package org.apache.catalina.filters;

import java.io.IOException;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Objects;
import java.util.Set;
import java.util.function.Consumer;
import java.util.function.Predicate;
import java.util.regex.Pattern;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.catalina.filters.RestCsrfPreventionFilter;

/* loaded from: classes2.dex */
public class RestCsrfPreventionFilter extends CsrfPreventionFilterBase {
    private static final Pattern NON_MODIFYING_METHODS_PATTERN = Pattern.compile("GET|HEAD|OPTIONS");
    private static final Predicate<String> nonModifyingMethods = new Predicate() { // from class: org.apache.catalina.filters.-$$Lambda$RestCsrfPreventionFilter$DV6Cran0XLXa5oDpAukKGOiD3Gs
        @Override // java.util.function.Predicate
        public final boolean test(Object obj) {
            return RestCsrfPreventionFilter.lambda$static$0((String) obj);
        }
    };
    private Set<String> pathsAcceptingParams = new HashSet();
    private String pathsDelimiter = ",";

    /* renamed from: org.apache.catalina.filters.RestCsrfPreventionFilter$1, reason: invalid class name */
    /* loaded from: classes2.dex */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$apache$catalina$filters$RestCsrfPreventionFilter$MethodType = new int[MethodType.values().length];

        static {
            try {
                $SwitchMap$org$apache$catalina$filters$RestCsrfPreventionFilter$MethodType[MethodType.NON_MODIFYING_METHOD.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
        }
    }

    /* loaded from: classes2.dex */
    private class FetchRequest implements RestCsrfPreventionStrategy {
        private final Predicate<String> fetchRequest;

        private FetchRequest() {
            this.fetchRequest = new Predicate() { // from class: org.apache.catalina.filters.-$$Lambda$RestCsrfPreventionFilter$FetchRequest$OAPuqTS5cpEagDKdHvldr_SQtI0
                @Override // java.util.function.Predicate
                public final boolean test(Object obj) {
                    boolean equalsIgnoreCase;
                    equalsIgnoreCase = Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE.equalsIgnoreCase((String) obj);
                    return equalsIgnoreCase;
                }
            };
        }

        /* synthetic */ FetchRequest(RestCsrfPreventionFilter restCsrfPreventionFilter, AnonymousClass1 anonymousClass1) {
            this();
        }

        @Override // org.apache.catalina.filters.RestCsrfPreventionFilter.RestCsrfPreventionStrategy
        public boolean apply(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
            if (this.fetchRequest.test(nonceFromRequestHeader.getNonce(httpServletRequest, Constants.CSRF_REST_NONCE_HEADER_NAME))) {
                String nonce = nonceFromSession.getNonce(httpServletRequest.getSession(false), Constants.CSRF_REST_NONCE_SESSION_ATTR_NAME);
                if (nonce == null) {
                    nonce = RestCsrfPreventionFilter.this.generateNonce();
                    NonceConsumer<HttpSession> nonceConsumer = nonceToSession;
                    HttpSession session = httpServletRequest.getSession(true);
                    session.getClass();
                    nonceConsumer.setNonce(session, Constants.CSRF_REST_NONCE_SESSION_ATTR_NAME, nonce);
                }
                nonceToResponse.setNonce(httpServletResponse, Constants.CSRF_REST_NONCE_HEADER_NAME, nonce);
            }
            return true;
        }
    }

    /* loaded from: classes2.dex */
    private enum MethodType {
        NON_MODIFYING_METHOD,
        MODIFYING_METHOD
    }

    /* JADX INFO: Access modifiers changed from: private */
    @FunctionalInterface
    /* loaded from: classes2.dex */
    public interface NonceConsumer<T> {
        void setNonce(T t, String str, String str2);
    }

    /* JADX INFO: Access modifiers changed from: private */
    @FunctionalInterface
    /* loaded from: classes2.dex */
    public interface NonceSupplier<T, R> {
        R getNonce(T t, String str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public interface RestCsrfPreventionStrategy {
        public static final NonceSupplier<HttpServletRequest, String> nonceFromRequestHeader = new NonceSupplier() { // from class: org.apache.catalina.filters.-$$Lambda$RestCsrfPreventionFilter$RestCsrfPreventionStrategy$oV43AvwHwauhcWgPhiDbg_unx6M
            @Override // org.apache.catalina.filters.RestCsrfPreventionFilter.NonceSupplier
            public final Object getNonce(Object obj, String str) {
                String header;
                header = ((HttpServletRequest) obj).getHeader(str);
                return header;
            }
        };
        public static final NonceSupplier<HttpServletRequest, String[]> nonceFromRequestParams = new NonceSupplier() { // from class: org.apache.catalina.filters.-$$Lambda$RestCsrfPreventionFilter$RestCsrfPreventionStrategy$2D7oSFi0qTA3_BUh9nRVhZ8OUwo
            @Override // org.apache.catalina.filters.RestCsrfPreventionFilter.NonceSupplier
            public final Object getNonce(Object obj, String str) {
                String[] parameterValues;
                parameterValues = ((HttpServletRequest) obj).getParameterValues(str);
                return parameterValues;
            }
        };
        public static final NonceSupplier<HttpSession, String> nonceFromSession = new NonceSupplier() { // from class: org.apache.catalina.filters.-$$Lambda$RestCsrfPreventionFilter$RestCsrfPreventionStrategy$N-u4a-iQLSHDDuFdr03mDQ0Ro28
            @Override // org.apache.catalina.filters.RestCsrfPreventionFilter.NonceSupplier
            public final Object getNonce(Object obj, String str) {
                return RestCsrfPreventionFilter.RestCsrfPreventionStrategy.CC.lambda$static$2((HttpSession) obj, str);
            }
        };
        public static final NonceConsumer<HttpServletResponse> nonceToResponse = new NonceConsumer() { // from class: org.apache.catalina.filters.-$$Lambda$RestCsrfPreventionFilter$RestCsrfPreventionStrategy$spKQ3XbXoPBzf9svzviyPPAqycY
            @Override // org.apache.catalina.filters.RestCsrfPreventionFilter.NonceConsumer
            public final void setNonce(Object obj, String str, String str2) {
                ((HttpServletResponse) obj).setHeader(str, str2);
            }
        };
        public static final NonceConsumer<HttpSession> nonceToSession = new NonceConsumer() { // from class: org.apache.catalina.filters.-$$Lambda$RestCsrfPreventionFilter$RestCsrfPreventionStrategy$nCBcOOc9G6IxsPjnhEzx03HzQbM
            @Override // org.apache.catalina.filters.RestCsrfPreventionFilter.NonceConsumer
            public final void setNonce(Object obj, String str, String str2) {
                ((HttpSession) obj).setAttribute(str, str2);
            }
        };

