package leap.web.security.csrf;

import java.util.concurrent.atomic.AtomicInteger;
import leap.core.BeanFactory;
import leap.core.annotation.Inject;
import leap.core.ioc.PostCreateBean;
import leap.core.security.token.SimpleTokenEncoder;
import leap.core.security.token.TokenEncoder;
import leap.core.security.token.TokenExpiredException;
import leap.web.Request;
import leap.web.security.SecurityConfig;

/* loaded from: input_file:leap/web/security/csrf/DefaultCsrfManager.class */
public class DefaultCsrfManager implements CsrfManager, PostCreateBean {
    private final AtomicInteger counter = new AtomicInteger();

    @Inject
    protected SecurityConfig sc;
    protected TokenEncoder tokenEncoder;

    @Override // leap.web.security.csrf.CsrfManager
    public String generateToken(Request request) throws Throwable {
        return doGenerateToken();
    }

    @Override // leap.web.security.csrf.CsrfManager
    public String loadToken(Request request) throws Throwable {
        return this.sc.getCsrfStore().loadToken(request);
    }

    @Override // leap.web.security.csrf.CsrfManager
    public boolean verifyToken(Request request, String str, CsrfToken csrfToken) throws CsrfTokenExpiredException {
        if (null == str) {
            return false;
        }
        try {
            return this.tokenEncoder.verifyToken(str);
        } catch (TokenExpiredException e) {
            throw new CsrfTokenExpiredException(e.getMessage());
        }
    }

    @Override // leap.web.security.csrf.CsrfManager
    public void saveToken(Request request, String str) throws Throwable {
        this.sc.getCsrfStore().saveToken(request, str);
    }

    @Override // leap.web.security.csrf.CsrfManager
    public void removeToken(Request request) throws Throwable {
        this.sc.getCsrfStore().removeToken(request);
    }

    protected String doGenerateToken() {
        return this.tokenEncoder.encodeToken(String.valueOf(this.counter.incrementAndGet()));
    }

    public void postCreate(BeanFactory beanFactory) throws Throwable {
        if (null == this.tokenEncoder) {
            this.tokenEncoder = new SimpleTokenEncoder(this.sc.getSecret(), this.sc.getDefaultAuthenticationExpires());
        }
    }
}
