package com.atlassian.bamboo.ww2.interceptors;

import com.atlassian.bamboo.Bamboo;
import com.atlassian.bamboo.configuration.AdministrationConfiguration;
import com.atlassian.bamboo.filter.SeraphLoginFilter;
import com.atlassian.bamboo.rest.BambooRemoteException;
import com.atlassian.bamboo.rest.Login;
import com.atlassian.bamboo.rest.SessionManager;
import com.atlassian.bamboo.user.BambooUserManager;
import com.atlassian.bamboo.ww2.BambooActionSupport;
import com.atlassian.bamboo.ww2.aware.RestActionAware;
import com.opensymphony.xwork.ActionContext;
import com.opensymphony.xwork.ActionInvocation;
import org.acegisecurity.adapters.PrincipalAcegiUserToken;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.userdetails.UserDetails;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:com/atlassian/bamboo/ww2/interceptors/RemoteApiLoginInterceptor.class */
public class RemoteApiLoginInterceptor extends AbstractBambooInterceptor {
    private BambooUserManager bambooUserManager;
    private AdministrationConfiguration administrationConfiguration;
    private Bamboo bamboo;

    public String intercept(ActionInvocation actionInvocation) throws Exception {
        UserDetails loadUserByUsername;
        Object action = actionInvocation.getAction();
        if ((!(action instanceof RestActionAware) && !(action instanceof Login)) || !(action instanceof BambooActionSupport)) {
            return actionInvocation.invoke();
        }
        BambooActionSupport bambooActionSupport = (BambooActionSupport) action;
        if (!getAdministrationConfiguration().isRemoteApiEnabled()) {
            bambooActionSupport.addActionError("The remote API has been disabled.");
            return "error";
        }
        if (action instanceof Login) {
            return actionInvocation.invoke();
        }
        if (StringUtils.isEmpty(getSessionId())) {
            bambooActionSupport.addActionError("You need to provide an auth id");
            return "error";
        }
        String userNameFromSession = getUserNameFromSession();
        if (userNameFromSession == null || (loadUserByUsername = this.bambooUserManager.loadUserByUsername(userNameFromSession)) == null) {
            bambooActionSupport.addActionError("User not authenticated yet, or session timed out.");
            return "error";
        }
        SecurityContextHolder.getContext().setAuthentication(new PrincipalAcegiUserToken(SeraphLoginFilter.USER_TOKEN_KEY, loadUserByUsername.getUsername(), loadUserByUsername.getPassword(), loadUserByUsername.getAuthorities(), loadUserByUsername));
        return actionInvocation.invoke();
    }

    protected String getUserNameFromSession() {
        SessionManager sessionManager = getBamboo().getSessionManager();
        try {
            String sessionId = getSessionId();
            if (sessionId != null) {
                return sessionManager.getUserNameFromSession(sessionId);
            }
            return null;
        } catch (BambooRemoteException e) {
            return null;
        }
    }

    public Bamboo getBamboo() {
        if (this.bamboo == null) {
            this.bamboo = (Bamboo) ActionContext.getContext().getApplication().get("com.atlassian.bamboo.Bamboo");
        }
        return this.bamboo;
    }

    public void setBamboo(Bamboo bamboo) {
        this.bamboo = bamboo;
    }

    private String getSessionId() {
        return getParameter("auth");
    }

    public BambooUserManager getBambooUserManager() {
        return this.bambooUserManager;
    }

    public void setBambooUserManager(BambooUserManager bambooUserManager) {
        this.bambooUserManager = bambooUserManager;
    }

    public AdministrationConfiguration getAdministrationConfiguration() {
        return this.administrationConfiguration;
    }

    public void setAdministrationConfiguration(AdministrationConfiguration administrationConfiguration) {
        this.administrationConfiguration = administrationConfiguration;
    }
}
