package play.filters.csrf;

import play.api.MarkerContext$;
import play.api.http.HeaderNames$;
import play.api.http.HttpEntity;
import play.api.http.SessionConfiguration;
import play.api.libs.crypto.CSRFTokenSigner;
import play.api.mvc.Request;
import play.api.mvc.Request$;
import play.api.mvc.RequestHeader;
import play.api.mvc.Result;
import play.core.Execution$Implicits$;
import play.filters.cors.CORSFilter$Attrs$;
import play.filters.csrf.CSRF;
import play.libs.typedmap.TypedKey;
import play.mvc.Http;
import scala.Function0;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Some;
import scala.Tuple2;
import scala.concurrent.Future;
import scala.reflect.ScalaSignature;
import scala.runtime.BoxesRunTime;

/* compiled from: CSRFActions.scala */
@ScalaSignature(bytes = "\u0006\u0001\u0005\u0015f\u0001B\u0001\u0003\u0001%\u0011\u0001cQ*S\r\u0006\u001bG/[8o\u0011\u0016d\u0007/\u001a:\u000b\u0005\r!\u0011\u0001B2te\u001aT!!\u0002\u0004\u0002\u000f\u0019LG\u000e^3sg*\tq!\u0001\u0003qY\u0006L8\u0001A\n\u0003\u0001)\u0001\"a\u0003\b\u000e\u00031Q\u0011!D\u0001\u0006g\u000e\fG.Y\u0005\u0003\u001f1\u0011a!\u00118z%\u00164\u0007\u0002C\t\u0001\u0005\u0003\u0005\u000b\u0011\u0002\n\u0002)M,7o]5p]\u000e{gNZ5hkJ\fG/[8o!\t\u0019\u0002$D\u0001\u0015\u0015\t)b#\u0001\u0003iiR\u0004(BA\f\u0007\u0003\r\t\u0007/[\u0005\u00033Q\u0011AcU3tg&|gnQ8oM&<WO]1uS>t\u0007\u0002C\u000e\u0001\u0005\u0003\u0005\u000b\u0011\u0002\u000f\u0002\u0015\r\u001c(OZ\"p]\u001aLw\r\u0005\u0002\u001e=5\t!!\u0003\u0002 \u0005\tQ1i\u0015*G\u0007>tg-[4\t\u0011\u0005\u0002!\u0011!Q\u0001\n\t\n1\u0002^8lK:\u001c\u0016n\u001a8feB\u00111\u0005K\u0007\u0002I)\u0011QEJ\u0001\u0007GJL\b\u000f^8\u000b\u0005\u001d2\u0012\u0001\u00027jENL!!\u000b\u0013\u0003\u001f\r\u001b&K\u0012+pW\u0016t7+[4oKJD\u0001b\u000b\u0001\u0003\u0002\u0003\u0006I\u0001L\u0001\u000ei>\\WM\u001c)s_ZLG-\u001a:\u0011\u00055JdB\u0001\u00188\u001d\tycG\u0004\u00021k9\u0011\u0011\u0007N\u0007\u0002e)\u00111\u0007C\u0001\u0007yI|w\u000e\u001e \n\u0003\u001dI!!\u0002\u0004\n\u0005\r!\u0011B\u0001\u001d\u0003\u0003\u0011\u00195K\u0015$\n\u0005iZ$!\u0004+pW\u0016t\u0007K]8wS\u0012,'O\u0003\u00029\u0005!)Q\b\u0001C\u0001}\u00051A(\u001b8jiz\"Ra\u0010!B\u0005\u000e\u0003\"!