package com.predic8.membrane.core.interceptor.oauth2client.rf;

import com.predic8.membrane.core.interceptor.session.Session;
import com.predic8.membrane.core.util.URLParamUtil;
import java.math.BigInteger;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Map;
import java.util.Optional;
import org.jetbrains.annotations.NotNull;

/* loaded from: input_file:WEB-INF/lib/service-proxy-core-5.3.3.jar:com/predic8/membrane/core/interceptor/oauth2client/rf/StateManager.class */
public class StateManager {
    private static final SecureRandom sr = new SecureRandom();

    @NotNull
    public static String generateNewState() {
        return new BigInteger(130, sr).toString(32);
    }

    public static String getSecurityTokenFromState(String str) {
        if (str == null) {
            throw new RuntimeException("No CSRF token.");
        }
        Map<String, String> parseQueryString = URLParamUtil.parseQueryString(str, URLParamUtil.DuplicateKeyOrInvalidFormStrategy.ERROR);
        if (parseQueryString.containsKey("security_token")) {
            return parseQueryString.get("security_token");
        }
        throw new RuntimeException("No CSRF token.");
    }

    public static boolean csrfTokenMatches(Session session, String str) {
        return Optional.ofNullable(session.get("state")).filter(obj -> {
            return Arrays.stream(obj.toString().split(",")).filter(str2 -> {
                return str2.equals(str);
            }).count() == 1;
        }).isPresent();
    }
}
