSudoManager webSudoManager = getWebSudoManager();
        String servletPath = request.getServletPath();
        String pathInfo = request.getPathInfo();
        String queryString = request.getQueryString();
        boolean hasValidSession = webSudoManager.hasValidSession(session);
        Class<?> cls = actionInvocation.getAction().getClass();
        ActionConfig config = actionInvocation.getProxy().getConfig();
        try {
            Method actionMethod = WebWorkActionHelper.getActionMethod(cls, config.getMethodName());
            if (!webSudoManager.matches(servletPath, cls, actionMethod)) {
                log.debug("web sudo check not required for {}.{}", cls, actionMethod);
                return actionInvocation.invoke();
            }
            HttpServletResponse response = ServletActionContext.getResponse();
            if (hasValidSession) {
                log.debug("valid websudo session found: resetting and proceeding");
                webSudoManager.startSession(request, response);
                return actionInvocation.invoke();
            }
            log.debug("expired or missing websudo session: redirecting");
            actionInvocation.getStack().push(EasyMap.build("destination", servletPath + (null != pathInfo ? pathInfo : "") + (null != queryString ? "?" + queryString : "")));
            webSudoManager.invalidateSession(request, response);
            return "websudorequired";
        } catch (NoSuchMethodException e) {
            throw new RuntimeException("action method [ " + config.getMethodName() + " ] not found on [ " + actionInvocation.getAction().getClass().getName() + " ]", e);
        }
    }

    boolean skipWebSudoCheck() {
        return (!ConfluenceSystemProperties.isDevMode() && ContainerManager.isContainerSetup() && getWebSudoManager().isEnabled()) ? false : true;
    }

    WebSudoManager getWebSudoManager() {
        return (WebSudoManager) this.webSudoManagerSupplier.get();
    }
}
