package org.springframework.session.web.http;

import java.time.Clock;
import java.time.Instant;
import java.time.ZoneOffset;
import java.time.ZonedDateTime;
import java.time.format.DateTimeFormatter;
import java.util.ArrayList;
import java.util.Base64;
import java.util.BitSet;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.session.web.http.CookieSerializer;
import org.springframework.web.server.session.HeaderWebSessionIdResolver;

/* loaded from: input_file:BOOT-INF/lib/spring-session-core-2.3.1.RELEASE.jar:org/springframework/session/web/http/DefaultCookieSerializer.class */
public class DefaultCookieSerializer implements CookieSerializer {
    private static final Log logger = LogFactory.getLog(DefaultCookieSerializer.class);
    private static final BitSet domainValid = new BitSet(128);
    private Boolean useSecureCookie;
    private String cookiePath;
    private Integer cookieMaxAge;
    private String domainName;
    private Pattern domainNamePattern;
    private String jvmRoute;
    private String rememberMeRequestAttribute;
    private Clock clock = Clock.systemUTC();
    private String cookieName = HeaderWebSessionIdResolver.DEFAULT_HEADER_NAME;
    private boolean useHttpOnlyCookie = true;
    private boolean useBase64Encoding = true;
    private String sameSite = "Lax";

    @Override // org.springframework.session.web.http.CookieSerializer
    public List<String> readCookieValues(HttpServletRequest httpServletRequest) {
        Cookie[] cookies = httpServletRequest.getCookies();
        ArrayList arrayList = new ArrayList();
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                if (this.cookieName.equals(cookie.getName())) {
                    String base64Decode = this.useBase64Encoding ? base64Decode(cookie.getValue()) : cookie.getValue();
                    if (base64Decode != null) {
                        if (this.jvmRoute != null && base64Decode.endsWith(this.jvmRoute)) {
                            base64Decode = base64Decode.substring(0, base64Decode.length() - this.jvmRoute.length());
                        }
                        arrayList.add(base64Decode);
                    }
                }
            }
        }
        return arrayList;
    }

    @Override // org.springframework.session.web.http.CookieSerializer
    public void writeCookieValue(CookieSerializer.CookieValue cookieValue) {
        HttpServletRequest request = cookieValue.getRequest();
        HttpServletResponse response = cookieValue.getResponse();
        StringBuilder sb = new StringBuilder();
        sb.append(this.cookieName).append('=');
        String value = getValue(cookieValue);
        if (value != null && value.length() > 0) {
            validateValue(value);
            sb.append(value);
        }
        int maxAge = getMaxAge(cookieValue);
        if (maxAge > -1) {
            sb.append("; Max-Age=").append(cookieValue.getCookieMaxAge());
            sb.append("; Expires=").append((maxAge != 0 ? ZonedDateTime.now(this.clock).plusSeconds(maxAge) : Instant.EPOCH.atZone(ZoneOffset.UTC)).format(DateTimeFormatter.RFC_1123_DATE_TIME));
        }
        String domainName = getDomainName(request);
        if (domainName != null && domainName.length() > 0) {
            validateDomain(domainName);
            sb.append("; Domain=").append(domainName);
        }
        String cookiePath = getCookiePath(request);
        if (cookiePath != null && cookiePath.length() > 0) {
            validatePath(cookiePath);
            sb.append("; Path=").append(cookiePath);
        }
        if (isSecureCookie(request)) {
            sb.append("; Secure");
        }
        if (this.useHttpOnlyCookie) {
            sb.append("; HttpOnly");
        }
        if (this.sameSite != null) {
            sb.append("; SameSite=").append(this.sameSite);
        }
        response.addHeader("Set-Cookie", sb.toString());
    }

    private String base64Decode(String str) {
        try {
            return new String(Base64.getDecoder().decode(str));
        } catch (Exception e) {
            logger.debug("Unable to Base64 decode value: " + str);
            return null;
        }
    }

    private String base64Encode(String str) {
        return new String(Base64.getEncoder().encode(str.getBytes()));
    }

    private String getValue(CookieSerializer.CookieValue cookieValue) {
        String cookieValue2 = cookieValue.getCookieValue();
        String str = cookieValue2;
        if (this.jvmRoute != null) {
            str = cookieValue2 + this.jvmRoute;
        }
        if (this.useBase64Encoding) {
            str = base64Encode(str);
        }
        return str;
    }

    private void validateValue(String str) {
        int i = 0;
        int length = str.length();
        if (length > 1 && str.charAt(0) == '\"' && str.charAt(length - 1) == '\"') {
            i = 1;
            length--;
        }
        char[] charArray = str.toCharArray();
        for (int i2 = i; i2 < length; i2++) {
            char c = charArray[i2];
            if (c < '!' || c == '\"' || c == ',' || c == ';' || c == '\\' || c == 127) {
                throw new IllegalArgumentException("Invalid character in cookie value: " + c);
            }
        }
    }

