package net.tokensmith.otter.security.csrf.between;

import java.util.List;
import java.util.Optional;
import net.tokensmith.otter.controller.entity.Cookie;
import net.tokensmith.otter.controller.entity.StatusCode;
import net.tokensmith.otter.controller.entity.request.Request;
import net.tokensmith.otter.controller.entity.response.Response;
import net.tokensmith.otter.router.entity.Method;
import net.tokensmith.otter.router.entity.between.Between;
import net.tokensmith.otter.router.exception.CsrfException;
import net.tokensmith.otter.router.exception.HaltException;
import net.tokensmith.otter.security.csrf.DoubleSubmitCSRF;

/* loaded from: input_file:net/tokensmith/otter/security/csrf/between/CheckCSRF.class */
public class CheckCSRF<S, U> implements Between<S, U> {
    private String cookieName;
    private String formFieldName;
    private DoubleSubmitCSRF doubleSubmitCSRF;
    private static String HALT_MSG = "CSRF failed.";

    public CheckCSRF(DoubleSubmitCSRF doubleSubmitCSRF) {
        this.doubleSubmitCSRF = doubleSubmitCSRF;
    }

    public CheckCSRF(String str, String str2, DoubleSubmitCSRF doubleSubmitCSRF) {
        this.cookieName = str;
        this.formFieldName = str2;
        this.doubleSubmitCSRF = doubleSubmitCSRF;
    }

    @Override // net.tokensmith.otter.router.entity.between.Between
    public void process(Method method, Request<S, U> request, Response<S> response) throws HaltException {
        Cookie cookie = request.getCookies().get(this.cookieName);
        List<String> list = request.getFormData().get(this.formFieldName);
        if (((cookie == null || list == null || list.size() != 1) ? false : this.doubleSubmitCSRF.doTokensMatch(cookie.getValue(), list.get(0))).booleanValue()) {
            request.setCsrfChallenge(Optional.of(list.get(0)));
        } else {
            CsrfException csrfException = new CsrfException(HALT_MSG);
            onHalt(csrfException, response);
            throw csrfException;
        }
    }

    protected void onHalt(HaltException haltException, Response response) {
        response.setStatusCode(StatusCode.FORBIDDEN);
    }

    public String getCookieName() {
        return this.cookieName;
    }

    public void setCookieName(String str) {
        this.cookieName = str;
    }

    public String getFormFieldName() {
        return this.formFieldName;
    }

    public void setFormFieldName(String str) {
        this.formFieldName = str;
    }

    public DoubleSubmitCSRF getDoubleSubmitCSRF() {
        return this.doubleSubmitCSRF;
    }

    public void setDoubleSubmitCSRF(DoubleSubmitCSRF doubleSubmitCSRF) {
        this.doubleSubmitCSRF = doubleSubmitCSRF;
    }
}
