package org.pustefixframework.http;

import de.schlund.pfixxml.PfixServletRequest;
import de.schlund.pfixxml.PfixServletRequestImpl;
import de.schlund.pfixxml.serverutil.SessionAdmin;
import de.schlund.pfixxml.serverutil.SessionHelper;
import de.schlund.pfixxml.serverutil.SessionInfoStruct;
import de.schlund.pfixxml.util.CookieUtils;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.HashMap;
import java.util.LinkedList;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.apache.log4j.spi.LocationInfo;
import org.springframework.beans.factory.BeanFactory;
import org.springframework.beans.propertyeditors.CustomBooleanEditor;
import org.springframework.http.HttpHeaders;
import org.springframework.web.servlet.support.WebContentGenerator;

/* loaded from: input_file:WEB-INF/lib/pustefix-core-0.20.24.jar:org/pustefixframework/http/CookieOnlySessionTrackingStrategy.class */
public class CookieOnlySessionTrackingStrategy implements SessionTrackingStrategy {
    private Logger LOGGER_SESSION = Logger.getLogger("LOGGER_SESSION");
    private static final String STORED_REQUEST = "__STORED_PFIXSERVLETREQUEST__";
    static final String COOKIE_SESSION_SSL = "_PFXSSL_";
    static final String COOKIE_SESSION_SSL_CHECK = "_PFXSSLCHK_";
    static final String COOKIE_SESSION_RESET = "_PFXRST_";
    static final String PARAM_FORCELOCAL = "__forcelocal";
    private SessionTrackingStrategyContext context;

    @Override // org.pustefixframework.http.SessionTrackingStrategy
    public void init(SessionTrackingStrategyContext sessionTrackingStrategyContext) {
        this.context = sessionTrackingStrategyContext;
    }

