package org.apache.shiro.web.servlet;

import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.Date;
import java.util.Locale;
import java.util.TimeZone;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.util.StringUtils;
import org.apache.shiro.web.servlet.Cookie;
import org.owasp.encoder.Encode;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/shiro-web-1.9.0.jar:org/apache/shiro/web/servlet/SimpleCookie.class */
public class SimpleCookie implements Cookie {
    public static final int DEFAULT_MAX_AGE = -1;
    public static final int DEFAULT_VERSION = -1;
    protected static final String NAME_VALUE_DELIMITER = "=";
    protected static final String ATTRIBUTE_DELIMITER = "; ";
    protected static final long DAY_MILLIS = 86400000;
    protected static final String GMT_TIME_ZONE_ID = "GMT";
    protected static final String COOKIE_DATE_FORMAT_STRING = "EEE, dd-MMM-yyyy HH:mm:ss z";
    protected static final String COOKIE_HEADER_NAME = "Set-Cookie";
    protected static final String PATH_ATTRIBUTE_NAME = "Path";
    protected static final String EXPIRES_ATTRIBUTE_NAME = "Expires";
    protected static final String MAXAGE_ATTRIBUTE_NAME = "Max-Age";
    protected static final String DOMAIN_ATTRIBUTE_NAME = "Domain";
    protected static final String VERSION_ATTRIBUTE_NAME = "Version";
    protected static final String COMMENT_ATTRIBUTE_NAME = "Comment";
    protected static final String SECURE_ATTRIBUTE_NAME = "Secure";
    protected static final String HTTP_ONLY_ATTRIBUTE_NAME = "HttpOnly";
    protected static final String SAME_SITE_ATTRIBUTE_NAME = "SameSite";
    private static final transient Logger log = LoggerFactory.getLogger((Class<?>) SimpleCookie.class);
    private String name;
    private String value;
    private String comment;
    private String domain;
    private String path;
    private int maxAge;
    private int version;
    private boolean secure;
    private boolean httpOnly;
    private Cookie.SameSiteOptions sameSite;

    public SimpleCookie() {
        this.maxAge = -1;
        this.version = -1;
        this.httpOnly = true;
        this.sameSite = Cookie.SameSiteOptions.LAX;
    }

    public SimpleCookie(String str) {
        this();
        this.name = str;
    }

    public SimpleCookie(Cookie cookie) {
        this.name = cookie.getName();
        this.value = cookie.getValue();
        this.comment = cookie.getComment();
        this.domain = cookie.getDomain();
        this.path = cookie.getPath();
        this.maxAge = Math.max(-1, cookie.getMaxAge());
        this.version = Math.max(-1, cookie.getVersion());
        this.secure = cookie.isSecure();
        this.httpOnly = cookie.isHttpOnly();
        this.sameSite = cookie.getSameSite();
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public String getName() {
        return this.name;
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public void setName(String str) {
        if (!StringUtils.hasText(str)) {
            throw new IllegalArgumentException("Name cannot be null/empty.");
        }
        this.name = str;
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public String getValue() {
        return this.value;
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public void setValue(String str) {
        this.value = str;
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public String getComment() {
        return this.comment;
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public void setComment(String str) {
        this.comment = str;
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public String getDomain() {
        return this.domain;
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public void setDomain(String str) {
        this.domain = str;
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public String getPath() {
        return this.path;
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public void setPath(String str) {
        this.path = str;
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public int getMaxAge() {
        return this.maxAge;
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public void setMaxAge(int i) {
        this.maxAge = Math.max(-1, i);
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public int getVersion() {
        return this.version;
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public void setVersion(int i) {
        this.version = Math.max(-1, i);
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public boolean isSecure() {
        return this.secure;
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public void setSecure(boolean z) {
        this.secure = z;
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public boolean isHttpOnly() {
        return this.httpOnly;
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public void setHttpOnly(boolean z) {
        this.httpOnly = z;
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public Cookie.SameSiteOptions getSameSite() {
        return this.sameSite;
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public void setSameSite(Cookie.SameSiteOptions sameSiteOptions) {
        this.sameSite = sameSiteOptions;
        if (this.sameSite == Cookie.SameSiteOptions.NONE) {
            setSecure(true);
        }
    }

    private String calculatePath(HttpServletRequest httpServletRequest) {
        String clean = StringUtils.clean(getPath());
        if (!StringUtils.hasText(clean)) {
            clean = StringUtils.clean(httpServletRequest.getContextPath());
        }
        if (clean == null) {
            clean = "/";
        }
        log.trace("calculated path: {}", clean);
        return clean;
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public void saveTo(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        addCookieHeader(httpServletResponse, getName(), getValue(), getComment(), getDomain(), calculatePath(httpServletRequest), getMaxAge(), getVersion(), isSecure(), isHttpOnly(), getSameSite());
    }

    private void addCookieHeader(HttpServletResponse httpServletResponse, String str, String str2, String str3, String str4, String str5, int i, int i2, boolean z, boolean z2, Cookie.SameSiteOptions sameSiteOptions) {
        String buildHeaderValue = buildHeaderValue(str, str2, str3, str4, str5, i, i2, z, z2, sameSiteOptions);
        httpServletResponse.addHeader("Set-Cookie", buildHeaderValue);
        if (log.isDebugEnabled()) {
            log.debug("Added HttpServletResponse Cookie [{}]", buildHeaderValue);
        }
    }

