package com.vaadin.fusion.auth;

import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.util.Arrays;
import java.util.Optional;
import java.util.stream.Stream;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/vaadin/fusion/auth/CsrfChecker.class */
public class CsrfChecker {
    private static final String CSRF_COOKIE_NAME = "csrfToken";
    private boolean csrfProtectionEnabled = true;

    private static Logger getLogger() {
        return LoggerFactory.getLogger(FusionAccessChecker.class);
    }

    public boolean validateCsrfTokenInRequest(HttpServletRequest httpServletRequest) {
        if (!isCsrfProtectionEnabled()) {
            return true;
        }
        String str = (String) ((Stream) Optional.ofNullable(httpServletRequest.getCookies()).map((v0) -> {
            return Arrays.stream(v0);
        }).orElse(Stream.empty())).filter(cookie -> {
            return cookie.getName().equals(CSRF_COOKIE_NAME);
        }).findFirst().map((v0) -> {
            return v0.getValue();
        }).orElse(null);
        if (str == null) {
            if (!getLogger().isInfoEnabled()) {
                return false;
            }
            getLogger().info("Unable to verify CSRF token for endpoint request, got null token in cookie");
            return false;
        }
        String header = httpServletRequest.getHeader("X-CSRF-Token");
        if (header != null && MessageDigest.isEqual(str.getBytes(StandardCharsets.UTF_8), header.getBytes(StandardCharsets.UTF_8))) {
            return true;
        }
        if (!getLogger().isInfoEnabled()) {
            return false;
        }
        getLogger().info("Invalid CSRF token in endpoint request");
        return false;
    }

    public void setCsrfProtection(boolean z) {
        this.csrfProtectionEnabled = z;
    }

    public boolean isCsrfProtectionEnabled() {
        return this.csrfProtectionEnabled;
    }
}
