package com.opensymphony.webwork.interceptor;

import com.opensymphony.webwork.util.TokenHelper;
import com.opensymphony.xwork.ActionContext;
import com.opensymphony.xwork.ActionInvocation;
import com.opensymphony.xwork.ValidationAware;
import com.opensymphony.xwork.interceptor.MethodFilterInterceptor;
import com.opensymphony.xwork.util.LocalizedTextUtil;

/* loaded from: input_file:resources/esapi4js/src/test/javascript/jsunit/java/lib/webwork_2.2.2/webwork-2.2.2.jar:com/opensymphony/webwork/interceptor/TokenInterceptor.class */
public class TokenInterceptor extends MethodFilterInterceptor {
    public static final String INVALID_TOKEN_CODE = "invalid.token";

    @Override // com.opensymphony.xwork.interceptor.MethodFilterInterceptor
    protected String doIntercept(ActionInvocation actionInvocation) throws Exception {
        if (this.log.isDebugEnabled()) {
            this.log.debug("Intercepting invocation to check for valid transaction token.");
        }
        synchronized (ActionContext.getContext().getSession()) {
            if (TokenHelper.validToken()) {
                return handleValidToken(actionInvocation);
            }
            return handleInvalidToken(actionInvocation);
        }
    }

    protected String handleInvalidToken(ActionInvocation actionInvocation) throws Exception {
        Object action = actionInvocation.getAction();
        String findText = LocalizedTextUtil.findText(getClass(), "webwork.messages.invalid.token", actionInvocation.getInvocationContext().getLocale(), "The form has already been processed or no token was supplied, please try again.", new Object[0]);
        if (action instanceof ValidationAware) {
            ((ValidationAware) action).addActionError(findText);
            return INVALID_TOKEN_CODE;
        }
        this.log.warn(findText);
        return INVALID_TOKEN_CODE;
    }

    protected String handleValidToken(ActionInvocation actionInvocation) throws Exception {
        return actionInvocation.invoke();
    }
}
