package org.apache.catalina.filters;

import java.io.Serializable;
import java.security.SecureRandom;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Random;
import java.util.Set;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import kotlin.text.Typography;
import org.apache.catalina.servlets.WebdavStatus;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;

/* loaded from: classes2.dex */
public class CsrfPreventionFilter extends FilterBase {
    private static final Log log = LogFactory.getLog(CsrfPreventionFilter.class);
    private Random randomSource;
    private String randomClass = SecureRandom.class.getName();
    private int denyStatus = WebdavStatus.SC_FORBIDDEN;
    private final Set<String> entryPoints = new HashSet();
    private int nonceCacheSize = 5;

    /* loaded from: classes2.dex */
    protected static class CsrfResponseWrapper extends HttpServletResponseWrapper {
        private final String nonce;

        public CsrfResponseWrapper(HttpServletResponse httpServletResponse, String str) {
            super(httpServletResponse);
            this.nonce = str;
        }

        private String addNonce(String str) {
            String str2;
            if (str == null || this.nonce == null) {
                return str;
            }
            int indexOf = str.indexOf(35);
            String str3 = "";
            if (indexOf >= 0) {
                str2 = str.substring(indexOf);
                str = str.substring(0, indexOf);
            } else {
                str2 = "";
            }
            int indexOf2 = str.indexOf(63);
            if (indexOf2 >= 0) {
                str3 = str.substring(indexOf2);
                str = str.substring(0, indexOf2);
            }
            StringBuilder sb = new StringBuilder(str);
            if (str3.length() > 0) {
                sb.append(str3);
                sb.append(Typography.amp);
            } else {
                sb.append('?');
            }
            sb.append("org.apache.catalina.filters.CSRF_NONCE");
            sb.append('=');
            sb.append(this.nonce);
            sb.append(str2);
            return sb.toString();
        }

        public String encodeRedirectURL(String str) {
            return addNonce(super.encodeRedirectURL(str));
        }

        @Deprecated
        public String encodeRedirectUrl(String str) {
            return encodeRedirectURL(str);
        }

        public String encodeURL(String str) {
            return addNonce(super.encodeURL(str));
        }

        @Deprecated
        public String encodeUrl(String str) {
            return encodeURL(str);
        }
    }

    /* loaded from: classes2.dex */
    protected static class LruCache<T> implements Serializable {
        private static final long serialVersionUID = 1;
        private final Map<T, T> cache;

        public LruCache(final int i) {
            this.cache = new LinkedHashMap<T, T>() { // from class: org.apache.catalina.filters.CsrfPreventionFilter.LruCache.1
                private static final long serialVersionUID = 1;

                @Override // java.util.LinkedHashMap
                protected boolean removeEldestEntry(Map.Entry<T, T> entry) {
                    return size() > i;
                }
            };
        }

        public void add(T t) {
            synchronized (this.cache) {
                this.cache.put(t, null);
            }
        }

