package com.atlassian.confluence.user.actions;

import com.atlassian.confluence.security.login.LoginManager;
import com.atlassian.confluence.security.seraph.ConfluenceElevatedSecurityGuard;
import com.atlassian.confluence.util.SeraphUtils;
import com.atlassian.confluence.web.context.HttpContext;
import com.atlassian.seraph.auth.AuthenticationErrorType;
import com.atlassian.seraph.config.SecurityConfigFactory;
import com.atlassian.seraph.filter.LoginFilter;
import com.atlassian.seraph.filter.LoginFilterRequest;
import com.opensymphony.webwork.ServletActionContext;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.apache.velocity.app.FieldMethodizer;

/* loaded from: input_file:com/atlassian/confluence/user/actions/LoginAction.class */
public class LoginAction extends AbstractLoginSignupAction {
    private LoginManager loginManager;
    private HttpContext httpContext;
    private String os_username;

    @Override // com.atlassian.confluence.validation.MessageHolderAware
    public void validate() {
        HttpServletRequest request = this.httpContext.getRequest();
        if (request.getRemoteUser() != null) {
            String originalURL = SeraphUtils.getOriginalURL(request);
            if (originalURL != null) {
                addActionError("login.not.permitted.description", originalURL);
                return;
            }
            return;
        }
        if (isElevatedSecurityCheckRequired()) {
            addActionError(getText("login.elevatedsecuritycheck.required"));
            if (null != request.getAttribute(ConfluenceElevatedSecurityGuard.ELEVATED_SECURITY_FAILURE)) {
                addFieldError("captcha", getText("login.elevatedsecuritycheck.required.captcharesponse.invalid"));
                return;
            }
            return;
        }
        String authenticationStatus = LoginFilterRequest.getAuthenticationStatus(request);
        if ("failed".equals(authenticationStatus)) {
            addActionError(getText("wrong.password"));
        } else if ("error".equals(authenticationStatus)) {
            if (LoginFilterRequest.getAuthenticationErrorType(request) == AuthenticationErrorType.CommunicationError) {
                addActionError(getText("comms.error.occurred"));
            } else {
                addActionError(getText("error.occurred"));
            }
        }
    }

    public String execute() throws Exception {
        if (!StringUtils.isBlank(this.os_destination)) {
            return "success";
        }
        String refererURL = getRefererURL();
        if (!StringUtils.isNotBlank(refererURL)) {
            return "success";
        }
        ServletActionContext.getContext().getSession().put(SecurityConfigFactory.getInstance().getOriginalURLKey(), refererURL);
        return "success";
    }

    private String getRefererURL() {
        String header = ServletActionContext.getRequest().getHeader("Referer");
        if (StringUtils.isBlank(header) || header.contains("logout") || header.contains("login")) {
            return null;
        }
        String str = null;
        String baseUrl = this.settingsManager.getGlobalSettings().getBaseUrl();
        if (header.startsWith(baseUrl)) {
            str = header.substring(baseUrl.length());
            if (!str.startsWith("/")) {
                str = "/" + str;
            }
        }
        return str;
    }

    @Override // com.atlassian.confluence.user.actions.AbstractUsersAction, com.atlassian.confluence.core.ConfluenceActionSupport
    public boolean isPermitted() {
        return true;
    }

    public FieldMethodizer getLoginFilter() {
        return new FieldMethodizer(new LoginFilter());
    }

    public String getOs_username() {
        return this.os_username;
    }

    public void setOs_username(String str) {
        this.os_username = str;
    }

    public boolean isShowForgottenPasswordHelp() {
        return this.upgradeManager.isUpgraded() && !this.settingsManager.getGlobalSettings().isExternalUserManagement();
    }

    public void setHttpContext(HttpContext httpContext) {
        this.httpContext = httpContext;
    }

    @Override // com.atlassian.confluence.core.ConfluenceActionSupport
    public void setLoginManager(LoginManager loginManager) {
        this.loginManager = loginManager;
    }

    public boolean isElevatedSecurityCheckRequired() {
        return this.loginManager.requiresElevatedSecurityCheck(this.os_username);
    }
}
