package com.atlassian.connect.play.java.token;

import com.atlassian.connect.play.java.AC;
import com.atlassian.connect.play.java.Constants;
import com.atlassian.fugue.Option;
import org.apache.commons.lang3.StringUtils;
import play.core.enhancers.PropertiesEnhancer;
import play.libs.F;
import play.mvc.Action;
import play.mvc.Http;
import play.mvc.SimpleResult;

@PropertiesEnhancer.GeneratedAccessor
@PropertiesEnhancer.RewrittenAccessor
/* loaded from: input_file:WEB-INF/lib/ac-play-java_2.10-0.10.1.jar:com/atlassian/connect/play/java/token/PageTokenValidatorAction.class */
public final class PageTokenValidatorAction extends Action<CheckValidToken> {
    public static final String HEADER_PREFIX = "X-";
    public static final String TOKEN_KEY = "acpt";

    public F.Promise<SimpleResult> call(Http.Context context) throws Throwable {
        boolean allowInsecurePolling = ((CheckValidToken) this.configuration).allowInsecurePolling();
        Option<String> extractTokenDetails = extractTokenDetails(context.request());
        if (extractTokenDetails.isEmpty()) {
            return F.Promise.pure(unauthorized("Unauthorised: It appears your session has expired. Please reload the page."));
        }
        Option<Token> validateToken = AC.validateToken(extractTokenDetails.get(), allowInsecurePolling);
        if (validateToken.isEmpty()) {
            return F.Promise.pure(unauthorized("Unauthorised: It appears your session has expired. Please reload the page."));
        }
        AC.setAcHost(validateToken.get().getAcHost());
        Option<String> user = validateToken.get().getUser();
        if (user.isDefined()) {
            context.args.put(Constants.AC_USER_ID_PARAM, user.get());
        }
        AC.refreshToken(allowInsecurePolling);
        if (allowInsecurePolling) {
            context.response().setHeader("X-acpt", AC.getToken().get());
        }
        return this.delegate.call(context);
    }

    private Option<String> extractTokenDetails(Http.Request request) {
        String header = request.getHeader("X-acpt");
        if (StringUtils.isBlank(header)) {
            header = request.getQueryString(TOKEN_KEY);
        }
        return Option.option(header);
    }
}
