package org.scalatra;

import javax.servlet.http.HttpServletRequest;
import org.scalatra.servlet.RichRequest$headers$;
import org.scalatra.servlet.ServletApiImplicits;
import scala.Option;
import scala.Predef$;
import scala.Predef$ArrowAssoc$;
import scala.collection.Seq;
import scala.collection.Seq$;
import scala.collection.SeqLike;
import scala.collection.immutable.Vector;
import scala.collection.immutable.Vector$;
import scala.reflect.ScalaSignature;

/* compiled from: CsrfTokenSupport.scala */
@ScalaSignature(bytes = "\u0006\u0001M4\u0001\"\u0005\n\u0011\u0002\u0007\u0005q\u0003\u0015\u0005\u0006=\u0001!\ta\b\u0005\u0006G\u0001!\t\u0001\n\u0005\u0006a\u0001!\t!\r\u0005\u0006}\u0001!\ta\u0010\u0005\u0006\u0013\u0002!\tB\u0013\u0005\u0006\u001d\u0002!\tb\b\u0005\u0006\u001f\u0002!\tbH\u0004\u0006/JA\t\u0001\u0017\u0004\u0006#IA\t!\u0017\u0005\u00065&!\ta\u0017\u0005\b9&\u0011\r\u0011\"\u0001^\u0011\u0019)\u0017\u0002)A\u0005=\"9a-\u0003b\u0001\n\u00039\u0007B\u00029\nA\u0003%\u0001\u000eC\u0004r\u0013\t\u0007I\u0011A/\t\rIL\u0001\u0015!\u0003_\u0005AA6O\u001d4U_.,gnU;qa>\u0014HO\u0003\u0002\u0014)\u0005A1oY1mCR\u0014\u0018MC\u0001\u0016\u0003\ry'oZ\u0002\u0001'\t\u0001\u0001\u0004\u0005\u0002\u001a95\t!DC\u0001\u001c\u0003\u0015\u00198-\u00197b\u0013\ti\"D\u0001\u0004B]f\u0014VMZ\u0001\u0007I%t\u0017\u000e\u001e\u0013\u0015\u0003\u0001\u0002\"!G\u0011\n\u0005\tR\"\u0001B+oSR\fq\u0001_:sM.+\u00170F\u0001&!\t1SF\u0004\u0002(WA\u0011\u0001FG\u0007\u0002S)\u0011!FF\u0001\u0007yI|w\u000e\u001e \n\u00051R\u0012A\u0002)sK\u0012,g-\u0003\u0002/_\t11\u000b\u001e:j]\u001eT!\u0001\f\u000e\u0002\u0013a\u001c(O\u001a+pW\u0016tGCA\u00133\u0011\u0015\u00194\u0001q\u00015\u0003\u001d\u0011X-];fgR\u0004\"!\u000e\u001f\u000e\u0003YR!a\u000e\u001d\u0002\t!$H\u000f\u001d\u0006\u0003si\nqa]3sm2,GOC\u0001<\u0003\u0015Q\u0017M^1y\u0013\tidG\u0001\nIiR\u00048+\u001a:wY\u0016$(+Z9vKN$\u0018!\u0003=te\u001a<U/\u0019:e)\t\u0001\u0003\tC\u0003B\t\u0001\u0007!)\u0001\u0003p]2L\bcA\rD\u000b&\u0011AI\u0007\u0002\u000byI,\u0007/Z1uK\u0012t\u0004C\u0001$H\u001b\u0005\u0011\u0012B\u0001%\u0013\u0005A\u0011v.\u001e;f)J\fgn\u001d4pe6,'/\u0001\u0005jg\u001a{'oZ3e+\u0005Y\u0005CA\rM\u0013\ti%DA\u0004C_>dW-\u00198\u0002\u001b!\fg\u000e\u001a7f\r>\u0014x-\u001a:z\u0003A\u0001(/\u001a9be\u0016D6O\u001d4U_.,gNE\u0002R'R3AA\u0015\u0001\u0001!\naAH]3gS:,W.\u001a8u}A\u0011a\t\u0001\t\u0003\rVK!A\u0016\n\u0003\u0019M\u001b\u0017\r\\1ue\u0006\u0014\u0015m]3\u0002!a\u001b(O\u001a+pW\u0016t7+\u001e9q_J$\bC\u0001$\n'\tI\u0001$\u0001\u0004=S:LGO\u0010\u000b\u00021\u0006QA)\u001a4bk2$8*Z=\u0016\u0003y\u0003\"a\u00183\u000e\u0003\u0001T!!\u00192\u0002\t1\fgn\u001a\u0006\u0002G\u0006!!.\u0019<b\u0013\tq\u0003-A\u0006EK\u001a\fW\u000f\u001c;LKf\u0004\u0013a\u0003%fC\u0012,'OT1nKN,\u0012\u0001\u001b\t\u0004S:tV\"\u00016\u000b\u0005-d\u0017!C5n[V$\u0018M\u00197f\u0015\ti'$\u0001\u0006d_2dWm\u0019;j_:L!a\u001c6\u0003\rY+7\r^8s\u00031AU-\u00193fe:\u000bW.Z:!\u0003%\u0019un\\6jK.+\u00170\u0001\u0006D_>\\\u0017.Z&fs\u0002\u0002")
/* loaded from: input_file:org/scalatra/XsrfTokenSupport.class */
public interface XsrfTokenSupport {
    static String CookieKey() {
        return XsrfTokenSupport$.MODULE$.CookieKey();
    }

