package io.ktor.server.plugins.csrf;

import io.ktor.http.HttpHeaders;
import io.ktor.http.HttpMethod;
import io.ktor.http.URLUtilsKt;
import io.ktor.http.Url;
import io.ktor.server.application.ApplicationCall;
import io.ktor.server.application.OnCallContext;
import io.ktor.server.application.PipelineCall;
import io.ktor.server.request.ApplicationRequestPropertiesKt;
import java.util.List;
import java.util.Map;
import kotlin.Metadata;
import kotlin.ResultKt;
import kotlin.Unit;
import kotlin.collections.CollectionsKt;
import kotlin.collections.SetsKt;
import kotlin.coroutines.Continuation;
import kotlin.coroutines.intrinsics.IntrinsicsKt;
import kotlin.coroutines.jvm.internal.DebugMetadata;
import kotlin.coroutines.jvm.internal.SuspendLambda;
import kotlin.jvm.functions.Function2;
import kotlin.jvm.functions.Function3;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: CSRF.kt */
@Metadata(mv = {2, 1, 0}, k = 3, xi = 48, d1 = {"��\u0014\n��\n\u0002\u0010\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\u0010��\u001a\u00020\u0001*\b\u0012\u0004\u0012\u00020\u00030\u00022\u0006\u0010\u0004\u001a\u00020\u0005H\n"}, d2 = {"<anonymous>", "", "Lio/ktor/server/application/OnCallContext;", "Lio/ktor/server/plugins/csrf/CSRFConfig;", "call", "Lio/ktor/server/application/PipelineCall;"})
@DebugMetadata(f = "CSRF.kt", l = {68, 71, 82, 84, 92, 94}, i = {}, s = {}, n = {}, m = "invokeSuspend", c = "io.ktor.server.plugins.csrf.CSRFKt$CSRF$2$2")
/* loaded from: input_file:io/ktor/server/plugins/csrf/CSRFKt$CSRF$2$2.class */
public final class CSRFKt$CSRF$2$2 extends SuspendLambda implements Function3<OnCallContext<CSRFConfig>, PipelineCall, Continuation<? super Unit>, Object> {
    int label;
    /* synthetic */ Object L$0;
    final /* synthetic */ boolean $checkHost;
    final /* synthetic */ Function3<ApplicationCall, String, Continuation<? super Unit>, Object> $onFailure;
    final /* synthetic */ List<Url> $allowedOrigins;
    final /* synthetic */ Map<String, Function2<ApplicationCall, String, Boolean>> $headerChecks;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public CSRFKt$CSRF$2$2(boolean z, Function3<? super ApplicationCall, ? super String, ? super Continuation<? super Unit>, ? extends Object> function3, List<Url> list, Map<String, Function2<ApplicationCall, String, Boolean>> map, Continuation<? super CSRFKt$CSRF$2$2> continuation) {
        super(3, continuation);
        this.$checkHost = z;
        this.$onFailure = function3;
        this.$allowedOrigins = list;
        this.$headerChecks = map;
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:2:0x0009. Please report as an issue. */
    public final Object invokeSuspend(Object obj) {
        Url originOrReferrerUrl;
        Object coroutine_suspended = IntrinsicsKt.getCOROUTINE_SUSPENDED();
        switch (this.label) {
            case 0:
                ResultKt.throwOnFailure(obj);
                ApplicationCall applicationCall = (PipelineCall) this.L$0;
                if (!applicationCall.getResponse().isCommitted() && !SetsKt.setOf(new HttpMethod[]{HttpMethod.Companion.getGet(), HttpMethod.Companion.getHead(), HttpMethod.Companion.getOptions()}).contains(ApplicationRequestPropertiesKt.getHttpMethod(applicationCall.getRequest()))) {
                    if (this.$checkHost) {
                        Url originOrReferrerUrl$default = CSRFKt.originOrReferrerUrl$default(applicationCall, null, 1, null);
                        if (originOrReferrerUrl$default == null) {
                            Function3<ApplicationCall, String, Continuation<? super Unit>, Object> function3 = this.$onFailure;
                            this.label = 1;
                            if (function3.invoke(applicationCall, "missing \"Origin\" header", this) == coroutine_suspended) {
                                return coroutine_suspended;
                            }
                            return Unit.INSTANCE;
                        }
                        String str = applicationCall.getRequest().getHeaders().get(HttpHeaders.INSTANCE.getHost());
                        if (!CollectionsKt.contains(CollectionsKt.listOf(new String[]{URLUtilsKt.getHostWithPortIfSpecified(originOrReferrerUrl$default), URLUtilsKt.getHostWithPort(originOrReferrerUrl$default)}), str)) {
                            Function3<ApplicationCall, String, Continuation<? super Unit>, Object> function32 = this.$onFailure;
                            String str2 = "expected \"Origin\" [" + URLUtilsKt.getHostWithPortIfSpecified(originOrReferrerUrl$default) + "] host to match \"Host\" [" + str + "] header value";
                            this.label = 2;
