package org.pustefixframework.http;

import com.sun.mail.imap.IMAPStore;
import de.schlund.pfixxml.PfixServletRequest;
import de.schlund.pfixxml.PfixServletRequestImpl;
import de.schlund.pfixxml.exceptionprocessor.ExceptionProcessingConfiguration;
import de.schlund.pfixxml.serverutil.SessionAdmin;
import de.schlund.pfixxml.serverutil.SessionHelper;
import de.schlund.pfixxml.serverutil.SessionInfoStruct;
import de.schlund.pfixxml.util.CookieUtils;
import de.schlund.pfixxml.util.MD5Utils;
import java.io.IOException;
import java.nio.charset.Charset;
import java.text.NumberFormat;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.TreeSet;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.bsf.debug.util.DebugConstants;
import org.apache.log4j.Logger;
import org.pustefixframework.config.contextxmlservice.ServletManagerConfig;
import org.pustefixframework.container.spring.http.UriProvidingHttpRequestHandler;
import org.pustefixframework.http.internal.PustefixInit;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.propertyeditors.CustomBooleanEditor;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.web.context.ServletContextAware;

/* loaded from: input_file:WEB-INF/lib/pustefix-core-0.15.20.jar:org/pustefixframework/http/AbstractPustefixRequestHandler.class */
public abstract class AbstractPustefixRequestHandler implements UriProvidingHttpRequestHandler, ServletContextAware, InitializingBean {
    public static final String VISIT_ID = "__VISIT_ID__";
    public static final String PROP_LOADINDEX = "__PROPERTIES_LOAD_INDEX";
    private static final String STORED_REQUEST = "__STORED_PFIXSERVLETREQUEST__";
    private static final String SECURE_SESS_COOKIE = "__PFIX_SSC_";
    private static final String SECURE_SESS_COOKIE_OLD = "__PFIX_SEC_";
    private static final String COOKIE_VALUE_SEPARATOR = "_";
    private static final String COOKIE_VALUE_SEPARATOR_OLD = ":";
    private static final String TEST_COOKIE = "__PFIX_TST_";
    private static final String SESSION_COOKIES_MARKER = "__COOKIES_USED_DURING_SESSION__";
    private static final String REFUSE_COOKIES = "__REFUSE_COOKIES__";
    private static final String RAND_SESS_COOKIE_VALUE = "__RAND_SESS_COOKIE_VALUE__";
    private static final String CHECK_FOR_RUNNING_SSL_SESSION = "__CHECK_FOR_RUNNING_SSL_SESSION__";
    private static final String PARAM_FORCELOCAL = "__forcelocal";
    public static final String PROP_COOKIE_SEC_NOT_ENFORCED = "servletmanager.cookie_security_not_enforced";
    public static final String PROP_P3PHEADER = "servletmanager.p3p";
    public static final String PROP_SSL_REDIRECT_PORT = "pfixcore.ssl_redirect_port.for.";
    protected static final String DEF_CONTENT_TYPE = "text/html";
    private static final String DEFAULT_ENCODING = "UTF-8";
    private static final String SERVLET_ENCODING = "servlet.encoding";
    private static final int MAX_PARALLEL_SEC_SESSIONS = 10;
    private static String TIMESTAMP_ID;
    private static int INC_ID;
    private boolean cookie_security_not_enforced = false;
    private Logger LOGGER_VISIT = Logger.getLogger("LOGGER_VISIT");
    private static Logger LOG;
    private String servletEncoding;
    private ServletContext servletContext;
    private String handlerURI;
    private SessionAdmin sessionAdmin;
    private ExceptionProcessingConfiguration exceptionProcessingConfig;
    public static final int HTTP_PORT = 80;
    public static final int HTTPS_PORT = 443;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/pustefix-core-0.15.20.jar:org/pustefixframework/http/AbstractPustefixRequestHandler$SortableCookie.class */
    public class SortableCookie implements Comparable<SortableCookie> {
        public final Cookie cookie;
        public final long lasttouch;
        static final /* synthetic */ boolean $assertionsDisabled;

        @Override // java.lang.Comparable
        public final int compareTo(SortableCookie sortableCookie) {
            if (sortableCookie.lasttouch > this.lasttouch) {
                return -1;
            }
            return sortableCookie.lasttouch < this.lasttouch ? 1 : 0;
        }

        public SortableCookie(Cookie cookie, long j) {
            this.cookie = cookie;
            this.lasttouch = j;
            if (!$assertionsDisabled && cookie == null) {
                throw new AssertionError("cookie argument must not be null");
            }
            if (!$assertionsDisabled && j <= 0) {
                throw new AssertionError("lasttouch argument must be > 0");
            }
        }

        static {
            $assertionsDisabled = !AbstractPustefixRequestHandler.class.desiredAssertionStatus();
        }
    }

    protected abstract ServletManagerConfig getServletManagerConfig();

    protected boolean runningUnderSSL(HttpServletRequest httpServletRequest) {
        return httpServletRequest.isSecure();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean needsSSL(PfixServletRequest pfixServletRequest) throws ServletException {
        return getServletManagerConfig().isSSL();
    }

