package xitrum.scope.session;

import scala.MatchError;
import scala.None$;
import scala.Option$;
import scala.Some;
import scala.collection.Seq;
import scala.collection.mutable.Map;
import scala.collection.mutable.StringBuilder;
import xitrum.Action;
import xitrum.exception.InvalidAntiCsrfToken;
import xitrum.util.SecureUrlSafeBase64$;

/* compiled from: Csrf.scala */
/* loaded from: input_file:xitrum/scope/session/Csrf$.class */
public final class Csrf$ {
    public static final Csrf$ MODULE$ = null;
    private final String TOKEN;
    private final String X_CSRF_HEADER;

    static {
        new Csrf$();
    }

    public String TOKEN() {
        return this.TOKEN;
    }

    public String X_CSRF_HEADER() {
        return this.X_CSRF_HEADER;
    }

    public boolean isValidToken(Action action) {
        Map<String, Seq<String>> bodyParams = action.handlerEnv().bodyParams();
        String str = (String) Option$.MODULE$.apply(action.handlerEnv().request().headers().get(X_CSRF_HEADER())).getOrElse(new Csrf$$anonfun$1(action, bodyParams));
        bodyParams.remove(TOKEN());
        String antiCsrfToken = action.antiCsrfToken();
        return str != null ? str.equals(antiCsrfToken) : antiCsrfToken == null;
    }

    public String encrypt(Action action, Object obj) {
        return new StringBuilder().append(action.antiCsrfToken()).append(SecureUrlSafeBase64$.MODULE$.encrypt(obj, SecureUrlSafeBase64$.MODULE$.encrypt$default$2())).toString();
    }

    public Object decrypt(Action action, String str) {
        String antiCsrfToken = action.antiCsrfToken();
        if (!str.startsWith(antiCsrfToken)) {
            throw new InvalidAntiCsrfToken();
        }
        Some decrypt = SecureUrlSafeBase64$.MODULE$.decrypt(str.substring(antiCsrfToken.length()), SecureUrlSafeBase64$.MODULE$.decrypt$default$2());
        None$ none$ = None$.MODULE$;
        if (none$ != null ? none$.equals(decrypt) : decrypt == null) {
            throw new InvalidAntiCsrfToken();
        }
        if (decrypt instanceof Some) {
            return decrypt.x();
        }
        throw new MatchError(decrypt);
    }

    private Csrf$() {
        MODULE$ = this;
        this.TOKEN = "csrf-token";
        this.X_CSRF_HEADER = "X-CSRF-Token";
    }
}