                            if (function32.invoke(applicationCall, str2, this) == coroutine_suspended) {
                                return coroutine_suspended;
                            }
                            return Unit.INSTANCE;
                        }
                    }
                    if (!this.$allowedOrigins.isEmpty()) {
                        originOrReferrerUrl = CSRFKt.originOrReferrerUrl(applicationCall, ((Url) CollectionsKt.first(this.$allowedOrigins)).getProtocol());
                        if (originOrReferrerUrl == null) {
                            Function3<ApplicationCall, String, Continuation<? super Unit>, Object> function33 = this.$onFailure;
                            this.label = 3;
                            if (function33.invoke(applicationCall, "missing \"Origin\" header", this) == coroutine_suspended) {
                                return coroutine_suspended;
                            }
                            return Unit.INSTANCE;
                        }
                        if (!this.$allowedOrigins.contains(originOrReferrerUrl)) {
                            Function3<ApplicationCall, String, Continuation<? super Unit>, Object> function34 = this.$onFailure;
                            String str3 = "unexpected \"Origin\" header value [" + originOrReferrerUrl + ']';
                            this.label = 4;
                            if (function34.invoke(applicationCall, str3, this) == coroutine_suspended) {
                                return coroutine_suspended;
                            }
                            return Unit.INSTANCE;
                        }
                    }
                    if (!this.$headerChecks.isEmpty()) {
                        for (Map.Entry<String, Function2<ApplicationCall, String, Boolean>> entry : this.$headerChecks.entrySet()) {
                            String key = entry.getKey();
                            Function2<ApplicationCall, String, Boolean> value = entry.getValue();
                            String str4 = applicationCall.getRequest().getHeaders().get(key);
                            if (str4 == null) {
                                Function3<ApplicationCall, String, Continuation<? super Unit>, Object> function35 = this.$onFailure;
                                String str5 = "missing \"" + key + "\" header";
                                this.label = 5;
                                if (function35.invoke(applicationCall, str5, this) == coroutine_suspended) {
                                    return coroutine_suspended;
                                }
                                return Unit.INSTANCE;
                            }
                            if (!((Boolean) value.invoke(applicationCall, str4)).booleanValue()) {
                                Function3<ApplicationCall, String, Continuation<? super Unit>, Object> function36 = this.$onFailure;
                                String str6 = "unexpected \"" + key + "\" header value [" + str4 + ']';
                                this.label = 6;
                                if (function36.invoke(applicationCall, str6, this) == coroutine_suspended) {
                                    return coroutine_suspended;
                                }
                                return Unit.INSTANCE;
                            }
                        }
                    }
                    return Unit.INSTANCE;
                }
                return Unit.INSTANCE;
            case 1:
                ResultKt.throwOnFailure(obj);
                return Unit.INSTANCE;
            case 2:
                ResultKt.throwOnFailure(obj);
                return Unit.INSTANCE;
            case 3:
                ResultKt.throwOnFailure(obj);
                return Unit.INSTANCE;
            case 4:
                ResultKt.throwOnFailure(obj);
                return Unit.INSTANCE;
            case 5:
                ResultKt.throwOnFailure(obj);
                return Unit.INSTANCE;
            case 6:
                ResultKt.throwOnFailure(obj);
                return Unit.INSTANCE;
            default:
                throw new IllegalStateException("call to 'resume' before 'invoke' with coroutine");
        }
    }

    public final Object invoke(OnCallContext<CSRFConfig> onCallContext, PipelineCall pipelineCall, Continuation<? super Unit> continuation) {
        CSRFKt$CSRF$2$2 cSRFKt$CSRF$2$2 = new CSRFKt$CSRF$2$2(this.$checkHost, this.$onFailure, this.$allowedOrigins, this.$headerChecks, continuation);
        cSRFKt$CSRF$2$2.L$0 = pipelineCall;
        return cSRFKt$CSRF$2$2.invokeSuspend(Unit.INSTANCE);
    }
}
