package com.atlassian.servicedesk.internal.rest;

import com.atlassian.jira.config.properties.ApplicationProperties;
import com.atlassian.plugin.spring.scanner.annotation.export.ExportAsService;
import com.atlassian.plugin.webresource.UrlMode;
import com.atlassian.plugin.webresource.WebResourceUrlProvider;
import com.atlassian.plugins.rest.common.security.AuthenticationRequiredException;
import com.atlassian.servicedesk.internal.feature.customer.portal.providers.ResponseProviderModelName;
import com.google.common.annotations.VisibleForTesting;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URLEncoder;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
import javax.ws.rs.core.UriInfo;
import javax.ws.rs.ext.ExceptionMapper;
import javax.ws.rs.ext.Provider;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@ExportAsService
@Provider
@Component
/* loaded from: input_file:com/atlassian/servicedesk/internal/rest/CustomerWebAuthenticationHandler.class */
public class CustomerWebAuthenticationHandler implements ExceptionMapper<AuthenticationRequiredException> {
    private static final String PRETTY_URI_ATTR = "pretty.urls.fromURI";
    private final WebResourceUrlProvider webResourceUrlProvider;
    private final ApplicationProperties applicationProperties;
    private final ExternalSSORedirectService externalSSORedirectService;

    @Context
    private HttpServletRequest request;

    @Context
    private UriInfo uriInfo;

    @Autowired
    public CustomerWebAuthenticationHandler(WebResourceUrlProvider webResourceUrlProvider, ApplicationProperties applicationProperties, ExternalSSORedirectService externalSSORedirectService) {
        this.webResourceUrlProvider = webResourceUrlProvider;
        this.applicationProperties = applicationProperties;
        this.externalSSORedirectService = externalSSORedirectService;
    }

    private String getCustomerBase() {
        return this.request.getContextPath() + "/servicedesk/customer";
    }

    private String getPortalBase() {
        return getCustomerBase() + "/portal";
    }

    private boolean hasAnnotation() {
        return this.uriInfo.getMatchedResources().stream().anyMatch(obj -> {
            return obj.getClass().getAnnotation(CustomerLoginRedirect.class) != null;
        });
    }

    private Response defaultError(String str) {
        return Response.status(403).entity(str).build();
    }

    private Response redirectToUri(URI uri) {
        return Response.seeOther(UriBuilder.fromUri(this.webResourceUrlProvider.getBaseUrl(UrlMode.ABSOLUTE)).uri(uri).build(new Object[0])).build();
    }

    @VisibleForTesting
    String createDestinationURI(String str) {
        return StringUtils.isBlank(this.request.getQueryString()) ? str.replace(getCustomerBase() + "/", "") : str.replace(getCustomerBase() + "/", "") + "?" + this.request.getQueryString();
    }

    @VisibleForTesting
    Response toPortalThemedLogin(String str) {
        try {
            return redirectToUri(UriBuilder.fromUri(getPortalBase()).path(str.replace(getPortalBase() + "/", "").split("/")[0]).path("user").path(ResponseProviderModelName.LOGIN_MODEL_NAME).queryParam("destination", new Object[]{URLEncoder.encode(createDestinationURI(str), this.applicationProperties.getEncoding())}).build(new Object[0]));
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    @VisibleForTesting
    Response toGenericThemedLogin(String str) {
        try {
            return redirectToUri(UriBuilder.fromUri(getCustomerBase()).path("user").path(ResponseProviderModelName.LOGIN_MODEL_NAME).queryParam("destination", new Object[]{URLEncoder.encode(createDestinationURI(str), this.applicationProperties.getEncoding())}).build(new Object[0]));
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    public Response toResponse(AuthenticationRequiredException authenticationRequiredException) {
        Object attribute;
        if (hasAnnotation() && (attribute = this.request.getAttribute(PRETTY_URI_ATTR)) != null) {
            if (!this.externalSSORedirectService.isSSOAvailableForLogin()) {
                String obj = attribute.toString();
                return obj.startsWith(new StringBuilder().append(getPortalBase()).append("/").toString()) ? toPortalThemedLogin(obj) : toGenericThemedLogin(obj);
            }
            try {
                return Response.seeOther(new URI(this.externalSSORedirectService.getLoginUrl(this.request))).build();
            } catch (URISyntaxException e) {
                throw new RuntimeException(e);
            }
        }
        return defaultError(authenticationRequiredException.getMessage());
    }
}
