package com.iplanet.dpro.session;

import com.iplanet.am.util.SystemProperties;
import com.iplanet.dpro.session.operations.ClientSdkSessionOperationStrategy;
import com.iplanet.dpro.session.operations.ServerSessionOperationStrategy;
import com.iplanet.dpro.session.operations.SessionOperationStrategy;
import com.iplanet.dpro.session.operations.strategies.ClientSdkOperations;
import com.iplanet.dpro.session.service.SessionState;
import com.iplanet.dpro.session.service.SessionType;
import com.iplanet.dpro.session.share.SessionBundle;
import com.iplanet.dpro.session.share.SessionInfo;
import com.iplanet.services.naming.WebtopNaming;
import com.iplanet.sso.SSOToken;
import com.sun.identity.authentication.util.ISAuthConstants;
import com.sun.identity.common.SearchResults;
import com.sun.identity.session.util.RestrictedTokenAction;
import com.sun.identity.session.util.RestrictedTokenContext;
import com.sun.identity.shared.debug.Debug;
import java.net.URL;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicBoolean;
import org.forgerock.openam.blacklist.BlacklistException;
import org.forgerock.openam.blacklist.Blacklistable;
import org.forgerock.openam.sdk.org.forgerock.guice.core.InjectorHolder;
import org.forgerock.openam.sdk.org.forgerock.util.Reject;
import org.forgerock.openam.sdk.org.forgerock.util.annotations.VisibleForTesting;
import org.forgerock.openam.session.AMSession;
import org.forgerock.openam.session.SessionCache;
import org.forgerock.openam.session.SessionConstants;
import org.forgerock.openam.session.SessionCookies;
import org.forgerock.openam.session.SessionPLLSender;
import org.forgerock.openam.session.SessionServiceURLService;
import org.forgerock.openam.utils.Time;

/* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.1.jar:com/iplanet/dpro/session/Session.class */
public class Session implements Blacklistable, AMSession {
    public static final String CACHED_BASE_POLLING_PROPERTY = "com.iplanet.am.session.client.polling.cacheBased";
    private static final Debug sessionDebug = Debug.getInstance(SessionConstants.SESSION_DEBUG);
    private final SessionCookies sessionCookies;
    private final SessionCache sessionCache;
    private final SessionServiceURLService sessionServiceURLService;
    private final SessionOperationStrategy sessionOperationStrategy;
    private String clientID;
    private String clientDomain;
    private long maxSessionTime;
    private long maxIdleTime;
    private long maxCachingTime;
    private long sessionIdleTime;
    private long sessionTimeLeft;
    private long sessionExpiryTime;
    private URL sessionServiceURL;
    private volatile long latestRefreshTime;
    private String cookieStr;
    private SessionID sessionID;
    private SessionType sessionType = SessionType.USER;
    private volatile long timedOutAt = 0;
    protected SessionState sessionState = SessionState.INVALID;
    private AtomicBoolean removed = new AtomicBoolean(false);
    protected Hashtable<String, String> sessionProperties = new Hashtable<>();
    private volatile boolean needToReset = false;
    private Boolean cookieMode = null;
    private TokenRestriction restriction = null;
    private Object context = null;
    private Set<SessionListener> localSessionEventListeners = new HashSet();

    public Session(SessionID sessionID) {
        this.sessionID = sessionID;
        if (SystemProperties.isServerMode()) {
            this.sessionCookies = (SessionCookies) InjectorHolder.getInstance(SessionCookies.class);
            this.sessionCache = (SessionCache) InjectorHolder.getInstance(SessionCache.class);
            this.sessionServiceURLService = (SessionServiceURLService) InjectorHolder.getInstance(SessionServiceURLService.class);
            this.sessionOperationStrategy = (SessionOperationStrategy) InjectorHolder.getInstance(ServerSessionOperationStrategy.class);
            return;
        }
        this.sessionCache = SessionCache.getInstance();
        this.sessionCookies = SessionCookies.getInstance();
        this.sessionServiceURLService = SessionServiceURLService.getInstance();
        this.sessionOperationStrategy = new ClientSdkSessionOperationStrategy(new ClientSdkOperations(sessionDebug, new SessionPLLSender(this.sessionCookies), this.sessionServiceURLService));
    }

    public AtomicBoolean getRemoved() {
        return this.removed;
    }

    public SessionID getSessionID() {
        return this.sessionID;
    }

    public String getCookieStr() {
        return this.cookieStr;
    }

    public void setCookieStr(String str) {
        this.cookieStr = str;
    }

    public void setContext(Object obj) {
        this.context = obj;
    }

    @Override // org.forgerock.openam.session.AMSession
    public SessionID getID() {
        return this.sessionID;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setID(SessionID sessionID) {
        this.sessionID = sessionID;
    }

