package org.scalatra;

import jakarta.servlet.http.HttpServletRequest;
import org.scalatra.servlet.RichRequest$headers$;
import org.scalatra.servlet.ServletApiImplicits;
import scala.Option;
import scala.Predef$;
import scala.Predef$ArrowAssoc$;
import scala.collection.Seq;
import scala.collection.Seq$;
import scala.collection.SeqLike;
import scala.collection.immutable.$colon;
import scala.collection.immutable.Nil$;
import scala.collection.immutable.Vector;
import scala.collection.immutable.Vector$;
import scala.reflect.ScalaSignature;

/* compiled from: CsrfTokenSupport.scala */
@ScalaSignature(bytes = "\u0006\u0001M4\u0001\"\u0005\n\u0011\u0002\u0007\u0005q\u0003\u0015\u0005\u0006=\u0001!\ta\b\u0005\u0006G\u0001!\t\u0001\n\u0005\u0006a\u0001!\t!\r\u0005\u0006}\u0001!\ta\u0010\u0005\u0006\u0013\u0002!\tB\u0013\u0005\u0006\u001d\u0002!\tb\b\u0005\u0006\u001f\u0002!\tbH\u0004\u0006/JA\t\u0001\u0017\u0004\u0006#IA\t!\u0017\u0005\u00065&!\ta\u0017\u0005\b9&\u0011\r\u0011\"\u0001^\u0011\u0019)\u0017\u0002)A\u0005=\"9a-\u0003b\u0001\n\u00039\u0007B\u00029\nA\u0003%\u0001\u000eC\u0004r\u0013\t\u0007I\u0011A/\t\rIL\u0001\u0015!\u0003_\u0005AA6O\u001d4U_.,gnU;qa>\u0014HO\u0003\u0002\u0014)\u0005A1oY1mCR\u0014\u0018MC\u0001\u0016\u0003\ry'oZ\u0002\u0001'\t\u0001\u0001\u0004\u0005\u0002\u001a95\t!DC\u0001\u001c\u0003\u0015\u00198-\u00197b\u0013\ti\"D\u0001\u0004B]f\u0014VMZ\u0001\u0007I%t\u0017\u000e\u001e\u0013\u0015\u0003\u0001\u0002\"!G\u0011\n\u0005\tR\"\u0001B+oSR\fq\u0001_:sM.+\u00170F\u0001&!\t1SF\u0004\u0002(WA\u0011\u0001FG\u0007\u0002S)\u0011!FF\u0001\u0007yI|w\u000e\u001e \n\u00051R\u0012A\u0002)sK\u0012,g-\u0003\u0002/_\t11\u000b\u001e:j]\u001eT!\u0001\f\u000e\u0002\u0013a\u001c(O\u001a+pW\u0016tGCA\u00133\u0011\u0015\u00194\u0001q\u00015\u0003\u001d\u0011X-];fgR\u0004\"!\u000e\u001f\u000e\u0003YR!a\u000e\u001d\u0002\t!$H\u000f\u001d\u0006\u0003si\nqa]3sm2,GOC\u0001<\u0003\u001dQ\u0017m[1si\u0006L!!\u0010\u001c\u0003%!#H\u000f]*feZdW\r\u001e*fcV,7\u000f^\u0001\nqN\u0014hmR;be\u0012$\"\u0001\t!\t\u000b\u0005#\u0001\u0019\u0001\"\u0002\t=tG.\u001f\t\u00043\r+\u0015B\u0001#\u001b\u0005)a$/\u001a9fCR,GM\u0010\t\u0003\r\u001ek\u0011AE\u0005\u0003\u0011J\u0011\u0001CU8vi\u0016$&/\u00198tM>\u0014X.\u001a:\u0002\u0011%\u001chi\u001c:hK\u0012,\u0012a\u0013\t\u000331K!!\u0014\u000e\u0003\u000f\t{w\u000e\\3b]\u0006i\u0001.\u00198eY\u00164uN]4fef\f\u0001\u0003\u001d:fa\u0006\u0014X\rW:sMR{7.\u001a8\u0013\u0007E\u001bFK\u0002\u0003S\u0001\u0001\u0001&\u0001\u0004\u001fsK\u001aLg.Z7f]Rt\u0004C\u0001$\u0001!\t1U+\u0003\u0002W%\ta1kY1mCR\u0014\u0018MQ1tK\u0006\u0001\u0002l\u001d:g)>\\WM\\*vaB|'\u000f\u001e\t\u0003\r&\u0019\"!\u0003\r\u0002\rqJg.\u001b;?)\u0005A\u0016A\u0003#fM\u0006,H\u000e^&fsV\ta\f\u0005\u0002`I6\t\u0001M\u0003\u0002bE\u0006!A.\u00198h\u0015\u0005\u0019\u0017\u0001\u00026bm\u0006L!A\f1\u0002\u0017\u0011+g-Y;mi.+\u0017\u0010I\u0001\f\u0011\u0016\fG-\u001a:OC6,7/F\u0001i!\rIgNX\u0007\u0002U*\u00111\u000e\\\u0001\nS6lW\u000f^1cY\u0016T!!\u001c\u000e\u0002\u0015\r|G\u000e\\3di&|g.\u0003\u0002pU\n1a+Z2u_J\fA\u0002S3bI\u0016\u0014h*Y7fg\u0002\n\u0011bQ8pW&,7*Z=\u0002\u0015\r{wn[5f\u0017\u0016L\b\u0005")
/* loaded from: input_file:org/scalatra/XsrfTokenSupport.class */
public interface XsrfTokenSupport {
    static String CookieKey() {
        return XsrfTokenSupport$.MODULE$.CookieKey();
    }