    @Override // org.pustefixframework.http.SessionTrackingStrategy
    public void handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        PfixServletRequest pfixServletRequest;
        int i;
        if ("/pfxsession".equals(httpServletRequest.getPathInfo())) {
            int i2 = 0;
            if (httpServletRequest.getParameter("nocookies") != null) {
                i2 = 1;
            }
            String str = "-";
            if (httpServletRequest.isRequestedSessionIdValid()) {
                i = 0;
                str = httpServletRequest.getRequestedSessionId();
            } else if (httpServletRequest.getRequestedSessionId() == null) {
                i = 1;
            } else {
                i = 2;
                str = httpServletRequest.getRequestedSessionId();
            }
            this.LOGGER_SESSION.info("SESSION_COOKIE_CHECK|" + AbstractPustefixRequestHandler.getRemoteAddr(httpServletRequest) + "|" + i2 + "|" + i + "|" + str);
            sendInfo(httpServletResponse, "" + i);
            return;
        }
        PfixServletRequest pfixServletRequest2 = null;
        try {
            HttpSession session = httpServletRequest.getSession(false);
            if (session == null) {
                pfixServletRequest = new PfixServletRequestImpl(httpServletRequest, this.context.getServletManagerConfig().getProperties(), this.context);
            } else {
                pfixServletRequest = (PfixServletRequest) session.getAttribute(STORED_REQUEST);
                if (pfixServletRequest == null) {
                    pfixServletRequest = new PfixServletRequestImpl(httpServletRequest, this.context.getServletManagerConfig().getProperties(), this.context);
                } else {
                    session.removeAttribute(STORED_REQUEST);
                    pfixServletRequest.updateRequest(httpServletRequest);
                }
            }
            Cookie[] cookies = CookieUtils.getCookies(httpServletRequest);
            if (getCookie(cookies, COOKIE_SESSION_SSL_CHECK) != null) {
                resetCookie(COOKIE_SESSION_SSL_CHECK, httpServletRequest, httpServletResponse);
            }
            if (getCookie(cookies, COOKIE_SESSION_RESET) != null) {
                resetCookie(COOKIE_SESSION_RESET, httpServletRequest, httpServletResponse);
            }
            if (this.context.needsSession()) {
                if (httpServletRequest.isRequestedSessionIdValid()) {
                    if (this.context.needsSSL(pfixServletRequest)) {
                        if (!httpServletRequest.isSecure()) {
                            redirectToSSL(httpServletRequest, httpServletResponse, 302);
                            if (pfixServletRequest != null) {
                                pfixServletRequest.resetRequest();
                                return;
                            }
                            return;
                        }
                        if (((Boolean) session.getAttribute(SessionAdmin.SESSION_IS_SECURE)) != Boolean.TRUE) {
                            copySession(session, httpServletRequest, httpServletResponse);
                            addCookie(COOKIE_SESSION_SSL, "true", httpServletRequest, httpServletResponse);
                        }
                    }
                } else if (httpServletRequest.getRequestedSessionId() != null) {
                    if (httpServletRequest.isSecure() && getCookie(cookies, COOKIE_SESSION_SSL_CHECK) != null) {
                        resetSession(httpServletRequest, httpServletResponse);
                        resetCookie(COOKIE_SESSION_SSL, httpServletRequest, httpServletResponse);
                        redirect(httpServletRequest, httpServletResponse, 302, "http");
                        if (pfixServletRequest != null) {
                            pfixServletRequest.resetRequest();
                            return;
                        }
                        return;
                    }
                    if (this.context.needsSSL(pfixServletRequest) && !httpServletRequest.isSecure()) {
                        resetSession(httpServletRequest, httpServletResponse);
                        redirectToSSL(httpServletRequest, httpServletResponse, 301);
                        if (pfixServletRequest != null) {
                            pfixServletRequest.resetRequest();
                            return;
                        }
                        return;
                    }
                    boolean z = false;
                    Cookie cookie = getCookie(cookies, COOKIE_SESSION_RESET);
                    if (cookie != null && cookie.getValue().equals(httpServletRequest.getRequestedSessionId())) {
                        z = true;
                    }
                    String parameter = httpServletRequest.getParameter(PARAM_FORCELOCAL);
                    String str2 = (String) httpServletRequest.getAttribute("JK_LB_ACTIVATION");
                    if ((!httpServletRequest.getMethod().equals(WebContentGenerator.METHOD_POST) || (str2 != null && !str2.equals("ACT"))) && !z && (parameter == null || (!parameter.equals("1") && !parameter.equals("true") && !parameter.equals(CustomBooleanEditor.VALUE_YES)))) {
                        resetSession(httpServletRequest, httpServletResponse);
                        redirect(httpServletRequest, httpServletResponse, 301, httpServletRequest.getScheme());
                        if (pfixServletRequest != null) {
                            pfixServletRequest.resetRequest();
                            return;
                        }
                        return;
                    }
                    createSession(httpServletRequest, httpServletResponse);
                    if (httpServletRequest.isSecure()) {
                        addCookie(COOKIE_SESSION_SSL, "true", httpServletRequest, httpServletResponse);
                    }
                } else if (getCookie(cookies, COOKIE_SESSION_SSL) != null) {
                    if (!httpServletRequest.isSecure()) {
                        addCookie(COOKIE_SESSION_SSL_CHECK, "true", httpServletRequest, httpServletResponse);
                        redirectToSSLCheck(httpServletRequest, httpServletResponse, 302);
                        if (pfixServletRequest != null) {
                            pfixServletRequest.resetRequest();
                            return;
                        }
                        return;
                    }
                    if (getCookie(cookies, COOKIE_SESSION_SSL_CHECK) != null) {
                        resetCookie(COOKIE_SESSION_SSL, httpServletRequest, httpServletResponse);
                        redirect(httpServletRequest, httpServletResponse, 302, "http");
                        if (pfixServletRequest != null) {
                            pfixServletRequest.resetRequest();
                            return;
                        }
                        return;
                    }
                    createSession(httpServletRequest, httpServletResponse);
                } else if (!this.context.needsSSL(pfixServletRequest)) {
                    createSession(httpServletRequest, httpServletResponse);
                } else {
                    if (!httpServletRequest.isSecure()) {
                        if (httpServletRequest.getMethod().equals(WebContentGenerator.METHOD_POST)) {
                            createSession(httpServletRequest, httpServletResponse).setAttribute(STORED_REQUEST, pfixServletRequest);
                        }
                        redirectToSSL(httpServletRequest, httpServletResponse, 301);
                        if (pfixServletRequest != null) {
                            pfixServletRequest.resetRequest();
                            return;
                        }
                        return;
                    }
                    createSession(httpServletRequest, httpServletResponse);
                    addCookie(COOKIE_SESSION_SSL, "true", httpServletRequest, httpServletResponse);
                }
                if (httpServletResponse.isCommitted()) {
                    if (pfixServletRequest != null) {
                        pfixServletRequest.resetRequest();
                        return;
                    }
                    return;
                }
            } else {
                if (this.context.needsSSL(pfixServletRequest) && !httpServletRequest.isSecure()) {
                    redirectToSSL(httpServletRequest, httpServletResponse, 301);
                    if (pfixServletRequest != null) {
                        pfixServletRequest.resetRequest();
                        return;
                    }
                    return;
                }
                if (httpServletRequest.getRequestedSessionId() == null && getCookie(cookies, COOKIE_SESSION_SSL) != null && !httpServletRequest.isSecure()) {
                    redirectToSSL(httpServletRequest, httpServletResponse, 302);
                    if (pfixServletRequest != null) {
                        pfixServletRequest.resetRequest();
                        return;
                    }
                    return;
                }
            }
            pfixServletRequest.updateRequest(httpServletRequest);
            this.context.callProcess(pfixServletRequest, httpServletRequest, httpServletResponse);
            if (pfixServletRequest != null) {
                pfixServletRequest.resetRequest();
            }
        } catch (Throwable th) {
            if (0 != 0) {
                pfixServletRequest2.resetRequest();
            }
            throw th;
        }
    }

