package com.atlassian.jira.web.dispatcher;

import com.atlassian.jira.action.ActionContextKit;
import com.atlassian.jira.component.ComponentAccessor;
import com.atlassian.jira.config.properties.ApplicationProperties;
import com.atlassian.jira.config.properties.JiraSystemProperties;
import com.atlassian.jira.config.webwork.ActionNotFoundException;
import com.atlassian.jira.config.webwork.LookupAliasActionFactoryProxy;
import com.atlassian.jira.plugin.webwork.ActionNameCleaner;
import com.atlassian.jira.security.request.RequestMethodCheckFailureException;
import com.atlassian.jira.security.xsrf.XsrfFailureException;
import com.atlassian.jira.servermetrics.NoopServerMetricsDetailCollector;
import com.atlassian.jira.servermetrics.RequestCheckpoints;
import com.atlassian.jira.servermetrics.ServerMetricsDetailCollector;
import com.atlassian.jira.util.JiraUrlCodec;
import com.atlassian.jira.util.lang.Pair;
import com.atlassian.jira.web.action.XsrfErrorAction;
import com.atlassian.jira.web.util.ChangeHistoryUtils;
import com.atlassian.jira.workflow.function.issue.UpdateIssueFieldFunction;
import com.atlassian.sal.api.websudo.WebSudoSessionException;
import java.beans.Introspector;
import java.io.File;
import java.io.IOException;
import java.util.Collections;
import javax.annotation.Nullable;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import webwork.action.ResultException;
import webwork.config.Configuration;
import webwork.dispatcher.ActionResult;
import webwork.dispatcher.GenericDispatcher;
import webwork.multipart.MultiPartRequest;
import webwork.multipart.MultiPartRequestWrapper;
import webwork.util.ValueStack;

/* loaded from: input_file:com/atlassian/jira/web/dispatcher/JiraWebworkActionDispatcher.class */
public class JiraWebworkActionDispatcher extends HttpServlet {
    public static final String STACK_HEAD = "webwork.valuestack.head";
    public static final String GD = "jira.webwork.generic.dispatcher";
    public static final String CLEANUP = "jira.webwork.cleanup";
    public static final String ACTION_VIEW_DATA = "jira.action.view.context.data";
    private static final String ACTION_EXTENSION = ".jspa";
    private static final String XSRF_CHECKS_FAILED_LOG_MESSAGE = "XSRF checks failed for action '{}' (recoverable: {}, token present: {})";
    private String saveDir;
    private JiraWebworkViewDispatcher viewDispatcher = new JiraWebworkViewDispatcher();
    private static final Logger log = LoggerFactory.getLogger(JiraWebworkActionDispatcher.class);
    private static final String NEW_LINE = JiraSystemProperties.getInstance().getProperty("line.separator");

    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        Introspector.flushCaches();
        ValueStack.clearMethods();
        File file = (File) servletConfig.getServletContext().getAttribute("javax.servlet.context.tempdir");
        if (file != null) {
            this.saveDir = file.getAbsolutePath();
        } else {
            log.error("Servlet Context Temp Directory isn't set. No save directory set for file uploads.");
        }
        log.info("Setting Upload File Directory to '{}'", this.saveDir);
        log.info("JiraWebworkActionDispatcher initialized");
    }

