package com.atlassian.streams.internal.rest.resources;

import com.atlassian.applinks.api.CredentialsRequiredException;
import com.atlassian.sal.api.net.Request;
import com.atlassian.sal.api.net.Response;
import com.atlassian.sal.api.net.ResponseException;
import com.atlassian.sal.api.net.ReturningResponseHandler;
import com.atlassian.streams.api.StreamsException;
import com.atlassian.streams.api.common.Option;
import com.atlassian.streams.api.common.uri.Uri;
import com.atlassian.streams.internal.ActivityProviders;
import com.atlassian.streams.internal.AppLinksActivityProvider;
import com.atlassian.streams.internal.rest.resources.whitelist.Whitelist;
import com.google.common.base.Preconditions;
import javax.annotation.Nullable;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;

@Path("url-proxy")
/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/streams-aggregator-plugin-6.2.0.jar:com/atlassian/streams/internal/rest/resources/UrlProxyResource.class */
public class UrlProxyResource {
    private final ActivityProviders activityProviders;
    private final Whitelist whitelist;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/streams-aggregator-plugin-6.2.0.jar:com/atlassian/streams/internal/rest/resources/UrlProxyResource$ProxyResponseHandler.class */
    public final class ProxyResponseHandler implements ReturningResponseHandler<Response, Response> {
        private ProxyResponseHandler() {
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // com.atlassian.sal.api.net.ReturningResponseHandler
        public Response handle(Response response) throws ResponseException {
            return response;
        }
    }

    public UrlProxyResource(ActivityProviders activityProviders, Whitelist whitelist) {
        this.activityProviders = (ActivityProviders) Preconditions.checkNotNull(activityProviders, "activityProviders");
        this.whitelist = (Whitelist) Preconditions.checkNotNull(whitelist, "whitelist");
    }

    @GET
    public javax.ws.rs.core.Response get(@QueryParam("url") String str) {
        return execute(str, Request.MethodType.GET, null);
    }

    @POST
    @Consumes({"application/json"})
    public javax.ws.rs.core.Response post(@QueryParam("url") String str) {
        return execute(str, Request.MethodType.POST, "application/json");
    }

    @PUT
    @Consumes({"application/json"})
    public javax.ws.rs.core.Response put(@QueryParam("url") String str) {
        return execute(str, Request.MethodType.PUT, "application/json");
    }

    private javax.ws.rs.core.Response execute(String str, Request.MethodType methodType, @Nullable String str2) {
        Uri parse = Uri.parse(str);
        if (!this.whitelist.allows(parse.toJavaUri())) {
            return javax.ws.rs.core.Response.status(Response.Status.FORBIDDEN).entity("").build();
        }
        Option<AppLinksActivityProvider> remoteProviderForUri = this.activityProviders.getRemoteProviderForUri(parse);
        try {
            if (!remoteProviderForUri.isDefined()) {
                return javax.ws.rs.core.Response.status(Response.Status.FORBIDDEN).entity("").build();
            }
            Request<?, com.atlassian.sal.api.net.Response> createRequest = remoteProviderForUri.get().createRequest(str, methodType);
            if (str2 != null) {
                createRequest.addHeader("Content-Type", str2);
            }
            javax.ws.rs.core.Response executeRequest = executeRequest(createRequest);
            return 401 == executeRequest.getStatus() ? retryRequestAsAnonymous(remoteProviderForUri.get(), str, methodType) : executeRequest;
        } catch (CredentialsRequiredException e) {
            return retryRequestAsAnonymous(remoteProviderForUri.get(), str, methodType);
        }
    }

    private javax.ws.rs.core.Response retryRequestAsAnonymous(AppLinksActivityProvider appLinksActivityProvider, String str, Request.MethodType methodType) {
        try {
            return executeRequest(appLinksActivityProvider.createAnonymousRequest(str, methodType));
        } catch (CredentialsRequiredException e) {
            return javax.ws.rs.core.Response.status(Response.Status.UNAUTHORIZED).entity("").build();
        }
    }

    private javax.ws.rs.core.Response executeRequest(Request<?, com.atlassian.sal.api.net.Response> request) {
        try {
            return javax.ws.rs.core.Response.status(((com.atlassian.sal.api.net.Response) request.executeAndReturn(new ProxyResponseHandler())).getStatusCode()).entity("").build();
        } catch (ResponseException e) {
            throw new StreamsException(e);
        }
    }
}
