package org.springframework.security.web.server.csrf;

import java.util.UUID;
import org.springframework.http.HttpCookie;
import org.springframework.http.ResponseCookie;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;
import reactor.core.scheduler.Schedulers;

/* loaded from: input_file:BOOT-INF/lib/spring-security-web-5.7.3.jar:org/springframework/security/web/server/csrf/CookieServerCsrfTokenRepository.class */
public final class CookieServerCsrfTokenRepository implements ServerCsrfTokenRepository {
    static final String DEFAULT_CSRF_COOKIE_NAME = "XSRF-TOKEN";
    static final String DEFAULT_CSRF_PARAMETER_NAME = "_csrf";
    static final String DEFAULT_CSRF_HEADER_NAME = "X-XSRF-TOKEN";
    private String cookiePath;
    private String cookieDomain;
    private Boolean secure;
    private String parameterName = "_csrf";
    private String headerName = "X-XSRF-TOKEN";
    private String cookieName = "XSRF-TOKEN";
    private boolean cookieHttpOnly = true;

    public static CookieServerCsrfTokenRepository withHttpOnlyFalse() {
        CookieServerCsrfTokenRepository cookieServerCsrfTokenRepository = new CookieServerCsrfTokenRepository();
        cookieServerCsrfTokenRepository.setCookieHttpOnly(false);
        return cookieServerCsrfTokenRepository;
    }

    @Override // org.springframework.security.web.server.csrf.ServerCsrfTokenRepository
    public Mono<CsrfToken> generateToken(ServerWebExchange serverWebExchange) {
        return Mono.fromCallable(this::createCsrfToken).subscribeOn(Schedulers.boundedElastic());
    }

    @Override // org.springframework.security.web.server.csrf.ServerCsrfTokenRepository
    public Mono<Void> saveToken(ServerWebExchange serverWebExchange, CsrfToken csrfToken) {
        return Mono.fromRunnable(() -> {
            String token = csrfToken != null ? csrfToken.getToken() : "";
            serverWebExchange.getResponse().addCookie(ResponseCookie.from(this.cookieName, token).domain(this.cookieDomain).httpOnly(this.cookieHttpOnly).maxAge(!token.isEmpty() ? -1L : 0L).path(this.cookiePath != null ? this.cookiePath : getRequestContext(serverWebExchange.getRequest())).secure(this.secure != null ? this.secure.booleanValue() : serverWebExchange.getRequest().getSslInfo() != null).build());
        });
    }

    @Override // org.springframework.security.web.server.csrf.ServerCsrfTokenRepository
    public Mono<CsrfToken> loadToken(ServerWebExchange serverWebExchange) {
        return Mono.fromCallable(() -> {
            HttpCookie first = serverWebExchange.getRequest().getCookies().getFirst(this.cookieName);
            if (first == null || !StringUtils.hasText(first.getValue())) {
                return null;
            }
            return createCsrfToken(first.getValue());
        });
    }

    public void setCookieHttpOnly(boolean z) {
        this.cookieHttpOnly = z;
    }

    public void setCookieName(String str) {
        Assert.hasLength(str, "cookieName can't be null");
        this.cookieName = str;
    }

    public void setParameterName(String str) {
        Assert.hasLength(str, "parameterName can't be null");
        this.parameterName = str;
    }

    public void setHeaderName(String str) {
        Assert.hasLength(str, "headerName can't be null");
        this.headerName = str;
    }

    public void setCookiePath(String str) {
        this.cookiePath = str;
    }

    public void setCookieDomain(String str) {
        this.cookieDomain = str;
    }

    public void setSecure(boolean z) {
        this.secure = Boolean.valueOf(z);
    }

    private CsrfToken createCsrfToken() {
        return createCsrfToken(createNewToken());
    }

    private CsrfToken createCsrfToken(String str) {
        return new DefaultCsrfToken(this.headerName, this.parameterName, str);
    }

    private String createNewToken() {
        return UUID.randomUUID().toString();
    }

    private String getRequestContext(ServerHttpRequest serverHttpRequest) {
        String value = serverHttpRequest.getPath().contextPath().value();
        return StringUtils.hasLength(value) ? value : "/";
    }
}
