package com.ai.security.impl;

import com.ai.security.CSRFTokenUtil;
import com.ai.security.interfaces.ICSRFToken;
import java.security.MessageDigest;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:com/ai/security/impl/DefaultCSRFToken.class */
public class DefaultCSRFToken implements ICSRFToken {
    private static transient Log log = LogFactory.getLog(DefaultCSRFToken.class);
    public static String _CSRF_TOKEN_SESSION_S = "_CSRF_TOKEN_SESSION_S";

    @Override // com.ai.security.interfaces.ICSRFToken
    public String getCSRFToken(HttpServletRequest httpServletRequest) {
        String str = null;
        if (!CSRFTokenUtil.getState()) {
            str = CSRFTokenUtil._CSRF_TOKEN_DEFAULT_VALUE;
        } else if (httpServletRequest != null && httpServletRequest.getSession() != null && StringUtils.isNotBlank(httpServletRequest.getSession().getId())) {
            if (httpServletRequest.getSession().getAttribute(_CSRF_TOKEN_SESSION_S) == null) {
                httpServletRequest.getSession().setAttribute(_CSRF_TOKEN_SESSION_S, encodeSHA(CSRFTokenUtil.getSsoSessionId(httpServletRequest)));
            }
            str = (String) httpServletRequest.getSession().getAttribute(_CSRF_TOKEN_SESSION_S);
        }
        return str;
    }

    @Override // com.ai.security.interfaces.ICSRFToken
    public boolean validateCSRFToken(HttpServletRequest httpServletRequest, String str) {
        boolean z = false;
        if (!CSRFTokenUtil.getState()) {
            z = true;
        } else if (httpServletRequest != null && httpServletRequest.getSession() != null && StringUtils.isNotBlank(httpServletRequest.getSession().getId())) {
            if (httpServletRequest.getSession().getAttribute(_CSRF_TOKEN_SESSION_S) == null) {
                httpServletRequest.getSession().setAttribute(_CSRF_TOKEN_SESSION_S, getCSRFToken(httpServletRequest));
            }
            if (httpServletRequest.getSession().getAttribute(_CSRF_TOKEN_SESSION_S) != null) {
                String str2 = (String) httpServletRequest.getSession().getAttribute(_CSRF_TOKEN_SESSION_S);
                if (StringUtils.isNotBlank(str2) && StringUtils.isNotBlank(str) && str2.equals(str)) {
                    z = true;
                }
            }
        }
        if (!z) {
            try {
                System.out.println("[ERROR] validate csrf token failed!");
                System.out.println("[ERROR] csrf token of client is:" + str);
                System.out.println("[ERROR] csrf token of server is:" + ((String) httpServletRequest.getSession().getAttribute(_CSRF_TOKEN_SESSION_S)));
            } catch (Exception e) {
            }
        }
        return z;
    }

    public String encodeSHA(String str) {
        String str2 = null;
        if (StringUtils.isNotBlank(str)) {
            try {
                byte[] digest = MessageDigest.getInstance("SHA").digest(str.getBytes("UTF-8"));
                StringBuffer stringBuffer = new StringBuffer();
                for (byte b : digest) {
                    int i = b & 255;
                    if (i < 16) {
                        stringBuffer.append("0");
                    }
                    stringBuffer.append(Integer.toHexString(i));
                }
                str2 = stringBuffer.toString();
            } catch (Exception e) {
                log.error(e.getMessage(), e);
                System.out.println("[WARN] Exception occurs when encode by SHA , use hashcode to replace it.");
                str2 = new StringBuilder(String.valueOf(str.hashCode())).toString();
            }
        }
        return str2;
    }

    @Override // com.ai.security.interfaces.ICSRFToken
    public String getCSRFToken() {
        String str = null;
        if (CSRFTokenUtil.getState()) {
            str = UUID.randomUUID().toString();
        }
        return str;
    }
}