    protected String buildHeaderValue(String str, String str2, String str3, String str4, String str5, int i, int i2, boolean z, boolean z2) {
        return buildHeaderValue(str, str2, str3, str4, str5, i, i2, z, z2, getSameSite());
    }

    protected String buildHeaderValue(String str, String str2, String str3, String str4, String str5, int i, int i2, boolean z, boolean z2, Cookie.SameSiteOptions sameSiteOptions) {
        if (!StringUtils.hasText(str)) {
            throw new IllegalStateException("Cookie name cannot be null/empty.");
        }
        StringBuilder append = new StringBuilder(str).append("=");
        if (StringUtils.hasText(str2)) {
            append.append(str2);
        }
        appendComment(append, str3);
        appendDomain(append, str4);
        appendPath(append, str5);
        appendExpires(append, i);
        appendVersion(append, i2);
        appendSecure(append, z);
        appendHttpOnly(append, z2);
        appendSameSite(append, sameSiteOptions);
        return append.toString();
    }

    private void appendComment(StringBuilder sb, String str) {
        if (StringUtils.hasText(str)) {
            sb.append(ATTRIBUTE_DELIMITER);
            sb.append(COMMENT_ATTRIBUTE_NAME).append("=").append(str);
        }
    }

    private void appendDomain(StringBuilder sb, String str) {
        if (StringUtils.hasText(str)) {
            sb.append(ATTRIBUTE_DELIMITER);
            sb.append(DOMAIN_ATTRIBUTE_NAME).append("=").append(str);
        }
    }

    private void appendPath(StringBuilder sb, String str) {
        if (StringUtils.hasText(str)) {
            sb.append(ATTRIBUTE_DELIMITER);
            sb.append(PATH_ATTRIBUTE_NAME).append("=").append(str);
        }
    }

    private void appendExpires(StringBuilder sb, int i) {
        Date time;
        if (i >= 0) {
            sb.append(ATTRIBUTE_DELIMITER);
            sb.append(MAXAGE_ATTRIBUTE_NAME).append("=").append(i);
            sb.append(ATTRIBUTE_DELIMITER);
            if (i == 0) {
                time = new Date(System.currentTimeMillis() - 86400000);
            } else {
                Calendar calendar = Calendar.getInstance();
                calendar.add(13, i);
                time = calendar.getTime();
            }
            sb.append("Expires").append("=").append(toCookieDate(time));
        }
    }

    private void appendVersion(StringBuilder sb, int i) {
        if (i > -1) {
            sb.append(ATTRIBUTE_DELIMITER);
            sb.append(VERSION_ATTRIBUTE_NAME).append("=").append(i);
        }
    }

    private void appendSecure(StringBuilder sb, boolean z) {
        if (z) {
            sb.append(ATTRIBUTE_DELIMITER);
            sb.append(SECURE_ATTRIBUTE_NAME);
        }
    }

    private void appendHttpOnly(StringBuilder sb, boolean z) {
        if (z) {
            sb.append(ATTRIBUTE_DELIMITER);
            sb.append(HTTP_ONLY_ATTRIBUTE_NAME);
        }
    }

    private void appendSameSite(StringBuilder sb, Cookie.SameSiteOptions sameSiteOptions) {
        if (sameSiteOptions != null) {
            sb.append(ATTRIBUTE_DELIMITER);
            sb.append(SAME_SITE_ATTRIBUTE_NAME).append("=").append(sameSiteOptions.toString().toLowerCase(Locale.ENGLISH));
        }
    }

    private boolean pathMatches(String str, String str2) {
        if (str2.startsWith(str)) {
            return str2.length() == str.length() || str.charAt(str.length() - 1) == '/' || str2.charAt(str.length()) == '/';
        }
        return false;
    }

    private static String toCookieDate(Date date) {
        TimeZone timeZone = TimeZone.getTimeZone("GMT");
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat(COOKIE_DATE_FORMAT_STRING, Locale.US);
        simpleDateFormat.setTimeZone(timeZone);
        return simpleDateFormat.format(date);
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public void removeFrom(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String name = getName();
        addCookieHeader(httpServletResponse, name, Cookie.DELETED_COOKIE_VALUE, null, getDomain(), calculatePath(httpServletRequest), 0, getVersion(), isSecure(), false, getSameSite());
        log.trace("Removed '{}' cookie by setting maxAge=0", name);
    }

    @Override // org.apache.shiro.web.servlet.Cookie
    public String readValue(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String name = getName();
        String str = null;
        javax.servlet.http.Cookie cookie = getCookie(httpServletRequest, name);
        if (cookie != null) {
            String clean = StringUtils.clean(getPath());
            if (clean == null || pathMatches(clean, httpServletRequest.getRequestURI())) {
                str = cookie.getValue();
                log.debug("Found '{}' cookie value [{}]", name, Encode.forHtml(str));
            } else {
                log.warn("Found '{}' cookie at path '{}', but should be only used for '{}'", name, Encode.forHtml(httpServletRequest.getRequestURI()), clean);
            }
        } else {
            log.trace("No '{}' cookie value", name);
        }
        return str;
    }

    private static javax.servlet.http.Cookie getCookie(HttpServletRequest httpServletRequest, String str) {
        javax.servlet.http.Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null) {
            return null;
        }
        for (javax.servlet.http.Cookie cookie : cookies) {
            if (cookie.getName().equals(str)) {
                return cookie;
            }
        }
        return null;
    }
}