\b\u0001\t\u000bEa\u0004\u0019\u0001\n\t\u000bma\u0004\u0019\u0001\u000f\t\u000b\u0005b\u0004\u0019\u0001\u0012\t\u000b-b\u0004\u0019\u0001\u0017\t\u000bu\u0002A\u0011A#\u0015\t}2u\t\u0013\u0005\u0006#\u0011\u0003\rA\u0005\u0005\u00067\u0011\u0003\r\u0001\b\u0005\u0006C\u0011\u0003\rA\t\u0005\u0006\u0015\u0002!IaS\u0001\u0010i>\\WM\\%t\u0011R$\bo\u00148msV\tA\n\u0005\u0002\f\u001b&\u0011a\n\u0004\u0002\b\u0005>|G.Z1o\u0011\u0015\u0001\u0006\u0001\"\u0001R\u0003I9W\r\u001e+pW\u0016tGk\u001c,bY&$\u0017\r^3\u0015\u0005Ic\u0006cA\u0006T+&\u0011A\u000b\u0004\u0002\u0007\u001fB$\u0018n\u001c8\u0011\u0005YKfBA\u0006X\u0013\tAF\"\u0001\u0004Qe\u0016$WMZ\u0005\u00035n\u0013aa\u0015;sS:<'B\u0001-\r\u0011\u0015iv\n1\u0001_\u0003\u001d\u0011X-];fgR\u0004\"a\u00182\u000e\u0003\u0001T!!\u0019\f\u0002\u0007548-\u0003\u0002dA\ni!+Z9vKN$\b*Z1eKJDQ!\u001a\u0001\u0005\u0002\u0019\fA\u0003^1h%\u0016\fX/Z:u\rJ|W\u000eS3bI\u0016\u0014HC\u00010h\u0011\u0015iF\r1\u0001_\u0011\u0015)\u0007\u0001\"\u0001j+\tQ\u0007\u000f\u0006\u0002lsB\u0019q\f\u001c8\n\u00055\u0004'a\u0002*fcV,7\u000f\u001e\t\u0003_Bd\u0001\u0001B\u0003rQ\n\u0007!OA\u0001B#\t\u0019h\u000f\u0005\u0002\fi&\u0011Q\u000f\u0004\u0002\b\u001d>$\b.\u001b8h!\tYq/\u0003\u0002y\u0019\t\u0019\u0011I\\=\t\u000buC\u0007\u0019A6\t\u000bm\u0004A\u0011\u0001?\u0002!Q\fwMU3rk\u0016\u001cH\u000fS3bI\u0016\u0014Hc\u00010~}\")QL\u001fa\u0001=\"9qP\u001fCA\u0002\u0005\u0005\u0011!\u0002;pW\u0016t\u0007#B\u0006\u0002\u0004\u0005\u001d\u0011bAA\u0003\u0019\tAAHY=oC6,g\bE\u0002.\u0003\u0013I1!a\u0003<\u0005\u0015!vn[3o\u0011\u001d\ty\u0001\u0001C\u0001\u0003#\t!\u0002^1h%\u0016\fX/Z:u+\u0011\t\u0019\"!\u0007\u0015\r\u0005U\u00111DA\u000f!\u0011yF.a\u0006\u0011\u0007=\fI\u0002\u0002\u0004r\u0003\u001b\u0011\rA\u001d\u0005\b;\u00065\u0001\u0019AA\u000b\u0011\u001dy\u0018Q\u0002a\u0001\u0003\u000fAq!!\t\u0001\t\u0003\t\u0019#\u0001\fuC\u001e\u0014V-];fgR<\u0016\u000e\u001e5OK^$vn[3o+\u0011\t)#a\u000b\u0015\t\u0005\u001d\u0012Q\u0006\t\u0005?2\fI\u0003E\u0002p\u0003W!a!]A\u0010\u0005\u0004\u0011\bbB/\u0002 \u0001\u0007\u0011q\u0005\u0005\b\u0003c\u0001A\u0011AA\u001a\u0003q!