package org.springframework.security.web.server.ui;

import java.nio.charset.Charset;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.security.config.Elements;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.web.server.csrf.CsrfToken;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.WebFilter;
import org.springframework.web.server.WebFilterChain;
import reactor.core.publisher.Mono;

/* loaded from: input_file:BOOT-INF/lib/spring-security-web-6.4.3.jar:org/springframework/security/web/server/ui/OneTimeTokenSubmitPageGeneratingWebFilter.class */
public final class OneTimeTokenSubmitPageGeneratingWebFilter implements WebFilter {
    private ServerWebExchangeMatcher matcher = ServerWebExchangeMatchers.pathMatchers(HttpMethod.GET, "/login/ott");
    private String loginProcessingUrl = "/login/ott";
    private static final String ONE_TIME_TOKEN_SUBMIT_PAGE_TEMPLATE = "<!DOCTYPE html>\n<html lang=\"en\">\n  <head>\n    <title>One-Time Token Login</title>\n    <meta charset=\"utf-8\"/>\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1, shrink-to-fit=no\"/>\n    <link href=\"{{contextPath}}/default-ui.css\" rel=\"stylesheet\" />\n  </head>\n  <body>\n    <div class=\"container\">\n      <form class=\"login-form\" action=\"{{loginProcessingUrl}}\" method=\"post\">\n        <h2>Please input the token</h2>\n        <p>\n          <label for=\"token\" class=\"screenreader\">Token</label>\n          <input type=\"text\" id=\"token\" name=\"token\" value=\"{{tokenValue}}\" placeholder=\"Token\" required=\"true\" autofocus=\"autofocus\"/>\n        </p>\n{{csrf}}\n        <button class=\"primary\" type=\"submit\">Sign in</button>\n      </form>\n    </div>\n  </body>\n</html>\n";
    private static final String CSRF_INPUT_TEMPLATE = "<input name=\"{{name}}\" type=\"hidden\" value=\"{{value}}\" />\n";

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.springframework.web.server.WebFilter
    public Mono<Void> filter(ServerWebExchange serverWebExchange, WebFilterChain webFilterChain) {
        return this.matcher.matches(serverWebExchange).filter((v0) -> {
            return v0.isMatch();
        }).switchIfEmpty(webFilterChain.filter(serverWebExchange).then(Mono.empty())).flatMap(matchResult -> {
            return render(serverWebExchange);
        });
    }

    private Mono<Void> render(ServerWebExchange serverWebExchange) {
        ServerHttpResponse response = serverWebExchange.getResponse();
        response.setStatusCode(HttpStatus.OK);
        response.getHeaders().setContentType(MediaType.TEXT_HTML);
        return response.writeWith(createBuffer(serverWebExchange));
    }

    private Mono<DataBuffer> createBuffer(ServerWebExchange serverWebExchange) {
        return ((Mono) serverWebExchange.getAttributeOrDefault(CsrfToken.class.getName(), Mono.empty())).map(OneTimeTokenSubmitPageGeneratingWebFilter::csrfToken).defaultIfEmpty("").map(str -> {
            return serverWebExchange.getResponse().bufferFactory().wrap(createPage(serverWebExchange, str));
        });
    }

    private byte[] createPage(ServerWebExchange serverWebExchange, String str) {
        String first = serverWebExchange.getRequest().getQueryParams().getFirst(OAuth2ParameterNames.TOKEN);
        String str2 = StringUtils.hasText(first) ? first : "";
        String value = serverWebExchange.getRequest().getPath().contextPath().value();
        return HtmlTemplates.fromTemplate(ONE_TIME_TOKEN_SUBMIT_PAGE_TEMPLATE).withRawHtml("contextPath", value).withValue("tokenValue", str2).withRawHtml(Elements.CSRF, str.indent(8)).withValue("loginProcessingUrl", value + this.loginProcessingUrl).render().getBytes(Charset.defaultCharset());
    }

    private static String csrfToken(CsrfToken csrfToken) {
        return HtmlTemplates.fromTemplate(CSRF_INPUT_TEMPLATE).withValue("name", csrfToken.getParameterName()).withValue("value", csrfToken.getToken()).render();
    }

    public void setRequestMatcher(ServerWebExchangeMatcher serverWebExchangeMatcher) {
        Assert.notNull(serverWebExchangeMatcher, "requestMatcher cannot be null");
        this.matcher = serverWebExchangeMatcher;
    }

    public void setLoginProcessingUrl(String str) {
        Assert.hasText(str, "loginProcessingUrl cannot be null or empty");
        this.loginProcessingUrl = str;
    }
}