    public SessionType getType() {
        return this.sessionType;
    }

    public String getClientID() {
        return this.clientID;
    }

    public String getClientDomain() {
        return this.clientDomain;
    }

    public long getMaxSessionTime() {
        return this.maxSessionTime;
    }

    public long getMaxIdleTime() {
        return this.maxIdleTime;
    }

    public boolean isTimedOut() throws SessionException {
        if (this.timedOutAt > 0) {
            return true;
        }
        if (!usingCachedBasedPolling() && maxCachingTimeReached()) {
            try {
                refresh(false);
            } catch (SessionTimedOutException e) {
                this.latestRefreshTime = Time.currentTimeMillis() / 1000;
                this.timedOutAt = this.latestRefreshTime;
            }
        }
        return this.timedOutAt > 0;
    }

    public long getMaxCachingTime() {
        return this.maxCachingTime;
    }

    public long getIdleTime() throws SessionException {
        refreshSessionIfStale();
        return this.sessionIdleTime;
    }

    public long getTimeLeft() throws SessionException {
        refreshSessionIfStale();
        return this.sessionTimeLeft;
    }

    private void refreshSessionIfStale() throws SessionException {
        if (usingCachedBasedPolling() || !maxCachingTimeReached()) {
            return;
        }
        refresh(false);
    }

    @Override // org.forgerock.openam.blacklist.Blacklistable
    public long getBlacklistExpiryTime() throws BlacklistException {
        try {
            refreshSessionIfStale();
            return this.sessionExpiryTime;
        } catch (SessionException e) {
            throw new BlacklistException(e);
        }
    }

    public long getLatestRefreshTime() {
        return this.latestRefreshTime;
    }

    public SessionState getState(boolean z) throws SessionException {
        if (!usingCachedBasedPolling() && maxCachingTimeReached()) {
            refresh(z);
        } else if (z) {
            this.needToReset = true;
        }
        return this.sessionState;
    }

    public void setState(SessionState sessionState) {
        this.sessionState = sessionState;
    }

    public String getProperty(String str) throws SessionException {
        if (str != null ? !str.equals(this.sessionCookies.getLBCookieName()) : this.sessionCookies.getLBCookieName() != null) {
            if ((!usingCachedBasedPolling() && maxCachingTimeReached()) || !this.sessionProperties.containsKey(str)) {
                refresh(false);
            }
        }
        return this.sessionProperties.get(str);
    }

    public String dereferenceRestrictedTokenID(Session session, String str) throws SessionException {
        try {
            return this.sessionOperationStrategy.getOperation(session.getSessionID()).deferenceRestrictedID(session, new SessionID(str));
        } catch (Exception e) {
            sessionDebug.error("unable to find master token for  " + str, e);
            throw new SessionException(e);
        }
    }

    public boolean isRestricted() throws SessionException {
        return this.restriction != null;
    }

    public String getPropertyWithoutValidation(String str) {
        if (SystemProperties.isServerMode()) {
            return this.sessionProperties.get(str);
        }
        return null;
    }

    public void setProperty(String str, String str2) throws SessionException {
        if (str == null || str2 == null) {
            throw new SessionException("Session property name/value cannot be null");
        }
        try {
            this.sessionOperationStrategy.getOperation(getID()).setProperty(this, str, str2);
            this.sessionProperties.put(str, str2);
        } catch (Exception e) {
            throw new SessionException(e);
        }
    }

    public boolean maxCachingTimeReached() {
        return (Time.currentTimeMillis() / 1000) - this.latestRefreshTime > this.maxCachingTime * 60;
    }

    public URL getSessionServiceURL() throws SessionException {
        if (SystemProperties.isServerMode()) {
            return this.sessionServiceURLService.getSessionServiceURL(this.sessionID);
        }
        if (this.sessionServiceURL == null) {
            this.sessionServiceURL = this.sessionServiceURLService.getSessionServiceURL(this.sessionID);
        }
        return this.sessionServiceURL;
    }

    public void destroySession(Session session) throws SessionException {
        try {
            try {
                this.sessionOperationStrategy.getOperation(getID()).destroy(this, session);
                this.sessionCache.removeSID(session.getID());
            } catch (Exception e) {
                throw new SessionException(e);
            }
        } catch (Throwable th) {
            this.sessionCache.removeSID(session.getID());
            throw th;
        }
    }