    protected abstract boolean needsSession();

    protected abstract boolean allowSessionCreate();

    protected int validateRequest(HttpServletRequest httpServletRequest) {
        return 0;
    }

    public static String getServerName(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("X-Forwarded-Server");
        return (header == null || header.equals("")) ? httpServletRequest.getServerName() : header;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void relocate(HttpServletResponse httpServletResponse, String str) {
        relocate(httpServletResponse, DebugConstants.DM_PLACE_BREAKPOINT_AT_LINE, str);
    }

    protected void relocate(HttpServletResponse httpServletResponse, int i, String str) {
        LOG.debug("\n\n        ======> relocating to " + str + "\n");
        httpServletResponse.setHeader("Expires", "Mon, 26 Jul 1997 05:00:00 GMT");
        httpServletResponse.setHeader("Pragma", "no-cache");
        httpServletResponse.setHeader("Cache-Control", "no-cache, no-store, private, must-revalidate");
        httpServletResponse.setStatus(i);
        httpServletResponse.setHeader("Location", str);
    }

    public void setHandlerURI(String str) {
        this.handlerURI = str;
    }

    @Override // org.pustefixframework.container.spring.http.UriProvidingHttpRequestHandler
    public String[] getRegisteredURIs() {
        return new String[]{this.handlerURI};
    }

