package org.pac4j.core.authorization.authorizer;

import java.util.Date;
import java.util.List;
import java.util.Optional;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.context.WebContextHelper;
import org.pac4j.core.context.session.SessionStore;
import org.pac4j.core.profile.UserProfile;
import org.pac4j.core.util.CommonHelper;
import org.pac4j.core.util.Pac4jConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/pac4j/core/authorization/authorizer/CsrfAuthorizer.class */
public class CsrfAuthorizer implements Authorizer {
    private static final Logger LOGGER = LoggerFactory.getLogger(CsrfAuthorizer.class);
    private String parameterName;
    private String headerName;
    private boolean checkAllRequests;

    public CsrfAuthorizer() {
        this.parameterName = Pac4jConstants.CSRF_TOKEN;
        this.headerName = Pac4jConstants.CSRF_TOKEN;
        this.checkAllRequests = false;
    }

    public CsrfAuthorizer(String str, String str2) {
        this.parameterName = Pac4jConstants.CSRF_TOKEN;
        this.headerName = Pac4jConstants.CSRF_TOKEN;
        this.checkAllRequests = false;
        this.parameterName = str;
        this.headerName = str2;
    }

    public CsrfAuthorizer(String str, String str2, boolean z) {
        this(str, str2);
        this.checkAllRequests = z;
    }

    @Override // org.pac4j.core.authorization.authorizer.Authorizer
    public boolean isAuthorized(WebContext webContext, SessionStore sessionStore, List<UserProfile> list) {
        if (!(this.checkAllRequests || WebContextHelper.isPost(webContext) || WebContextHelper.isPut(webContext) || WebContextHelper.isPatch(webContext) || WebContextHelper.isDelete(webContext))) {
            return true;
        }
        String orElse = webContext.getRequestParameter(this.parameterName).orElse(null);
        String orElse2 = webContext.getRequestHeader(this.headerName).orElse(null);
        LOGGER.debug("parameterToken: {}", orElse);
        LOGGER.debug("headerToken: {}", orElse2);
        Optional<Object> optional = sessionStore.get(webContext, Pac4jConstants.PREVIOUS_CSRF_TOKEN);
        Optional<Object> optional2 = sessionStore.get(webContext, Pac4jConstants.CSRF_TOKEN);
        Optional<Object> optional3 = sessionStore.get(webContext, Pac4jConstants.CSRF_TOKEN_EXPIRATION_DATE);
        if (sessionStore.getSessionId(webContext, false).isPresent()) {
            sessionStore.set(webContext, Pac4jConstants.PREVIOUS_CSRF_TOKEN, null);
        }
        boolean isPresent = optional2.isPresent() & optional3.isPresent();
        String str = (String) optional.orElse("");
        LOGGER.debug("previous token: {}", str);
        String str2 = (String) optional2.orElse("");
        LOGGER.debug("token: {}", str2);
        return !(((!isPresent) | (!((hashEquals(str2, orElse) | hashEquals(str2, orElse2)) | (hashEquals(str, orElse) | hashEquals(str, orElse2))))) | ((((Long) optional3.orElse(0L)).longValue() > new Date().getTime() ? 1 : (((Long) optional3.orElse(0L)).longValue() == new Date().getTime() ? 0 : -1)) < 0));
    }

    protected boolean hashEquals(String str, String str2) {
        return (str == null || str2 == null || str.hashCode() != str2.hashCode()) ? false : true;
    }

    public String getParameterName() {
        return this.parameterName;
    }

    public void setParameterName(String str) {
        this.parameterName = str;
    }

    public String getHeaderName() {
        return this.headerName;
    }

    public void setHeaderName(String str) {
        this.headerName = str;
    }

    public boolean isCheckAllRequests() {
        return this.checkAllRequests;
    }

    public void setCheckAllRequests(boolean z) {
        this.checkAllRequests = z;
    }

    public String toString() {
        return CommonHelper.toNiceString(getClass(), "parameterName", this.parameterName, "headerName", this.headerName, "checkAllRequests", Boolean.valueOf(this.checkAllRequests));
    }
}