    public void logout() throws SessionException {
        try {
            try {
                this.sessionOperationStrategy.getOperation(getID()).logout(this);
                this.sessionCache.removeSID(this.sessionID);
            } catch (Exception e) {
                throw new SessionException(e);
            }
        } catch (Throwable th) {
            this.sessionCache.removeSID(this.sessionID);
            throw th;
        }
    }

    public void addSessionListener(SessionListener sessionListener) throws SessionException {
        addSessionListener(sessionListener, false);
    }

    public void addSessionListener(SessionListener sessionListener, boolean z) throws SessionException {
        if (!z && this.sessionState != SessionState.VALID) {
            throw new SessionException(SessionBundle.rbName, "invalidSessionState", null);
        }
        this.localSessionEventListeners.add(sessionListener);
    }

    public SearchResults<Session> getValidSessions(String str, String str2) throws SessionException {
        String sessionServerProtocol = this.sessionID.getSessionServerProtocol();
        String str3 = str;
        String sessionServerPort = this.sessionID.getSessionServerPort();
        String sessionServerURI = this.sessionID.getSessionServerURI();
        int indexOf = str3.indexOf(ISAuthConstants.URL_SEPARATOR);
        if (indexOf != -1) {
            sessionServerProtocol = str3.substring(0, indexOf);
            str3 = str3.substring(indexOf + 3);
        }
        int indexOf2 = str3.indexOf(":");
        if (indexOf2 != -1) {
            sessionServerPort = str3.substring(indexOf2 + 1);
            str3 = str3.substring(0, indexOf2);
            int indexOf3 = sessionServerPort.indexOf("/");
            if (indexOf3 != -1) {
                sessionServerURI = sessionServerPort.substring(indexOf3);
                sessionServerPort = sessionServerPort.substring(0, indexOf3);
            }
        }
        return getValidSessions(this.sessionServiceURLService.getSessionServiceURL(sessionServerProtocol, str3, sessionServerPort, sessionServerURI), str2);
    }

    @VisibleForTesting
    Set<SessionListener> getLocalSessionEventListeners() {
        return this.localSessionEventListeners;
    }

    public static void invokeListeners(SessionEvent sessionEvent) {
        Reject.ifNull(sessionEvent, sessionEvent.getSession());
        Iterator<SessionListener> it = sessionEvent.getSession().getLocalSessionEventListeners().iterator();
        while (it.hasNext()) {
            it.next().sessionChanged(sessionEvent);
        }
    }

    private SearchResults<Session> getValidSessions(URL url, String str) throws SessionException {
        try {
            SearchResults<SessionInfo> validSessions = this.sessionOperationStrategy.getOperation(getID()).getValidSessions(this, str);
            Set<SessionInfo> searchResults = validSessions.getSearchResults();
            HashSet hashSet = new HashSet();
            for (SessionInfo sessionInfo : searchResults) {
                Session session = new Session(new SessionID(sessionInfo.getSessionID()));
                session.sessionServiceURL = url;
                session.update(sessionInfo);
                hashSet.add(session);
            }
            return new SearchResults<>(hashSet.size(), hashSet, validSessions.getErrorCode());
        } catch (Exception e) {
            sessionDebug.error("Session:getValidSession : ", e);
            throw new SessionException(SessionBundle.rbName, "getValidSessionsError", null);
        }
    }

    public void refresh(final boolean z) throws SessionException {
        Object current = RestrictedTokenContext.getCurrent();
        if (current == null) {
            current = this.context;
        }
        try {
            RestrictedTokenContext.doUsing(current, new RestrictedTokenAction() { // from class: com.iplanet.dpro.session.Session.1
                @Override // com.sun.identity.session.util.RestrictedTokenAction
                public Object run() throws Exception {
                    Session.this.doRefresh(z);
                    return null;
                }
            });
        } catch (Exception e) {
            this.sessionCache.removeSID(this.sessionID);
            if (sessionDebug.messageEnabled()) {
                sessionDebug.message("session.Refresh Removed SID:" + this.sessionID);
            }
            throw new SessionException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void doRefresh(boolean z) throws SessionException {
        boolean z2 = z || this.needToReset;
        this.needToReset = false;
        SessionInfo refresh = this.sessionOperationStrategy.getOperation(getID()).refresh(this, z2);
        long j = this.maxCachingTime;
        long j2 = this.maxIdleTime;
        long j3 = this.maxSessionTime;
        update(refresh);
        this.sessionCache.notifySessionRefresh(this, j, j2, j3);
    }