    @Override // org.springframework.web.HttpRequestHandler
    public void handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        boolean z;
        boolean doCookieTest;
        httpServletRequest.setCharacterEncoding(this.servletEncoding);
        httpServletResponse.setCharacterEncoding(this.servletEncoding);
        if (LOG.isDebugEnabled()) {
            LOG.debug("\n ------------------- Start of new Request ---------------");
            LOG.debug("====> Scheme://Server:Port " + httpServletRequest.getScheme() + "://" + getServerName(httpServletRequest) + ":" + httpServletRequest.getServerPort());
            LOG.debug("====> URI:   " + httpServletRequest.getRequestURI());
            LOG.debug("====> Query: " + httpServletRequest.getQueryString());
            LOG.debug("----> needsSession=" + needsSession() + " allowSessionCreate=" + allowSessionCreate());
            LOG.debug("====> Sessions: " + this.sessionAdmin.toString());
            LOG.debug("\n");
            Enumeration headerNames = httpServletRequest.getHeaderNames();
            while (headerNames.hasMoreElements()) {
                String str = (String) headerNames.nextElement();
                LOG.debug("+++ Header: " + str + " -> " + httpServletRequest.getHeader(str));
            }
        }
        int validateRequest = validateRequest(httpServletRequest);
        if (validateRequest(httpServletRequest) >= 400) {
            httpServletResponse.sendError(validateRequest);
            if (LOG.isInfoEnabled()) {
                LOG.info("Rejecting invalid request to path (" + validateRequest + "): " + httpServletRequest.getPathInfo());
                return;
            }
            return;
        }
        HttpSession httpSession = null;
        boolean z2 = false;
        boolean z3 = false;
        boolean z4 = false;
        boolean z5 = false;
        boolean z6 = false;
        String str2 = null;
        String property = getServletManagerConfig().getProperties().getProperty(PROP_P3PHEADER);
        if (property != null && property.length() > 0) {
            httpServletResponse.addHeader("P3P", property);
        }
        Cookie[] cookies = CookieUtils.getCookies(httpServletRequest);
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                if (cookie.getName().equalsIgnoreCase("JSESSIONID")) {
                    cookie.setMaxAge(0);
                    cookie.setPath(httpServletRequest.getContextPath().equals("") ? "/" : httpServletRequest.getContextPath());
                    httpServletResponse.addCookie(cookie);
                }
            }
        }
        if (httpServletRequest.isRequestedSessionIdValid()) {
            httpSession = httpServletRequest.getSession(false);
            z2 = true;
            LOG.debug("*** Found valid session with ID " + httpSession.getId());
            Boolean bool = (Boolean) httpSession.getAttribute(REFUSE_COOKIES);
            if (bool == null || !bool.booleanValue()) {
                z = false;
                doCookieTest = doCookieTest(httpServletRequest, httpServletResponse, httpSession);
            } else {
                doCookieTest = false;
                z = true;
            }
            Boolean bool2 = (Boolean) httpSession.getAttribute(SessionAdmin.SESSION_IS_SECURE);
            if (!doCookieTest && !z) {
                LOG.debug("*** Client doesn't use cookies...");
                Boolean bool3 = (Boolean) httpSession.getAttribute(SESSION_COOKIES_MARKER);
                if (bool3 == null || !bool3.booleanValue()) {
                    LOG.debug("    ... and during the session cookies were DISABLED, too: Let's hope everything is OK...");
                } else if (this.cookie_security_not_enforced) {
                    LOG.debug("    ... during the session cookies were ENABLED, but will continue because of cookie_security_not_enforced " + httpSession.getId());
                } else {
                    LOG.debug("    ... but during the session cookies were already ENABLED: Will invalidate the session " + httpSession.getId());
                    httpSession.invalidate();
                    z2 = false;
                }
            } else if (doCookieTest || !z) {
                LOG.debug("*** Client uses cookies.");
            } else {
                LOG.debug("*** Session REFUSES to use cookies!");
                LOG.debug("    Client may send cookies, but session refuses to handle them.");
            }
            if (z2) {
                if (runningUnderSSL(httpServletRequest)) {
                    LOG.debug("*** Found running under SSL");
                    if (bool2 == null || !bool2.booleanValue()) {
                        LOG.debug("    ... but session is insecure!");
                        z3 = true;
                    } else {
                        LOG.debug("    ... and session is secure.");
                        if (doCookieTest) {
                            LOG.debug("*** Client does cookies: Double checking SSL cookie for session ID");
                            String str3 = (String) httpSession.getAttribute(SECURE_SESS_COOKIE + MD5Utils.hex_md5(httpSession.getId()));
                            LOG.debug("*** Session expects to see the cookie value " + str3);
                            Cookie secureSessionCookie = getSecureSessionCookie(httpServletRequest, httpSession.getId());
                            cleanupCookies(httpServletRequest, httpServletResponse, secureSessionCookie);
                            if (secureSessionCookie != null) {
                                LOG.debug("*** Found a matching cookie ...");
                                String value = secureSessionCookie.getValue();
                                String substring = value.substring(value.indexOf("_") + 1);
                                if (substring.equals(str3)) {
                                    LOG.debug("   ... and the value is correct! (" + substring + ")");
                                    z4 = true;
                                    Cookie cookie2 = new Cookie(secureSessionCookie.getName(), System.currentTimeMillis() + "_" + substring);
                                    setCookiePath(httpServletRequest, cookie2);
                                    cookie2.setMaxAge(-1);
                                    cookie2.setSecure(true);
                                    httpServletResponse.addCookie(cookie2);
                                } else {
                                    LOG.debug("   ... but the value is WRONG!");
                                    LOG.error("*** Wrong Session-ID for running secure session from cookie. IP:" + httpServletRequest.getRemoteAddr() + " Cookie: " + secureSessionCookie.getValue() + " SessID: " + httpSession.getId());
                                    httpSession.invalidate();
                                    z2 = false;
                                }
                            } else {
                                LOG.debug("*** Found NO matching cookie at all, but client does cookies: ***");
                                LOG.error("*** NOSECSESSIDFROMCOOKIE: " + httpServletRequest.getRemoteAddr() + "|" + httpSession.getId() + "|" + httpServletRequest.getHeader("User-Agent") + "|" + httpServletRequest.getHeader("Cookie"));
                                str2 = (String) httpSession.getAttribute(VISIT_ID);
                                httpSession.invalidate();
                                z2 = false;
                            }
                        } else {
                            z4 = true;
                        }
                    }
                } else if (bool2 != null && bool2.booleanValue()) {
                    LOG.debug("*** Found secure session but NOT running under SSL => Destroying session.");
                    httpSession.invalidate();
                    z2 = false;
                }
            }
        } else if (httpServletRequest.getRequestedSessionId() != null && wantsCheckSessionIdValid()) {
            LOG.debug("*** Found old and invalid session in request");
            if (runningUnderSSL(httpServletRequest) || !this.sessionAdmin.idWasParentSession(httpServletRequest.getRequestedSessionId())) {
                String parameter = httpServletRequest.getParameter(PARAM_FORCELOCAL);
                if (parameter == null || !(parameter.equals("1") || parameter.equals("true") || parameter.equals(CustomBooleanEditor.VALUE_YES))) {
                    LOG.debug("    ... and __forcelocal is NOT set.");
                    redirectToClearedRequest(httpServletRequest, httpServletResponse);
                    return;
                }
                LOG.debug("    ... but found __forcelocal parameter to be set.");
            } else {
                LOG.debug("    ... but this session was the parent of a currently running secure session.");
                HttpSession childSessionForParentId = this.sessionAdmin.getChildSessionForParentId(httpServletRequest.getRequestedSessionId());
                if (childSessionForParentId != null ? doCookieTest(httpServletRequest, httpServletResponse, childSessionForParentId) : false) {
                    LOG.debug("    ... client handles cookies, so we'll check if we can reuse the parent session.");
                    z5 = true;
                } else {
                    LOG.debug("    ... but can't reuse the secure session because the client doesn't handle cookies.");
                    z6 = true;
                }
            }
        }
        PfixServletRequest pfixServletRequest = null;
        if (z2) {
            pfixServletRequest = (PfixServletRequest) httpSession.getAttribute(STORED_REQUEST);
            if (pfixServletRequest != null) {
                LOG.debug("*** Found old PfixServletRequest object in session");
                httpSession.removeAttribute(STORED_REQUEST);
                pfixServletRequest.updateRequest(httpServletRequest);
            }
        }
        if (pfixServletRequest == null) {
            LOG.debug("*** Creating PfixServletRequest object.");
            pfixServletRequest = new PfixServletRequestImpl(httpServletRequest, getServletManagerConfig().getProperties());
        }
        PustefixInit.tryReloadLog4j();
        if (z5 && allowSessionCreate()) {
            LOG.debug("=> I");
            forceRedirectBackToInsecureSSL(pfixServletRequest, httpServletRequest, httpServletResponse);
            return;
        }
        if (z6 && allowSessionCreate()) {
            LOG.debug("=> II");
            forceNewSessionSameVisit(pfixServletRequest, httpServletRequest, httpServletResponse);
            return;
        }
        if (z3) {
            LOG.debug("=> III");
            redirectToSecureSSLSession(pfixServletRequest, httpServletRequest, httpServletResponse, str2);
            return;
        }
        if (needsSession() && allowSessionCreate() && needsSSL(pfixServletRequest) && !z4) {
            LOG.debug("=> IV");
            redirectToInsecureSSLSession(pfixServletRequest, httpServletRequest, httpServletResponse, str2);
            return;
        }
        if (!z2 && needsSession() && allowSessionCreate() && !needsSSL(pfixServletRequest)) {
            LOG.debug("=> V");
            redirectToSession(pfixServletRequest, httpServletRequest, httpServletResponse, str2);
        } else if (z2 || needsSession() || !needsSSL(pfixServletRequest) || runningUnderSSL(httpServletRequest)) {
            LOG.debug("*** >>> End of redirection management, handling request now.... <<< ***\n");
            callProcess(pfixServletRequest, httpServletRequest, httpServletResponse);
        } else {
            LOG.debug("=> VI");
            redirectToSSL(httpServletRequest, httpServletResponse);
        }
    }