    private int getMaxAge(CookieSerializer.CookieValue cookieValue) {
        if (cookieValue.getCookieMaxAge() < 0) {
            if (this.rememberMeRequestAttribute != null && cookieValue.getRequest().getAttribute(this.rememberMeRequestAttribute) != null) {
                cookieValue.setCookieMaxAge(Integer.MAX_VALUE);
            } else if (this.cookieMaxAge != null) {
                cookieValue.setCookieMaxAge(this.cookieMaxAge.intValue());
            }
        }
        return cookieValue.getCookieMaxAge();
    }

    private void validateDomain(String str) {
        char c = 65535;
        char[] charArray = str.toCharArray();
        for (int i = 0; i < charArray.length; i++) {
            char c2 = c;
            c = charArray[i];
            if (!domainValid.get(c) || (((c2 == '.' || c2 == 65535) && (c == '.' || c == '-')) || (c2 == '-' && c == '.'))) {
                throw new IllegalArgumentException("Invalid cookie domain: " + str);
            }
        }
        if (c == '.' || c == '-') {
            throw new IllegalArgumentException("Invalid cookie domain: " + str);
        }
    }

    private void validatePath(String str) {
        for (char c : str.toCharArray()) {
            if (c < ' ' || c > '~' || c == ';') {
                throw new IllegalArgumentException("Invalid cookie path: " + str);
            }
        }
    }

    void setClock(Clock clock) {
        this.clock = clock.withZone(ZoneOffset.UTC);
    }

    public void setUseSecureCookie(boolean z) {
        this.useSecureCookie = Boolean.valueOf(z);
    }

    public void setUseHttpOnlyCookie(boolean z) {
        this.useHttpOnlyCookie = z;
    }

    private boolean isSecureCookie(HttpServletRequest httpServletRequest) {
        return this.useSecureCookie == null ? httpServletRequest.isSecure() : this.useSecureCookie.booleanValue();
    }

    public void setCookiePath(String str) {
        this.cookiePath = str;
    }

    public void setCookieName(String str) {
        if (str == null) {
            throw new IllegalArgumentException("cookieName cannot be null");
        }
        this.cookieName = str;
    }

    public void setCookieMaxAge(int i) {
        this.cookieMaxAge = Integer.valueOf(i);
    }

    public void setDomainName(String str) {
        if (this.domainNamePattern != null) {
            throw new IllegalStateException("Cannot set both domainName and domainNamePattern");
        }
        this.domainName = str;
    }

    public void setDomainNamePattern(String str) {
        if (this.domainName != null) {
            throw new IllegalStateException("Cannot set both domainName and domainNamePattern");
        }
        this.domainNamePattern = Pattern.compile(str, 2);
    }

    public void setJvmRoute(String str) {
        this.jvmRoute = "." + str;
    }

    public void setUseBase64Encoding(boolean z) {
        this.useBase64Encoding = z;
    }

    public void setRememberMeRequestAttribute(String str) {
        if (str == null) {
            throw new IllegalArgumentException("rememberMeRequestAttribute cannot be null");
        }
        this.rememberMeRequestAttribute = str;
    }

    public void setSameSite(String str) {
        this.sameSite = str;
    }

    private String getDomainName(HttpServletRequest httpServletRequest) {
        if (this.domainName != null) {
            return this.domainName;
        }
        if (this.domainNamePattern == null) {
            return null;
        }
        Matcher matcher = this.domainNamePattern.matcher(httpServletRequest.getServerName());
        if (matcher.matches()) {
            return matcher.group(1);
        }
        return null;
    }

    private String getCookiePath(HttpServletRequest httpServletRequest) {
        return this.cookiePath == null ? httpServletRequest.getContextPath() + "/" : this.cookiePath;
    }

    static {
        char c = '0';
        while (true) {
            char c2 = c;
            if (c2 > '9') {
                break;
            }
            domainValid.set(c2);
            c = (char) (c2 + 1);
        }
        char c3 = 'a';
        while (true) {
            char c4 = c3;
            if (c4 > 'z') {
                break;
            }
            domainValid.set(c4);
            c3 = (char) (c4 + 1);
        }
        char c5 = 'A';
        while (true) {
            char c6 = c5;
            if (c6 > 'Z') {
                domainValid.set(46);
                domainValid.set(45);
                return;
            } else {
                domainValid.set(c6);
                c5 = (char) (c6 + 1);
            }
        }
    }
}
