package com.atlassian.confluence.security.websudo;

import com.atlassian.confluence.core.ConfluenceActionSupport;
import com.atlassian.user.User;
import com.google.common.base.Preconditions;
import com.opensymphony.webwork.ServletActionContext;
import java.net.URI;
import java.net.URISyntaxException;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:com/atlassian/confluence/security/websudo/AuthenticateAction.class */
public class AuthenticateAction extends ConfluenceActionSupport {
    private String password;
    private String destination;
    private WebSudoManager webSudoManager;

    @Override // com.atlassian.confluence.core.ConfluenceActionSupport
    public String doDefault() throws Exception {
        this.password = null;
        return super.doDefault();
    }

    public String execute() throws Exception {
        if (StringUtils.isBlank(this.password)) {
            addFieldError("password", getText("websudo.password.empty"));
            return "input";
        }
        if (!this.userAccessor.authenticate(getUsername(), this.password)) {
            addFieldError("password", getText("websudo.password.wrong"));
            return "input";
        }
        this.webSudoManager.startSession(ServletActionContext.getRequest(), ServletActionContext.getResponse());
        try {
            if (!StringUtils.isBlank(this.destination) && !isSameDomain()) {
                this.destination = null;
            }
            return "success";
        } catch (URISyntaxException e) {
            this.destination = null;
            return "success";
        }
    }

    public User getUser() {
        return getUser(getUsername());
    }

    public String getUsername() {
        return getAuthenticatedUser().getName();
    }

    public String getPassword() {
        return this.password;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public String getDestination() {
        return this.destination;
    }

    public void setDestination(String str) {
        this.destination = str;
    }

    public void setWebSudoManager(WebSudoManager webSudoManager) {
        this.webSudoManager = (WebSudoManager) Preconditions.checkNotNull(webSudoManager);
    }

    private boolean isSameDomain() throws URISyntaxException {
        String domainName = getDomainName(getGlobalSettings().getBaseUrl());
        String domainName2 = getDomainName(this.destination);
        if (StringUtils.isBlank(domainName2)) {
            return true;
        }
        return domainName.equalsIgnoreCase(domainName2);
    }

    private String getDomainName(String str) throws URISyntaxException {
        String host = new URI(str.replaceAll("//{2,}", "//")).getHost();
        if (!StringUtils.isBlank(host) && host.startsWith("www.")) {
            return host.substring(4);
        }
        return host;
    }
}