    public void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        Pair<HttpServletRequest, HttpServletResponse> wrap = wrap(httpServletRequest, httpServletResponse);
        HttpServletRequest httpServletRequest2 = (HttpServletRequest) wrap.first();
        HttpServletResponse httpServletResponse2 = (HttpServletResponse) wrap.second();
        boolean z = httpServletRequest2.getAttribute(CLEANUP) == null || httpServletRequest2.getAttribute(CLEANUP).equals(Boolean.TRUE);
        ServerMetricsDetailCollector serverMetricsDetailCollector = (ServerMetricsDetailCollector) ComponentAccessor.getComponentSafely(ServerMetricsDetailCollector.class).orElseGet(NoopServerMetricsDetailCollector::new);
        GenericDispatcher genericDispatcher = null;
        try {
            String actionName = ActionNameCleaner.getActionName(httpServletRequest2);
            serverMetricsDetailCollector.checkpointReached(RequestCheckpoints.beforeWorkActionPrepareDispatcher.name());
            genericDispatcher = prepareDispatcher(httpServletRequest2, httpServletResponse2, actionName);
            ActionResult actionResult = null;
            try {
                try {
                    try {
                        try {
                            try {
                                serverMetricsDetailCollector.checkpointReached(RequestCheckpoints.beforeWorkActionStarts.name());
                                genericDispatcher.executeAction();
                                serverMetricsDetailCollector.checkpointReached(RequestCheckpoints.afterWorkActionExecute.name());
                                actionResult = genericDispatcher.finish();
                            } catch (ActionNotFoundException e) {
                                log.debug("Action '{}' was not found, returning 404", e.getActionName());
                                sendErrorImpl(httpServletResponse2, 404, null);
                            }
                        } catch (XsrfFailureException e2) {
                            log.warn(XSRF_CHECKS_FAILED_LOG_MESSAGE, new Object[]{e2.getActionAndCommandNameIfAvailable(), Boolean.valueOf(e2.getXsrfCheckResult().isOriginAllowed()), Boolean.valueOf(e2.getXsrfCheckResult().isTokenPresent())});
                            if (e2.getXsrfCheckResult().isOriginAllowed()) {
                                httpServletRequest2.getRequestDispatcher(XsrfErrorAction.FORWARD_PATH).forward(httpServletRequest2, httpServletResponse2);
                            } else {
                                sendErrorImpl(httpServletResponse2, 403, null);
                            }
                        }
                    } catch (LookupAliasActionFactoryProxy.UnauthorisedActionException e3) {
                        httpServletRequest2.getRequestDispatcher("/login.jsp?permissionViolation=true&os_destination=" + getDestinationUrl(httpServletRequest2)).forward(httpServletRequest2, httpServletResponse2);
                    }
                } catch (WebSudoSessionException e4) {
                    actionResult = new ActionResult("login", "/secure/admin/WebSudoAuthenticate!default.jspa?webSudoDestination=" + getDestinationUrl(httpServletRequest2), Collections.emptyList(), (Exception) null);
                }
            } catch (RequestMethodCheckFailureException e5) {
                log.warn("Action '{}' does not support '{}' request method", e5.getActionAndCommandNameIfAvailable(), httpServletRequest2.getMethod());
                sendErrorImpl(httpServletResponse2, 405, null);
            } catch (Exception e6) {
                onActionRecoverableThrowable(httpServletResponse2, actionName, e6);
            }
            if (actionResult != null && actionResult.getActionException() != null) {
                onActionException(actionName, actionResult);
            }
            if (actionResult != null && actionResult.getResult() != null && actionResult.getView() == null && !actionResult.getResult().equals("none")) {
                onNoViewDefined(httpServletResponse2, actionName, actionResult);
            }
            if (actionResult != null && actionResult.getView() != null && actionResult.getActionException() == null) {
                this.viewDispatcher.dispatchView(httpServletRequest2, httpServletResponse2, z, actionResult, actionName);
                serverMetricsDetailCollector.checkpointReached(RequestCheckpoints.webworkViewDispatch.name());
            }
            performFinallyCleanup(httpServletRequest2, z, genericDispatcher);
        } catch (Throwable th) {
            performFinallyCleanup(httpServletRequest2, z, genericDispatcher);
            throw th;
        }
    }

    private String getDestinationUrl(HttpServletRequest httpServletRequest) {
        return JiraUrlCodec.encode(httpServletRequest.getServletPath() + (httpServletRequest.getPathInfo() == null ? UpdateIssueFieldFunction.UNASSIGNED_VALUE : httpServletRequest.getPathInfo()) + (httpServletRequest.getQueryString() == null ? UpdateIssueFieldFunction.UNASSIGNED_VALUE : "?" + httpServletRequest.getQueryString()));
    }

    private GenericDispatcher prepareDispatcher(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        GenericDispatcher genericDispatcher = new GenericDispatcher(str, false);
        genericDispatcher.prepareContext();
        ActionContextKit.setContext(httpServletRequest, httpServletResponse, getServletContext(), str);
        genericDispatcher.prepareValueStack();
        return genericDispatcher;
    }

    private void onActionException(String str, ActionResult actionResult) throws ServletException {
        if (log.isDebugEnabled()) {
            log.debug(String.format("Could not execute action '%s', throwing ServletException", str), actionResult.getActionException());
        }
        if (IllegalStateException.class != actionResult.getActionException().getClass() || !"Cannot create a session after the response has been committed".equals(actionResult.getActionException().getMessage())) {
            throw new ServletException(actionResult.getActionException());
        }
        log.warn("SUPPRESSED IllegalStateException: Cannot create a session after the response has been committed");
    }

