package org.springframework.security.web.server.savedrequest;

import java.net.URI;
import java.time.Duration;
import java.util.Base64;
import java.util.Collections;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.log4j.spi.LocationInfo;
import org.springframework.core.log.LogMessage;
import org.springframework.http.HttpMethod;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseCookie;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.security.web.server.util.matcher.AndServerWebExchangeMatcher;
import org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher;
import org.springframework.security.web.server.util.matcher.NegatedServerWebExchangeMatcher;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers;
import org.springframework.util.Assert;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

/* loaded from: input_file:ingrid-iplug-wfs-dsc-7.4.0/lib/spring-security-web-5.7.11.jar:org/springframework/security/web/server/savedrequest/CookieServerRequestCache.class */
public class CookieServerRequestCache implements ServerRequestCache {
    private static final String REDIRECT_URI_COOKIE_NAME = "REDIRECT_URI";
    private static final Duration COOKIE_MAX_AGE = Duration.ofSeconds(-1);
    private static final Log logger = LogFactory.getLog((Class<?>) CookieServerRequestCache.class);
    private ServerWebExchangeMatcher saveRequestMatcher = createDefaultRequestMatcher();

    public void setSaveRequestMatcher(ServerWebExchangeMatcher serverWebExchangeMatcher) {
        Assert.notNull(serverWebExchangeMatcher, "saveRequestMatcher cannot be null");
        this.saveRequestMatcher = serverWebExchangeMatcher;
    }

    @Override // org.springframework.security.web.server.savedrequest.ServerRequestCache
    public Mono<Void> saveRequest(ServerWebExchange serverWebExchange) {
        return this.saveRequestMatcher.matches(serverWebExchange).filter(matchResult -> {
            return matchResult.isMatch();
        }).map(matchResult2 -> {
            return serverWebExchange.getResponse();
        }).map((v0) -> {
            return v0.getCookies();
        }).doOnNext(multiValueMap -> {
            ResponseCookie createRedirectUriCookie = createRedirectUriCookie(serverWebExchange.getRequest());
            multiValueMap.add(REDIRECT_URI_COOKIE_NAME, createRedirectUriCookie);
            logger.debug(LogMessage.format("Request added to Cookie: %s", createRedirectUriCookie));
        }).then();
    }

    @Override // org.springframework.security.web.server.savedrequest.ServerRequestCache
    public Mono<URI> getRedirectUri(ServerWebExchange serverWebExchange) {
        return Mono.justOrEmpty(serverWebExchange.getRequest().getCookies().getFirst(REDIRECT_URI_COOKIE_NAME)).map((v0) -> {
            return v0.getValue();
        }).map(CookieServerRequestCache::decodeCookie).onErrorResume(IllegalArgumentException.class, illegalArgumentException -> {
            return Mono.empty();
        }).map(URI::create);
    }

    @Override // org.springframework.security.web.server.savedrequest.ServerRequestCache
    public Mono<ServerHttpRequest> removeMatchingRequest(ServerWebExchange serverWebExchange) {
        return Mono.just(serverWebExchange.getResponse()).map((v0) -> {
            return v0.getCookies();
        }).doOnNext(multiValueMap -> {
            multiValueMap.add(REDIRECT_URI_COOKIE_NAME, invalidateRedirectUriCookie(serverWebExchange.getRequest()));
        }).thenReturn(serverWebExchange.getRequest());
    }

    private static ResponseCookie createRedirectUriCookie(ServerHttpRequest serverHttpRequest) {
        String value = serverHttpRequest.getPath().pathWithinApplication().value();
        String rawQuery = serverHttpRequest.getURI().getRawQuery();
        return createResponseCookie(serverHttpRequest, encodeCookie(value + (rawQuery != null ? LocationInfo.NA + rawQuery : "")), COOKIE_MAX_AGE);
    }

    private static ResponseCookie invalidateRedirectUriCookie(ServerHttpRequest serverHttpRequest) {
        return createResponseCookie(serverHttpRequest, null, Duration.ZERO);
    }

    private static ResponseCookie createResponseCookie(ServerHttpRequest serverHttpRequest, String str, Duration duration) {
        return ResponseCookie.from(REDIRECT_URI_COOKIE_NAME, str).path(serverHttpRequest.getPath().contextPath().value() + "/").maxAge(duration).httpOnly(true).secure("https".equalsIgnoreCase(serverHttpRequest.getURI().getScheme())).sameSite("Lax").build();
    }

    private static String encodeCookie(String str) {
        return new String(Base64.getEncoder().encode(str.getBytes()));
    }

    private static String decodeCookie(String str) {
        return new String(Base64.getDecoder().decode(str.getBytes()));
    }

    private static ServerWebExchangeMatcher createDefaultRequestMatcher() {
        ServerWebExchangeMatcher pathMatchers = ServerWebExchangeMatchers.pathMatchers(HttpMethod.GET, "/**");
        NegatedServerWebExchangeMatcher negatedServerWebExchangeMatcher = new NegatedServerWebExchangeMatcher(ServerWebExchangeMatchers.pathMatchers("/favicon.*"));
        MediaTypeServerWebExchangeMatcher mediaTypeServerWebExchangeMatcher = new MediaTypeServerWebExchangeMatcher(MediaType.TEXT_HTML);
        mediaTypeServerWebExchangeMatcher.setIgnoredMediaTypes(Collections.singleton(MediaType.ALL));
        return new AndServerWebExchangeMatcher(pathMatchers, negatedServerWebExchangeMatcher, mediaTypeServerWebExchangeMatcher);
    }
}