    private void resetSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (httpServletRequest.isRequestedSessionIdFromCookie()) {
            Cookie cookie = new Cookie(AbstractPustefixRequestHandler.getSessionCookieName(httpServletRequest), "");
            cookie.setMaxAge(0);
            cookie.setPath(httpServletRequest.getContextPath().equals("") ? "/" : httpServletRequest.getContextPath());
            httpServletResponse.addCookie(cookie);
            Cookie cookie2 = new Cookie(COOKIE_SESSION_RESET, httpServletRequest.getRequestedSessionId());
            cookie2.setMaxAge(60);
            cookie2.setPath(httpServletRequest.getContextPath().equals("") ? "/" : httpServletRequest.getContextPath());
            httpServletResponse.addCookie(cookie2);
        }
    }

    private void redirectToSSL(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, int i) {
        redirect(httpServletRequest, httpServletResponse, i, "https");
    }

    private void redirectToSSLCheck(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, int i) {
        String clearedURL = SessionHelper.getClearedURL("https", AbstractPustefixRequestHandler.getServerName(httpServletRequest), httpServletRequest, this.context.getServletManagerConfig().getProperties());
        if (httpServletRequest.getMethod().equals(WebContentGenerator.METHOD_POST) && httpServletRequest.getParameter("__lf") != null) {
            clearedURL = (httpServletRequest.getQueryString() == null ? clearedURL + LocationInfo.NA : clearedURL + BeanFactory.FACTORY_BEAN_PREFIX) + "__lf=" + httpServletRequest.getParameter("__lf");
        }
        AbstractPustefixRequestHandler.relocate(httpServletResponse, i, clearedURL);
    }

    private void redirect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, int i, String str) {
        AbstractPustefixRequestHandler.relocate(httpServletResponse, i, SessionHelper.getClearedURL(str, AbstractPustefixRequestHandler.getServerName(httpServletRequest), httpServletRequest, this.context.getServletManagerConfig().getProperties()));
    }

    private HttpSession createSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (!this.context.allowSessionCreate()) {
            if (httpServletResponse.isCommitted()) {
                throw new ServletException("Creating session not allowed.");
            }
            httpServletResponse.sendError(403, "Session required");
            return null;
        }
        HttpSession session = httpServletRequest.getSession(true);
        this.LOGGER_SESSION.info("Create session: " + session.getId());
        session.setAttribute(AbstractPustefixRequestHandler.SESSION_ATTR_COOKIE_SESSION, true);
        if (httpServletRequest.isSecure()) {
            session.setAttribute(SessionAdmin.SESSION_IS_SECURE, Boolean.TRUE);
        }
        this.context.registerSession(httpServletRequest, session);
        return session;
    }

    private HttpSession copySession(HttpSession httpSession, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (!this.context.allowSessionCreate()) {
            if (httpServletResponse.isCommitted()) {
                throw new ServletException("Creating session not allowed.");
            }
            httpServletResponse.sendError(403, "Session required");
            return null;
        }
        HashMap hashMap = new HashMap();
        SessionHelper.saveSessionData(hashMap, httpSession);
        SessionInfoStruct info = this.context.getSessionAdmin().getInfo(httpSession);
        LinkedList<SessionInfoStruct.TrailElement> linkedList = new LinkedList<>();
        if (info != null) {
            linkedList = this.context.getSessionAdmin().getInfo(httpSession).getTraillog();
        }
        SessionUtils.invalidate(httpSession);
        HttpSession session = httpServletRequest.getSession(true);
        this.LOGGER_SESSION.info("Create session: " + session.getId());
        session.setAttribute(AbstractPustefixRequestHandler.SESSION_ATTR_COOKIE_SESSION, true);
        if (httpServletRequest.isSecure()) {
            session.setAttribute(SessionAdmin.SESSION_IS_SECURE, Boolean.TRUE);
        }
        if (info == null) {
            this.context.registerSession(httpServletRequest, session);
        } else {
            this.context.getSessionAdmin().registerSession(session, linkedList, info.getData().getServerName(), info.getData().getRemoteAddr());
        }
        SessionHelper.copySessionData(hashMap, session);
        return session;
    }

    private static void addCookie(String str, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Cookie cookie = new Cookie(str, str2);
        cookie.setMaxAge(-1);
        cookie.setPath(httpServletRequest.getContextPath().equals("") ? "/" : httpServletRequest.getContextPath());
        httpServletResponse.addCookie(cookie);
    }

    private static void resetCookie(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Cookie cookie = new Cookie(str, "");
        cookie.setMaxAge(0);
        cookie.setPath(httpServletRequest.getContextPath().equals("") ? "/" : httpServletRequest.getContextPath());
        httpServletResponse.addCookie(cookie);
    }

    private static Cookie getCookie(Cookie[] cookieArr, String str) {
        if (cookieArr == null) {
            return null;
        }
        for (Cookie cookie : cookieArr) {
            if (cookie.getName().equals(str)) {
                return cookie;
            }
        }
        return null;
    }

    public static void sendInfo(HttpServletResponse httpServletResponse, String str) throws IOException {
        httpServletResponse.setContentType("text/plain");
        httpServletResponse.setHeader(HttpHeaders.CACHE_CONTROL, "no-store, no-cache");
        httpServletResponse.setHeader(HttpHeaders.PRAGMA, "no-cache");
        PrintWriter writer = httpServletResponse.getWriter();
        writer.print(str);
        writer.close();
    }
}
