package org.rapidoid.oauth;

import org.rapidoid.config.Conf;
import org.rapidoid.crypto.Crypto;
import org.rapidoid.util.Rnd;

/* loaded from: input_file:org/rapidoid/oauth/DefaultOAuthStateCheck.class */
public class DefaultOAuthStateCheck implements OAuthStateCheck {
    @Override // org.rapidoid.oauth.OAuthStateCheck
    public String generateState(String str, String str2) {
        if (Conf.is("oauth-no-state")) {
            return "OK";
        }
        String rndStr = Rnd.rndStr(10);
        return rndStr + "_" + Crypto.md5(str + rndStr);
    }

    @Override // org.rapidoid.oauth.OAuthStateCheck
    public boolean isValidState(String str, String str2, String str3) {
        if (Conf.is("oauth-no-state")) {
            return str.equals("OK");
        }
        String[] split = str.split("_");
        if (split.length != 2) {
            return false;
        }
        return split[1].equals(Crypto.md5(str2 + split[0]));
    }
}
