package org.scalatra;

import javax.servlet.http.HttpServletRequest;
import org.scalatra.servlet.RichRequest$headers$;
import scala.Option;
import scala.Predef$;
import scala.Predef$ArrowAssoc$;
import scala.collection.SeqOps;
import scala.collection.immutable.Seq;
import scala.collection.immutable.Vector;
import scala.runtime.BoxedUnit;
import scala.runtime.ScalaRunTime$;

/* compiled from: CsrfTokenSupport.scala */
/* loaded from: input_file:org/scalatra/XsrfTokenSupport.class */
public interface XsrfTokenSupport {
    static String CookieKey() {
        return XsrfTokenSupport$.MODULE$.CookieKey();
    }

    static String DefaultKey() {
        return XsrfTokenSupport$.MODULE$.DefaultKey();
    }

    static Vector<String> HeaderNames() {
        return XsrfTokenSupport$.MODULE$.HeaderNames();
    }

    default String xsrfKey() {
        return XsrfTokenSupport$.MODULE$.DefaultKey();
    }

    default String xsrfToken(HttpServletRequest httpServletRequest) {
        return (String) httpServletRequest.getSession().getAttribute(xsrfKey());
    }

    default void xsrfGuard(Seq<RouteTransformer> seq) {
        ((ScalatraBase) this).before((Seq) seq.toSeq().$plus$plus(scala.package$.MODULE$.Seq().apply(ScalaRunTime$.MODULE$.wrapRefArray(new RouteTransformer[]{((ScalatraBase) this).booleanBlock2RouteMatcher(this::xsrfGuard$$anonfun$1)}))), this::xsrfGuard$$anonfun$2);
    }

    default boolean isForged() {
        if (!((ScalatraBase) this).enrichRequest(((ScalatraBase) this).request()).requestMethod().isSafe()) {
            Option option = ((ScalatraBase) this).enrichSession(((ScalatraBase) this).session(((ScalatraBase) this).request())).get(xsrfKey());
            Option<String> option2 = ((ScalatraBase) this).params(((ScalatraBase) this).request()).get(xsrfKey());
            if (option != null ? !option.equals(option2) : option2 != null) {
                Vector<String> HeaderNames = XsrfTokenSupport$.MODULE$.HeaderNames();
                RichRequest$headers$ headers = ((ScalatraBase) this).enrichRequest(((ScalatraBase) this).request()).headers();
                if (!((SeqOps) HeaderNames.map(str -> {
                    return headers.get(str);
                })).contains(((ScalatraBase) this).enrichSession(((ScalatraBase) this).session(((ScalatraBase) this).request())).get(xsrfKey()))) {
                    return true;
                }
            }
        }
        return false;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    default void handleForgery() {
        throw ((ScalatraBase) this).halt(Predef$.MODULE$.int2Integer(403), "Request tampering detected!", ((ScalatraBase) this).halt$default$3());
    }

    default void prepareXsrfToken() {
        ((ScalatraBase) this).enrichSession(((ScalatraBase) this).session(((ScalatraBase) this).request())).getOrElseUpdate(xsrfKey(), XsrfTokenSupport::prepareXsrfToken$$anonfun$1);
        Option<String> option = ((ScalatraBase) this).cookies(((ScalatraBase) this).request()).get(XsrfTokenSupport$.MODULE$.CookieKey());
        if (!option.isEmpty()) {
            Option option2 = ((ScalatraBase) this).enrichSession(((ScalatraBase) this).session(((ScalatraBase) this).request())).get(xsrfKey());
            if (option == null) {
                if (option2 == null) {
                    return;
                }
            } else if (option.equals(option2)) {
                return;
            }
        }
        ((ScalatraBase) this).cookies(((ScalatraBase) this).request()).$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension((String) Predef$.MODULE$.ArrowAssoc(XsrfTokenSupport$.MODULE$.CookieKey()), xsrfToken(((ScalatraBase) this).request())), ((ScalatraBase) this).cookieOptions());
    }

    private default Object $init$$$anonfun$4() {
        prepareXsrfToken();
        return BoxedUnit.UNIT;
    }

    private default boolean xsrfGuard$$anonfun$1() {
        return isForged();
    }

    private default Object xsrfGuard$$anonfun$2() {
        handleForgery();
        return BoxedUnit.UNIT;
    }

    private static Object prepareXsrfToken$$anonfun$1() {
        return GenerateId$.MODULE$.apply();
    }
}
