package de.itsvs.cwtrpc.controller.token;

import com.google.gwt.user.client.rpc.RpcToken;
import com.google.gwt.user.client.rpc.RpcTokenException;
import com.google.gwt.user.client.rpc.XsrfToken;
import com.google.gwt.user.client.rpc.XsrfTokenService;
import com.google.gwt.user.server.Util;
import com.google.gwt.user.server.rpc.NoXsrfProtect;
import com.google.gwt.user.server.rpc.RPCRequest;
import com.google.gwt.user.server.rpc.XsrfProtect;
import de.itsvs.cwtrpc.controller.RemoteServiceContextHolder;
import de.itsvs.cwtrpc.core.CwtRpcException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.util.Assert;

/* loaded from: input_file:de/itsvs/cwtrpc/controller/token/DefaultXsrfTokenService.class */
public class DefaultXsrfTokenService implements XsrfTokenService, RpcTokenValidator, RpcTokenGenerator {
    private final Log log;
    public static final String DEFAULT_SESSION_COOKIE_NAME = "JSESSIONID";
    protected static final String MD5_MESSAGE_DIGEST_ALGORITHM_NAME = "MD5";
    private static final Md5ThreadLocal md5ThreadLocal = new Md5ThreadLocal(MD5_MESSAGE_DIGEST_ALGORITHM_NAME);
    private final String sessionCookieName;

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:de/itsvs/cwtrpc/controller/token/DefaultXsrfTokenService$Md5ThreadLocal.class */
    public static class Md5ThreadLocal extends ThreadLocal<MessageDigest> {
        private final String algorithm;

        public Md5ThreadLocal(String str) {
            this.algorithm = str;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.lang.ThreadLocal
        public MessageDigest initialValue() {
            try {
                return MessageDigest.getInstance(this.algorithm);
            } catch (NoSuchAlgorithmException e) {
                throw new CwtRpcException("'" + this.algorithm + "' message digest algorithm has not been registered", e);
            }
        }
    }

    public DefaultXsrfTokenService() {
        this(DEFAULT_SESSION_COOKIE_NAME);
    }

    public DefaultXsrfTokenService(String str) {
        this.log = LogFactory.getLog(DefaultXsrfTokenService.class);
        this.sessionCookieName = str;
    }

    public String getSessionCookieName() {
        return this.sessionCookieName;
    }

    public XsrfToken getNewXsrfToken() {
        HttpServletRequest servletRequest = RemoteServiceContextHolder.getContext().getServletRequest();
        if (servletRequest == null) {
            throw new IllegalStateException("Method must only be invoked in context of remote service controller");
        }
        return mo6generateToken(servletRequest);
    }

    @Override // de.itsvs.cwtrpc.controller.token.RpcTokenGenerator
    /* renamed from: generateToken, reason: merged with bridge method [inline-methods] */
    public XsrfToken mo6generateToken(HttpServletRequest httpServletRequest) throws RpcTokenException {
        Assert.notNull(httpServletRequest, "'request' must not be null");
        byte[] cookieBytes = getCookieBytes(httpServletRequest, getSessionCookieName());
        if (cookieBytes == null || cookieBytes.length == 0) {
            throw new RpcTokenException("Request does not contain required valid session cookie " + getSessionCookieName());
        }
        String md5HexString = getMd5HexString(cookieBytes);
        if (this.log.isDebugEnabled()) {
            this.log.debug("Generated token '" + md5HexString + "'");
        }
        return new XsrfToken(md5HexString);
    }

    @Override // de.itsvs.cwtrpc.controller.token.RpcTokenValidator
    public boolean shouldValidateToken(HttpServletRequest httpServletRequest, RPCRequest rPCRequest) {
        return Util.isMethodXsrfProtected(rPCRequest.getMethod(), XsrfProtect.class, NoXsrfProtect.class, RpcToken.class);
    }

    @Override // de.itsvs.cwtrpc.controller.token.RpcTokenValidator
    public void validateToken(HttpServletRequest httpServletRequest, RPCRequest rPCRequest) throws RpcTokenException {
        Assert.notNull(httpServletRequest, "'servletRequest' must not be null");
        Assert.notNull(rPCRequest, "'rpcRequest' must not be null");
        XsrfToken rpcToken = rPCRequest.getRpcToken();
        if (rpcToken == null) {
            throw new RpcTokenException("Request does not contain required XSRF token");
        }
        if (!(rpcToken instanceof XsrfToken)) {
            throw new RpcTokenException("RPC token is not required XSRF token [" + rpcToken.getClass().getName() + "]");
        }
        XsrfToken xsrfToken = rpcToken;
        XsrfToken mo6generateToken = mo6generateToken(httpServletRequest);
        if (this.log.isDebugEnabled()) {
            this.log.debug("Validating received token '" + xsrfToken.getToken() + "' against expected token '" + mo6generateToken.getToken() + "'");
        }
        if (!mo6generateToken.getToken().equals(xsrfToken.getToken())) {
            throw new RpcTokenException("Received XSRF token does not match expected token");
        }
    }

    protected static byte[] getCookieBytes(HttpServletRequest httpServletRequest, String str) {
        Cookie cookie = Util.getCookie(httpServletRequest, str, false);
        if (cookie == null || cookie.getValue() == null) {
            return null;
        }
        return cookie.getValue().getBytes();
    }

    protected static String getMd5HexString(byte[] bArr) {
        MessageDigest messageDigest = md5ThreadLocal.get();
        messageDigest.reset();
        messageDigest.update(bArr);
        StringBuilder sb = new StringBuilder();
        for (byte b : messageDigest.digest()) {
            int i = b & 255;
            if (i < 16) {
                sb.append('0');
            }
            sb.append(Integer.toHexString(i));
        }
        return sb.toString();
    }
}
