package org.apache.catalina.filters;

import com.google.android.exoplayer2.text.webvtt.WebvttCueParser;
import java.io.IOException;
import java.io.Serializable;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Set;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import javax.servlet.http.HttpSession;
import wa.k;

/* loaded from: classes2.dex */
public class CsrfPreventionFilter extends k {

    /* renamed from: f, reason: collision with root package name */
    public final Set<String> f10110f = new HashSet();

    /* renamed from: g, reason: collision with root package name */
    public int f10111g = 5;

    /* loaded from: classes2.dex */
    public static class LruCache<T> implements Serializable {
        public static final long serialVersionUID = 1;
        public final Map<T, T> cache;

        public LruCache(final int i10) {
            this.cache = new LinkedHashMap<T, T>() { // from class: org.apache.catalina.filters.CsrfPreventionFilter.LruCache.1
                public static final long serialVersionUID = 1;

                @Override // java.util.LinkedHashMap
                public boolean removeEldestEntry(Map.Entry<T, T> entry) {
                    return size() > i10;
                }
            };
        }

        public void add(T t10) {
            synchronized (this.cache) {
                this.cache.put(t10, null);
            }
        }

        public boolean contains(T t10) {
            boolean containsKey;
            synchronized (this.cache) {
                containsKey = this.cache.containsKey(t10);
            }
            return containsKey;
        }
    }

    /* loaded from: classes2.dex */
    public static class a extends HttpServletResponseWrapper {
        public final String Q;

        public a(HttpServletResponse httpServletResponse, String str) {
            super(httpServletResponse);
            this.Q = str;
        }

        private String O(String str) {
            String str2;
            if (str == null || this.Q == null) {
                return str;
            }
            int indexOf = str.indexOf(35);
            String str3 = "";
            if (indexOf >= 0) {
                str2 = str.substring(indexOf);
                str = str.substring(0, indexOf);
            } else {
                str2 = "";
            }
            int indexOf2 = str.indexOf(63);
            if (indexOf2 >= 0) {
                str3 = str.substring(indexOf2);
                str = str.substring(0, indexOf2);
            }
            StringBuilder sb2 = new StringBuilder(str);
            if (str3.length() > 0) {
                sb2.append(str3);
                sb2.append(WebvttCueParser.CHAR_AMPERSAND);
            } else {
                sb2.append('?');
            }
            sb2.append("org.apache.catalina.filters.CSRF_NONCE");
            sb2.append(q3.a.f11098h);
            sb2.append(this.Q);
            sb2.append(str2);
            return sb2.toString();
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        @Deprecated
        public String A(String str) {
            return E(str);
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        @Deprecated
        public String D(String str) {
            return z(str);
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public String E(String str) {
            return O(super.E(str));
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public String z(String str) {
            return O(super.z(str));
        }
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if ((servletRequest instanceof HttpServletRequest) && (servletResponse instanceof HttpServletResponse)) {
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
            boolean z10 = "GET".equals(httpServletRequest.getMethod()) && this.f10110f.contains(e(httpServletRequest));
            HttpSession T = httpServletRequest.T(false);
            LruCache lruCache = T == null ? null : (LruCache) T.getAttribute("org.apache.catalina.filters.CSRF_NONCE");
            if (!z10) {
                String R = httpServletRequest.R("org.apache.catalina.filters.CSRF_NONCE");
                if (lruCache == null || R == null || !lruCache.contains(R)) {
                    httpServletResponse.y(d());
                    return;
                }
            }
            if (lruCache == null) {
                lruCache = new LruCache(this.f10111g);
                if (T == null) {
                    T = httpServletRequest.T(true);
                }
                T.setAttribute("org.apache.catalina.filters.CSRF_NONCE", lruCache);
            }
            String c10 = c();
            lruCache.add(c10);
            servletResponse = new a(httpServletResponse, c10);
        }
        filterChain.a(servletRequest, servletResponse);
    }

    public void h(String str) {
        for (String str2 : str.split(",")) {
            this.f10110f.add(str2.trim());
        }
    }

    public void i(int i10) {
        this.f10111g = i10;
    }
}
