package com.atlassian.upm.test.rest.resources;

import com.atlassian.annotations.security.XsrfProtectionExcluded;
import com.atlassian.sal.api.user.UserManager;
import com.atlassian.upm.core.Sys;
import com.atlassian.upm.core.rest.resources.UpmResources;
import com.atlassian.upm.core.rest.resources.permission.PermissionEnforcer;
import com.atlassian.upm.core.token.TokenManager;
import com.atlassian.upm.rest.representations.UpmRepresentationFactory;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Path("/tokens")
/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/atlassian-universal-plugin-manager-plugin-6.0.12.jar:com/atlassian/upm/test/rest/resources/TokenControlResource.class */
public class TokenControlResource {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) TokenControlResource.class);
    private final PermissionEnforcer permissionEnforcer;
    private final TokenManager tokenManager;
    private final UserManager userManager;
    private final UpmRepresentationFactory representationFactory;

    public TokenControlResource(PermissionEnforcer permissionEnforcer, TokenManager tokenManager, UserManager userManager, UpmRepresentationFactory upmRepresentationFactory) {
        this.permissionEnforcer = permissionEnforcer;
        this.tokenManager = tokenManager;
        this.userManager = userManager;
        this.representationFactory = upmRepresentationFactory;
    }

    @POST
    @Path("/consume")
    @XsrfProtectionExcluded
    public Response consumeToken(@QueryParam("token") String str) {
        this.permissionEnforcer.enforceSystemAdmin();
        if (!Sys.isUpmDebugModeEnabled()) {
            return Response.status(Response.Status.PRECONDITION_FAILED).build();
        }
        UpmResources.validateToken(str, this.userManager.getRemoteUserKey(), "text/html", this.tokenManager, this.representationFactory);
        return Response.ok().build();
    }

    @Path("/override")
    @PUT
    public Response setOverride(@QueryParam("disable") boolean z) {
        this.permissionEnforcer.enforceSystemAdmin();
        if (!Sys.isUpmDebugModeEnabled()) {
            return Response.status(Response.Status.PRECONDITION_FAILED).build();
        }
        log.warn("Setting Sys.UPM_XSRF_TOKEN_DISABLE to " + z);
        System.setProperty(Sys.UPM_XSRF_TOKEN_DISABLE, Boolean.toString(z));
        return Response.ok().build();
    }
}
