package org.owasp.webgoat.service;

import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
/* loaded from: input_file:WebGoat.war:WEB-INF/classes/org/owasp/webgoat/service/SessionService.class */
public class SessionService extends BaseService {
    @RequestMapping(value = {"/session.mvc"}, produces = {"application/json"})
    @ResponseBody
    public String showSession(HttpServletRequest httpServletRequest, HttpSession httpSession) {
        StringBuilder sb = new StringBuilder();
        sb.append("id").append(" = ").append(httpSession.getId()).append("\n");
        sb.append("created").append(" = ").append(new Date(httpSession.getCreationTime())).append("\n");
        sb.append("last access").append(" = ").append(new Date(httpSession.getLastAccessedTime())).append("\n");
        sb.append("timeout (secs)").append(" = ").append(httpSession.getMaxInactiveInterval()).append("\n");
        sb.append("session from cookie?").append(" = ").append(httpServletRequest.isRequestedSessionIdFromCookie()).append("\n");
        sb.append("session from url?").append(" = ").append(httpServletRequest.isRequestedSessionIdFromURL()).append("\n");
        sb.append("=====================================\n");
        ArrayList<String> arrayList = new ArrayList();
        Enumeration<String> attributeNames = httpSession.getAttributeNames();
        while (attributeNames.hasMoreElements()) {
            arrayList.add(attributeNames.nextElement());
        }
        Collections.sort(arrayList);
        for (String str : arrayList) {
            sb.append(str).append(" = ").append(httpSession.getAttribute(str) + "").append("\n");
        }
        return sb.toString();
    }
}