    private void redirectToClearedRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        LOG.debug("===> Redirecting to cleared Request URL");
        relocate(httpServletResponse, DebugConstants.DM_IS_LANGUAGE_REGISTERED, SessionHelper.getClearedURL(httpServletRequest.getScheme(), getServerName(httpServletRequest), httpServletRequest, getServletManagerConfig().getProperties()));
    }

    private void redirectToSSL(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        LOG.debug("===> Redirecting to session-less request URL under SSL");
        relocate(httpServletResponse, SessionHelper.getClearedURL("https", getServerName(httpServletRequest), httpServletRequest, getServletManagerConfig().getProperties()));
    }

    private void redirectToSecureSSLSession(PfixServletRequest pfixServletRequest, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        HttpSession session = httpServletRequest.getSession(false);
        String str2 = (String) session.getAttribute(VISIT_ID);
        String str3 = (String) session.getAttribute(CHECK_FOR_RUNNING_SSL_SESSION);
        if (str3 != null && !str3.equals("")) {
            LOG.debug("*** The current insecure SSL session says to check for a already running SSL session for reuse");
            HttpSession childSessionForParentId = this.sessionAdmin.getChildSessionForParentId(str3);
            if (childSessionForParentId != null) {
                String id = childSessionForParentId.getId();
                String str4 = (String) childSessionForParentId.getAttribute(SECURE_SESS_COOKIE + MD5Utils.hex_md5(id));
                LOG.debug("*** We have found a candidate: SessionId=" + id + " now search for cookie...");
                LOG.debug("*** Session expects to see the cookie value " + str4);
                Cookie secureSessionCookie = getSecureSessionCookie(httpServletRequest, id);
                if (secureSessionCookie != null) {
                    LOG.debug("*** Found a matching cookie ...");
                    String value = secureSessionCookie.getValue();
                    String substring = value.substring(value.indexOf("_") + 1);
                    if (substring.equals(str4)) {
                        LOG.debug("   ... and the value is correct! (" + substring + ")");
                        LOG.debug("==> Redirecting to the secure SSL URL with the already running secure session " + id);
                        relocate(httpServletResponse, SessionHelper.encodeURL("https", getServerName(httpServletRequest), httpServletRequest, id, getServletManagerConfig().getProperties()));
                        return;
                    }
                    LOG.debug("   ... but the value is WRONG!");
                    LOG.error("Wrong Session-ID for running secure session from cookie.");
                } else {
                    LOG.debug("*** NO matching SecureSessionCookie (not even a wrong one...)");
                }
            }
        }
        LOG.debug("*** Saving session data...");
        HashMap hashMap = new HashMap();
        SessionHelper.saveSessionData(hashMap, session);
        SessionInfoStruct info = this.sessionAdmin.getInfo(session);
        LinkedList<SessionInfoStruct.TrailElement> linkedList = new LinkedList<>();
        String id2 = session.getId();
        if (info != null) {
            linkedList = this.sessionAdmin.getInfo(session).getTraillog();
        } else {
            LOG.warn("*** Infostruct == NULL ***");
        }
        LOG.debug("*** Invalidation old session (Id: " + id2 + ")");
        session.invalidate();
        HttpSession session2 = httpServletRequest.getSession(true);
        session2.setAttribute(SessionAdmin.PARENT_SESS_ID, id2);
        if (str2 != null) {
            this.sessionAdmin.registerSession(session2, linkedList, info.getData().getServerName(), info.getData().getRemoteAddr());
        } else {
            registerSession(httpServletRequest, session2);
        }
        LOG.debug("*** Got new Session (Id: " + session2.getId() + ")");
        LOG.debug("*** Copying data back to new session");
        SessionHelper.copySessionData(hashMap, session2);
        session2.setAttribute(SessionHelper.SESSION_ID_URL, SessionHelper.getURLSessionId(httpServletRequest));
        LOG.debug("*** Setting __SESSION_ID_URL__  to " + session2.getAttribute(SessionHelper.SESSION_ID_URL));
        LOG.debug("*** Setting SECURE flag");
        session2.setAttribute(SessionAdmin.SESSION_IS_SECURE, Boolean.TRUE);
        session2.setAttribute(STORED_REQUEST, pfixServletRequest);
        if (str == null) {
            Cookie secureSessionCookie2 = getSecureSessionCookie(httpServletRequest, session2.getId());
            if (secureSessionCookie2 != null) {
                setCookiePath(httpServletRequest, secureSessionCookie2);
                secureSessionCookie2.setMaxAge(0);
                secureSessionCookie2.setSecure(true);
                httpServletResponse.addCookie(secureSessionCookie2);
            }
            String hexString = Long.toHexString((long) (Math.random() * 9.223372036854776E18d));
            LOG.debug("*** Secure Test-ID used in session and cookie: " + hexString);
            String hex_md5 = MD5Utils.hex_md5(session2.getId());
            session2.setAttribute(SECURE_SESS_COOKIE + hex_md5, hexString);
            Cookie cookie = new Cookie(SECURE_SESS_COOKIE + hex_md5, System.currentTimeMillis() + "_" + hexString);
            setCookiePath(httpServletRequest, cookie);
            cookie.setMaxAge(-1);
            cookie.setSecure(true);
            httpServletResponse.addCookie(cookie);
            createTestCookie(httpServletRequest, httpServletResponse);
        }
        LOG.debug("===> Redirecting to secure SSL URL with session (Id: " + session2.getId() + ")");
        relocate(httpServletResponse, SessionHelper.encodeURL("https", getServerName(httpServletRequest), httpServletRequest, getServletManagerConfig().getProperties()));
    }

