package com.atlassian.refapp.auth.internal;

import com.atlassian.refapp.auth.external.WebSudoSessionManager;
import com.atlassian.seraph.RequestParameterConstants;
import com.atlassian.seraph.auth.Authenticator;
import com.atlassian.seraph.auth.AuthenticatorException;
import java.io.IOException;
import java.security.Principal;
import java.util.Objects;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.velocity.VelocityContext;

/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/atlassian-refapp-auth-plugin-6.2.0-m01.jar:com/atlassian/refapp/auth/internal/WebSudoServlet.class */
public final class WebSudoServlet extends BaseVelocityServlet {
    private static final String LOGIN_PATH = "/plugins/servlet/login";
    private final Authenticator auth;
    private final WebSudoSessionManager webSudoSessionManager;

    public WebSudoServlet(Authenticator authenticator, WebSudoSessionManager webSudoSessionManager) {
        this.auth = (Authenticator) Objects.requireNonNull(authenticator, "auth cannot be null");
        this.webSudoSessionManager = (WebSudoSessionManager) Objects.requireNonNull(webSudoSessionManager, "webSudoSessionManager cannot be null");
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletResponse.setContentType("text/html;charset=UTF-8");
        VelocityContext createDefaultVelocityContext = createDefaultVelocityContext();
        createDefaultVelocityContext.put("redir", httpServletRequest.getParameter("redir"));
        Principal user = this.auth.getUser(httpServletRequest);
        if (user == null) {
            redirectToLogin(httpServletRequest, httpServletResponse);
            return;
        }
        createDefaultVelocityContext.put("username", user.getName());
        createDefaultVelocityContext.put("websudoURI", httpServletRequest.getContextPath() + "/plugins/servlet/websudo");
        getTemplate("/websudo.vm").merge(createDefaultVelocityContext, httpServletResponse.getWriter());
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (null == httpServletRequest.getSession(false)) {
            redirectToLogin(httpServletRequest, httpServletResponse);
            return;
        }
        try {
            if (this.auth.login(httpServletRequest, httpServletResponse, this.auth.getUser(httpServletRequest).getName(), httpServletRequest.getParameter(RequestParameterConstants.OS_PASSWORD))) {
                this.webSudoSessionManager.createWebSudoSession(httpServletRequest);
                RedirectHelper.redirect(httpServletRequest, httpServletResponse);
            } else {
                httpServletResponse.sendRedirect(httpServletRequest.getRequestURL().append("?redir=").append(httpServletRequest.getParameter("redir")).toString());
            }
        } catch (AuthenticatorException e) {
            this.webSudoSessionManager.removeWebSudoSession(httpServletRequest);
            redirectToLogin(httpServletRequest, httpServletResponse);
        }
    }

    private void redirectToLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + LOGIN_PATH);
    }

    @Override // com.atlassian.refapp.auth.internal.BaseVelocityServlet
    public /* bridge */ /* synthetic */ void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
    }
}
