package com.sun.faces.renderkit;

import com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm;
import com.sun.faces.context.UrlBuilder;
import com.sun.faces.util.FacesLogger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Iterator;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.faces.FacesException;
import javax.faces.component.UINamingContainer;
import javax.faces.context.ExternalContext;
import javax.faces.context.FacesContext;
import javax.faces.render.ResponseStateManager;

/* loaded from: input_file:com/sun/faces/renderkit/TokenHelper.class */
public class TokenHelper {
    public static final String SECRET_KEY = "secret.key";
    public static final String FORM_CLIENT_ID_ATTRIBUTE_NAME = "com.sun.faces.FORM_CLIENT_ID";
    protected static SecureRandom random = null;
    private static Logger LOGGER = FacesLogger.RENDERKIT.getLogger();

    public static String generateToken(String str, Long l) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(JDBCRealm.DEFAULT_DIGEST_ALGORITHM);
            messageDigest.update(str.getBytes());
            messageDigest.update(l.byteValue());
            return toHex(messageDigest.digest());
        } catch (NoSuchAlgorithmException e) {
            throw new FacesException(e);
        }
    }

    public static String getToken(Map map) {
        String str = null;
        Iterator it = map.keySet().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            String str2 = (String) it.next();
            if (str2.contains(ResponseStateManager.VIEW_TOKEN_PARAM)) {
                str = (String) map.get(str2);
                break;
            }
        }
        return str;
    }

    public static Long getSecretKey(Map map) {
        return (Long) map.get(SECRET_KEY);
    }

    public static void setSecretKey(Map map) throws NoSuchAlgorithmException {
        if (random == null) {
            random = SecureRandom.getInstance("SHA1PRNG");
        }
        map.put(SECRET_KEY, Long.valueOf(random.nextLong()));
    }

    public static String appendToken(FacesContext facesContext, String str, String str2) {
        Map<String, Object> sessionMap = facesContext.getExternalContext().getSessionMap();
        String str3 = (String) facesContext.getAttributes().get(FORM_CLIENT_ID_ATTRIBUTE_NAME);
        Long secretKey = getSecretKey(sessionMap);
        if (null == secretKey) {
            try {
                setSecretKey(sessionMap);
                secretKey = getSecretKey(sessionMap);
            } catch (Exception e) {
                throw new FacesException("Could not generate secret key for token");
            }
        }
        return str2 + UrlBuilder.QUERY_STRING_SEPARATOR + (null != str3 ? str3 + UINamingContainer.getSeparatorChar(facesContext) : "") + ResponseStateManager.VIEW_TOKEN_PARAM + "=" + generateToken(str, secretKey);
    }

    public static boolean verifyToken(FacesContext facesContext, String str) {
        ExternalContext externalContext = facesContext.getExternalContext();
        Map<String, String> requestParameterMap = externalContext.getRequestParameterMap();
        Map<String, Object> sessionMap = externalContext.getSessionMap();
        String token = getToken(requestParameterMap);
        if (null == token) {
            if (!LOGGER.isLoggable(Level.INFO)) {
                return false;
            }
            LOGGER.log(Level.INFO, "Token not found in request");
            return false;
        }
        Long secretKey = getSecretKey(sessionMap);
        if (null == secretKey) {
            if (!LOGGER.isLoggable(Level.INFO)) {
                return false;
            }
            LOGGER.log(Level.INFO, "Secret Key not set");
            return false;
        }
        if (token.equals(generateToken(str, secretKey))) {
            return true;
        }
        if (!LOGGER.isLoggable(Level.INFO)) {
            return false;
        }
        LOGGER.log(Level.INFO, "Token verification failed");
        return false;
    }

    private static String toHex(byte[] bArr) {
        StringBuffer stringBuffer = new StringBuffer(bArr.length * 2);
        for (int i = 0; i < bArr.length; i++) {
            stringBuffer.append(Character.forDigit((bArr[i] & 240) >> 4, 16));
            stringBuffer.append(Character.forDigit(bArr[i] & 15, 16));
        }
        return stringBuffer.toString();
    }
}
