package com.atlassian.crowd.openid.server.action.secure.interaction;

import com.atlassian.core.util.collection.EasyList;
import com.atlassian.crowd.exception.InvalidAuthenticationException;
import com.atlassian.crowd.openid.server.action.BaseAction;
import com.atlassian.crowd.openid.server.manager.openid.IdentifierViolationException;
import com.atlassian.crowd.openid.server.manager.openid.InvalidRequestException;
import com.atlassian.crowd.openid.server.manager.openid.SiteDisallowedException;
import com.atlassian.crowd.openid.server.manager.user.UserManagerException;
import com.atlassian.crowd.openid.server.model.profile.Profile;
import com.atlassian.crowd.openid.server.model.profile.SREGAttributes;
import com.atlassian.crowd.openid.server.model.user.User;
import com.atlassian.crowd.openid.server.provider.CrowdProvider;
import com.atlassian.crowd.openid.server.provider.OpenIDAuthRequest;
import com.atlassian.crowd.openid.server.provider.OpenIDAuthResponse;
import com.atlassian.crowd.openid.server.servlet.OpenIDServerServlet;
import com.atlassian.crowd.openid.server.util.ProfileAttributesHelper;
import com.opensymphony.xwork.Action;
import java.util.Collection;
import org.apache.log4j.Logger;

/* loaded from: input_file:WEB-INF/classes/com/atlassian/crowd/openid/server/action/secure/interaction/AllowAuthentication.class */
public class AllowAuthentication extends BaseAction {
    private static final Logger logger = Logger.getLogger(AllowAuthentication.class);
    private ProfileAttributesHelper profileAttributesHelper;
    private long profileID;
    private User user;
    private Profile currentProfile;
    private SREGAttributes sregAttributes;
    private String requestingSite;
    private String identifier;
    private Collection requiredAttributes;
    private Collection optionalAttributes;

    protected OpenIDAuthRequest getOpenIDAuthRequest() {
        return (OpenIDAuthRequest) getSession().getAttribute(CrowdProvider.OPENID_AUTHENTICATION_REQUEST);
    }

    protected void removeOpenIDAuthRequest() {
        getSession().setAttribute(CrowdProvider.OPENID_AUTHENTICATION_REQUEST, (Object) null);
    }

    protected void setOpenIDAuthResponse(OpenIDAuthResponse openIDAuthResponse) {
        getRequest().setAttribute(OpenIDServerServlet.OPENID_AUTHENTICATION_APPLICATION_RESPONSE, openIDAuthResponse);
    }

    private boolean isOpenIDRequestValid() {
        try {
            this.openIDAuthenticationManager.validateRequest(this.userManager.getUser(getRemotePrincipal(), getLocale()), getOpenIDAuthRequest());
        } catch (InvalidAuthenticationException e) {
            logger.error(e.getMessage(), e);
            addActionError(getText("exception.invalid.principal"));
        } catch (IdentifierViolationException e2) {
            logger.warn(e2.getMessage(), e2);
            addActionError(getText("exception.identifier.violation"));
        } catch (InvalidRequestException e3) {
            logger.info(e3.getMessage(), e3);
            addActionError(getText("exception.invalid.openid.request"));
        } catch (SiteDisallowedException e4) {
            logger.info(e4.getMessage(), e4);
            addActionError(getText("exception.site.disallowed", EasyList.build(getOpenIDAuthRequest().getReturnToURL())));
        } catch (UserManagerException e5) {
            logger.info(e5.getMessage(), e5);
            addActionError(getText("exception.invalid.principal"));
        }
        return !hasActionErrors();
    }

    @Override // com.opensymphony.xwork.ActionSupport
    public String doDefault() throws Exception {
        OpenIDAuthRequest openIDAuthRequest = getOpenIDAuthRequest();
        if (!isOpenIDRequestValid()) {
            removeOpenIDAuthRequest();
            return "error";
        }
        this.identifier = openIDAuthRequest.getIdentifier();
        this.requestingSite = openIDAuthRequest.getReturnToURL();
        this.requiredAttributes = openIDAuthRequest.getRequiredAttributes();
        this.optionalAttributes = openIDAuthRequest.getOptionalAttributes();
        this.user = this.userManager.getUser(getRemotePrincipal(), getLocale());
        OpenIDAuthResponse autoAllowRequest = this.openIDAuthenticationManager.autoAllowRequest(this.user, getOpenIDAuthRequest());
        if (autoAllowRequest.isAuthenticated()) {
            setOpenIDAuthResponse(autoAllowRequest);
            return Action.SUCCESS;
        }
        if (this.profileID == 0) {
            this.profileID = this.user.getDefaultProfile().getId().longValue();
        }
        this.currentProfile = this.profileManager.getProfile(this.user, this.profileID);
        this.sregAttributes = new SREGAttributes(this.currentProfile);
        return "input";
    }

    public String doAllow() throws Exception {
        return processAllowAction(false);
    }

    public String doAllowAlways() throws Exception {
        return processAllowAction(true);
    }

    private String processAllowAction(boolean z) throws Exception {
        if (!isOpenIDRequestValid()) {
            removeOpenIDAuthRequest();
            return "error";
        }
        if (this.profileID <= 0) {
            addActionError("error.profile.not.found");
        }
        this.user = this.userManager.getUser(getRemotePrincipal(), getLocale());
        setOpenIDAuthResponse(this.openIDAuthenticationManager.allowRequest(this.user, this.profileID, getOpenIDAuthRequest(), z));
        return Action.SUCCESS;
    }

    public String doDeny() throws Exception {
        if (!isOpenIDRequestValid()) {
            removeOpenIDAuthRequest();
            return "error";
        }
        this.user = this.userManager.getUser(getRemotePrincipal(), getLocale());
        setOpenIDAuthResponse(this.openIDAuthenticationManager.denyRequest(this.user, getOpenIDAuthRequest()));
        return Action.SUCCESS;
    }

    public String getRequestingSite() {
        return this.requestingSite;
    }

    public void setRequestingSite(String str) {
        this.requestingSite = str;
    }

    @Override // com.atlassian.crowd.openid.server.action.BaseAction
    public String getIdentifier() {
        return this.identifier;
    }

    public void setIdentifier(String str) {
        this.identifier = str;
    }

    public Collection getRequiredAttributes() {
        return this.requiredAttributes;
    }

    public void setRequiredAttributes(Collection collection) {
        this.requiredAttributes = collection;
    }

    public Collection getOptionalAttributes() {
        return this.optionalAttributes;
    }

    public void setOptionalAttributes(Collection collection) {
        this.optionalAttributes = collection;
    }

    public User getUser() {
        return this.user;
    }

    public void setUser(User user) {
        this.user = user;
    }

    public long getProfileID() {
        return this.profileID;
    }

    public void setProfileID(long j) {
        this.profileID = j;
    }

    public Profile getCurrentProfile() {
        return this.currentProfile;
    }

    public void setCurrentProfile(Profile profile) {
        this.currentProfile = profile;
    }

    public SREGAttributes getSregAttributes() {
        return this.sregAttributes;
    }

    public void setSregAttributes(SREGAttributes sREGAttributes) {
        this.sregAttributes = sREGAttributes;
    }

    public ProfileAttributesHelper getProfileAttributesHelper() {
        return this.profileAttributesHelper;
    }

    public void setProfileAttributesHelper(ProfileAttributesHelper profileAttributesHelper) {
        this.profileAttributesHelper = profileAttributesHelper;
    }
}