\u0018m\u001a*fcV,7\u000f\u001e%fC\u0012,'oV5uQ:+w\u000fV8lK:$2AXA\u001b\u0011\u0019i\u0016q\u0006a\u0001=\"9\u0011\u0011\u0005\u0001\u0005\u0002\u0005eB\u0003BA\u001e\u0003\u001f\u0002B!!\u0010\u0002J9!\u0011qHA\"\u001d\r\u0001\u0014\u0011I\u0005\u0003C\u001aIA!!\u0012\u0002H\u0005!\u0001\n\u001e;q\u0015\t\tg!\u0003\u0003\u0002L\u00055#A\u0004*fcV,7\u000f\u001e\"vS2$WM\u001d\u0006\u0005\u0003\u000b\n9\u0005\u0003\u0005\u0002R\u0005]\u0002\u0019AA\u001e\u00039\u0011X-];fgR\u0014U/\u001b7eKJDq!!\u0016\u0001\t\u0003\t9&A\u0007hK:,'/\u0019;f)>\\WM\\\u000b\u0003\u0003\u000fAq!a\u0017\u0001\t\u0003\ti&\u0001\bhKRDU-\u00193feR{7.\u001a8\u0015\u0007I\u000by\u0006\u0003\u0004^\u00033\u0002\rA\u0018\u0005\b\u0003G\u0002A\u0011AA3\u0003E\u0011X-];je\u0016\u001c8i\u001d:g\u0007\",7m\u001b\u000b\u0004\u0019\u0006\u001d\u0004BB/\u0002b\u0001\u0007a\fC\u0004\u0002l\u0001!\t!!\u001c\u0002%\u0005$G\rV8lK:$vNU3ta>t7/\u001a\u000b\u0007\u0003_\n)(a\u001e\u0011\u0007}\u000b\t(C\u0002\u0002t\u0001\u0014aAU3tk2$\bBB/\u0002j\u0001\u0007a\f\u0003\u0005\u0002z\u0005%\u0004\u0019AA8\u0003\u0019\u0011Xm];mi\"9\u0011Q\u0010\u0001\u0005\u0002\u0005}\u0014\u0001C5t\u0007\u0006\u001c\u0007.\u001a3\u0015\u00071\u000b\t\t\u0003\u0005\u0002z\u0005m\u0004\u0019AA8\u0011\u001d\t)\t\u0001C\u0001\u0003\u000f\u000b1c\u00197fCJ$vn[3o\u0013\u001aLeN^1mS\u0012$\u0002\"!#\u0002\u0016\u0006]\u0015\u0011\u0015\t\u0007\u0003\u0017\u000b\t*a\u001c\u000e\u0005\u00055%bAAH\u0019\u0005Q1m\u001c8dkJ\u0014XM\u001c;\n\t\u0005M\u0015Q\u0012\u0002\u0007\rV$XO]3\t\ru\u000b\u0019\t1\u0001_\u0011!\tI*a!A\u0002\u0005m\u0015\u0001D3se>\u0014\b*\u00198eY\u0016\u0014\bcA\u0017\u0002\u001e&\u0019\u0011qT\u001e\u0003\u0019\u0015\u0013(o\u001c:IC:$G.\u001a:\t\u000f\u0005\r\u00161\u0011a\u0001+\u0006\u0019Qn]4")
/* loaded from: input_file:play/filters/csrf/CSRFActionHelper.class */
public class CSRFActionHelper {
    public final SessionConfiguration play$filters$csrf$CSRFActionHelper$$sessionConfiguration;
    public final CSRFConfig play$filters$csrf$CSRFActionHelper$$csrfConfig;
    public final CSRFTokenSigner play$filters$csrf$CSRFActionHelper$$tokenSigner;
    private final CSRF.TokenProvider tokenProvider;