        /* renamed from: org.apache.catalina.filters.RestCsrfPreventionFilter$RestCsrfPreventionStrategy$-CC, reason: invalid class name */
        /* loaded from: classes2.dex */
        public final /* synthetic */ class CC {
            public static /* synthetic */ String lambda$static$2(HttpSession httpSession, String str) {
                if (Objects.isNull(httpSession)) {
                    return null;
                }
                return (String) httpSession.getAttribute(str);
            }
        }

        boolean apply(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException;
    }

    /* loaded from: classes2.dex */
    private class StateChangingRequest implements RestCsrfPreventionStrategy {
        private StateChangingRequest() {
        }

        /* synthetic */ StateChangingRequest(RestCsrfPreventionFilter restCsrfPreventionFilter, AnonymousClass1 anonymousClass1) {
            this();
        }

        private String extractNonceFromRequest(HttpServletRequest httpServletRequest) {
            String nonce = nonceFromRequestHeader.getNonce(httpServletRequest, Constants.CSRF_REST_NONCE_HEADER_NAME);
            return ((Objects.isNull(nonce) || Objects.equals("", nonce)) && !RestCsrfPreventionFilter.this.getPathsAcceptingParams().isEmpty() && RestCsrfPreventionFilter.this.getPathsAcceptingParams().contains(RestCsrfPreventionFilter.this.getRequestedPath(httpServletRequest))) ? extractNonceFromRequestParams(httpServletRequest) : nonce;
        }

        private String extractNonceFromRequestParams(HttpServletRequest httpServletRequest) {
            String[] nonce = nonceFromRequestParams.getNonce(httpServletRequest, Constants.CSRF_REST_NONCE_HEADER_NAME);
            if (!Objects.nonNull(nonce) || nonce.length <= 0) {
                return null;
            }
            String str = nonce[0];
            for (String str2 : nonce) {
                if (!Objects.equals(str2, str)) {
                    return null;
                }
            }
            return str;
        }

        private boolean isValidStateChangingRequest(String str, String str2) {
            return Objects.nonNull(str) && Objects.nonNull(str2) && Objects.equals(str, str2);
        }

        @Override // org.apache.catalina.filters.RestCsrfPreventionFilter.RestCsrfPreventionStrategy
        public boolean apply(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
            if (isValidStateChangingRequest(extractNonceFromRequest(httpServletRequest), nonceFromSession.getNonce(httpServletRequest.getSession(false), Constants.CSRF_REST_NONCE_SESSION_ATTR_NAME))) {
                return true;
            }
            nonceToResponse.setNonce(httpServletResponse, Constants.CSRF_REST_NONCE_HEADER_NAME, Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
            httpServletResponse.sendError(RestCsrfPreventionFilter.this.getDenyStatus(), FilterBase.sm.getString("restCsrfPreventionFilter.invalidNonce"));
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ boolean lambda$static$0(String str) {
        return Objects.nonNull(str) && NON_MODIFYING_METHODS_PATTERN.matcher(str).matches();
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if ((servletRequest instanceof HttpServletRequest) && (servletResponse instanceof HttpServletResponse)) {
            MethodType methodType = MethodType.MODIFYING_METHOD;
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            if (nonModifyingMethods.test(httpServletRequest.getMethod())) {
                methodType = MethodType.NON_MODIFYING_METHOD;
            }
            AnonymousClass1 anonymousClass1 = null;
            if (!(AnonymousClass1.$SwitchMap$org$apache$catalina$filters$RestCsrfPreventionFilter$MethodType[methodType.ordinal()] != 1 ? new StateChangingRequest(this, anonymousClass1) : new FetchRequest(this, anonymousClass1)).apply(httpServletRequest, (HttpServletResponse) servletResponse)) {
                return;
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public Set<String> getPathsAcceptingParams() {
        return this.pathsAcceptingParams;
    }

    public void setPathsAcceptingParams(String str) {
        if (Objects.nonNull(str)) {
            Arrays.asList(str.split(this.pathsDelimiter)).forEach(new Consumer() { // from class: org.apache.catalina.filters.-$$Lambda$RestCsrfPreventionFilter$bOItHI2EXhIZfshkimO29XUXgCA
                @Override // java.util.function.Consumer
                public final void accept(Object obj) {
                    RestCsrfPreventionFilter.this.pathsAcceptingParams.add(((String) obj).trim());
                }
            });
        }
    }
}
