package colesico.framework.telehttp.assist;

import colesico.framework.http.CookieFactory;
import colesico.framework.http.HttpCookie;
import colesico.framework.http.HttpMethod;
import colesico.framework.http.HttpRequest;
import colesico.framework.http.HttpResponse;
import colesico.framework.service.ApplicationException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Base64;
import java.util.Random;
import javax.inject.Singleton;
import org.apache.commons.lang3.StringUtils;

@Singleton
/* loaded from: input_file:colesico/framework/telehttp/assist/CSRFProtector.class */
public class CSRFProtector<V> {
    public static final String ORIGIN_HEADER = "Origin";
    public static final String REFERER_HEADER = "Referer";
    public static final String CSRF_HEADER = "X-CSRF-Token";
    public static final String CSRF_COOKIE = "XSRF-Token";
    protected final CookieFactory cookieFactory;
    private static final Random random = new Random();

    public CSRFProtector(CookieFactory cookieFactory) {
        this.cookieFactory = cookieFactory;
    }

    protected static String getRequestedHostName(HttpRequest httpRequest) {
        return httpRequest.getHost();
    }

    protected static String getHostFromUrl(String str) {
        if (StringUtils.isBlank(str)) {
            return null;
        }
        try {
            return new URI(str).getHost();
        } catch (URISyntaxException e) {
            throw new RuntimeException("Invalid url:" + str);
        }
    }

    public void check(HttpRequest httpRequest) {
        if (HttpMethod.HTTP_METHOD_GET.equals(httpRequest.getRequestMethod())) {
            return;
        }
        String requestedHostName = getRequestedHostName(httpRequest);
        String str = (String) httpRequest.getHeaders().get(ORIGIN_HEADER);
        if (str != null) {
            String hostFromUrl = getHostFromUrl(str);
            if (!requestedHostName.equals(hostFromUrl)) {
                throw new ApplicationException("Origin host mismatch:" + hostFromUrl + "->" + requestedHostName);
            }
            return;
        }
        String str2 = (String) httpRequest.getHeaders().get(REFERER_HEADER);
        if (str2 != null) {
            String hostFromUrl2 = getHostFromUrl(str2);
            if (!requestedHostName.equals(hostFromUrl2)) {
                throw new ApplicationException("Referer host mismatch:" + hostFromUrl2 + "->" + requestedHostName);
            }
            return;
        }
        HttpCookie httpCookie = (HttpCookie) httpRequest.getCookies().get(CSRF_COOKIE);
        if (httpCookie == null) {
            return;
        }
        String value = httpCookie.getValue();
        String str3 = (String) httpRequest.getHeaders().get(CSRF_HEADER);
        if (!StringUtils.equals(value, str3)) {
            throw new ApplicationException("CSRF token mismatch:" + value + " != " + str3);
        }
    }

    public String sendToken(HttpResponse httpResponse) {
        byte[] bArr = new byte[32];
        random.nextBytes(bArr);
        String encodeToString = Base64.getEncoder().encodeToString(bArr);
        httpResponse.setCookie(this.cookieFactory.create(CSRF_COOKIE, encodeToString));
        return encodeToString;
    }
}