    private boolean tokenIsHttpOnly() {
        return this.play$filters$csrf$CSRFActionHelper$$csrfConfig.cookieName().isDefined() ? this.play$filters$csrf$CSRFActionHelper$$csrfConfig.httpOnlyCookie() : this.play$filters$csrf$CSRFActionHelper$$sessionConfiguration.httpOnly();
    }

    public Option<String> getTokenToValidate(RequestHeader requestHeader) {
        return this.play$filters$csrf$CSRFActionHelper$$csrfConfig.cookieName().flatMap(new CSRFActionHelper$$anonfun$2(this, requestHeader)).orElse(new CSRFActionHelper$$anonfun$getTokenToValidate$1(this, requestHeader.session().get(this.play$filters$csrf$CSRFActionHelper$$csrfConfig.tokenName()))).orElse(new CSRFActionHelper$$anonfun$getTokenToValidate$2(this, CSRF$.MODULE$.getToken(requestHeader).map(new CSRFActionHelper$$anonfun$1(this)))).filter(new CSRFActionHelper$$anonfun$getTokenToValidate$3(this));
    }

    public RequestHeader tagRequestFromHeader(RequestHeader requestHeader) {
        return (RequestHeader) getTokenToValidate(requestHeader).fold(new CSRFActionHelper$$anonfun$tagRequestFromHeader$1(this, requestHeader), new CSRFActionHelper$$anonfun$tagRequestFromHeader$2(this, requestHeader));
    }

    public <A> Request<A> tagRequestFromHeader(Request<A> request) {
        return Request$.MODULE$.apply(tagRequestFromHeader((RequestHeader) request), request.body());
    }

    public RequestHeader tagRequestHeader(RequestHeader requestHeader, Function0<CSRF.Token> function0) {
        return requestHeader.addAttr(CSRF$Token$.MODULE$.InfoAttr(), CSRF$TokenInfo$.MODULE$.apply(function0));
    }

    public <A> Request<A> tagRequest(Request<A> request, CSRF.Token token) {
        return request.addAttr(CSRF$Token$.MODULE$.InfoAttr(), CSRF$TokenInfo$.MODULE$.apply(new CSRFActionHelper$$anonfun$tagRequest$1(this, token)));
    }

    public <A> Request<A> tagRequestWithNewToken(Request<A> request) {
        return request.addAttr(CSRF$Token$.MODULE$.InfoAttr(), CSRF$TokenInfo$.MODULE$.apply(new CSRFActionHelper$$anonfun$tagRequestWithNewToken$1(this)));
    }

    public RequestHeader tagRequestHeaderWithNewToken(RequestHeader requestHeader) {
        return requestHeader.addAttr(CSRF$Token$.MODULE$.InfoAttr(), CSRF$TokenInfo$.MODULE$.apply(new CSRFActionHelper$$anonfun$tagRequestHeaderWithNewToken$1(this)));
    }

    public Http.RequestBuilder tagRequestWithNewToken(Http.RequestBuilder requestBuilder) {
        return requestBuilder.attr(new TypedKey(CSRF$Token$.MODULE$.InfoAttr()), CSRF$TokenInfo$.MODULE$.apply(new CSRFActionHelper$$anonfun$tagRequestWithNewToken$2(this)));
    }

    public CSRF.Token generateToken() {
        return new CSRF.Token(this.play$filters$csrf$CSRFActionHelper$$csrfConfig.tokenName(), this.tokenProvider.generateToken());
    }

    public Option<String> getHeaderToken(RequestHeader requestHeader) {
        return requestHeader.getQueryString(this.play$filters$csrf$CSRFActionHelper$$csrfConfig.tokenName()).orElse(new CSRFActionHelper$$anonfun$getHeaderToken$1(this, requestHeader.headers().get(this.play$filters$csrf$CSRFActionHelper$$csrfConfig.headerName())));
    }

    public boolean requiresCsrfCheck(RequestHeader requestHeader) {
        if (!this.play$filters$csrf$CSRFActionHelper$$csrfConfig.bypassCorsTrustedOrigins() || !requestHeader.attrs().contains(CORSFilter$Attrs$.MODULE$.Origin())) {
            return BoxesRunTime.unboxToBoolean(this.play$filters$csrf$CSRFActionHelper$$csrfConfig.shouldProtect().apply(requestHeader));
        }
        CSRF$.MODULE$.filterLogger().trace(new CSRFActionHelper$$anonfun$requiresCsrfCheck$1(this), MarkerContext$.MODULE$.NoMarker());
        return false;
    }

