package com.liferay.portal.security.auth;

import com.liferay.portal.kernel.model.Portlet;
import com.liferay.portal.kernel.portlet.LiferayPortletURL;
import com.liferay.portal.kernel.portlet.PortletIdCodec;
import com.liferay.portal.kernel.security.auth.BaseAuthTokenWhitelist;
import com.liferay.portal.kernel.util.DigesterUtil;
import com.liferay.portal.kernel.util.PropsKeys;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.util.PropsValues;
import java.util.Collections;
import java.util.Iterator;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:com/liferay/portal/security/auth/AuthTokenWhitelistImpl.class */
public class AuthTokenWhitelistImpl extends BaseAuthTokenWhitelist {
    private final Set<String> _originCSRFWhitelist = Collections.newSetFromMap(new ConcurrentHashMap());
    private final Set<String> _portletCSRFWhitelist = Collections.newSetFromMap(new ConcurrentHashMap());
    private final Set<String> _portletInvocationWhitelist = Collections.newSetFromMap(new ConcurrentHashMap());

    public AuthTokenWhitelistImpl() {
        trackWhitelistServices(PropsKeys.AUTH_TOKEN_IGNORE_ORIGINS, this._originCSRFWhitelist);
        registerPortalProperty(PropsKeys.AUTH_TOKEN_IGNORE_ORIGINS);
        trackWhitelistServices(PropsKeys.AUTH_TOKEN_IGNORE_PORTLETS, this._portletCSRFWhitelist);
        registerPortalProperty(PropsKeys.AUTH_TOKEN_IGNORE_PORTLETS);
        trackWhitelistServices(PropsKeys.PORTLET_ADD_DEFAULT_RESOURCE_CHECK_WHITELIST, this._portletInvocationWhitelist);
        registerPortalProperty(PropsKeys.PORTLET_ADD_DEFAULT_RESOURCE_CHECK_WHITELIST);
    }

    @Override // com.liferay.portal.kernel.security.auth.BaseAuthTokenWhitelist, com.liferay.portal.kernel.security.auth.AuthTokenWhitelist
    @Deprecated
    public Set<String> getOriginCSRFWhitelist() {
        return this._originCSRFWhitelist;
    }

    @Override // com.liferay.portal.kernel.security.auth.BaseAuthTokenWhitelist, com.liferay.portal.kernel.security.auth.AuthTokenWhitelist
    @Deprecated
    public Set<String> getPortletCSRFWhitelist() {
        return this._portletCSRFWhitelist;
    }

    @Override // com.liferay.portal.kernel.security.auth.BaseAuthTokenWhitelist, com.liferay.portal.kernel.security.auth.AuthTokenWhitelist
    @Deprecated
    public Set<String> getPortletInvocationWhitelist() {
        return this._portletInvocationWhitelist;
    }

    @Override // com.liferay.portal.kernel.security.auth.BaseAuthTokenWhitelist, com.liferay.portal.kernel.security.auth.AuthTokenWhitelist
    public boolean isOriginCSRFWhitelisted(long j, String str) {
        Iterator<String> it = this._originCSRFWhitelist.iterator();
        while (it.hasNext()) {
            if (str.startsWith(it.next())) {
                return true;
            }
        }
        return false;
    }

    @Override // com.liferay.portal.kernel.security.auth.BaseAuthTokenWhitelist, com.liferay.portal.kernel.security.auth.AuthTokenWhitelist
    public boolean isPortletCSRFWhitelisted(HttpServletRequest httpServletRequest, Portlet portlet) {
        return this._portletCSRFWhitelist.contains(portlet.getRootPortletId());
    }

    @Override // com.liferay.portal.kernel.security.auth.BaseAuthTokenWhitelist, com.liferay.portal.kernel.security.auth.AuthTokenWhitelist
    public boolean isPortletInvocationWhitelisted(HttpServletRequest httpServletRequest, Portlet portlet) {
        return this._portletInvocationWhitelist.contains(portlet.getPortletId());
    }

    @Override // com.liferay.portal.kernel.security.auth.BaseAuthTokenWhitelist, com.liferay.portal.kernel.security.auth.AuthTokenWhitelist
    public boolean isPortletURLCSRFWhitelisted(LiferayPortletURL liferayPortletURL) {
        return this._portletCSRFWhitelist.contains(PortletIdCodec.decodePortletName(liferayPortletURL.getPortletId()));
    }

    @Override // com.liferay.portal.kernel.security.auth.BaseAuthTokenWhitelist, com.liferay.portal.kernel.security.auth.AuthTokenWhitelist
    public boolean isPortletURLPortletInvocationWhitelisted(LiferayPortletURL liferayPortletURL) {
        return this._portletInvocationWhitelist.contains(liferayPortletURL.getPortletId());
    }

    @Override // com.liferay.portal.kernel.security.auth.BaseAuthTokenWhitelist, com.liferay.portal.kernel.security.auth.AuthTokenWhitelist
    public boolean isValidSharedSecret(String str) {
        if (Validator.isNull(str) || Validator.isNull(PropsValues.AUTH_TOKEN_SHARED_SECRET)) {
            return false;
        }
        return str.equals(DigesterUtil.digest(PropsValues.AUTH_TOKEN_SHARED_SECRET));
    }
}
