package com.predic8.membrane.core.interceptor.oauth2client;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.collect.ImmutableList;
import com.predic8.membrane.annot.MCElement;
import com.predic8.membrane.core.exchange.Exchange;
import com.predic8.membrane.core.exchange.snapshots.AbstractExchangeSnapshot;
import com.predic8.membrane.core.http.HeaderName;
import com.predic8.membrane.core.interceptor.session.Session;
import com.predic8.membrane.core.interceptor.session.SessionManager;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.time.Duration;
import java.time.OffsetDateTime;
import java.time.ZoneOffset;
import java.time.format.DateTimeFormatter;
import java.time.temporal.TemporalAmount;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.http.protocol.HttpRequestExecutor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@MCElement(name = "cookieOriginalExchangeStore")
/* loaded from: input_file:lib/service-proxy-core-4.8.7.jar:com/predic8/membrane/core/interceptor/oauth2client/CookieOriginialExchangeStore.class */
public class CookieOriginialExchangeStore extends OriginalExchangeStore {
    public static final String ORIGINAL_REQUEST_PREFIX = "_original_request_for_state_";
    private static final Logger log = LoggerFactory.getLogger((Class<?>) CookieOriginialExchangeStore.class);
    String domain;
    long expiresAfterSeconds = 900;
    boolean httpOnly = true;
    String sameSite = null;

    private String originalRequestKeyNameInSession(String str) {
        return "_original_request_for_state_" + str;
    }

    public List<String> createCookieAttributes(Exchange exchange) {
        String[] strArr = new String[7];
        strArr[0] = "Max-Age=" + this.expiresAfterSeconds;
        strArr[1] = "Expires=" + DateTimeFormatter.RFC_1123_DATE_TIME.format(OffsetDateTime.now(ZoneOffset.UTC).plus((TemporalAmount) Duration.ofSeconds(this.expiresAfterSeconds)));
        strArr[2] = "Path=/";
        strArr[3] = exchange.getRule().getSslInboundContext() != null ? "Secure" : null;
        strArr[4] = this.domain != null ? "Domain=" + this.domain + "; " : null;
        strArr[5] = this.httpOnly ? "HttpOnly" : null;
        strArr[6] = this.sameSite != null ? "SameSite=" + this.sameSite : null;
        return (List) Stream.of((Object[]) strArr).filter(str -> {
            return str != null;
        }).collect(Collectors.toList());
    }

    public List<String> createInvalidationAttributes() {
        String[] strArr = new String[3];
        strArr[0] = SessionManager.VALUE_TO_EXPIRE_SESSION_IN_BROWSER;
        strArr[1] = "Path=/";
        strArr[2] = this.domain != null ? "Domain=" + this.domain + "; " : null;
        return (List) Stream.of((Object[]) strArr).filter(str -> {
            return str != null;
        }).collect(Collectors.toList());
    }

    private List<String> expireCookies(List<String> list) {
        return (List) list.stream().map(str -> {
            return str + ";" + String.join(";", createInvalidationAttributes());
        }).collect(Collectors.toList());
    }

    @Override // com.predic8.membrane.core.interceptor.oauth2client.OriginalExchangeStore
    public void store(Exchange exchange, Session session, String str, Exchange exchange2) throws IOException {
        try {
            String str2 = originalRequestKeyNameInSession(str) + "=" + escapeForCookie(new ObjectMapper().writeValueAsString(getTrimmedAbstractExchangeSnapshot(exchange2, HttpRequestExecutor.DEFAULT_WAIT_FOR_CONTINUE)));
            if (str2.length() > 4093) {
                log.warn("Cookie is larger than 4093 bytes, this will not work some browsers.");
            }
            exchange.getResponse().getHeader().add("Set-Cookie", str2 + ";" + String.join(";", createCookieAttributes(exchange)));
        } catch (JsonProcessingException e) {
            throw new RuntimeException(e);
        }
    }

    private String escapeForCookie(String str) {
        try {
            return URLEncoder.encode(str, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    private String unescapeForCookie(String str) {
        try {
            return URLDecoder.decode(str, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    protected Stream<String> getCookies(Exchange exchange) {
        return exchange.getRequest().getHeader().getValues(new HeaderName("Cookie")).stream().map(headerField -> {
            return headerField.getValue().split(";");
        }).flatMap((v0) -> {
            return Arrays.stream(v0);
        });
    }

    @Override // com.predic8.membrane.core.interceptor.oauth2client.OriginalExchangeStore
    public AbstractExchangeSnapshot reconstruct(Exchange exchange, Session session, String str) {
        try {
            return (AbstractExchangeSnapshot) new ObjectMapper().readValue(unescapeForCookie((String) getCookies(exchange).filter(str2 -> {
                return str2.indexOf("=") > 0;
            }).filter(str3 -> {
                return str3.split("=")[0].trim().equals(originalRequestKeyNameInSession(str));
            }).map(str4 -> {
                return str4.split("=")[1];
            }).map(str5 -> {
                int indexOf = str5.indexOf(59);
                return indexOf == -1 ? str5 : str5.substring(0, indexOf);
            }).findFirst().get()), AbstractExchangeSnapshot.class);
        } catch (JsonProcessingException e) {
            throw new RuntimeException(e);
        }
    }

    private List<String> getStatesToRemove(Exchange exchange) {
        ArrayList arrayList = (ArrayList) exchange.getProperty("statesToRemove");
        if (arrayList != null) {
            return arrayList;
        }
        ArrayList arrayList2 = new ArrayList();
        exchange.setProperty("statesToRemove", arrayList2);
        return arrayList2;
    }

    @Override // com.predic8.membrane.core.interceptor.oauth2client.OriginalExchangeStore
    public void remove(Exchange exchange, Session session, String str) {
        getStatesToRemove(exchange).add(str);
    }

    @Override // com.predic8.membrane.core.interceptor.oauth2client.OriginalExchangeStore
    public void postProcess(Exchange exchange) {
        getStatesToRemove(exchange).forEach(str -> {
            expireCookies(ImmutableList.of(originalRequestKeyNameInSession(str) + "=")).stream().forEach(str -> {
                exchange.getResponse().getHeader().add("Set-Cookie", str);
            });
        });
    }
}
