package org.openrewrite.java.security.spring;

import java.util.Collection;
import java.util.Iterator;
import org.openrewrite.ExecutionContext;
import org.openrewrite.Option;
import org.openrewrite.ScanningRecipe;
import org.openrewrite.SourceFile;
import org.openrewrite.Tree;
import org.openrewrite.TreeVisitor;
import org.openrewrite.internal.lang.Nullable;
import org.openrewrite.java.JavaIsoVisitor;
import org.openrewrite.java.JavaParser;
import org.openrewrite.java.JavaTemplate;
import org.openrewrite.java.JavaVisitor;
import org.openrewrite.java.MethodMatcher;
import org.openrewrite.java.tree.J;
import org.openrewrite.java.tree.JavaSourceFile;
import org.openrewrite.java.tree.JavaType;

/* loaded from: input_file:org/openrewrite/java/security/spring/CsrfProtection.class */
public final class CsrfProtection extends ScanningRecipe<GenerateWebSecurityConfigurerAdapter> {

    @Option(displayName = "Only if security configuration exists", description = "Only patch existing implementations of `WebSecurityConfigurerAdapter`.", required = false)
    @Nullable
    private final Boolean onlyIfSecurityConfig;
    static final MethodMatcher CSRF = new MethodMatcher("org.springframework.security.config.annotation.web.builders.HttpSecurity csrf()");

    public String getDisplayName() {
        return "Enable CSRF attack prevention";
    }

    public String getDescription() {
        return "Cross-Site Request Forgery (CSRF) is a type of attack that occurs when a malicious web site, email, blog, instant message, or program causes a user's web browser to perform an unwanted action on a trusted site when the user is authenticated. See the full [OWASP cheatsheet](https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html).";
    }

    /* renamed from: getInitialValue, reason: merged with bridge method [inline-methods] */
    public GenerateWebSecurityConfigurerAdapter m63getInitialValue(ExecutionContext executionContext) {
        return new GenerateWebSecurityConfigurerAdapter(Boolean.TRUE.equals(this.onlyIfSecurityConfig), new JavaVisitor<ExecutionContext>() { // from class: org.openrewrite.java.security.spring.CsrfProtection.1
            public J visitBlock(J.Block block, ExecutionContext executionContext2) {
                Iterator it = ((JavaSourceFile) getCursor().firstEnclosingOrThrow(JavaSourceFile.class)).getTypesInUse().getUsedMethods().iterator();
                while (it.hasNext()) {
                    if (CsrfProtection.CSRF.matches((JavaType.Method) it.next())) {
                        return block;
                    }
                }
                return JavaTemplate.builder("http.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());").contextSensitive().imports(new String[]{"org.springframework.security.web.csrf.CookieCsrfTokenRepository"}).javaParser(JavaParser.fromJavaVersion().classpath(new String[]{"spring-security-config", "spring-context", "jakarta.servlet-api", "spring-security-web"})).build().apply(getCursor(), block.getCoordinates().lastStatement(), new Object[0]);
            }
        });
    }

    public TreeVisitor<?, ExecutionContext> getScanner(final GenerateWebSecurityConfigurerAdapter generateWebSecurityConfigurerAdapter) {
        return new TreeVisitor<Tree, ExecutionContext>() { // from class: org.openrewrite.java.security.spring.CsrfProtection.2
            @Nullable
            public Tree visit(@Nullable Tree tree, ExecutionContext executionContext) {
                if (tree instanceof SourceFile) {
                    generateWebSecurityConfigurerAdapter.scan((SourceFile) tree, executionContext);
                }
                return tree;
            }
        };
    }

    public Collection<? extends SourceFile> generate(GenerateWebSecurityConfigurerAdapter generateWebSecurityConfigurerAdapter, ExecutionContext executionContext) {
        return generateWebSecurityConfigurerAdapter.generate(executionContext);
    }

    public TreeVisitor<?, ExecutionContext> getVisitor(final GenerateWebSecurityConfigurerAdapter generateWebSecurityConfigurerAdapter) {
        return new JavaIsoVisitor<ExecutionContext>() { // from class: org.openrewrite.java.security.spring.CsrfProtection.3
            public J preVisit(J j, ExecutionContext executionContext) {
                stopAfterPreVisit();
                if (!(j instanceof JavaSourceFile)) {
                    return j;
                }
                maybeAddImport("org.springframework.security.web.csrf.CookieCsrfTokenRepository");
                return generateWebSecurityConfigurerAdapter.modify((JavaSourceFile) j, executionContext);
            }
        };
    }

    public CsrfProtection(Boolean bool) {
        this.onlyIfSecurityConfig = bool;
    }

    public Boolean getOnlyIfSecurityConfig() {
        return this.onlyIfSecurityConfig;
    }

    public String toString() {
        return "CsrfProtection(onlyIfSecurityConfig=" + getOnlyIfSecurityConfig() + ")";
    }

    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof CsrfProtection)) {
            return false;
        }
        CsrfProtection csrfProtection = (CsrfProtection) obj;
        if (!csrfProtection.canEqual(this) || !super.equals(obj)) {
            return false;
        }
        Boolean onlyIfSecurityConfig = getOnlyIfSecurityConfig();
        Boolean onlyIfSecurityConfig2 = csrfProtection.getOnlyIfSecurityConfig();
        return onlyIfSecurityConfig == null ? onlyIfSecurityConfig2 == null : onlyIfSecurityConfig.equals(onlyIfSecurityConfig2);
    }

    protected boolean canEqual(Object obj) {
        return obj instanceof CsrfProtection;
    }

    public int hashCode() {
        int hashCode = super.hashCode();
        Boolean onlyIfSecurityConfig = getOnlyIfSecurityConfig();
        return (hashCode * 59) + (onlyIfSecurityConfig == null ? 43 : onlyIfSecurityConfig.hashCode());
    }
}
