package com.apache.security.filter;

import com.apache.security.SecurityFilter;
import java.io.IOException;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/apache/security/filter/CsrfTokenCkeckFilter.class */
public class CsrfTokenCkeckFilter implements SecurityFilter {
    private static final String CSRFTOKEN_PREFIX = "csrf_";
    private String errorPage;

    @Override // com.apache.security.SecurityFilter
    public int doFilterInvoke(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        if (!httpServletRequest.getMethod().equals("POST")) {
            return 1;
        }
        String tokenName = getTokenName(httpServletRequest);
        if (((Long) httpServletRequest.getSession().getAttribute(tokenName)).longValue() == Long.parseLong(httpServletRequest.getParameter(tokenName))) {
            return 1;
        }
        httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/" + this.errorPage);
        return 0;
    }

    private String getTokenName(HttpServletRequest httpServletRequest) {
        for (Map.Entry entry : httpServletRequest.getParameterMap().entrySet()) {
            if (((String) entry.getKey()).startsWith(CSRFTOKEN_PREFIX)) {
                return (String) entry.getKey();
            }
        }
        return null;
    }

    @Override // com.apache.security.SecurityFilter
    public void setErrorPage(String str) {
        this.errorPage = str;
    }
}