    private void redirectToInsecureSSLSession(PfixServletRequest pfixServletRequest, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        boolean z = false;
        if (httpServletRequest.isRequestedSessionIdValid()) {
            z = true;
            LOG.debug("*** reusing existing session for jump http=>https");
        }
        HttpSession session = httpServletRequest.getSession(true);
        if (!z) {
            if (str == null) {
                registerSession(httpServletRequest, session);
            } else {
                session.setAttribute(VISIT_ID, str);
                LOG.debug("*** Setting REFUSE COOKIES flag in session (Id: " + session.getId() + ")");
                session.setAttribute(REFUSE_COOKIES, Boolean.TRUE);
                this.sessionAdmin.registerSession(session, getServerName(httpServletRequest), httpServletRequest.getRemoteAddr());
            }
        }
        session.setAttribute(SessionHelper.SESSION_ID_URL, SessionHelper.getURLSessionId(httpServletRequest));
        LOG.debug("*** Setting INSECURE flag in session (Id: " + session.getId() + ")");
        session.setAttribute(SessionAdmin.SESSION_IS_SECURE, Boolean.FALSE);
        session.setAttribute(STORED_REQUEST, pfixServletRequest);
        if (str == null) {
            createTestCookie(httpServletRequest, httpServletResponse);
        }
        LOG.debug("===> Redirecting to insecure SSL URL with session (Id: " + session.getId() + ")");
        relocate(httpServletResponse, SessionHelper.encodeURL("https", getServerName(httpServletRequest), httpServletRequest, getServletManagerConfig().getProperties()));
    }

    private void forceRedirectBackToInsecureSSL(PfixServletRequest pfixServletRequest, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String requestedSessionId = httpServletRequest.getRequestedSessionId();
        HttpSession session = httpServletRequest.getSession(true);
        session.setAttribute(SessionHelper.SESSION_ID_URL, SessionHelper.getURLSessionId(httpServletRequest));
        session.setAttribute(CHECK_FOR_RUNNING_SSL_SESSION, requestedSessionId);
        LOG.debug("*** Setting INSECURE flag in session (Id: " + session.getId() + ")");
        session.setAttribute(SessionAdmin.SESSION_IS_SECURE, Boolean.FALSE);
        session.setAttribute(STORED_REQUEST, pfixServletRequest);
        String str = (String) this.sessionAdmin.getChildSessionForParentId(requestedSessionId).getAttribute(RAND_SESS_COOKIE_VALUE);
        if (str == null || str.equals("")) {
            createTestCookie(httpServletRequest, httpServletResponse);
        } else {
            session.setAttribute(RAND_SESS_COOKIE_VALUE, str);
        }
        LOG.debug("===> Redirecting to SSL URL with session (Id: " + session.getId() + ")");
        relocate(httpServletResponse, SessionHelper.encodeURL("https", getServerName(httpServletRequest), httpServletRequest, getServletManagerConfig().getProperties()));
    }