    public synchronized void update(SessionInfo sessionInfo) throws SessionException {
        String str;
        if (sessionInfo.getSessionType().equals("user")) {
            this.sessionType = SessionType.USER;
        } else if (sessionInfo.getSessionType().equals("application")) {
            this.sessionType = SessionType.APPLICATION;
        }
        this.clientID = sessionInfo.getClientID();
        this.clientDomain = sessionInfo.getClientDomain();
        this.maxSessionTime = sessionInfo.getMaxTime();
        this.maxIdleTime = sessionInfo.getMaxIdle();
        this.maxCachingTime = sessionInfo.getMaxCaching();
        this.sessionIdleTime = sessionInfo.getTimeIdle();
        this.sessionExpiryTime = sessionInfo.getExpiryTime(TimeUnit.MILLISECONDS);
        this.sessionTimeLeft = sessionInfo.getTimeLeft();
        this.sessionState = SessionState.valueOf(sessionInfo.getState().toUpperCase());
        this.sessionProperties = sessionInfo.getProperties();
        if (this.timedOutAt <= 0 && (str = this.sessionProperties.get("SessionTimedOut")) != null) {
            try {
                this.timedOutAt = Long.parseLong(str);
            } catch (NumberFormatException e) {
                sessionDebug.error("Invalid timeout value " + str, e);
            }
        }
        this.latestRefreshTime = Time.currentTimeMillis() / 1000;
        String str2 = this.sessionProperties.get(SessionConstants.TOKEN_RESTRICTION_PROP);
        if (str2 != null) {
            try {
                setRestriction(TokenRestrictionFactory.unmarshal(str2));
            } catch (Exception e2) {
                throw new SessionException(e2);
            }
        }
    }

    protected void setRestriction(TokenRestriction tokenRestriction) {
        this.restriction = tokenRestriction;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void createContext(SSOToken sSOToken) throws SessionException {
        if (sSOToken != null) {
            sessionDebug.message("Session.createContext():, setting context to  application SSO token");
            this.context = sSOToken;
        } else if (sessionDebug.warningEnabled()) {
            sessionDebug.warning("Session.createContext():, cannot obtain application SSO token, defaulting to IP address");
        }
    }

    public void timeout() {
        if (this.timedOutAt <= 0) {
            this.timedOutAt = Time.currentTimeMillis() / 1000;
        }
    }

    public void addInternalSessionListener() {
        try {
            this.sessionOperationStrategy.getOperation(this.sessionID).addSessionListener(this, WebtopNaming.getNotificationURL().toString());
        } catch (Exception e) {
            sessionDebug.warning("error adding internal session listener", e);
        }
    }

    public boolean getCookieSupport() {
        boolean z = false;
        try {
            Boolean cookieMode = this.sessionID.getCookieMode();
            if (cookieMode != null) {
                z = cookieMode.booleanValue();
            } else if (this.cookieMode != null) {
                z = this.cookieMode.booleanValue();
            } else {
                String property = getProperty(ISAuthConstants.COOKIE_SUPPORT_PROPERTY);
                if (property != null) {
                    z = property.equals("true");
                }
            }
        } catch (Exception e) {
            sessionDebug.error("Error getting cookieSupport value: ", e);
            z = true;
        }
        if (sessionDebug.messageEnabled()) {
            sessionDebug.message("Session: getCookieSupport: " + z);
        }
        return z;
    }

    public void setCookieMode(Boolean bool) {
        if (sessionDebug.messageEnabled()) {
            sessionDebug.message("CookieMode is:" + bool);
        }
        if (bool != null) {
            this.cookieMode = bool;
        }
    }

    public TokenRestriction getRestriction() throws SessionException {
        return this.restriction;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Object getContext() {
        return this.context;
    }

    @Override // org.forgerock.openam.blacklist.Blacklistable
    public String getStableStorageID() {
        return this.sessionID.getExtension().getStorageKey();
    }

    private boolean usingCachedBasedPolling() {
        return SystemProperties.getAsBoolean(CACHED_BASE_POLLING_PROPERTY, false);
    }

    public static Session getSession(SessionID sessionID) throws SessionException {
        return SessionCache.getInstance().getSession(sessionID);
    }

    public String toString() {
        return "Session [clientID=" + this.clientID + ", maxSessionTime=" + this.maxSessionTime + ", maxIdleTime=" + this.maxIdleTime + ", maxCachingTime=" + this.maxCachingTime + ", sessionIdleTime=" + this.sessionIdleTime + ", sessionTimeLeft=" + this.sessionTimeLeft + ", sessionExpiryTime=" + this.sessionExpiryTime + ", timedOutAt=" + this.timedOutAt + ", sessionID=" + this.sessionID + "]";
    }
}
