package com.liferay.portal.security.auth;

import com.liferay.portal.kernel.concurrent.ConcurrentHashSet;
import com.liferay.portal.kernel.model.Portlet;
import com.liferay.portal.kernel.model.PortletConstants;
import com.liferay.portal.kernel.portlet.LiferayPortletURL;
import com.liferay.portal.kernel.security.auth.BaseAuthTokenWhitelist;
import com.liferay.portal.kernel.security.pacl.DoPrivileged;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.util.PropsValues;
import com.liferay.util.Encryptor;
import java.util.Iterator;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;

@DoPrivileged
/* loaded from: input_file:com/liferay/portal/security/auth/AuthTokenWhitelistImpl.class */
public class AuthTokenWhitelistImpl extends BaseAuthTokenWhitelist {
    private final Set<String> _originCSRFWhitelist = new ConcurrentHashSet();
    private final Set<String> _portletCSRFWhitelist = new ConcurrentHashSet();
    private final Set<String> _portletInvocationWhitelist = new ConcurrentHashSet();

    public AuthTokenWhitelistImpl() {
        trackWhitelistServices("auth.token.ignore.origins", this._originCSRFWhitelist);
        registerPortalProperty("auth.token.ignore.origins");
        trackWhitelistServices("auth.token.ignore.portlets", this._portletCSRFWhitelist);
        registerPortalProperty("auth.token.ignore.portlets");
        trackWhitelistServices("portlet.add.default.resource.check.whitelist", this._portletInvocationWhitelist);
        registerPortalProperty("portlet.add.default.resource.check.whitelist");
    }

    @Deprecated
    public Set<String> getOriginCSRFWhitelist() {
        return this._originCSRFWhitelist;
    }

    @Deprecated
    public Set<String> getPortletCSRFWhitelist() {
        return this._portletCSRFWhitelist;
    }

    @Deprecated
    public Set<String> getPortletInvocationWhitelist() {
        return this._portletInvocationWhitelist;
    }

    public boolean isOriginCSRFWhitelisted(long j, String str) {
        Iterator<String> it = this._originCSRFWhitelist.iterator();
        while (it.hasNext()) {
            if (str.startsWith(it.next())) {
                return true;
            }
        }
        return false;
    }

    public boolean isPortletCSRFWhitelisted(HttpServletRequest httpServletRequest, Portlet portlet) {
        return this._portletCSRFWhitelist.contains(portlet.getRootPortletId());
    }

    public boolean isPortletInvocationWhitelisted(HttpServletRequest httpServletRequest, Portlet portlet) {
        return this._portletInvocationWhitelist.contains(portlet.getPortletId());
    }

    public boolean isPortletURLCSRFWhitelisted(LiferayPortletURL liferayPortletURL) {
        return this._portletCSRFWhitelist.contains(PortletConstants.getRootPortletId(liferayPortletURL.getPortletId()));
    }

    public boolean isPortletURLPortletInvocationWhitelisted(LiferayPortletURL liferayPortletURL) {
        return this._portletInvocationWhitelist.contains(liferayPortletURL.getPortletId());
    }

    public boolean isValidSharedSecret(String str) {
        if (Validator.isNull(str) || Validator.isNull(PropsValues.AUTH_TOKEN_SHARED_SECRET)) {
            return false;
        }
        return str.equals(Encryptor.digest(PropsValues.AUTH_TOKEN_SHARED_SECRET));
    }
}
