package com.iplanet.dpro.session.service;

import com.iplanet.am.util.SystemProperties;
import com.iplanet.dpro.session.Session;
import com.iplanet.dpro.session.SessionException;
import com.iplanet.dpro.session.SessionID;
import com.iplanet.dpro.session.TokenRestriction;
import com.iplanet.dpro.session.operations.SessionOperationStrategy;
import com.iplanet.dpro.session.share.SessionInfo;
import com.iplanet.services.naming.WebtopNaming;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.sun.identity.common.SearchResults;
import com.sun.identity.idm.AMIdentity;
import com.sun.identity.idm.IdRepoException;
import com.sun.identity.idm.IdType;
import com.sun.identity.idm.IdUtils;
import com.sun.identity.shared.Constants;
import com.sun.identity.shared.debug.Debug;
import java.util.Collection;
import org.forgerock.openam.dpro.session.PartialSession;
import org.forgerock.openam.sdk.javax.inject.Inject;
import org.forgerock.openam.sdk.javax.inject.Named;
import org.forgerock.openam.sdk.javax.inject.Singleton;
import org.forgerock.openam.sdk.org.forgerock.guice.core.InjectorHolder;
import org.forgerock.openam.sdk.org.forgerock.util.Reject;
import org.forgerock.openam.session.SessionEventType;
import org.forgerock.openam.session.service.SessionAccessManager;
import org.forgerock.openam.utils.CrestQuery;
import org.forgerock.openam.utils.Time;

@Singleton
/* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.2.jar:com/iplanet/dpro/session/service/SessionService.class */
public class SessionService {
    public static final String SESSION_SERVICE = "session";
    private final Debug sessionDebug;
    private final DsameAdminTokenProvider dsameAdminTokenProvider;
    private final InternalSessionListener sessionEventBroker;
    private final InternalSessionFactory internalSessionFactory;
    private final SessionOperationStrategy sessionOperationStrategy;
    private final SessionAccessManager sessionAccessManager;

    @Inject
    private SessionService(@Named("amSession") Debug debug, DsameAdminTokenProvider dsameAdminTokenProvider, InternalSessionEventBroker internalSessionEventBroker, InternalSessionFactory internalSessionFactory, SessionAccessManager sessionAccessManager, SessionOperationStrategy sessionOperationStrategy) {
        this.sessionDebug = debug;
        this.dsameAdminTokenProvider = dsameAdminTokenProvider;
        this.sessionEventBroker = internalSessionEventBroker;
        this.internalSessionFactory = internalSessionFactory;
        this.sessionOperationStrategy = sessionOperationStrategy;
        this.sessionAccessManager = sessionAccessManager;
    }

    public String getRestrictedTokenId(String str, TokenRestriction tokenRestriction) throws SessionException {
        SessionID sessionID = new SessionID(str);
        return this.sessionOperationStrategy.getOperation(sessionID).getRestrictedTokenId(sessionID, tokenRestriction);
    }

    public InternalSession newInternalSession(String str, boolean z) {
        return newInternalSession(str, z, true);
    }

    public InternalSession newInternalSession(String str, boolean z, boolean z2) {
        return this.internalSessionFactory.newInternalSession(str, z, z2);
    }

    private Session resolveSession(SessionID sessionID) throws SessionException {
        return this.sessionOperationStrategy.getOperation(sessionID).resolveSession(sessionID);
    }

    public void destroySession(Session session, SessionID sessionID) throws SessionException {
        if (sessionID == null) {
            return;
        }
        this.sessionOperationStrategy.getOperation(sessionID).destroy(session, resolveSession(sessionID));
    }

    public void destroyAuthenticationSession(SessionID sessionID) {
        InternalSession removeSession = ((AuthenticationSessionStore) InjectorHolder.getInstance(AuthenticationSessionStore.class)).removeSession(sessionID);
        if (removeSession == null) {
            removeSession = this.sessionAccessManager.getInternalSession(sessionID);
            this.sessionAccessManager.removeInternalSession(removeSession);
        }
        if (removeSession != null && removeSession.getState() != SessionState.INVALID) {
            fireSessionEvent(removeSession, SessionEventType.DESTROY);
            removeSession.setState(SessionState.DESTROYED);
        }
        this.sessionAccessManager.removeSessionId(sessionID);
    }

    private void fireSessionEvent(InternalSession internalSession, SessionEventType sessionEventType) {
        this.sessionEventBroker.onEvent(new InternalSessionEvent(internalSession, sessionEventType, Time.currentTimeMillis()));
    }

    public boolean checkSessionExists(SessionID sessionID) throws SessionException {
        return this.sessionOperationStrategy.getOperation(sessionID).checkSessionExists(sessionID);
    }

    public SessionInfo getSessionInfo(SessionID sessionID, boolean z) throws SessionException {
        return this.sessionOperationStrategy.getOperation(sessionID).getSessionInfo(sessionID, z);
    }

    public SearchResults<SessionInfo> getValidSessions(Session session, String str) throws SessionException {
        return this.sessionOperationStrategy.getOperation(session.getSessionID()).getValidSessions(session, str);
    }

    public Collection<PartialSession> getMatchingSessions(Session session, CrestQuery crestQuery) throws SessionException {
        Reject.ifNull(session, "Caller may not be null");
        Reject.ifNull(crestQuery, "CREST query may not be null");
        return this.sessionOperationStrategy.getOperation(session.getSessionID()).getMatchingSessions(crestQuery);
    }

    public void logout(Session session) throws SessionException {
        this.sessionOperationStrategy.getOperation(session.getSessionID()).logout(session);
    }

    public void addSessionListener(Session session, String str) throws SessionException {
        this.sessionOperationStrategy.getOperation(session.getSessionID()).addSessionListener(session, str);
    }

    public void setExternalProperty(SSOToken sSOToken, SessionID sessionID, String str, String str2) throws SessionException {
        this.sessionOperationStrategy.getOperation(sessionID).setExternalProperty(sSOToken, sessionID, str, str2);
    }

    public boolean isSuperUser(String str) {
        boolean z = false;
        try {
            AMIdentity aMIdentity = null;
            String str2 = SystemProperties.get(Constants.AUTHENTICATION_SUPER_USER);
            if (str2 != null) {
                aMIdentity = new AMIdentity(this.dsameAdminTokenProvider.getAdminToken(), str2, IdType.USER, "/", (String) null);
            }
            z = aMIdentity.equals(IdUtils.getIdentity(this.dsameAdminTokenProvider.getAdminToken(), str));
        } catch (SSOException e) {
            this.sessionDebug.error("SessionService.isSuperUser: Cannot get the admin token for this operation.", e);
        } catch (IdRepoException e2) {
            this.sessionDebug.error("SessionService.isSuperUser: Cannot get the user identity '{}'.", str, e2);
        }
        if (this.sessionDebug.messageEnabled()) {
            this.sessionDebug.message("SessionService.isSuperUser: " + z);
        }
        return z;
    }

    public static String getAMServerID() {
        try {
            return WebtopNaming.getAMServerID();
        } catch (Exception e) {
            return null;
        }
    }
}