    private void forceNewSessionSameVisit(PfixServletRequest pfixServletRequest, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        HttpSession childSessionForParentId = this.sessionAdmin.getChildSessionForParentId(httpServletRequest.getRequestedSessionId());
        String str = (String) childSessionForParentId.getAttribute(VISIT_ID);
        HttpSession session = httpServletRequest.getSession(true);
        String str2 = (String) childSessionForParentId.getAttribute(RAND_SESS_COOKIE_VALUE);
        if (str2 == null || str2.equals("")) {
            createTestCookie(httpServletRequest, httpServletResponse);
        } else {
            session.setAttribute(RAND_SESS_COOKIE_VALUE, str2);
        }
        LinkedList<SessionInfoStruct.TrailElement> traillog = this.sessionAdmin.getInfo(childSessionForParentId).getTraillog();
        session.setAttribute(SessionHelper.SESSION_ID_URL, SessionHelper.getURLSessionId(httpServletRequest));
        session.setAttribute(VISIT_ID, str);
        this.sessionAdmin.registerSession(session, traillog, getServerName(httpServletRequest), httpServletRequest.getRemoteAddr());
        LOG.debug("===> Redirecting with session (Id: " + session.getId() + ") using OLD VISIT_ID: " + str);
        session.setAttribute(STORED_REQUEST, pfixServletRequest);
        relocate(httpServletResponse, SessionHelper.encodeURL(httpServletRequest.getScheme(), getServerName(httpServletRequest), httpServletRequest, getServletManagerConfig().getProperties()));
    }

    private void redirectToSession(PfixServletRequest pfixServletRequest, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        HttpSession session = httpServletRequest.getSession(true);
        session.setAttribute(SessionHelper.SESSION_ID_URL, SessionHelper.getURLSessionId(httpServletRequest));
        if (str == null) {
            registerSession(httpServletRequest, session);
            createTestCookie(httpServletRequest, httpServletResponse);
        } else {
            session.setAttribute(VISIT_ID, str);
            LOG.debug("*** Setting REFUSE COOKIES flag in session (Id: " + session.getId() + ")");
            session.setAttribute(REFUSE_COOKIES, Boolean.TRUE);
            this.sessionAdmin.registerSession(session, getServerName(httpServletRequest), httpServletRequest.getRemoteAddr());
        }
        LOG.debug("===> Redirecting to URL with session (Id: " + session.getId() + ")");
        session.setAttribute(STORED_REQUEST, pfixServletRequest);
        relocate(httpServletResponse, SessionHelper.encodeURL(httpServletRequest.getScheme(), getServerName(httpServletRequest), httpServletRequest, getServletManagerConfig().getProperties()));
    }

    private boolean doCookieTest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, HttpSession httpSession) {
        if (httpSession == null) {
            httpSession = httpServletRequest.getSession(false);
        }
        if (httpSession == null) {
            return false;
        }
        LOG.debug("*** Testing for marked session...");
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null) {
            cookies = CookieUtils.getCookies(httpServletRequest);
            if (cookies != null) {
                String id = httpSession.getId();
                String header = httpServletRequest.getHeader("User-Agent");
                if (header == null) {
                    header = "-";
                }
                LOG.warn("COOKIE_LOSS_WORKAROUND|" + id + "|" + header + "|" + httpServletRequest.getHeader("Cookie"));
            }
        }
        boolean z = false;
        Boolean bool = (Boolean) httpSession.getAttribute(SESSION_COOKIES_MARKER);
        if (bool == null || !bool.booleanValue()) {
            LOG.debug("    ...session is NOT already marked as using cookies!");
        } else {
            z = true;
            LOG.debug("    ...session is already marked as using cookies, looking for ANY test cookie...");
        }
        String str = (String) httpSession.getAttribute(RAND_SESS_COOKIE_VALUE);
        if (str == null) {
            return false;
        }
        LOG.debug("*** Testing for cookie __PFIX_TST_...");
        if (cookies == null) {
            return false;
        }
        int i = 0;
        while (true) {
            if (i >= cookies.length) {
                break;
            }
            Cookie cookie = cookies[i];
            if (!cookie.getName().equals(TEST_COOKIE)) {
                i++;
            } else {
                if (z) {
                    LOG.debug("    ... found it, no need to check the value (because session is marked).");
                    return true;
                }
                LOG.debug("    ... found it, checking value " + str);
                if (cookie.getValue().equals(str)) {
                    LOG.debug("    ... value matches! Marking session...");
                    httpSession.setAttribute(SESSION_COOKIES_MARKER, Boolean.TRUE);
                    return true;
                }
                LOG.debug("    ... value is WRONG.");
            }
        }
        LOG.debug("*** Client sends cookies, but not our test cookie! ***");
        return false;
    }

