package xitrum.scope.session;

import scala.MatchError;
import scala.None$;
import scala.ScalaObject;
import scala.Some;
import scala.collection.mutable.StringBuilder;
import scala.reflect.Manifest$;
import xitrum.Controller;
import xitrum.exception.InvalidAntiCSRFToken;
import xitrum.scope.request.RequestEnv;
import xitrum.util.SecureBase64$;

/* compiled from: CSRF.scala */
/* loaded from: input_file:xitrum/scope/session/CSRF$.class */
public final class CSRF$ implements ScalaObject {
    public static final CSRF$ MODULE$ = null;
    private final String TOKEN;

    static {
        new CSRF$();
    }

    public String TOKEN() {
        return this.TOKEN;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public boolean isValidToken(Controller controller) {
        String str = (String) controller.param(TOKEN(), ((RequestEnv) controller).bodyParams(), controller.DefaultsTo().m211default(), Manifest$.MODULE$.classType(String.class));
        ((RequestEnv) controller).bodyParams().remove(TOKEN());
        String antiCSRFToken = controller.antiCSRFToken();
        return str != null ? str.equals(antiCSRFToken) : antiCSRFToken == null;
    }

    public String encrypt(Controller controller, Object obj) {
        return new StringBuilder().append(controller.antiCSRFToken()).append(SecureBase64$.MODULE$.encrypt(obj, SecureBase64$.MODULE$.encrypt$default$2())).toString();
    }

    public Object decrypt(Controller controller, String str) {
        String antiCSRFToken = controller.antiCSRFToken();
        if (!str.startsWith(antiCSRFToken)) {
            throw new InvalidAntiCSRFToken();
        }
        Some decrypt = SecureBase64$.MODULE$.decrypt(str.substring(antiCSRFToken.length()), SecureBase64$.MODULE$.decrypt$default$2());
        None$ none$ = None$.MODULE$;
        if (none$ != null ? none$.equals(decrypt) : decrypt == null) {
            throw new InvalidAntiCSRFToken();
        }
        if (decrypt instanceof Some) {
            return decrypt.x();
        }
        throw new MatchError(decrypt);
    }

    private CSRF$() {
        MODULE$ = this;
        this.TOKEN = "csrf-token";
    }
}
