package org.kuali.kfs.kns.web.struts.action;

import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.kuali.kfs.core.api.config.property.ConfigContext;
import org.kuali.kfs.krad.util.KRADConstants;

/* loaded from: input_file:WEB-INF/lib/kfs-core-2024-09-11.jar:org/kuali/kfs/kns/web/struts/action/KualiPortalAction.class */
public class KualiPortalAction extends KualiSimpleAction {
    @Override // org.kuali.kfs.kns.web.struts.action.KualiSimpleAction, org.apache.struts.action.Action
    public ActionForward execute(ActionMapping actionMapping, ActionForm actionForm, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        String str = null;
        if (httpServletRequest.getQueryString() != null && httpServletRequest.getQueryString().contains("channelUrl")) {
            str = httpServletRequest.getQueryString().substring(httpServletRequest.getQueryString().indexOf("channelUrl") + 11);
        } else if (httpServletRequest.getParameter("channelUrl") != null && httpServletRequest.getParameter("channelUrl").length() > 0) {
            str = httpServletRequest.getParameter("channelUrl");
        }
        if (str != null) {
            str = str.replace(">", "%3E").replace("<", "%3C").replace("\"", "%22");
            if (!Pattern.compile(ConfigContext.getCurrentContextConfig().getProperty(KRADConstants.PORTAL_ALLOWED_REGEX)).matcher(str).matches()) {
                throw new Exception("The requested channel URL is not authorized for display in portal.");
            }
        }
        if (httpServletRequest.getParameter("selectedTab") != null && httpServletRequest.getParameter("selectedTab").length() > 0) {
            httpServletRequest.getSession().setAttribute("selectedTab", httpServletRequest.getParameter("selectedTab"));
        }
        httpServletRequest.setAttribute("gotoUrl", str);
        return super.execute(actionMapping, actionForm, httpServletRequest, httpServletResponse);
    }
}