        public boolean contains(T t) {
            boolean containsKey;
            synchronized (this.cache) {
                containsKey = this.cache.containsKey(t);
            }
            return containsKey;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:15:0x004b  */
    /* JADX WARN: Removed duplicated region for block: B:17:0x0055  */
    /* JADX WARN: Removed duplicated region for block: B:26:0x006b  */
    /* JADX WARN: Removed duplicated region for block: B:31:0x004d  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void doFilter(javax.servlet.ServletRequest r7, javax.servlet.ServletResponse r8, javax.servlet.FilterChain r9) throws java.io.IOException, javax.servlet.ServletException {
        /*
            r6 = this;
            boolean r0 = r7 instanceof javax.servlet.http.HttpServletRequest
            if (r0 == 0) goto L88
            boolean r0 = r8 instanceof javax.servlet.http.HttpServletResponse
            if (r0 == 0) goto L88
            r0 = r7
            javax.servlet.http.HttpServletRequest r0 = (javax.servlet.http.HttpServletRequest) r0
            javax.servlet.http.HttpServletResponse r8 = (javax.servlet.http.HttpServletResponse) r8
            java.lang.String r1 = r0.getMethod()
            java.lang.String r2 = "GET"
            boolean r1 = r2.equals(r1)
            r2 = 1
            r3 = 0
            if (r1 == 0) goto L42
            java.lang.String r1 = r0.getServletPath()
            java.lang.String r4 = r0.getPathInfo()
            if (r4 == 0) goto L38
            java.lang.StringBuilder r4 = new java.lang.StringBuilder
            r4.<init>()
            r4.append(r1)
            java.lang.String r1 = r0.getPathInfo()
            r4.append(r1)
            java.lang.String r1 = r4.toString()
        L38:
            java.util.Set<java.lang.String> r4 = r6.entryPoints
            boolean r1 = r4.contains(r1)
            if (r1 == 0) goto L42
            r1 = 1
            goto L43
        L42:
            r1 = 0
        L43:
            javax.servlet.http.HttpSession r3 = r0.getSession(r3)
            java.lang.String r4 = "org.apache.catalina.filters.CSRF_NONCE"
            if (r3 != 0) goto L4d
            r5 = 0
            goto L53
        L4d:
            java.lang.Object r5 = r3.getAttribute(r4)
            org.apache.catalina.filters.CsrfPreventionFilter$LruCache r5 = (org.apache.catalina.filters.CsrfPreventionFilter.LruCache) r5
        L53:
            if (r1 != 0) goto L69
            java.lang.String r1 = r0.getParameter(r4)
            if (r5 == 0) goto L63
            if (r1 == 0) goto L63
            boolean r1 = r5.contains(r1)
            if (r1 != 0) goto L69
        L63:
            int r7 = r6.denyStatus
            r8.sendError(r7)
            return
        L69:
            if (r5 != 0) goto L7b
            org.apache.catalina.filters.CsrfPreventionFilter$LruCache r5 = new org.apache.catalina.filters.CsrfPreventionFilter$LruCache
            int r1 = r6.nonceCacheSize
            r5.<init>(r1)
            if (r3 != 0) goto L78
            javax.servlet.http.HttpSession r3 = r0.getSession(r2)
        L78:
            r3.setAttribute(r4, r5)
        L7b:
            java.lang.String r0 = r6.generateNonce()
            r5.add(r0)
            org.apache.catalina.filters.CsrfPreventionFilter$CsrfResponseWrapper r1 = new org.apache.catalina.filters.CsrfPreventionFilter$CsrfResponseWrapper
            r1.<init>(r8, r0)
            r8 = r1
        L88:
            r9.doFilter(r7, r8)
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.catalina.filters.CsrfPreventionFilter.doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain):void");
    }

    protected String generateNonce() {
        byte[] bArr = new byte[16];
        StringBuilder sb = new StringBuilder();
        this.randomSource.nextBytes(bArr);
        for (int i = 0; i < bArr.length; i++) {
            byte b = (byte) ((bArr[i] & 240) >> 4);
            byte b2 = (byte) (bArr[i] & 15);
            if (b < 10) {
                sb.append((char) (b + 48));
            } else {
                sb.append((char) ((b - 10) + 65));
            }
            if (b2 < 10) {
                sb.append((char) (b2 + 48));
            } else {
                sb.append((char) ((b2 - 10) + 65));
            }
        }
        return sb.toString();
    }

    public int getDenyStatus() {
        return this.denyStatus;
    }

    @Override // org.apache.catalina.filters.FilterBase
    protected Log getLogger() {
        return log;
    }

    @Override // org.apache.catalina.filters.FilterBase
    public void init(FilterConfig filterConfig) throws ServletException {
        super.init(filterConfig);
        try {
            this.randomSource = (Random) Class.forName(this.randomClass).newInstance();
        } catch (ClassNotFoundException e) {
            throw new ServletException(sm.getString("csrfPrevention.invalidRandomClass", new Object[]{this.randomClass}), e);
        } catch (IllegalAccessException e2) {
            throw new ServletException(sm.getString("csrfPrevention.invalidRandomClass", new Object[]{this.randomClass}), e2);
        } catch (InstantiationException e3) {
            throw new ServletException(sm.getString("csrfPrevention.invalidRandomClass", new Object[]{this.randomClass}), e3);
        }
    }

    @Override // org.apache.catalina.filters.FilterBase
    protected boolean isConfigProblemFatal() {
        return true;
    }

    public void setDenyStatus(int i) {
        this.denyStatus = i;
    }

    public void setEntryPoints(String str) {
        for (String str2 : str.split(com.xiaomi.mipush.sdk.Constants.ACCEPT_TIME_SEPARATOR_SP)) {
            this.entryPoints.add(str2.trim());
        }
    }

    public void setNonceCacheSize(int i) {
        this.nonceCacheSize = i;
    }

    public void setRandomClass(String str) {
        this.randomClass = str;
    }
}
