package org.cruxframework.crux.core.server.dispatch.st;

import com.google.gwt.user.server.Base64Utils;
import java.lang.reflect.Method;
import java.util.HashMap;
import java.util.Map;
import java.util.Random;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReadWriteLock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.cruxframework.crux.core.client.rpc.st.CruxSynchronizerTokenService;
import org.cruxframework.crux.core.utils.ClassUtils;

/* loaded from: input_file:org/cruxframework/crux/core/server/dispatch/st/CruxSynchronizerTokenServiceImpl.class */
public class CruxSynchronizerTokenServiceImpl implements CruxSynchronizerTokenService, CruxSynchronizerTokenHandler {
    private static final String EXPECTED_TOKENS_ATT = "__CRUX_SYNC_TOKEN_";
    private static final String PROCESSING_TOKENS_ATT = "__CRUX_SYNC_TOKEN_IN_USE_";
    private static ReadWriteLock readWriteLock = new ReentrantReadWriteLock();
    private static Lock readLock = readWriteLock.readLock();
    private static Lock writeLock = readWriteLock.writeLock();
    private HttpServletRequest request;
    private HttpSession session;

    @Override // org.cruxframework.crux.core.server.dispatch.RequestAware
    public void setRequest(HttpServletRequest httpServletRequest) {
        this.request = httpServletRequest;
    }

    @Override // org.cruxframework.crux.core.server.dispatch.st.CruxSynchronizerTokenHandler, org.cruxframework.crux.core.server.dispatch.SessionAware
    public void setSession(HttpSession httpSession) {
        this.session = httpSession;
    }

    @Override // org.cruxframework.crux.core.client.rpc.st.CruxSynchronizerTokenService
    public String getSynchronizerToken(String str) {
        writeLock.lock();
        try {
            if (!createToken(str)) {
                writeLock.unlock();
                return null;
            }
            String expectedToken = getExpectedToken(str);
            writeLock.unlock();
            return expectedToken;
        } catch (Throwable th) {
            writeLock.unlock();
            throw th;
        }
    }

    @Override // org.cruxframework.crux.core.server.dispatch.st.CruxSynchronizerTokenHandler
    public boolean isMethodRunning(String str) {
        readLock.lock();
        try {
            boolean containsKey = getProcessingTokens().containsKey(str);
            readLock.unlock();
            return containsKey;
        } catch (Throwable th) {
            readLock.unlock();
            throw th;
        }
    }

    @Override // org.cruxframework.crux.core.server.dispatch.st.CruxSynchronizerTokenHandler
    public void startMethod(String str) throws InvalidTokenException {
        writeLock.lock();
        try {
            String expectedToken = getExpectedToken(str);
            String parameter = this.request.getParameter(CruxSynchronizerTokenService.CRUX_SYNC_TOKEN_PARAM);
            if (expectedToken == null || parameter == null || !expectedToken.equals(parameter)) {
                throw new InvalidTokenException("Invalid Synchronizer Token for method [" + str + "]. Possible CSRF attack.");
            }
            unregisterExpectedToken(str);
            registerProcessingToken(str);
            writeLock.unlock();
        } catch (Throwable th) {
            writeLock.unlock();
            throw th;
        }
    }

    private void registerProcessingToken(String str) {
        getProcessingTokens().put(str, true);
        forceProcessingTokensReplication();
    }

    private void unregisterProcessingToken(String str) {
        getProcessingTokens().remove(str);
        forceProcessingTokensReplication();
    }

    private void unregisterExpectedToken(String str) {
        getExpectedTokens().remove(str);
        forceExpectedTokensReplication();
    }

    private void registerExpectedToken(String str, String str2) {
        getExpectedTokens().put(str, str2);
        forceExpectedTokensReplication();
    }

    private String getExpectedToken(String str) {
        return getExpectedTokens().get(str);
    }

    @Override // org.cruxframework.crux.core.server.dispatch.st.CruxSynchronizerTokenHandler
    public void endMethod(String str) {
        writeLock.lock();
        try {
            unregisterProcessingToken(str);
            writeLock.unlock();
        } catch (Throwable th) {
            writeLock.unlock();
            throw th;
        }
    }

    @Override // org.cruxframework.crux.core.server.dispatch.st.CruxSynchronizerTokenHandler
    public String getMethodDescription(Method method) {
        return ClassUtils.getMethodDescription(method);
    }

    private boolean createToken(String str) {
        if (isMethodRunning(str)) {
            return false;
        }
        registerExpectedToken(str, generateRandomToken());
        return true;
    }

    private String generateRandomToken() {
        byte[] bArr = new byte[32];
        new Random().nextBytes(bArr);
        return Base64Utils.toBase64(bArr);
    }

    private void forceProcessingTokensReplication() {
        Map<String, Boolean> processingTokens = getProcessingTokens();
        HashMap hashMap = new HashMap();
        hashMap.putAll(processingTokens);
        this.session.setAttribute(PROCESSING_TOKENS_ATT, hashMap);
    }

    private void forceExpectedTokensReplication() {
        Map<String, String> expectedTokens = getExpectedTokens();
        HashMap hashMap = new HashMap();
        hashMap.putAll(expectedTokens);
        this.session.setAttribute(EXPECTED_TOKENS_ATT, hashMap);
    }

    private Map<String, String> getExpectedTokens() {
        Map<String, String> map = (Map) this.session.getAttribute(EXPECTED_TOKENS_ATT);
        if (map == null) {
            map = new HashMap();
            this.session.setAttribute(EXPECTED_TOKENS_ATT, map);
        }
        return map;
    }

    private Map<String, Boolean> getProcessingTokens() {
        Map<String, Boolean> map = (Map) this.session.getAttribute(PROCESSING_TOKENS_ATT);
        if (map == null) {
            map = new HashMap();
            this.session.setAttribute(PROCESSING_TOKENS_ATT, map);
        }
        return map;
    }
}
