package net.formio;

import net.formio.data.RequestContext;
import net.formio.security.PasswordGenerator;
import net.formio.security.TokenAuthorizer;
import net.formio.security.TokenMissingException;

/* loaded from: input_file:net/formio/AuthTokens.class */
final class AuthTokens {
    static final String SECRET_KEY_PREFIX = "formio_secret_";
    static final String ALLOWED_TOKEN_CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_@#$%^&*";

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String generateAuthToken(RequestContext requestContext, TokenAuthorizer tokenAuthorizer, String str) {
        if (requestContext == null) {
            throw new IllegalStateException(RequestContext.class.getSimpleName() + " is required when the form is defined as secured. Please specify not null context in fill method.");
        }
        String generateSecret = generateSecret();
        if (requestContext.getSessionStorage() == null) {
            throw new IllegalStateException("User related storage must exist to store CSRF token.");
        }
        requestContext.getSessionStorage().set(getRootMappingSecretKey(str), generateSecret);
        return tokenAuthorizer.generateToken(requestContext.secretWithUserIdentification(generateSecret));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void verifyAuthToken(RequestContext requestContext, TokenAuthorizer tokenAuthorizer, String str, RequestParams requestParams, boolean z, String str2) {
        String rootMappingSecretKey = getRootMappingSecretKey(str);
        try {
            if (requestContext == null) {
                throw new IllegalStateException(RequestContext.class.getSimpleName() + " is required when the form is defined as secured. Please specify not null context in bind method.");
            }
            String authTokenFromRequest = getAuthTokenFromRequest(requestParams, str, str2);
            if ("".equals(authTokenFromRequest)) {
                throw new TokenMissingException("Unauthorized attempt. Authorization token is missing! It should be posted as formAuthToken field. Maybe this is blocked CSRF attempt or the required field with token is not rendered in the form correctly.");
            }
            if (requestContext.getSessionStorage() == null) {
                throw new IllegalStateException("User related storage must exist to verify CSRF token.");
            }
            tokenAuthorizer.validateToken(authTokenFromRequest, requestContext.secretWithUserIdentification(requestContext.getSessionStorage().get(rootMappingSecretKey)));
            if (!z || requestContext == null) {
                return;
            }
            requestContext.getSessionStorage().delete(rootMappingSecretKey);
        } catch (Throwable th) {
            if (z && requestContext != null) {
                requestContext.getSessionStorage().delete(rootMappingSecretKey);
            }
            throw th;
        }
    }

    private static String getRootMappingSecretKey(String str) {
        return SECRET_KEY_PREFIX + str;
    }

    private static String getAuthTokenFromRequest(RequestParams requestParams, String str, String str2) {
        String paramValue = requestParams.getParamValue(str + str2 + Forms.AUTH_TOKEN_FIELD_NAME);
        if (paramValue == null) {
            paramValue = "";
        }
        return paramValue;
    }

    private static String generateSecret() {
        return PasswordGenerator.generatePassword(20, ALLOWED_TOKEN_CHARS);
    }

    private AuthTokens() {
        throw new AssertionError("Not instantiable, use static members");
    }
}
