package org.camunda.bpm.webapp.impl.security.filter;

import java.lang.reflect.InvocationTargetException;
import java.security.SecureRandom;
import java.util.Random;
import javax.servlet.Filter;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;

/* loaded from: input_file:org/camunda/bpm/webapp/impl/security/filter/BaseCsrfPreventionFilter.class */
public abstract class BaseCsrfPreventionFilter implements Filter {
    private Random randomSource;
    private String randomClass = SecureRandom.class.getName();
    private int denyStatus = 403;

    public void init(FilterConfig filterConfig) throws ServletException {
        try {
            String initParameter = filterConfig.getInitParameter("denyStatus");
            if (!isBlank(initParameter)) {
                setDenyStatus(Integer.valueOf(initParameter).intValue());
            }
            String initParameter2 = filterConfig.getInitParameter("randomClass");
            if (!isBlank(initParameter2)) {
                setRandomClass(initParameter2);
            }
            this.randomSource = (Random) Class.forName(this.randomClass).getConstructor(new Class[0]).newInstance(new Object[0]);
        } catch (ClassNotFoundException e) {
            throw new ServletException("Cannot instantiate CSRF Prevention filter: Random class not found.", e);
        } catch (IllegalAccessException e2) {
            throw new ServletException("Cannot instantiate CSRF Prevention filter: Random class constructor not accessible", e2);
        } catch (InstantiationException e3) {
            throw new ServletException("Cannot instantiate CSRF Prevention filter: cannot instantiate provided Random class", e3);
        } catch (NoSuchMethodException e4) {
            throw new ServletException("Cannot instantiate CSRF Prevention filter: cannot instantiate provided Random class", e4);
        } catch (InvocationTargetException e5) {
            throw new ServletException("Cannot instantiate CSRF Prevention filter: cannot instantiate provided Random class", e5);
        }
    }

    public int getDenyStatus() {
        return this.denyStatus;
    }

    public void setDenyStatus(int i) {
        this.denyStatus = i;
    }

    public void setRandomClass(String str) {
        this.randomClass = str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String generateToken() {
        byte[] bArr = new byte[16];
        StringBuilder sb = new StringBuilder();
        this.randomSource.nextBytes(bArr);
        for (int i = 0; i < bArr.length; i++) {
            byte b = (byte) ((bArr[i] & 240) >> 4);
            byte b2 = (byte) (bArr[i] & 15);
            if (b < 10) {
                sb.append((char) (48 + b));
            } else {
                sb.append((char) (65 + (b - 10)));
            }
            if (b2 < 10) {
                sb.append((char) (48 + b2));
            } else {
                sb.append((char) (65 + (b2 - 10)));
            }
        }
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isBlank(String str) {
        return str == null || str.trim().isEmpty();
    }

    public void destroy() {
    }
}
