package com.cksource.ckfinder.http.request;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/cksource/ckfinder/http/request/DoubleSubmitCookieCsrfTokenValidator.class */
public class DoubleSubmitCookieCsrfTokenValidator implements CsrfTokenValidator {
    private static final String COOKIE_NAME = "ckCsrfToken";
    private static final String PARAMETER_NAME = "ckCsrfToken";
    private static final int MIN_TOKEN_LENGTH = 32;

    @Override // com.cksource.ckfinder.http.request.CsrfTokenValidator
    public boolean isValidRequest(HttpServletRequest httpServletRequest) {
        if (httpServletRequest == null) {
            return false;
        }
        String cookieValue = getCookieValue(httpServletRequest, "ckCsrfToken");
        String parameter = httpServletRequest.getParameter("ckCsrfToken");
        if (parameter == null) {
            parameter = (String) httpServletRequest.getAttribute("ckfinder.ckCsrfToken");
        }
        if (cookieValue == null || parameter == null || cookieValue.length() < MIN_TOKEN_LENGTH || parameter.length() < MIN_TOKEN_LENGTH) {
            return false;
        }
        return cookieValue.equals(parameter);
    }

    protected static String getCookieValue(HttpServletRequest httpServletRequest, String str) {
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null) {
            return null;
        }
        for (Cookie cookie : cookies) {
            if (cookie.getName().equals(str)) {
                return cookie.getValue();
            }
        }
        return null;
    }
}
