package com.ailikes.common.security.filter;

import com.ailikes.common.security.filter.base.SecurityFilter;
import java.io.IOException;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/ailikes/common/security/filter/CsrfTokenCkeckFilter.class */
public class CsrfTokenCkeckFilter implements SecurityFilter {
    private static final String CSRFTOKEN_PREFIX = "csrf_";

    @Override // com.ailikes.common.security.filter.base.SecurityFilter
    public void doFilterInvoke(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        if (httpServletRequest.getMethod().equals("POST")) {
            String tokenName = getTokenName(httpServletRequest);
            if (((Long) httpServletRequest.getSession().getAttribute(tokenName)).longValue() != Long.parseLong(httpServletRequest.getParameter(tokenName))) {
                throw new RuntimeException("post method csrf token not valid.");
            }
        }
    }

    private String getTokenName(HttpServletRequest httpServletRequest) {
        for (Map.Entry entry : httpServletRequest.getParameterMap().entrySet()) {
            if (((String) entry.getKey()).startsWith(CSRFTOKEN_PREFIX)) {
                return (String) entry.getKey();
            }
        }
        return null;
    }
}
