package fr.paris.lutece.plugins.workflow.modules.appointment.web;

import fr.paris.lutece.plugins.appointment.web.AppointmentJspBean;
import fr.paris.lutece.plugins.workflow.modules.appointment.service.WorkflowAppointmentPlugin;
import fr.paris.lutece.portal.business.user.AdminUser;
import fr.paris.lutece.portal.business.user.AdminUserHome;
import fr.paris.lutece.portal.service.admin.AccessDeniedException;
import fr.paris.lutece.portal.service.admin.AdminAuthenticationService;
import fr.paris.lutece.portal.service.message.SiteMessageException;
import fr.paris.lutece.portal.service.message.SiteMessageService;
import fr.paris.lutece.portal.service.security.UserNotSignedException;
import fr.paris.lutece.portal.service.util.AppLogService;
import fr.paris.lutece.portal.service.util.AppPropertiesService;
import fr.paris.lutece.portal.service.util.CryptoService;
import fr.paris.lutece.util.url.UrlItem;
import java.util.Calendar;
import java.util.Locale;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:fr/paris/lutece/plugins/workflow/modules/appointment/web/ExecuteWorkflowAction.class */
public class ExecuteWorkflowAction {
    private static final String PARAMETER_ID_ACTION = "id_action";
    private static final String PARAMETER_ID_ADMIN_USER = "id_admin_user";
    private static final String PARAMETER_ID_RESOURCE = "id_resource";
    private static final String PARAMETER_TIMESTAMP = "timestamp";
    private static final String PARAMETER_KEY = "key";
    private static final String PROPERTY_LINKS_LIMIT_VALIDITY = "workflow-appointment.executeWorkflowAction.links_limit_validity";
    private static final String JSP_URL_EXECUTE_WORKFLOW_ACTION = "jsp/site/plugins/workflow/modules/appointment/DoExecuteWorkflowAction.jsp";
    private static final String ERROR_MESSAGE_ACCESS_DENIED = "portal.site.message.pageAccessDenied";
    private static final String DEFAULT_ENCRYPTION_ALGO = "SHA-256";
    private static final int DEFAULT_LIMIT_TIME_VALIDITY = 30;

    public String doExecuteWorkflowAction(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws SiteMessageException {
        String parameter = httpServletRequest.getParameter(PARAMETER_ID_ACTION);
        String parameter2 = httpServletRequest.getParameter(PARAMETER_ID_ADMIN_USER);
        String parameter3 = httpServletRequest.getParameter(PARAMETER_ID_RESOURCE);
        String parameter4 = httpServletRequest.getParameter(PARAMETER_TIMESTAMP);
        String parameter5 = httpServletRequest.getParameter(PARAMETER_KEY);
        if (!StringUtils.isNotEmpty(parameter) || !StringUtils.isNumeric(parameter) || !StringUtils.isNotEmpty(parameter4) || !StringUtils.isNumeric(parameter4) || !StringUtils.isNotEmpty(parameter3) || !StringUtils.isNumeric(parameter3) || !StringUtils.isNotEmpty(parameter5) || !StringUtils.isNotEmpty(parameter2) || !StringUtils.isNumeric(parameter2)) {
            SiteMessageService.setMessage(httpServletRequest, ERROR_MESSAGE_ACCESS_DENIED, 2);
            return null;
        }
        int parseInt = Integer.parseInt(parameter);
        long parseLong = Long.parseLong(parameter4);
        int parseInt2 = Integer.parseInt(parameter3);
        AdminUser adminUser = null;
        int parseInt3 = Integer.parseInt(parameter2);
        if (parseInt3 > 0) {
            adminUser = AdminUserHome.findByPrimaryKey(parseInt3);
        }
        int propertyInt = AppPropertiesService.getPropertyInt(PROPERTY_LINKS_LIMIT_VALIDITY, DEFAULT_LIMIT_TIME_VALIDITY);
        if (propertyInt > 0) {
            Calendar calendar = Calendar.getInstance(WorkflowAppointmentPlugin.getPluginLocale(Locale.getDefault()));
            calendar.add(7, (-1) * propertyInt);
            if (calendar.getTimeInMillis() > parseLong) {
                SiteMessageService.setMessage(httpServletRequest, ERROR_MESSAGE_ACCESS_DENIED, 2);
                return null;
            }
        }
        String computeAuthenticationKey = computeAuthenticationKey(parseInt, parseInt3, parseLong, parseInt2);
        if (adminUser == null || !StringUtils.equals(computeAuthenticationKey, parameter5)) {
            SiteMessageService.setMessage(httpServletRequest, ERROR_MESSAGE_ACCESS_DENIED, 2);
            return null;
        }
        try {
            AdminAuthenticationService.getInstance().registerUser(httpServletRequest, adminUser);
        } catch (UserNotSignedException | AccessDeniedException e) {
            AppLogService.error(e.getMessage(), e);
        }
        return AppointmentJspBean.getUrlExecuteWorkflowAction(httpServletRequest, parameter3, parameter);
    }

    public static String getExecuteWorkflowActionUrl(String str, int i, int i2, int i3) {
        long currentTimeMillis = System.currentTimeMillis();
        UrlItem urlItem = new UrlItem(str + JSP_URL_EXECUTE_WORKFLOW_ACTION);
        urlItem.addParameter(PARAMETER_ID_ACTION, i);
        urlItem.addParameter(PARAMETER_ID_RESOURCE, i3);
        urlItem.addParameter(PARAMETER_ID_ADMIN_USER, i2);
        urlItem.addParameter(PARAMETER_TIMESTAMP, Long.toString(currentTimeMillis));
        urlItem.addParameter(PARAMETER_KEY, computeAuthenticationKey(i, i2, currentTimeMillis, i3));
        return urlItem.getUrl();
    }

    private static String computeAuthenticationKey(int i, int i2, long j, int i3) {
        return CryptoService.encrypt((i + i2 + j + i3) + CryptoService.getCryptoKey(), DEFAULT_ENCRYPTION_ALGO);
    }
}
