package eu.miltema.slimweb.common;

import eu.miltema.slimweb.HttpException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/miltema/slimweb/common/HttpAccessor.class */
public abstract class HttpAccessor {
    private static final String SESSION_OBJECT = "__SESSION_OBJECT";
    private static final String SESSION_LANGUAGE = "__SESSION_LANGUAGE";
    private static final Logger log = LoggerFactory.getLogger(HttpAccessor.class);
    public HttpServletRequest request;
    public HttpServletResponse response;
    private String pi;
    private String[] pathInfo;
    private String httpMethod;

    public HttpAccessor init(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        this.request = httpServletRequest;
        this.response = httpServletResponse;
        return this;
    }

    public HttpAccessor init(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        this.request = httpServletRequest;
        this.response = httpServletResponse;
        this.httpMethod = str;
        this.pi = httpServletRequest.getPathInfo();
        return this;
    }

    public String getComponentName() {
        if (this.pathInfo == null) {
            if (this.pi == null) {
                throw new HttpException(404, "Missing component name in URL", new String[0]);
            }
            this.pathInfo = this.request.getPathInfo().split("/");
        }
        return this.pathInfo[1];
    }

    public String getActionName() {
        if (this.pathInfo.length > 2) {
            return this.pathInfo[2];
        }
        return null;
    }

    public String getUrl() {
        String queryString = this.request.getQueryString();
        return this.request.getServletPath() + (this.pi == null ? "" : this.pi) + (queryString == null ? "" : "?" + queryString);
    }

    public String getMethod() {
        return this.httpMethod;
    }

    public void setSessionObject(Object obj) {
        this.request.getSession().setAttribute(SESSION_OBJECT, obj);
    }

    public Object getSessionObject() {
        HttpSession session = this.request.getSession(false);
        if (session == null) {
            return null;
        }
        return session.getAttribute(SESSION_OBJECT);
    }

    public void terminateSession() {
        HttpSession session = this.request.getSession(false);
        if (session != null) {
            session.invalidate();
        }
    }

    public String getLanguage() {
        HttpSession session = this.request.getSession(false);
        String language = session == null ? this.request.getLocale().getLanguage() : (String) session.getAttribute(SESSION_LANGUAGE);
        return language == null ? "en" : language;
    }

    public void setLanguage(String str) throws IllegalStateException {
        HttpSession session = this.request.getSession(false);
        if (session == null) {
            throw new IllegalStateException("Missing session");
        }
        session.setAttribute(SESSION_LANGUAGE, str);
    }

    public HttpAccessor detectCsrf(String[] strArr) throws ServletException {
        if (this.request.getSession(false) == null || strArr == null) {
            return this;
        }
        String header = this.request.getHeader("Origin");
        String header2 = this.request.getHeader("Referer");
        boolean z = false;
        for (String str : strArr) {
            if (header2 != null && header != null) {
                z = str.equals(header) && header2.startsWith(str);
            } else if (header != null) {
                z = str.equals(header);
            } else if (header2 != null) {
                z = header2.startsWith(str);
            }
            if (z) {
                return this;
            }
        }
        log.warn("CSRF detected, details: origin=" + header + ", referer=" + header2 + ", remoteIp=" + this.request.getRemoteAddr());
        throw new ServletException("CSRF attack detected");
    }

    public abstract String getParametersAsJson();

    public abstract String getParameter(String str);
}
