package com.github.ltsopensource.admin.web.support.csrf;

import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:WEB-INF/classes/com/github/ltsopensource/admin/web/support/csrf/CSRFTokenManager.class */
public final class CSRFTokenManager {
    static final String CSRF_PARAM_NAME = "csrfToken";
    public static final String CSRF_TOKEN_FOR_SESSION_ATTR_NAME = String.valueOf(CSRFTokenManager.class.getSimpleName()) + ".token";

    private CSRFTokenManager() {
    }

    public static String getToken(HttpSession httpSession) {
        HttpSession httpSession2 = httpSession;
        synchronized (httpSession2) {
            String str = (String) httpSession.getAttribute(CSRF_TOKEN_FOR_SESSION_ATTR_NAME);
            if (str == null) {
                str = UUID.randomUUID().toString();
                httpSession.setAttribute(CSRF_TOKEN_FOR_SESSION_ATTR_NAME, str);
            }
            httpSession2 = httpSession2;
            return str;
        }
    }

    public static String getToken(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter(CSRF_PARAM_NAME);
        if (parameter == null || "".equals(parameter)) {
            parameter = httpServletRequest.getHeader(CSRF_PARAM_NAME);
        }
        return parameter;
    }
}