    public Result addTokenToResponse(RequestHeader requestHeader, Result result) {
        Result result2;
        boolean z = false;
        Some some = null;
        Option option = requestHeader.attrs().get(CSRF$Token$.MODULE$.InfoAttr());
        if (None$.MODULE$.equals(option)) {
            CSRF$.MODULE$.filterLogger().warn(new CSRFActionHelper$$anonfun$addTokenToResponse$1(this), MarkerContext$.MODULE$.NoMarker());
            result2 = result;
        } else {
            if (option instanceof Some) {
                z = true;
                some = (Some) option;
                CSRF.TokenInfo tokenInfo = (CSRF.TokenInfo) some.x();
                if (tokenIsHttpOnly() && (result.body() instanceof HttpEntity.Strict) && !tokenInfo.wasRendered()) {
                    CSRF$.MODULE$.filterLogger().trace(new CSRFActionHelper$$anonfun$addTokenToResponse$2(this), MarkerContext$.MODULE$.NoMarker());
                    result2 = result;
                }
            }
            if (isCached(result)) {
                CSRF$.MODULE$.filterLogger().trace(new CSRFActionHelper$$anonfun$addTokenToResponse$3(this), MarkerContext$.MODULE$.NoMarker());
                result2 = result;
            } else {
                if (!z) {
                    throw new MatchError(option);
                }
                CSRF.Token token = ((CSRF.TokenInfo) some.x()).toToken();
                if (token == null) {
                    throw new MatchError(token);
                }
                Tuple2 tuple2 = new Tuple2(token.name(), token.value());
                String str = (String) tuple2._1();
                String str2 = (String) tuple2._2();
                CSRF$.MODULE$.filterLogger().trace(new CSRFActionHelper$$anonfun$addTokenToResponse$4(this, result), MarkerContext$.MODULE$.NoMarker());
                result2 = (Result) this.play$filters$csrf$CSRFActionHelper$$csrfConfig.cookieName().map(new CSRFActionHelper$$anonfun$addTokenToResponse$5(this, result, str2)).getOrElse(new CSRFActionHelper$$anonfun$addTokenToResponse$6(this, requestHeader, result, str, str2));
            }
        }
        return result2;
    }

    public boolean isCached(Result result) {
        return BoxesRunTime.unboxToBoolean(result.header().headers().get(HeaderNames$.MODULE$.CACHE_CONTROL()).fold(new CSRFActionHelper$$anonfun$isCached$1(this), new CSRFActionHelper$$anonfun$isCached$2(this)));
    }

    public Future<Result> clearTokenIfInvalid(RequestHeader requestHeader, CSRF.ErrorHandler errorHandler, String str) {
        return errorHandler.handle(requestHeader, str).map(new CSRFActionHelper$$anonfun$clearTokenIfInvalid$1(this, requestHeader), Execution$Implicits$.MODULE$.trampoline());
    }

    public CSRFActionHelper(SessionConfiguration sessionConfiguration, CSRFConfig cSRFConfig, CSRFTokenSigner cSRFTokenSigner, CSRF.TokenProvider tokenProvider) {
        this.play$filters$csrf$CSRFActionHelper$$sessionConfiguration = sessionConfiguration;
        this.play$filters$csrf$CSRFActionHelper$$csrfConfig = cSRFConfig;
        this.play$filters$csrf$CSRFActionHelper$$tokenSigner = cSRFTokenSigner;
        this.tokenProvider = tokenProvider;
    }

    public CSRFActionHelper(SessionConfiguration sessionConfiguration, CSRFConfig cSRFConfig, CSRFTokenSigner cSRFTokenSigner) {
        this(sessionConfiguration, cSRFConfig, cSRFTokenSigner, new CSRF.TokenProviderProvider(cSRFConfig, cSRFTokenSigner).m27get());
    }
}
