package org.apereo.cas.web.support.gen;

import java.io.Serializable;
import java.util.Arrays;
import java.util.Collection;
import java.util.Objects;
import java.util.Optional;
import java.util.stream.Stream;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import lombok.Generated;
import lombok.NonNull;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.CoreAuthenticationUtils;
import org.apereo.cas.authentication.RememberMeCredential;
import org.apereo.cas.util.LoggingUtils;
import org.apereo.cas.util.function.FunctionUtils;
import org.apereo.cas.web.cookie.CasCookieBuilder;
import org.apereo.cas.web.cookie.CookieGenerationContext;
import org.apereo.cas.web.cookie.CookieSameSitePolicy;
import org.apereo.cas.web.cookie.CookieValueManager;
import org.apereo.cas.web.support.InvalidCookieException;
import org.apereo.cas.web.support.WebUtils;
import org.apereo.cas.web.support.mgmr.NoOpCookieValueManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.jdbc.datasource.init.ScriptUtils;
import org.springframework.web.util.CookieGenerator;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:WEB-INF/lib/cas-server-core-cookie-api-6.5.8.jar:org/apereo/cas/web/support/gen/CookieRetrievingCookieGenerator.class */
public class CookieRetrievingCookieGenerator extends CookieGenerator implements Serializable, CasCookieBuilder {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) CookieRetrievingCookieGenerator.class);
    private static final long serialVersionUID = -4926982428809856313L;
    private final CookieValueManager casCookieValueManager;
    private final CookieGenerationContext cookieGenerationContext;

    public CookieRetrievingCookieGenerator(CookieGenerationContext cookieGenerationContext) {
        this(cookieGenerationContext, NoOpCookieValueManager.INSTANCE);
    }

    public CookieRetrievingCookieGenerator(CookieGenerationContext cookieGenerationContext, CookieValueManager cookieValueManager) {
        super.setCookieName(cookieGenerationContext.getName());
        super.setCookiePath(cookieGenerationContext.getPath());
        super.setCookieMaxAge(Integer.valueOf(cookieGenerationContext.getMaxAge()));
        super.setCookieSecure(cookieGenerationContext.isSecure());
        super.setCookieHttpOnly(cookieGenerationContext.isHttpOnly());
        setCookieDomain(cookieGenerationContext.getDomain());
        this.cookieGenerationContext = cookieGenerationContext;
        this.casCookieValueManager = cookieValueManager;
    }

    public static Boolean isRememberMeAuthentication(RequestContext requestContext) {
        if (isRememberMeProvidedInRequest(requestContext)) {
            LOGGER.debug("This request is from a remember-me authentication event");
            return Boolean.TRUE;
        }
        if (!CoreAuthenticationUtils.isRememberMeAuthentication(WebUtils.getAuthentication(requestContext)).booleanValue()) {
            return Boolean.FALSE;
        }
        LOGGER.debug("The recorded authentication is from a remember-me request");
        return Boolean.TRUE;
    }

    private static boolean isRememberMeProvidedInRequest(RequestContext requestContext) {
        String parameter = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext).getParameter(RememberMeCredential.REQUEST_PARAMETER_REMEMBER_ME);
        LOGGER.trace("Locating request parameter [{}] with value [{}]", RememberMeCredential.REQUEST_PARAMETER_REMEMBER_ME, parameter);
        return StringUtils.isNotBlank(parameter) && WebUtils.isRememberMeAuthenticationEnabled(requestContext).booleanValue();
    }

    private String cleanCookiePath(String str) {
        return (String) FunctionUtils.doIf(StringUtils.isBlank(this.cookieGenerationContext.getPath()), () -> {
            return (String) StringUtils.defaultIfBlank(StringUtils.removeEndIgnoreCase((String) StringUtils.defaultIfBlank(str, "/"), "/"), "/");
        }, () -> {
            return str;
        }).get();
    }

    @Override // org.springframework.web.util.CookieGenerator
    public void setCookieDomain(String str) {
        super.setCookieDomain((String) StringUtils.defaultIfEmpty(str, null));
    }

    @Override // org.apereo.cas.web.cookie.CasCookieBuilder
    public Cookie addCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z, String str) {
        Cookie createCookie = createCookie(this.casCookieValueManager.buildCookieValue(str, httpServletRequest));
        if (z) {
            LOGGER.trace("Creating CAS cookie [{}] for remember-me authentication", getCookieName());
            createCookie.setMaxAge(this.cookieGenerationContext.getRememberMeMaxAge());
            createCookie.setComment(String.format("%s Remember-Me", this.cookieGenerationContext.getComment()));
        } else {
            LOGGER.trace("Creating CAS cookie [{}]", getCookieName());
            if (getCookieMaxAge() != null) {
                createCookie.setMaxAge(getCookieMaxAge().intValue());
            }
        }
        createCookie.setSecure(isCookieSecure());
        createCookie.setHttpOnly(isCookieHttpOnly());
        return addCookieHeaderToResponse(createCookie, httpServletRequest, httpServletResponse);
    }

    @Override // org.apereo.cas.web.cookie.CasCookieBuilder
    public Cookie addCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        return addCookie(httpServletRequest, httpServletResponse, false, str);
    }

