package com.cedarsolutions.wiring.gwt.rpc;

import com.cedarsolutions.client.gwt.widget.GwtCustomLogger;
import com.cedarsolutions.exception.ServiceException;
import com.cedarsolutions.server.service.IXsrfTokenService;
import com.cedarsolutions.util.LoggingUtils;
import com.google.gwt.user.client.rpc.RpcToken;
import com.google.gwt.user.client.rpc.RpcTokenException;
import com.google.gwt.user.server.Util;
import com.google.gwt.user.server.rpc.NoXsrfProtect;
import com.google.gwt.user.server.rpc.RPCRequest;
import com.google.gwt.user.server.rpc.XsrfProtect;
import java.lang.reflect.Method;
import org.apache.log4j.Logger;
import org.gwtwidgets.server.spring.GWTRPCServiceExporter;

/* loaded from: input_file:com/cedarsolutions/wiring/gwt/rpc/SecuredServiceExporter.class */
public class SecuredServiceExporter extends GWTRPCServiceExporter {
    private static Logger LOGGER = LoggingUtils.getLogger(SecuredServiceExporter.class);
    private static final long serialVersionUID = 1;
    private boolean enableXsrfProtection;
    private IXsrfTokenService xsrfTokenService;

    public SecuredServiceExporter(boolean z, IXsrfTokenService iXsrfTokenService) {
        setEnableXsrfProtection(z);
        setShouldCheckPermutationStrongName(z);
        setXsrfTokenService(iXsrfTokenService);
    }

    protected void doUnexpectedFailure(Throwable th) {
        throw new ServiceException("Unexpected failure in service call: " + th.getMessage(), th);
    }

    protected String handleExporterProcessingException(Exception exc) {
        if (!(exc instanceof RpcTokenException)) {
            return super.handleExporterProcessingException(exc);
        }
        try {
            return encodeResponseForFailure(exc);
        } catch (Exception e) {
            return super.handleExporterProcessingException(exc);
        }
    }

    protected void onAfterRequestDeserialized(RPCRequest rPCRequest) {
        if (shouldValidateXsrfToken(rPCRequest.getMethod())) {
            validateXsrfToken(rPCRequest.getRpcToken());
        }
    }

    protected boolean shouldValidateXsrfToken(Method method) {
        if (!this.enableXsrfProtection) {
            LOGGER.debug("CSRF/XSRF protection is disabled on the server side.");
            return false;
        }
        boolean isMethodXsrfProtected = Util.isMethodXsrfProtected(method, XsrfProtect.class, NoXsrfProtect.class, RpcToken.class);
        LOGGER.debug("CSRF/XSRF protection is " + (isMethodXsrfProtected ? "enabled" : GwtCustomLogger.DISABLED) + " for method " + getMethodName(method));
        return isMethodXsrfProtected;
    }

    protected void checkPermutationStrongName() throws SecurityException {
        try {
            super.checkPermutationStrongName();
        } catch (SecurityException e) {
            LOGGER.error("Possible CSRF/XSRF attack: permutation strong name was empty");
            throw new RpcTokenException("Request blocked: permutation strong name was invalid");
        }
    }

    protected void validateXsrfToken(RpcToken rpcToken) throws RpcTokenException {
        this.xsrfTokenService.validateXsrfToken(rpcToken);
    }

    private static String getMethodName(Method method) {
        return method.getDeclaringClass().getSimpleName() + "." + method.getName();
    }

    public boolean getShouldCheckPermutationStrongName() {
        return this.shouldCheckPermutationStrongName;
    }

    public boolean getEnableXsrfProtection() {
        return this.enableXsrfProtection;
    }

    public void setEnableXsrfProtection(boolean z) {
        this.enableXsrfProtection = z;
    }

    public IXsrfTokenService getXsrfTokenService() {
        return this.xsrfTokenService;
    }

    public void setXsrfTokenService(IXsrfTokenService iXsrfTokenService) {
        this.xsrfTokenService = iXsrfTokenService;
    }
}
