package org.scalatra;

import jakarta.servlet.http.HttpServletRequest;
import org.scalatra.servlet.RichRequest$headers$;
import org.scalatra.servlet.ServletApiImplicits;
import scala.Option;
import scala.Predef$;
import scala.collection.SeqOps;
import scala.collection.immutable.Vector;
import scala.runtime.BoxedUnit;
import scala.runtime.ScalaRunTime$;

/* compiled from: CsrfTokenSupport.scala */
/* loaded from: input_file:org/scalatra/CsrfTokenSupport.class */
public interface CsrfTokenSupport {
    static String DefaultKey() {
        return CsrfTokenSupport$.MODULE$.DefaultKey();
    }

    static Vector<String> HeaderNames() {
        return CsrfTokenSupport$.MODULE$.HeaderNames();
    }

    static void $init$(CsrfTokenSupport csrfTokenSupport) {
        ((ScalatraBase) csrfTokenSupport).before(ScalaRunTime$.MODULE$.wrapRefArray(new RouteTransformer[]{((ScalatraBase) csrfTokenSupport).booleanBlock2RouteMatcher(csrfTokenSupport::$init$$$anonfun$1)}), () -> {
            $init$$$anonfun$2();
            return BoxedUnit.UNIT;
        });
        ((ScalatraBase) csrfTokenSupport).before(ScalaRunTime$.MODULE$.wrapRefArray(new RouteTransformer[0]), csrfTokenSupport::$init$$$anonfun$3);
    }

    default boolean isForged() {
        if (!((ServletApiImplicits) this).enrichRequest(((DynamicScope) this).request()).requestMethod().isSafe()) {
            Option option = ((ServletApiImplicits) this).enrichSession(((SessionSupport) this).session(((DynamicScope) this).request())).get(csrfKey());
            Option<String> option2 = ((ScalatraBase) this).params(((DynamicScope) this).request()).get(csrfKey());
            if (option != null ? !option.equals(option2) : option2 != null) {
                Vector<String> HeaderNames = CsrfTokenSupport$.MODULE$.HeaderNames();
                RichRequest$headers$ headers = ((ServletApiImplicits) this).enrichRequest(((DynamicScope) this).request()).headers();
                if (!((SeqOps) HeaderNames.map(str -> {
                    return headers.get(str);
                })).contains(((ServletApiImplicits) this).enrichSession(((SessionSupport) this).session(((DynamicScope) this).request())).get(csrfKey()))) {
                    return true;
                }
            }
        }
        return false;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    default void handleForgery() {
        throw ((Control) this).halt(Predef$.MODULE$.int2Integer(403), "Request tampering detected!", ((Control) this).halt$default$3());
    }

    default String prepareCsrfToken() {
        return ((ServletApiImplicits) this).enrichSession(((SessionSupport) this).session(((DynamicScope) this).request())).getOrElseUpdate(csrfKey(), CsrfTokenSupport::prepareCsrfToken$$anonfun$1).toString();
    }

    default String csrfKey() {
        return CsrfTokenSupport$.MODULE$.DefaultKey();
    }

    default String csrfToken(HttpServletRequest httpServletRequest) {
        return (String) httpServletRequest.getSession().getAttribute(csrfKey());
    }

    private default boolean $init$$$anonfun$1() {
        return isForged();
    }

    private default void $init$$$anonfun$2() {
        handleForgery();
    }

    private default String $init$$$anonfun$3() {
        return prepareCsrfToken();
    }

    private static String prepareCsrfToken$$anonfun$1() {
        return GenerateId$.MODULE$.apply();
    }
}