    @Override // org.apereo.cas.web.cookie.CasCookieBuilder
    public String retrieveCookieValue(HttpServletRequest httpServletRequest) {
        try {
            if (StringUtils.isBlank(getCookieName())) {
                throw new InvalidCookieException("Cookie name is undefined");
            }
            Cookie cookie = org.springframework.web.util.WebUtils.getCookie(httpServletRequest, (String) Objects.requireNonNull(getCookieName()));
            if (cookie == null) {
                String header = httpServletRequest.getHeader(getCookieName());
                if (StringUtils.isNotBlank(header)) {
                    LOGGER.trace("Found cookie [{}] under header name [{}]", header, getCookieName());
                    cookie = createCookie(header);
                }
            }
            if (cookie == null) {
                String parameter = httpServletRequest.getParameter(getCookieName());
                if (StringUtils.isNotBlank(parameter)) {
                    LOGGER.trace("Found cookie [{}] under request parameter name [{}]", parameter, getCookieName());
                    cookie = createCookie(parameter);
                }
            }
            return (String) Optional.ofNullable(cookie).map(cookie2 -> {
                return this.casCookieValueManager.obtainCookieValue(cookie2, httpServletRequest);
            }).orElse(null);
        } catch (Exception e) {
            LoggingUtils.warn(LOGGER, e);
            return null;
        }
    }

    @Override // org.apereo.cas.web.cookie.CasCookieBuilder
    public void removeAll(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Optional.ofNullable(httpServletRequest.getCookies()).ifPresent(cookieArr -> {
            Arrays.stream(cookieArr).filter(cookie -> {
                return StringUtils.equalsIgnoreCase(cookie.getName(), getCookieName());
            }).forEach(cookie2 -> {
                Stream.of((Object[]) new String[]{"/", getCookiePath(), StringUtils.appendIfMissing(getCookiePath(), "/", new CharSequence[0])}).forEach(str -> {
                    cookie2.setMaxAge(0);
                    cookie2.setPath(str);
                    cookie2.setSecure(isCookieSecure());
                    cookie2.setHttpOnly(isCookieHttpOnly());
                    cookie2.setComment(this.cookieGenerationContext.getComment());
                    LOGGER.debug("Removing cookie [{}] with path [{}]", cookie2.getName(), cookie2.getPath());
                    httpServletResponse.addCookie(cookie2);
                });
            });
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.springframework.web.util.CookieGenerator
    public Cookie createCookie(@NonNull String str) {
        if (str == null) {
            throw new NullPointerException("cookieValue is marked non-null but is null");
        }
        Cookie createCookie = super.createCookie(str);
        createCookie.setComment(this.cookieGenerationContext.getComment());
        createCookie.setPath(cleanCookiePath(createCookie.getPath()));
        return createCookie;
    }

    protected Cookie addCookieHeaderToResponse(Cookie cookie, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        StringBuilder sb = new StringBuilder();
        sb.append(String.format("%s=%s;", cookie.getName(), cookie.getValue()));
        if (cookie.getMaxAge() > -1) {
            sb.append(String.format(" Max-Age=%s;", Integer.valueOf(cookie.getMaxAge())));
        }
        if (StringUtils.isNotBlank(cookie.getDomain())) {
            sb.append(String.format(" Domain=%s;", cookie.getDomain()));
        }
        sb.append(String.format(" Path=%s;", cleanCookiePath(cookie.getPath())));
        Optional<String> build = CookieSameSitePolicy.of(this.cookieGenerationContext).build(httpServletRequest, httpServletResponse);
        build.ifPresent(str -> {
            sb.append(String.format(" %s", str));
        });
        String lowerCase = this.cookieGenerationContext.getSameSitePolicy().toLowerCase();
        if (cookie.getSecure() || (build.isPresent() && StringUtils.equalsIgnoreCase(build.get(), "none"))) {
            sb.append(" Secure;");
            LOGGER.trace("Marked cookie [{}] as secure as indicated by cookie configuration or the configured same-site policy set to [{}]", cookie.getName(), lowerCase);
        }
        if (cookie.isHttpOnly()) {
            sb.append(" HttpOnly;");
        }
        String removeEndIgnoreCase = StringUtils.removeEndIgnoreCase(sb.toString(), ScriptUtils.DEFAULT_STATEMENT_SEPARATOR);
        LOGGER.trace("Adding cookie header as [{}]", removeEndIgnoreCase);
        Collection<String> headers = httpServletResponse.getHeaders("Set-Cookie");
        httpServletResponse.setHeader("Set-Cookie", removeEndIgnoreCase);
        headers.stream().filter(str2 -> {
            return !str2.startsWith(cookie.getName() + "=");
        }).forEach(str3 -> {
            httpServletResponse.addHeader("Set-Cookie", str3);
        });
        return cookie;
    }

    @Override // org.apereo.cas.web.cookie.CasCookieBuilder
    @Generated
    public CookieValueManager getCasCookieValueManager() {
        return this.casCookieValueManager;
    }

    @Generated
    public CookieGenerationContext getCookieGenerationContext() {
        return this.cookieGenerationContext;
    }
}
