package play.data.validation;

import com.google.gson.Gson;
import com.google.gson.JsonSyntaxException;
import com.google.gson.reflect.TypeToken;
import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.annotation.CheckReturnValue;
import javax.annotation.Nonnull;
import net.sf.oval.ConstraintViolation;
import net.sf.oval.Validator;
import net.sf.oval.guard.Guard;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import play.PlayPlugin;
import play.exceptions.UnexpectedException;
import play.mvc.ActionInvoker;
import play.mvc.Http;
import play.mvc.Scope;
import play.mvc.results.Result;
import play.utils.ErrorsCookieCrypter;
import play.utils.Java;

/* loaded from: input_file:play/data/validation/ValidationPlugin.class */
public class ValidationPlugin extends PlayPlugin {
    static final ThreadLocal<Map<Object, String>> keys = new ThreadLocal<>();
    private static final ErrorsCookieCrypter errorsCookieCrypter = new ErrorsCookieCrypter();
    private static final Logger securityLogger = LoggerFactory.getLogger("security");
    private static final Gson GSON = new Gson();
    private static final TypeToken<List<Error>> TYPE_ERRORS_LIST = new TypeToken<List<Error>>() { // from class: play.data.validation.ValidationPlugin.1
    };

    /* loaded from: input_file:play/data/validation/ValidationPlugin$Validator.class */
    static class Validator extends Guard {
        Validator() {
        }

        public List<ConstraintViolation> validateAction(Http.Request request, Scope.Session session, Method method) {
            Object[] actionMethodArgs = ActionInvoker.getActionMethodArgs(request, session, method);
            ArrayList arrayList = new ArrayList();
            arrayList.addAll(validateMethodParameters(method, actionMethodArgs));
            arrayList.addAll(validateMethodPre(method, actionMethodArgs));
            return arrayList;
        }

        private List<ConstraintViolation> validateMethodParameters(Method method, Object[] objArr) {
            Validator.InternalValidationCycle internalValidationCycle = new Validator.InternalValidationCycle(this, (Object) null, (String[]) null);
            validateMethodParameters(null, method, objArr, internalValidationCycle);
            return internalValidationCycle.violations;
        }

        private List<ConstraintViolation> validateMethodPre(Method method, Object[] objArr) {
            Validator.InternalValidationCycle internalValidationCycle = new Validator.InternalValidationCycle(this, (Object) null, (String[]) null);
            validateMethodPre(null, method, objArr, internalValidationCycle);
            return internalValidationCycle.violations;
        }
    }

    @Override // play.PlayPlugin
    public void beforeInvocation() {
        keys.set(new HashMap());
        Validation.current.set(new Validation());
    }

    @Override // play.PlayPlugin
    public void beforeActionInvocation(Http.Request request, Http.Response response, Scope.Session session, Scope.RenderArgs renderArgs, Scope.Flash flash, Method method) {
        Validation.current.set(restore(request));
        if (needsValidation(method)) {
            List<ConstraintViolation> validateAction = new Validator().validateAction(request, session, method);
            ArrayList arrayList = new ArrayList();
            String[] parameterNames = Java.parameterNames(method);
            for (ConstraintViolation constraintViolation : validateAction) {
                arrayList.add(Error.toValidationError(parameterNames[constraintViolation.getContext().getParameterIndex()], constraintViolation));
            }
            Validation.current.get().errors.addAll(arrayList);
        }
    }

    private boolean needsValidation(Method method) {
        for (Annotation[] annotationArr : method.getParameterAnnotations()) {
            if (annotationArr.length > 0) {
                return true;
            }
        }
        return false;
    }

    @Override // play.PlayPlugin
    public void onActionInvocationResult(@Nonnull Http.Request request, @Nonnull Http.Response response, @Nonnull Scope.Session session, @Nonnull Scope.RenderArgs renderArgs, Result result) {
        save(request, response);
    }

    @Override // play.PlayPlugin
    public void onActionInvocationException(@Nonnull Http.Request request, @Nonnull Http.Response response, @Nonnull Throwable th) {
        clear(response);
    }

    @Override // play.PlayPlugin
    public void onActionInvocationFinally(@Nonnull Http.Request request) {
        onJobInvocationFinally();
    }

    @Override // play.PlayPlugin
    public void onJobInvocationFinally() {
        if (keys.get() != null) {
            keys.get().clear();
        }
        keys.remove();
        Validation.current.remove();
    }

    Validation restore(Http.Request request) {
        try {
            Validation validation = new Validation();
            String str = Scope.COOKIE_PREFIX + "_ERRORS";
            Http.Cookie cookie = request.cookies.get(str);
            if (cookie != null) {
                try {
                    validation.errors.addAll(parseErrorsCookie(errorsCookieCrypter.decrypt(URLDecoder.decode(cookie.value, StandardCharsets.UTF_8))));
                } catch (RuntimeException e) {
                    securityLogger.error("Failed to decrypt cookie {}={}", new Object[]{str, cookie.value, e});
                }
            }
            return validation;
        } catch (RuntimeException e2) {
            securityLogger.error("Failed to restored validation errors from cookie", e2);
            return new Validation();
        }
    }

    @Nonnull
    @CheckReturnValue
    List<Error> parseErrorsCookie(String str) {
        List<Error> list;
        if (str != null) {
            try {
                if (!str.isEmpty()) {
                    list = (List) GSON.fromJson(str, TYPE_ERRORS_LIST);
                    return list;
                }
            } catch (JsonSyntaxException e) {
                return Collections.emptyList();
            }
        }
        list = Collections.emptyList();
        return list;
    }

    void save(Http.Request request, Http.Response response) {
        if (response == null) {
            return;
        }
        if (Validation.errors().isEmpty()) {
            if (request.cookies.containsKey(Scope.COOKIE_PREFIX + "_ERRORS")) {
                response.setCookie(Scope.COOKIE_PREFIX + "_ERRORS", "", null, "/", 0, Scope.COOKIE_SECURE, Scope.SESSION_HTTPONLY);
                return;
            }
            return;
        }
        try {
            String str = "";
            if (Validation.current() != null && Validation.current().keep) {
                str = composeErrorsCookieValue(new ArrayList(Validation.errors()));
            }
            response.setCookie(Scope.COOKIE_PREFIX + "_ERRORS", URLEncoder.encode(errorsCookieCrypter.encrypt(str), StandardCharsets.UTF_8), null, "/", null, Scope.COOKIE_SECURE, Scope.SESSION_HTTPONLY);
        } catch (Exception e) {
            throw new UnexpectedException("Failed to serialize errors cookie", e);
        }
    }

    @Nonnull
    @CheckReturnValue
    String composeErrorsCookieValue(List<Error> list) {
        return GSON.toJson(list);
    }

    private void clear(@Nonnull Http.Response response) {
        try {
            if (response.cookies != null) {
                Http.Cookie cookie = new Http.Cookie(Scope.COOKIE_PREFIX + "_ERRORS", "");
                cookie.sendOnError = true;
                response.cookies.put(cookie.name, cookie);
            }
        } catch (Exception e) {
            throw new UnexpectedException("Errors serializationProblem", e);
        }
    }
}
