package com.appiancorp.common.struts;

import com.appiancorp.ap2.PortalRequest;
import com.appiancorp.common.struts.SupportedHttpMethods;
import com.appiancorp.suiteapi.common.exceptions.ErrorCode;
import com.appiancorp.suiteapi.common.exceptions.LocaleFormatter;
import java.io.IOException;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Locale;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.tiles.TilesRequestProcessor;
import org.apache.struts.upload.MultipartRequestWrapper;

/* loaded from: input_file:com/appiancorp/common/struts/AppianTilesRequestProcessor.class */
public class AppianTilesRequestProcessor extends TilesRequestProcessor {
    private static final Logger LOG = Logger.getLogger(AppianTilesRequestProcessor.class);
    private static final String ACP_PARAM_PREFIX = "ACP~";
    private static final String PP_PARAM_PREFIX = "PP~";
    private static final String PICKER_TYPE_PREFIX = "pickerType_";
    private static final String ACP_PICKER_TYPE_PREFIX = "pickerType_ACP~";
    private static final String PP_PICKER_TYPE_PREFIX = "pickerType_PP~";

    protected void processPopulate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ActionForm actionForm, ActionMapping actionMapping) throws ServletException {
        if (httpServletRequest instanceof MultipartRequestWrapper) {
            httpServletRequest = (HttpServletRequest) ((MultipartRequestWrapper) httpServletRequest).getRequest();
        }
        HashSet hashSet = null;
        if (httpServletRequest instanceof PortalRequest) {
            Enumeration parameterNames = httpServletRequest.getParameterNames();
            PortalRequest portalRequest = (PortalRequest) httpServletRequest;
            hashSet = new HashSet();
            while (parameterNames.hasMoreElements()) {
                String str = (String) parameterNames.nextElement();
                if (str != null && (str.startsWith(ACP_PARAM_PREFIX) || str.startsWith(PP_PARAM_PREFIX) || str.startsWith(ACP_PICKER_TYPE_PREFIX) || str.startsWith(PP_PICKER_TYPE_PREFIX))) {
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("Hiding request parameter: " + str);
                    }
                    hashSet.add(str);
                    portalRequest.hideParameter(str);
                }
            }
        }
        super.processPopulate(httpServletRequest, httpServletResponse, actionForm, actionMapping);
        if (hashSet != null) {
            PortalRequest portalRequest2 = (PortalRequest) httpServletRequest;
            Iterator it = hashSet.iterator();
            while (it.hasNext()) {
                portalRequest2.unhideParameter((String) it.next());
            }
        }
    }

    protected String processPath(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String str = (String) httpServletRequest.getAttribute("javax.servlet.include.path_info");
        if (str != null && str.length() > 0) {
            return str;
        }
        String str2 = (String) httpServletRequest.getAttribute("javax.servlet.include.servlet_path");
        if (str2 == null) {
            str2 = httpServletRequest.getServletPath();
        }
        String prefix = this.moduleConfig.getPrefix();
        if (!str2.startsWith(prefix)) {
            log.error(getInternal().getMessage("processPath", httpServletRequest.getRequestURI()));
            httpServletResponse.sendError(400, getInternal().getMessage("processPath", httpServletRequest.getRequestURI()));
            return null;
        }
        String substring = str2.substring(prefix.length());
        int lastIndexOf = substring.lastIndexOf("/");
        int lastIndexOf2 = substring.lastIndexOf(".");
        if (lastIndexOf2 >= 0 && lastIndexOf2 > lastIndexOf) {
            substring = substring.substring(0, lastIndexOf2);
        }
        return substring;
    }

    protected ActionMapping processMapping(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        Class<?> cls;
        HttpServletRequest httpServletRequest2;
        ActionMapping processMapping = super.processMapping(httpServletRequest, httpServletResponse, str);
        if (processMapping == null) {
            return null;
        }
        String type = processMapping.getType();
        Class<?> cls2 = null;
        if (type != null) {
            try {
                cls = Class.forName(type);
            } catch (ClassNotFoundException e) {
                LOG.debug(ErrorCode.STRUTS_ACTION_CLASS_NOT_DEFINED.getMessageWithCode(new LocaleFormatter(Locale.US), new Object[]{type, str}));
            }
        } else {
            cls = null;
        }
        cls2 = cls;
        String method = httpServletRequest.getMethod();
        if (!isMethodSupported(cls2, method)) {
            HttpServletRequest httpServletRequest3 = httpServletRequest;
            while (true) {
                httpServletRequest2 = httpServletRequest3;
                if (!(httpServletRequest2 instanceof HttpServletRequestWrapper) || (httpServletRequest2 instanceof PortalRequest)) {
                    break;
                }
                httpServletRequest3 = (HttpServletRequest) ((HttpServletRequestWrapper) httpServletRequest2).getRequest();
            }
            if (!isMethodSupported(cls2, httpServletRequest2.getMethod())) {
                LOG.warn(ErrorCode.WEB_SECURITY_UNSUPPORTED_METHOD.getMessageWithCode(new LocaleFormatter(Locale.US), new Object[]{type, str, method}));
                return null;
            }
        }
        return processMapping;
    }

    private boolean isMethodSupported(Class<?> cls, String str) {
        if (cls == null || !cls.isAnnotationPresent(SupportedHttpMethods.class)) {
            return true;
        }
        for (SupportedHttpMethods.Method method : ((SupportedHttpMethods) cls.getAnnotation(SupportedHttpMethods.class)).value()) {
            if (method.name().equalsIgnoreCase(str)) {
                return true;
            }
        }
        return false;
    }
}
