package org.jboss.seam.ui.renderkit;

import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import javax.faces.component.UIComponent;
import javax.faces.component.UIForm;
import javax.faces.context.FacesContext;
import javax.faces.context.ResponseWriter;
import javax.servlet.http.HttpSession;
import org.jboss.seam.ui.RenderStampStore;
import org.jboss.seam.ui.UnauthorizedCommandException;
import org.jboss.seam.ui.component.UIToken;
import org.jboss.seam.ui.util.HTML;
import org.jboss.seam.ui.util.cdk.RendererBase;
import org.jboss.seam.util.Base64;
import org.jboss.seam.util.RandomStringUtils;

/* loaded from: input_file:booking-web.war:WEB-INF/lib/jboss-seam-ui-2.3.0-SNAPSHOT.jar:org/jboss/seam/ui/renderkit/TokenRendererBase.class */
public class TokenRendererBase extends RendererBase {
    public static final String FORM_SIGNATURE_PARAM = "javax.faces.FormSignature";
    public static final String RENDER_STAMP_ATTR = "javax.faces.RenderStamp";
    private static final String COOKIE_CHECK_SCRIPT_KEY = "org.jboss.seam.ui.COOKIE_CHECK_SCRIPT";

    @Override // org.jboss.seam.ui.util.cdk.RendererBase
    protected Class getComponentClass() {
        return UIToken.class;
    }

    @Override // org.jboss.seam.ui.util.cdk.RendererBase
    protected void doDecode(FacesContext facesContext, UIComponent uIComponent) {
        UIToken uIToken = (UIToken) uIComponent;
        UIForm parentForm = uIToken.getParentForm();
        if (facesContext.getRenderKit().getResponseStateManager().isPostback(facesContext) && parentForm.isSubmitted()) {
            String clientUid = uIToken.getClientUid();
            String viewId = facesContext.getViewRoot().getViewId();
            if (clientUid == null) {
                throw new UnauthorizedCommandException(viewId, "No client identifier provided");
            }
            String str = (String) facesContext.getExternalContext().getRequestParameterMap().get(FORM_SIGNATURE_PARAM);
            if (str == null) {
                throw new UnauthorizedCommandException(viewId, "No form signature provided");
            }
            if (!str.equals(generateViewSignature(facesContext, parentForm, !uIToken.isAllowMultiplePosts(), uIToken.isRequireSession(), clientUid))) {
                throw new UnauthorizedCommandException(viewId, "Form signature invalid");
            }
            RenderStampStore instance = RenderStampStore.instance();
            if (instance != null) {
                instance.removeStamp(String.valueOf(parentForm.getAttributes().get(RENDER_STAMP_ATTR)));
            }
            parentForm.getAttributes().remove(RENDER_STAMP_ATTR);
        }
    }

    @Override // org.jboss.seam.ui.util.cdk.RendererBase
    protected void doEncodeBegin(ResponseWriter responseWriter, FacesContext facesContext, UIComponent uIComponent) throws IOException {
        UIToken uIToken = (UIToken) uIComponent;
        UIForm parentForm = uIToken.getParentForm();
        if (parentForm == null) {
            throw new IllegalStateException("UIToken must be inside a UIForm.");
        }
        String randomAlphanumeric = RandomStringUtils.randomAlphanumeric(50);
        RenderStampStore instance = RenderStampStore.instance();
        if (instance != null) {
            randomAlphanumeric = instance.storeStamp(randomAlphanumeric);
        }
        writeCookieCheckScript(facesContext, responseWriter, uIToken);
        uIToken.getClientUidSelector().seed();
        parentForm.getAttributes().put(RENDER_STAMP_ATTR, randomAlphanumeric);
        responseWriter.startElement("input", uIComponent);
        responseWriter.writeAttribute("type", HTML.INPUT_TYPE_HIDDEN, "type");
        responseWriter.writeAttribute("name", FORM_SIGNATURE_PARAM, "name");
        responseWriter.writeAttribute("value", generateViewSignature(facesContext, parentForm, !uIToken.isAllowMultiplePosts(), uIToken.isRequireSession(), uIToken.getClientUidSelector().getClientUid()), "value");
        responseWriter.endElement("input");
    }

    private void writeCookieCheckScript(FacesContext facesContext, ResponseWriter responseWriter, UIToken uIToken) throws IOException {
        if (uIToken.getClientUidSelector().isSet() || !uIToken.isEnableCookieNotice() || facesContext.getExternalContext().getRequestMap().containsKey(COOKIE_CHECK_SCRIPT_KEY)) {
            return;
        }
        responseWriter.startElement("script", uIToken);
        responseWriter.writeAttribute("type", HTML.SCRIPT_TYPE_TEXT_JAVASCRIPT, "type");
        responseWriter.write("if (!document.cookie) { alert('This website uses a security measure that requires cookies to be enabled in your browser. Since you have cookies disabled, you will not be permitted to submit a form.'); }");
        responseWriter.endElement("script");
        facesContext.getExternalContext().getRequestMap().put(COOKIE_CHECK_SCRIPT_KEY, true);
    }

    private String generateViewSignature(FacesContext facesContext, UIForm uIForm, boolean z, boolean z2, String str) {
        String str2 = facesContext.getExternalContext().getRequestContextPath() + "," + facesContext.getViewRoot().getViewId() + "," + uIForm.getClientId(facesContext);
        if (z) {
            String obj = uIForm.getAttributes().get(RENDER_STAMP_ATTR).toString();
            RenderStampStore instance = RenderStampStore.instance();
            if (instance != null) {
                obj = instance.getStamp(obj);
            }
            str2 = str2 + "," + obj;
        }
        if (z2) {
            str2 = str2 + "," + ((HttpSession) facesContext.getExternalContext().getSession(true)).getId();
        }
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
            messageDigest.update(str.getBytes());
            byte[] digest = messageDigest.digest();
            messageDigest.reset();
            messageDigest.update(str2.getBytes());
            messageDigest.update(digest);
            return Base64.encodeBytes(messageDigest.digest());
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            return null;
        }
    }
}
