package com.erudika.para.server.security;

import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import org.springframework.security.web.util.matcher.RequestMatcher;

/* loaded from: input_file:BOOT-INF/lib/para-server-1.46.1.jar:com/erudika/para/server/security/CsrfProtectionRequestMatcher.class */
public final class CsrfProtectionRequestMatcher implements RequestMatcher {
    public static final RequestMatcher INSTANCE = new CsrfProtectionRequestMatcher();
    private final Pattern allowedMethods = Pattern.compile("^(GET|HEAD|TRACE|OPTIONS)$");
    private final Pattern authEndpoints = Pattern.compile("^/\\w+_auth$");
    private final Pattern passAuthEndpoint = Pattern.compile("^/password_auth$");
    private final Pattern samlEndpoint = Pattern.compile("^/saml_auth.*$");
    private final Pattern samlMetaEndpoint = Pattern.compile("^/saml_metadata.*$");

    private CsrfProtectionRequestMatcher() {
    }

    @Override // org.springframework.security.web.util.matcher.RequestMatcher
    public boolean matches(HttpServletRequest httpServletRequest) {
        return (!RestRequestMatcher.INSTANCE.matches(httpServletRequest) && !IgnoredRequestMatcher.INSTANCE.matches(httpServletRequest) && !this.samlMetaEndpoint.matcher(httpServletRequest.getRequestURI()).matches() && !this.samlEndpoint.matcher(httpServletRequest.getRequestURI()).matches() && !this.authEndpoints.matcher(httpServletRequest.getRequestURI()).matches() && !this.allowedMethods.matcher(httpServletRequest.getMethod()).matches()) || this.passAuthEndpoint.matcher(httpServletRequest.getRequestURI()).matches();
    }
}