    private boolean createTestCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null) {
            return false;
        }
        String str = (String) session.getAttribute(RAND_SESS_COOKIE_VALUE);
        if (str != null) {
            LOG.debug("*** Already found a test cookie value in session: " + str);
        } else {
            str = Long.toHexString((long) (Math.random() * 9.223372036854776E18d));
            LOG.debug("*** Creating a random test cookie value: " + str);
        }
        Cookie cookie = new Cookie(TEST_COOKIE, str);
        setCookiePath(httpServletRequest, cookie);
        httpServletResponse.addCookie(cookie);
        session.setAttribute(RAND_SESS_COOKIE_VALUE, str);
        return true;
    }

    private Cookie getSecureSessionCookie(HttpServletRequest httpServletRequest, String str) {
        Cookie[] cookies = CookieUtils.getCookies(httpServletRequest);
        if (cookies == null) {
            return null;
        }
        for (Cookie cookie : cookies) {
            if (cookie.getName().equals(SECURE_SESS_COOKIE + MD5Utils.hex_md5(str))) {
                return cookie;
            }
        }
        return null;
    }

    private void registerSession(HttpServletRequest httpServletRequest, HttpSession httpSession) {
        if (httpSession != null) {
            synchronized (TIMESTAMP_ID) {
                String format = new SimpleDateFormat("yyyyMMddHHmmss").format(new Date());
                NumberFormat numberFormat = NumberFormat.getInstance();
                numberFormat.setMinimumIntegerDigits(3);
                if (format.equals(TIMESTAMP_ID)) {
                    INC_ID++;
                } else {
                    TIMESTAMP_ID = format;
                    INC_ID = 0;
                }
                if (INC_ID >= 1000) {
                    LOG.warn("*** More than 999 connects/sec! ***");
                }
                String id = httpSession.getId();
                httpSession.setAttribute(VISIT_ID, TIMESTAMP_ID + "-" + numberFormat.format(INC_ID) + (id.lastIndexOf(".") > 0 ? id.substring(id.lastIndexOf(".")) : ""));
            }
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(httpSession.getAttribute(VISIT_ID) + "|" + httpSession.getId() + "|");
            stringBuffer.append(getServerName(httpServletRequest) + "|" + httpServletRequest.getRemoteAddr() + "|" + httpServletRequest.getHeader("user-agent") + "|");
            if (httpServletRequest.getHeader("referer") != null) {
                stringBuffer.append(httpServletRequest.getHeader("referer"));
            }
            stringBuffer.append("|");
            if (httpServletRequest.getHeader("accept-language") != null) {
                stringBuffer.append(httpServletRequest.getHeader("accept-language"));
            }
            this.LOGGER_VISIT.warn(stringBuffer.toString());
            this.sessionAdmin.registerSession(httpSession, getServerName(httpServletRequest), httpServletRequest.getRemoteAddr());
        }
    }

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        init();
    }

    public void init() throws ServletException {
        ServletContext servletContext = getServletContext();
        LOG.debug("*** Servlet container is '" + servletContext.getServerInfo() + "'");
        int majorVersion = servletContext.getMajorVersion();
        int minorVersion = servletContext.getMinorVersion();
        if ((majorVersion != 2 || minorVersion < 3) && majorVersion <= 2) {
            throw new ServletException("*** Can't detect servlet container with support for Servlet API 2.3 or higher");
        }
        LOG.warn("*** Servlet container with support for Servlet API " + majorVersion + "." + minorVersion + " detected");
        initCookieSec();
        initServletEncoding();
    }

    private void initCookieSec() {
        String property = getServletManagerConfig().getProperties().getProperty(PROP_COOKIE_SEC_NOT_ENFORCED);
        if (property == null || !property.equals("true")) {
            this.cookie_security_not_enforced = false;
        } else {
            this.cookie_security_not_enforced = true;
        }
    }

    private void callProcess(PfixServletRequest pfixServletRequest, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        boolean isCommitted;
        ServletException servletException;
        try {
            httpServletResponse.setContentType(DEF_CONTENT_TYPE);
            process(pfixServletRequest, httpServletResponse);
        } finally {
            if (!isCommitted) {
            }
        }
    }

    private void initServletEncoding() {
        String property = getServletManagerConfig().getProperties().getProperty(SERVLET_ENCODING);
        if (property == null || property.trim().equals("")) {
            LOG.warn("No servlet encoding property set");
        } else if (Charset.isSupported(property)) {
            this.servletEncoding = property;
        } else {
            LOG.error("Servlet encoding '" + property + "' is not supported.");
        }
        if (this.servletEncoding == null) {
            String servletEncoding = getServletEncoding();
            if (servletEncoding == null || servletEncoding.trim().equals("")) {
                LOG.warn("No servlet encoding init parameter set");
            } else if (Charset.isSupported(servletEncoding)) {
                this.servletEncoding = servletEncoding;
            } else {
                LOG.error("Servlet encoding '" + servletEncoding + "' is not supported.");
            }
        }
        if (this.servletEncoding == null) {
            this.servletEncoding = "UTF-8";
            LOG.warn("Using default servlet encoding: UTF-8");
        }
        LOG.debug("Servlet encoding was set to '" + this.servletEncoding + "'.");
    }

