package org.apache.chemistry.opencmis.server.shared;

import java.security.SecureRandom;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.chemistry.opencmis.commons.exceptions.CmisPermissionDeniedException;

/* loaded from: input_file:WEB-INF/lib/chemistry-opencmis-server-bindings-1.1.1-NX01.jar:org/apache/chemistry/opencmis/server/shared/CsrfManager.class */
public class CsrfManager {
    public static final String CSRF_ATTR = "org.apache.chemistry.opencmis.csrftoken";
    private static final String CSRF_HEADER = "csrfHeader";
    private static final String CSRF_PARAMETER = "csrfParameter";
    private static final String FETCH_VALUE = "fetch";
    private static char[][] hexArrays = {"0123456789ABCDEF".toCharArray(), "0123456789abcdef".toCharArray(), "ABCDEFGHIJKLMNOP".toCharArray(), "abcdefghijklmnop".toCharArray()};
    private String csrfHeader;
    private String csrfParameter;
    private SecureRandom random = new SecureRandom();

    public CsrfManager(String str, String str2) {
        if (str != null) {
            this.csrfHeader = str.trim();
            if (this.csrfHeader.length() == 0) {
                throw new IllegalArgumentException("Invalid CSRF header!");
            }
            if (str2 != null) {
                this.csrfParameter = str2.trim();
                if (this.csrfParameter.length() == 0) {
                    throw new IllegalArgumentException("Invalid CSRF parameter!");
                }
            }
        }
    }

    public CsrfManager(ServletConfig servletConfig) throws ServletException {
        this.csrfHeader = servletConfig.getInitParameter("csrfHeader");
        if (this.csrfHeader != null) {
            this.csrfHeader = this.csrfHeader.trim();
            if (this.csrfHeader.length() == 0) {
                throw new ServletException("Invalid CSRF header!");
            }
            this.csrfParameter = servletConfig.getInitParameter("csrfParameter");
            if (this.csrfParameter != null) {
                this.csrfParameter = this.csrfParameter.trim();
                if (this.csrfParameter.length() == 0) {
                    throw new ServletException("Invalid CSRF parameter!");
                }
            }
        }
    }

    public void check(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z, boolean z2) {
        String parameter;
        if (this.csrfHeader == null) {
            return;
        }
        HttpSession session = httpServletRequest.getSession(true);
        String str = (String) session.getAttribute(CSRF_ATTR);
        String header = httpServletRequest.getHeader(this.csrfHeader);
        if (header == null || header.isEmpty()) {
            if (!z2 || this.csrfParameter == null || (parameter = httpServletRequest.getParameter(this.csrfParameter)) == null || !parameter.equals(str)) {
                throw new CmisPermissionDeniedException("Invalid CSRF token!");
            }
            return;
        }
        if (z && FETCH_VALUE.equals(header) && str == null) {
            String generateNewToken = generateNewToken();
            session.setAttribute(CSRF_ATTR, generateNewToken);
            httpServletResponse.addHeader(this.csrfHeader, generateNewToken);
        } else {
            if (str == null) {
                throw new CmisPermissionDeniedException("Invalid CSRF token!");
            }
            if (!str.equals(header)) {
                throw new CmisPermissionDeniedException("Invalid CSRF token!");
            }
        }
    }

    private String generateNewToken() {
        byte[] bArr = new byte[16];
        this.random.nextBytes(bArr);
        int nextInt = this.random.nextInt(hexArrays.length);
        char[] cArr = new char[bArr.length * 2];
        for (int i = 0; i < bArr.length; i++) {
            int i2 = bArr[i] & 255;
            cArr[i * 2] = hexArrays[nextInt][i2 >>> 4];
            cArr[(i * 2) + 1] = hexArrays[nextInt][i2 & 15];
        }
        return new String(cArr);
    }
}
