package org.owasp.csrfguard.action;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.owasp.csrfguard.CsrfGuard;
import org.owasp.csrfguard.CsrfGuardException;
import org.owasp.csrfguard.util.RandomGenerator;

/* loaded from: input_file:kernel/ef_root/WEBAPP/WEB-INF/lib/csrfguard-3.1.0.jar:org/owasp/csrfguard/action/Rotate.class */
public class Rotate extends AbstractAction {
    private static final long serialVersionUID = -3164557586544451406L;

    @Override // org.owasp.csrfguard.action.IAction
    public void execute(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, CsrfGuardException csrfGuardException, CsrfGuard csrfGuard) throws CsrfGuardException {
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null) {
            updateSessionToken(session, csrfGuard);
            if (csrfGuard.isTokenPerPageEnabled()) {
                updatePageTokens(session, csrfGuard);
            }
        }
    }

    private void updateSessionToken(HttpSession httpSession, CsrfGuard csrfGuard) throws CsrfGuardException {
        try {
            httpSession.setAttribute(csrfGuard.getSessionKey(), RandomGenerator.generateRandomId(csrfGuard.getPrng(), csrfGuard.getTokenLength()));
        } catch (Exception e) {
            throw new CsrfGuardException(String.format("unable to generate the random token - %s", e.getLocalizedMessage()), e);
        }
    }

    private void updatePageTokens(HttpSession httpSession, CsrfGuard csrfGuard) throws CsrfGuardException {
        Map map = (Map) httpSession.getAttribute(CsrfGuard.PAGE_TOKENS_KEY);
        ArrayList arrayList = new ArrayList();
        if (map != null) {
            arrayList.addAll(map.keySet());
        }
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            try {
                map.put((String) it.next(), RandomGenerator.generateRandomId(csrfGuard.getPrng(), csrfGuard.getTokenLength()));
            } catch (Exception e) {
                throw new CsrfGuardException(String.format("unable to generate the random token - %s", e.getLocalizedMessage()), e);
            }
        }
    }
}
