package com.worklight.core.auth.ext;

import com.ibm.json.java.JSONObject;
import com.worklight.gadgets.utils.SecurityFilterUtils;
import com.worklight.server.auth.api.AuthenticationResult;
import com.worklight.server.auth.api.AuthenticationStatus;
import com.worklight.server.auth.api.MissingConfigurationOptionException;
import com.worklight.server.auth.api.UserIdentity;
import com.worklight.server.auth.api.WorkLightAuthenticator;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
import org.springframework.web.util.WebUtils;

/* loaded from: input_file:com/worklight/core/auth/ext/AntiXSRFAuthenticator.class */
public class AntiXSRFAuthenticator implements WorkLightAuthenticator {
    private static final String INSTANCE_ID_HEADER_NAME = "WL-Instance-Id";
    static final String SESSION_ATTRIBUTE_INSTANCE_ID = "savedInstanceId";
    static final String REQUEST_INSTANCE_ID = "requestInstanceId";
    private Status status = Status.NOT_STARTED;
    private final Map<String, Object> authenticationData = new HashMap();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/worklight/core/auth/ext/AntiXSRFAuthenticator$Status.class */
    public enum Status {
        NOT_STARTED,
        AWAITING_INSTANCE_ID_HEADER
    }

    public void init(Map<String, String> map) throws MissingConfigurationOptionException {
    }

    public AuthenticationResult processRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z) throws IOException, ServletException {
        if (!z) {
            return AuthenticationResult.createFrom(AuthenticationStatus.REQUEST_NOT_RECOGNIZED);
        }
        String instanceId = getInstanceId(httpServletRequest);
        switch (this.status) {
            case NOT_STARTED:
                return getChallenge(instanceId);
            case AWAITING_INSTANCE_ID_HEADER:
                String header = httpServletRequest.getHeader(INSTANCE_ID_HEADER_NAME);
                if (StringUtils.isEmpty(header)) {
                    return getChallenge(instanceId);
                }
                this.authenticationData.put(SESSION_ATTRIBUTE_INSTANCE_ID, instanceId);
                this.authenticationData.put(REQUEST_INSTANCE_ID, header);
                return AuthenticationResult.createFrom(AuthenticationStatus.SUCCESS);
            default:
                throw new IllegalStateException();
        }
    }

    private AuthenticationResult getChallenge(String str) {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put(INSTANCE_ID_HEADER_NAME, str);
        this.status = Status.AWAITING_INSTANCE_ID_HEADER;
        AuthenticationResult createFrom = AuthenticationResult.createFrom(AuthenticationStatus.CLIENT_INTERACTION_REQUIRED);
        createFrom.setJson(jSONObject);
        return createFrom;
    }

    public AuthenticationResult processRequestAlreadyAuthenticated(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        String instanceId = getInstanceId(httpServletRequest);
        return instanceId.equals(httpServletRequest.getHeader(INSTANCE_ID_HEADER_NAME)) ? AuthenticationResult.createFrom(AuthenticationStatus.REQUEST_NOT_RECOGNIZED) : getChallenge(instanceId);
    }

    public Map<String, Object> getAuthenticationData() {
        return this.authenticationData;
    }

    public AuthenticationResult processAuthenticationFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException, ServletException {
        return AuthenticationResult.createFailureResult(new JSONObject(), (String) null);
    }

    public HttpServletRequest getRequestToProceed(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, UserIdentity userIdentity) throws IOException {
        return null;
    }

    /* renamed from: clone, reason: merged with bridge method [inline-methods] */
    public WorkLightAuthenticator m34clone() throws CloneNotSupportedException {
        return (WorkLightAuthenticator) super.clone();
    }

    private String getInstanceId(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession();
        synchronized (WebUtils.getSessionMutex(session)) {
            Object attribute = session.getAttribute(SESSION_ATTRIBUTE_INSTANCE_ID);
            if (attribute != null) {
                return (String) attribute;
            }
            String randomToken = SecurityFilterUtils.getRandomToken();
            session.setAttribute(SESSION_ATTRIBUTE_INSTANCE_ID, randomToken);
            return randomToken;
        }
    }

    public boolean changeResponseOnSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return false;
    }
}
