package org.loom.interceptor;

import java.util.Set;
import java.util.UUID;
import java.util.concurrent.CopyOnWriteArraySet;
import javax.servlet.http.HttpSession;
import org.loom.exception.LocaleAwareException;
import org.loom.log.Log;
import org.loom.mapping.ParsedAction;
import org.loom.resolution.Resolution;
import org.loom.servlet.LoomServletRequest;
import org.loom.servlet.names.CssClassNames;
import org.loom.servlet.names.RequestParameterNames;
import org.loom.servlet.names.SessionAttributeNames;
import org.loom.tags.Form;
import org.loom.tags.Link;
import org.loom.validator.FormDecorator;
import org.loom.validator.LinkDecorator;
import org.springframework.context.annotation.Scope;

@Scope("singleton")
/* loaded from: input_file:org/loom/interceptor/SingleUseTokenInterceptor.class */
public class SingleUseTokenInterceptor implements ValidateInterceptor, LinkDecorator, FormDecorator {
    private static Log log = Log.getLog(SingleUseTokenInterceptor.class);

    @Override // org.loom.interceptor.ValidateInterceptor
    public Resolution beforeValidate(ParsedAction parsedAction) {
        LoomServletRequest request = parsedAction.getRequest();
        if (validateToken(request, request.getParameter(RequestParameterNames.SINGLE_USE_TOKEN))) {
            return null;
        }
        rejectRequest(request);
        return null;
    }

    protected void rejectRequest(LoomServletRequest loomServletRequest) {
        String parameter = loomServletRequest.getParameter(RequestParameterNames.SINGLE_USE_TOKEN);
        throw new LocaleAwareException("Cannot process request (wrong token value: " + parameter + ")", "loom.validation.singleUseTokenFailed").addArg("token", parameter);
    }

    protected String createNewToken(LoomServletRequest loomServletRequest) {
        HttpSession session = loomServletRequest.getSession();
        Set<String> tokensContainer = getTokensContainer(session);
        if (tokensContainer == null) {
            synchronized (session) {
                tokensContainer = getTokensContainer(session);
                if (tokensContainer == null) {
                    tokensContainer = new CopyOnWriteArraySet();
                    session.setAttribute(SessionAttributeNames.SINGLE_USE_TOKENS_CONTAINER, tokensContainer);
                }
            }
        }
        String uuid = UUID.randomUUID().toString();
        tokensContainer.add(uuid);
        log.debug("Creating new token ", uuid, " for session ", session.getId());
        return uuid;
    }

    private Set<String> getTokensContainer(HttpSession httpSession) {
        return (Set) httpSession.getAttribute(SessionAttributeNames.SINGLE_USE_TOKENS_CONTAINER);
    }

    public boolean validateToken(LoomServletRequest loomServletRequest, String str) {
        if (str == null) {
            return false;
        }
        HttpSession session = loomServletRequest.getSession();
        log.debug("Validating token ", str, " for session ", session.getId());
        return getTokensContainer(session).remove(str);
    }

    @Override // org.loom.validator.LinkDecorator
    public void decorate(Link link) {
        link.addCssClass(CssClassNames.SINGLE_USE_TOKEN);
        link.getUrl().add(RequestParameterNames.SINGLE_USE_TOKEN, createNewToken(link.getRequest()));
    }

    @Override // org.loom.validator.FormDecorator
    public void decorate(Form form) {
        form.addCssClass(CssClassNames.SINGLE_USE_TOKEN);
        form.addHiddenField(RequestParameterNames.SINGLE_USE_TOKEN, createNewToken(form.getRequest()));
    }
}