    protected abstract void process(PfixServletRequest pfixServletRequest, HttpServletResponse httpServletResponse) throws Exception;

    public static boolean isDefault(String str, int i) {
        if (str.equals(MockHttpServletRequest.DEFAULT_PROTOCOL) && i == 80) {
            return true;
        }
        return str.equals("https") && i == 443;
    }

    private void cleanupCookies(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Cookie cookie) {
        int indexOf;
        HttpSession session = httpServletRequest.getSession(false);
        if (!$assertionsDisabled && session == null) {
            throw new AssertionError("session can't be null here...");
        }
        Long valueOf = Long.valueOf(System.currentTimeMillis() - (IMAPStore.RESPONSE * session.getMaxInactiveInterval()));
        if (!$assertionsDisabled && valueOf.longValue() <= 0) {
            throw new AssertionError("timeout can't be negative...");
        }
        Cookie[] cookies = CookieUtils.getCookies(httpServletRequest);
        if (cookies == null || cookies.length <= 0) {
            return;
        }
        TreeSet treeSet = new TreeSet();
        for (Cookie cookie2 : cookies) {
            boolean startsWith = cookie2.getName().startsWith(SECURE_SESS_COOKIE);
            boolean startsWith2 = startsWith ? false : cookie2.getName().startsWith(SECURE_SESS_COOKIE_OLD);
            if ((startsWith || startsWith2) && (cookie == null || !cookie2.getName().equals(cookie.getName()))) {
                String value = cookie2.getValue();
                if (startsWith) {
                    indexOf = value.indexOf("_");
                } else {
                    indexOf = value.indexOf(":");
                    if (indexOf == -1) {
                        indexOf = value.length();
                    }
                }
                try {
                    long parseLong = Long.parseLong(value.substring(0, indexOf));
                    treeSet.add(new SortableCookie(cookie2, parseLong));
                    LOG.debug("~~~ Adding cookie " + parseLong + "->" + cookie2.getName());
                } catch (NumberFormatException e) {
                    setCookiePath(httpServletRequest, cookie2);
                    cookie2.setMaxAge(0);
                    cookie2.setSecure(true);
                    httpServletResponse.addCookie(cookie2);
                }
            }
        }
        int i = 0;
        int size = treeSet.size();
        Iterator it = treeSet.iterator();
        while (it.hasNext()) {
            SortableCookie sortableCookie = (SortableCookie) it.next();
            Cookie cookie3 = sortableCookie.cookie;
            long j = sortableCookie.lasttouch;
            LOG.debug("--- Checking cookie " + i + "->" + j + "->" + cookie3.getName());
            if (i <= size - 10) {
                LOG.debug("   -> removing cookie because number of secure session cookies too high");
                cookie3.setMaxAge(0);
                cookie3.setSecure(true);
                setCookiePath(httpServletRequest, cookie3);
                httpServletResponse.addCookie(cookie3);
            } else {
                if (j >= valueOf.longValue()) {
                    return;
                }
                LOG.debug("   -> removing cookie because timestamp too old");
                cookie3.setMaxAge(0);
                cookie3.setSecure(true);
                setCookiePath(httpServletRequest, cookie3);
                httpServletResponse.addCookie(cookie3);
            }
            i++;
        }
    }

    protected boolean wantsCheckSessionIdValid() {
        return true;
    }

    private void setCookiePath(HttpServletRequest httpServletRequest, Cookie cookie) {
        if (httpServletRequest.getContextPath().length() > 0) {
            cookie.setPath(httpServletRequest.getContextPath());
        } else {
            cookie.setPath("/");
        }
    }

    public void setServletEncoding(String str) {
        this.servletEncoding = str;
    }

    public String getServletEncoding() {
        return this.servletEncoding;
    }

    @Override // org.springframework.web.context.ServletContextAware
    public void setServletContext(ServletContext servletContext) {
        this.servletContext = servletContext;
    }

    public ServletContext getServletContext() {
        return this.servletContext;
    }

    public void setSessionAdmin(SessionAdmin sessionAdmin) {
        this.sessionAdmin = sessionAdmin;
    }

    public SessionAdmin getSessionAdmin() {
        return this.sessionAdmin;
    }

    public void setExceptionProcessingConfiguration(ExceptionProcessingConfiguration exceptionProcessingConfiguration) {
        this.exceptionProcessingConfig = exceptionProcessingConfiguration;
    }

    static {
        $assertionsDisabled = !AbstractPustefixRequestHandler.class.desiredAssertionStatus();
        TIMESTAMP_ID = "";
        INC_ID = 0;
        LOG = Logger.getLogger(AbstractPustefixRequestHandler.class);
    }
}