    static Vector<String> HeaderNames() {
        return XsrfTokenSupport$.MODULE$.HeaderNames();
    }

    static String DefaultKey() {
        return XsrfTokenSupport$.MODULE$.DefaultKey();
    }

    default String xsrfKey() {
        return XsrfTokenSupport$.MODULE$.DefaultKey();
    }

    default String xsrfToken(HttpServletRequest httpServletRequest) {
        return (String) httpServletRequest.getSession().getAttribute(xsrfKey());
    }

    /* JADX WARN: Type inference failed for: r2v1, types: [scala.collection.GenTraversable, scala.collection.GenTraversableOnce] */
    default void xsrfGuard(Seq<RouteTransformer> seq) {
        ((ScalatraBase) this).before((Seq) seq.toSeq().$plus$plus(Seq$.MODULE$.apply(Predef$.MODULE$.wrapRefArray(new RouteTransformer[]{((ScalatraBase) this).booleanBlock2RouteMatcher(() -> {
            return this.isForged();
        })})), Seq$.MODULE$.canBuildFrom()), () -> {
            this.handleForgery();
        });
    }

    default boolean isForged() {
        if (!((ServletApiImplicits) this).enrichRequest(((DynamicScope) this).request()).requestMethod().isSafe()) {
            Option<Object> option = ((ServletApiImplicits) this).enrichSession(((SessionSupport) this).session(((DynamicScope) this).request())).get(xsrfKey());
            Option<String> option2 = ((ScalatraBase) this).params(((DynamicScope) this).request()).get(xsrfKey());
            if (option != null ? !option.equals(option2) : option2 != null) {
                Vector<String> HeaderNames = XsrfTokenSupport$.MODULE$.HeaderNames();
                RichRequest$headers$ headers = ((ServletApiImplicits) this).enrichRequest(((DynamicScope) this).request()).headers();
                if (!((SeqLike) HeaderNames.map(str -> {
                    return headers.get(str);
                }, Vector$.MODULE$.canBuildFrom())).contains(((ServletApiImplicits) this).enrichSession(((SessionSupport) this).session(((DynamicScope) this).request())).get(xsrfKey()))) {
                    return true;
                }
            }
        }
        return false;
    }

    default void handleForgery() {
        throw ((Control) this).halt(Predef$.MODULE$.int2Integer(403), "Request tampering detected!", ((Control) this).halt$default$3());
    }

    default void prepareXsrfToken() {
        ((ServletApiImplicits) this).enrichSession(((SessionSupport) this).session(((DynamicScope) this).request())).getOrElseUpdate(xsrfKey(), () -> {
            return GenerateId$.MODULE$.apply();
        });
        Option<String> option = ((CookieContext) this).cookies(((DynamicScope) this).request()).get(XsrfTokenSupport$.MODULE$.CookieKey());
        if (!option.isEmpty()) {
            Option<Object> option2 = ((ServletApiImplicits) this).enrichSession(((SessionSupport) this).session(((DynamicScope) this).request())).get(xsrfKey());
            if (option == null) {
                if (option2 == null) {
                    return;
                }
            } else if (option.equals(option2)) {
                return;
            }
        }
        ((CookieContext) this).cookies(((DynamicScope) this).request()).$plus$eq(Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(XsrfTokenSupport$.MODULE$.CookieKey()), xsrfToken(((DynamicScope) this).request())), ((CookieContext) this).cookieOptions());
    }
}
