package org.springframework.security.web.savedrequest;

import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.util.Base64;
import java.util.Collections;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.config.http.PortMappingsBeanDefinitionParser;
import org.springframework.security.web.savedrequest.DefaultSavedRequest;
import org.springframework.security.web.util.UrlUtils;
import org.springframework.security.web.util.matcher.AnyRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import org.springframework.web.util.UriComponents;
import org.springframework.web.util.UriComponentsBuilder;
import org.springframework.web.util.WebUtils;

/* loaded from: input_file:WEB-INF/lib/spring-security-web-6.2.0.jar:org/springframework/security/web/savedrequest/CookieRequestCache.class */
public class CookieRequestCache implements RequestCache {
    private RequestMatcher requestMatcher = AnyRequestMatcher.INSTANCE;
    protected final Log logger = LogFactory.getLog(getClass());
    private static final String COOKIE_NAME = "REDIRECT_URI";
    private static final int COOKIE_MAX_AGE = -1;

    @Override // org.springframework.security.web.savedrequest.RequestCache
    public void saveRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (!this.requestMatcher.matches(httpServletRequest)) {
            this.logger.debug("Request not saved as configured RequestMatcher did not match");
            return;
        }
        Cookie cookie = new Cookie(COOKIE_NAME, encodeCookie(UrlUtils.buildFullRequestUrl(httpServletRequest)));
        cookie.setMaxAge(-1);
        cookie.setSecure(httpServletRequest.isSecure());
        cookie.setPath(getCookiePath(httpServletRequest));
        cookie.setHttpOnly(true);
        httpServletResponse.addCookie(cookie);
    }

    @Override // org.springframework.security.web.savedrequest.RequestCache
    public SavedRequest getRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Cookie cookie = WebUtils.getCookie(httpServletRequest, COOKIE_NAME);
        if (cookie == null) {
            return null;
        }
        UriComponents build = UriComponentsBuilder.fromUriString(decodeCookie(cookie.getValue())).build();
        DefaultSavedRequest.Builder builder = new DefaultSavedRequest.Builder();
        return builder.setScheme(build.getScheme()).setServerName(build.getHost()).setRequestURI(build.getPath()).setQueryString(build.getQuery()).setServerPort(getPort(build)).setMethod(httpServletRequest.getMethod()).setLocales(Collections.list(httpServletRequest.getLocales())).build();
    }

    private int getPort(UriComponents uriComponents) {
        int port = uriComponents.getPort();
        return port != -1 ? port : PortMappingsBeanDefinitionParser.ATT_HTTPS_PORT.equalsIgnoreCase(uriComponents.getScheme()) ? 443 : 80;
    }

    @Override // org.springframework.security.web.savedrequest.RequestCache
    public HttpServletRequest getMatchingRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        SavedRequest request = getRequest(httpServletRequest, httpServletResponse);
        if (matchesSavedRequest(httpServletRequest, request)) {
            removeRequest(httpServletRequest, httpServletResponse);
            return new SavedRequestAwareWrapper(request, httpServletRequest);
        }
        this.logger.debug("saved request doesn't match");
        return null;
    }

    @Override // org.springframework.security.web.savedrequest.RequestCache
    public void removeRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Cookie cookie = new Cookie(COOKIE_NAME, "");
        cookie.setSecure(httpServletRequest.isSecure());
        cookie.setHttpOnly(true);
        cookie.setPath(getCookiePath(httpServletRequest));
        cookie.setMaxAge(0);
        httpServletResponse.addCookie(cookie);
    }

    private static String encodeCookie(String str) {
        return Base64.getEncoder().encodeToString(str.getBytes());
    }

    private static String decodeCookie(String str) {
        return new String(Base64.getDecoder().decode(str.getBytes()));
    }

    private static String getCookiePath(HttpServletRequest httpServletRequest) {
        String contextPath = httpServletRequest.getContextPath();
        return StringUtils.hasLength(contextPath) ? contextPath : "/";
    }

    private boolean matchesSavedRequest(HttpServletRequest httpServletRequest, SavedRequest savedRequest) {
        if (savedRequest == null) {
            return false;
        }
        return savedRequest.getRedirectUrl().equals(UrlUtils.buildFullRequestUrl(httpServletRequest));
    }

    public void setRequestMatcher(RequestMatcher requestMatcher) {
        Assert.notNull(requestMatcher, "requestMatcher should not be null");
        this.requestMatcher = requestMatcher;
    }
}