    static Vector<String> HeaderNames() {
        return XsrfTokenSupport$.MODULE$.HeaderNames();
    }

    static String DefaultKey() {
        return XsrfTokenSupport$.MODULE$.DefaultKey();
    }

    default String xsrfKey() {
        return XsrfTokenSupport$.MODULE$.DefaultKey();
    }

    default String xsrfToken(HttpServletRequest httpServletRequest) {
        return (String) httpServletRequest.getSession().getAttribute(xsrfKey());
    }

    default void xsrfGuard(Seq<RouteTransformer> seq) {
        ((ScalatraBase) this).before((Seq) seq.toSeq().$plus$plus(new $colon.colon(((ScalatraBase) this).booleanBlock2RouteMatcher(() -> {
            return this.isForged();
        }), Nil$.MODULE$), Seq$.MODULE$.canBuildFrom()), () -> {
            this.handleForgery();
        });
    }

    default boolean isForged() {
        if (!((ServletApiImplicits) this).enrichRequest(((DynamicScope) this).request()).requestMethod().isSafe()) {
            Option<Object> option = ((ServletApiImplicits) this).enrichSession(((SessionSupport) this).session(((DynamicScope) this).request())).get(xsrfKey());
            Option<String> option2 = ((ScalatraBase) this).params(((DynamicScope) this).request()).get(xsrfKey());
            if (option != null ? !option.equals(option2) : option2 != null) {
                Vector<String> HeaderNames = XsrfTokenSupport$.MODULE$.HeaderNames();
                RichRequest$headers$ headers = ((ServletApiImplicits) this).enrichRequest(((DynamicScope) this).request()).headers();
                if (!((SeqLike) HeaderNames.map(str -> {
                    return headers.get(str);
                }, Vector$.MODULE$.canBuildFrom())).contains(((ServletApiImplicits) this).enrichSession(((SessionSupport) this).session(((DynamicScope) this).request())).get(xsrfKey()))) {
                    return true;
                }
            }
        }
        return false;
    }

    default void handleForgery() {
        throw ((Control) this).halt(Predef$.MODULE$.int2Integer(403), "Request tampering detected!", ((Control) this).halt$default$3());
    }

    default void prepareXsrfToken() {
        ((ServletApiImplicits) this).enrichSession(((SessionSupport) this).session(((DynamicScope) this).request())).getOrElseUpdate(xsrfKey(), () -> {
            return GenerateId$.MODULE$.apply();
        });
        Option<String> option = ((CookieContext) this).cookies(((DynamicScope) this).request()).get(XsrfTokenSupport$.MODULE$.CookieKey());
        if (!option.isEmpty()) {
            Option<Object> option2 = ((ServletApiImplicits) this).enrichSession(((SessionSupport) this).session(((DynamicScope) this).request())).get(xsrfKey());
            if (option == null) {
                if (option2 == null) {
                    return;
                }
            } else if (option.equals(option2)) {
                return;
            }
        }
        ((CookieContext) this).cookies(((DynamicScope) this).request()).$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(XsrfTokenSupport$.MODULE$.CookieKey()), xsrfToken(((DynamicScope) this).request())), ((CookieContext) this).cookieOptions());
    }
}
