package org.cloudfoundry.multiapps.controller.web.security;

import jakarta.inject.Named;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import org.cloudfoundry.multiapps.controller.web.Constants;
import org.springframework.security.web.csrf.CsrfToken;
import org.springframework.web.filter.OncePerRequestFilter;

@Named("csrfHeadersFilter")
/* loaded from: input_file:org/cloudfoundry/multiapps/controller/web/security/CsrfHeadersFilter.class */
public class CsrfHeadersFilter extends OncePerRequestFilter {
    private static final String SPRING_SECURITY_CSRF_SESSION_ATTRIBUTE = "_csrf";

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        filterChain.doFilter(httpServletRequest, httpServletResponse);
        CsrfToken csrfToken = (CsrfToken) httpServletRequest.getAttribute(SPRING_SECURITY_CSRF_SESSION_ATTRIBUTE);
        if (csrfToken == null || httpServletResponse.isCommitted()) {
            return;
        }
        httpServletResponse.setHeader(Constants.CSRF_HEADER_NAME, csrfToken.getHeaderName());
        httpServletResponse.setHeader(Constants.CSRF_PARAM_NAME, csrfToken.getParameterName());
        httpServletResponse.setHeader(Constants.CSRF_TOKEN, csrfToken.getToken());
    }
}
