package com.atlassian.bamboo.security.xsrf;

import com.atlassian.bamboo.filter.ResourceDownloadRewriteRule;
import com.atlassian.security.random.DefaultSecureTokenGenerator;
import com.atlassian.security.random.SecureTokenGenerator;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* loaded from: input_file:com/atlassian/bamboo/security/xsrf/XsrfTokenUtils.class */
public class XsrfTokenUtils {
    private static final Logger log = LogManager.getLogger(XsrfTokenUtils.class);
    private static final SecureTokenGenerator secureTokenGenerator = DefaultSecureTokenGenerator.getInstance();
    private static final String ATL_TOKEN_SOURCE = "atl_token_source";
    static final String XSRF_TOKEN_KEY = "atl.xsrf.token";

    private XsrfTokenUtils() {
    }

    public static String getTokenFromRequestParameters(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter("atl_token");
    }

    public static String getXsrfTokenSource(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(ATL_TOKEN_SOURCE);
    }

    @Nullable
    public static String getOrCreateXsrfCookie(@NotNull HttpServletRequest httpServletRequest, @NotNull HttpServletResponse httpServletResponse) {
        String str = (String) httpServletRequest.getAttribute(XSRF_TOKEN_KEY);
        if (str != null) {
            log.debug("XSRF token already processed; skipping duplicate action.");
            return str;
        }
        log.debug("Did not find XSRF attribute in the request {}", httpServletRequest.getRequestURL());
        String contextPath = httpServletRequest.getContextPath();
        if (StringUtils.isEmpty(contextPath)) {
            contextPath = ResourceDownloadRewriteRule.PATH_SEPARATOR;
        }
        Cookie xsrfCookie = getXsrfCookie(httpServletRequest);
        if (xsrfCookie != null) {
            log.debug("Found XSRF cookie in the request {}", httpServletRequest.getRequestURL());
            if (xsrfCookie.getSecure() != httpServletRequest.isSecure()) {
                xsrfCookie.setSecure(httpServletRequest.isSecure());
                xsrfCookie.setPath(contextPath);
                httpServletResponse.addCookie(xsrfCookie);
            }
            httpServletRequest.setAttribute(XSRF_TOKEN_KEY, xsrfCookie.getValue());
            return xsrfCookie.getValue();
        }
        log.debug("Didn't find XSRF cookie in the request {}", httpServletRequest.getRequestURL());
        log.debug("Creating new XSRF token and cookie...");
        String generateToken = secureTokenGenerator.generateToken();
        Cookie cookie = new Cookie(XSRF_TOKEN_KEY, generateToken);
        cookie.setPath(contextPath);
        cookie.setSecure(httpServletRequest.isSecure());
        httpServletResponse.addCookie(cookie);
        httpServletRequest.setAttribute(XSRF_TOKEN_KEY, generateToken);
        return null;
    }

    @Nullable
    private static Cookie getXsrfCookie(@NotNull HttpServletRequest httpServletRequest) {
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null) {
            return null;
        }
        for (Cookie cookie : cookies) {
            if (StringUtils.equals(cookie.getName(), XSRF_TOKEN_KEY)) {
                return cookie;
            }
        }
        return null;
    }

    @Nullable
    public static String getXsrfToken(@NotNull HttpServletRequest httpServletRequest) {
        return (String) httpServletRequest.getAttribute(XSRF_TOKEN_KEY);
    }
}
