package org.shoulder.security.authentication.browser;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import org.apache.commons.lang3.StringUtils;
import org.shoulder.core.dto.response.BaseResult;
import org.shoulder.core.exception.CommonErrorCodeEnum;
import org.shoulder.core.log.ShoulderLoggers;
import org.shoulder.core.util.JsonUtils;
import org.shoulder.core.util.ServletUtil;
import org.slf4j.Logger;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.util.UrlUtils;
import org.springframework.util.Assert;

/* loaded from: input_file:org/shoulder/security/authentication/browser/AbstractSessionStrategy.class */
public class AbstractSessionStrategy {
    private String sessionInvalidUrl;
    private String signInPage;
    private String signOutUrl;
    private final Logger logger = ShoulderLoggers.SHOULDER_WEB;
    private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
    private boolean createNewSession = true;

    public AbstractSessionStrategy(String str, String str2, String str3) {
        Assert.isTrue(UrlUtils.isValidRedirectUrl(str), "url must start with '/' or with 'http(s)'");
        this.sessionInvalidUrl = str;
        this.signInPage = str2;
        this.signOutUrl = str3;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void onSessionInvalid(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        this.logger.debug("Starting new session (if required) and redirecting to '" + this.sessionInvalidUrl + "'");
        if (this.createNewSession) {
            httpServletRequest.getSession();
        }
        String requestURI = httpServletRequest.getRequestURI();
        if (isPageRequest(httpServletRequest)) {
            String str = (StringUtils.equals(requestURI, this.signInPage) || StringUtils.equals(requestURI, this.signOutUrl)) ? requestURI : this.sessionInvalidUrl;
            this.logger.debug("redirectTo:" + str);
            this.redirectStrategy.sendRedirect(httpServletRequest, httpServletResponse, str);
        } else {
            BaseResult baseResult = new BaseResult(CommonErrorCodeEnum.AUTH_401_NEED_AUTH);
            baseResult.setMsg(buildResponseContent(httpServletRequest));
            httpServletResponse.setContentType("application/json");
            httpServletResponse.getWriter().write(JsonUtils.toJson(baseResult));
        }
    }

    protected boolean isPageRequest(HttpServletRequest httpServletRequest) {
        return !ServletUtil.isAjax(httpServletRequest) && httpServletRequest.getHeader("Accept").contains("text/html");
    }

    protected String buildResponseContent(HttpServletRequest httpServletRequest) {
        StringBuilder sb = new StringBuilder("session invalid");
        if (isConcurrency()) {
            sb.append(",it may caused by concurrent logIn.");
        }
        return sb.toString();
    }

    protected boolean isConcurrency() {
        return false;
    }

    public void setCreateNewSession(boolean z) {
        this.createNewSession = z;
    }
}