    private void onActionRecoverableThrowable(HttpServletResponse httpServletResponse, String str, Throwable th) {
        log.error(String.format("Exception thrown from action '%s', returning 404 ", str), th);
        sendErrorImpl(httpServletResponse, 404, th.getMessage());
    }

    private void onNoViewDefined(HttpServletResponse httpServletResponse, String str, ActionResult actionResult) {
        log.debug("No view '{}' defined for '{}', returning 404", actionResult.getResult(), str);
        sendErrorImpl(httpServletResponse, 404, "No view for result [" + actionResult.getResult() + "] exists for action [" + str + ChangeHistoryUtils.LINE_ENDING);
    }

    private void sendErrorImpl(HttpServletResponse httpServletResponse, int i, @Nullable String str) {
        try {
            if (!httpServletResponse.isCommitted()) {
                if (str == null) {
                    httpServletResponse.sendError(i);
                } else {
                    httpServletResponse.sendError(i, str);
                }
            }
        } catch (IOException e) {
            log.error("Error occurred while sending error response : " + i + " - " + str + " because of" + e.getMessage());
        }
    }

    private void performFinallyCleanup(HttpServletRequest httpServletRequest, boolean z, GenericDispatcher genericDispatcher) {
        if (httpServletRequest instanceof MultiPartRequestWrapper) {
            try {
                ((MultiPartRequestWrapper) httpServletRequest).cleanup();
            } catch (UnsupportedOperationException e) {
                log.warn("The configured multipart request wrapper does not support cleanup. Change 'webwork.multipart.parser.class' property in 'webwork.properties' to com.atlassian.jira.web.TempFileRemovingMultipartRequestWrapper in order to enable automatic temporary file removal.", e);
            }
        }
        if (!z) {
            httpServletRequest.setAttribute(GD, genericDispatcher);
        } else if (genericDispatcher != null) {
            genericDispatcher.finalizeContext();
        }
    }

    private Pair<HttpServletRequest, HttpServletResponse> wrap(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (httpServletRequest instanceof MultiPartRequestWrapper) {
            return Pair.of(httpServletRequest, httpServletResponse);
        }
        httpServletResponse.setContentType(httpServletResponse.getContentType());
        if (needsMultipartWrapper(httpServletRequest, Boolean.valueOf(multipartDisableGetString()).booleanValue())) {
            try {
                httpServletRequest = new MultiPartRequestWrapper(httpServletRequest, this.saveDir, getMaxSize());
            } catch (IOException e) {
                httpServletRequest.setAttribute("webwork.action.ResultException", new ResultException("error", e.getLocalizedMessage()));
            }
        }
        return Pair.of(httpServletRequest, httpServletResponse);
    }

    private String multipartDisableGetString() {
        return applicationProperties().getDefaultString("jira.disable.multipart.get.http.request");
    }

    private ApplicationProperties applicationProperties() {
        return ComponentAccessor.getApplicationProperties();
    }

    private boolean needsMultipartWrapper(HttpServletRequest httpServletRequest, boolean z) {
        return MultiPartRequest.isMultiPart(httpServletRequest) && ("POST".equals(httpServletRequest.getMethod()) || ("GET".equals(httpServletRequest.getMethod()) && !z));
    }

    private Integer getMaxSize() {
        Integer num;
        try {
            String string = Configuration.getString("webwork.multipart.maxSize");
            if (string != null) {
                try {
                    num = new Integer(string);
                } catch (NumberFormatException e) {
                    num = Integer.MAX_VALUE;
                    log.warn("Property 'webwork.multipart.maxSize' with value '" + string + "' is not a number. Defaulting to Integer.MAX_VALUE");
                }
            } else {
                num = Integer.MAX_VALUE;
                log.warn("Property 'webwork.multipart.maxSize' is not set. Defaulting to Integer.MAX_VALUE");
            }
        } catch (IllegalArgumentException e2) {
            num = Integer.MAX_VALUE;
            log.warn("Failed getting string from Configuration for 'webwork.multipart.maxSize' property. Defaulting to Integer.MAX_VALUE", e2);
        }
        return num;
    }
}
