package org.structr.rest.auth;

import java.util.Date;
import java.util.Iterator;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.eclipse.jetty.server.session.AbstractSession;
import org.eclipse.jetty.server.session.HashSessionManager;
import org.structr.common.error.FrameworkException;
import org.structr.core.Services;
import org.structr.core.app.StructrApp;
import org.structr.core.entity.Principal;
import org.structr.rest.service.HttpService;

/* loaded from: input_file:org/structr/rest/auth/SessionHelper.class */
public class SessionHelper {
    public static final String STANDARD_ERROR_MSG = "Wrong username or password, or user is blocked. Check caps lock. Note: Username is case sensitive!";
    public static final String SESSION_IS_NEW = "SESSION_IS_NEW";
    private static final Logger logger = Logger.getLogger(SessionHelper.class.getName());

    public static boolean isSessionTimedOut(HttpSession httpSession) {
        if (httpSession == null) {
            return true;
        }
        long time = new Date().getTime();
        try {
            long lastAccessedTime = httpSession.getLastAccessedTime();
            if (time <= lastAccessedTime + (Services.getGlobalSessionTimeout() * 1000)) {
                return false;
            }
            logger.log(Level.INFO, "Session {0} timed out, last accessed at {1}", new Object[]{httpSession, Long.valueOf(lastAccessedTime)});
            return true;
        } catch (IllegalStateException e) {
            return true;
        }
    }

    public static HttpSession getSessionBySessionId(String str) throws FrameworkException {
        return Services.getInstance().getService(HttpService.class).getHashSessionManager().getSession(str);
    }

    public static HttpSession newSession(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(true);
        if (session == null) {
            session = httpServletRequest.getSession(true);
        }
        if (session != null) {
            session.setMaxInactiveInterval(Services.getGlobalSessionTimeout());
        } else {
            logger.log(Level.SEVERE, "Unable to create new session after two attempts");
        }
        return session;
    }

    public static void clearSession(String str) {
        try {
            Iterator it = StructrApp.getInstance().nodeQuery(Principal.class).and(Principal.sessionIds, new String[]{str}).getAsList().iterator();
            while (it.hasNext()) {
                ((Principal) it.next()).removeSessionId(str);
            }
        } catch (FrameworkException e) {
            logger.log(Level.WARNING, "Error while removing sessionId " + str + " from all principals", e);
        }
    }

    public static void clearInvalidSessions(Principal principal) {
        logger.log(Level.INFO, "Clearing invalid sessions for user {0}", principal);
        HashSessionManager hashSessionManager = Services.getInstance().getService(HttpService.class).getHashSessionManager();
        String[] strArr = (String[]) principal.getProperty(Principal.sessionIds);
        if (strArr == null || strArr.length <= 0) {
            return;
        }
        for (String str : (String[]) principal.getProperty(Principal.sessionIds)) {
            AbstractSession session = hashSessionManager.getSession(str);
            if (session == null || isSessionTimedOut(session)) {
                clearSession(str);
            }
        }
    }

    public static void invalidateSession(HttpSession httpSession) {
        if (httpSession != null) {
            try {
                httpSession.invalidate();
            } catch (IllegalArgumentException e) {
                logger.log(Level.WARNING, "Invalidating already invalidated session failed: {0}", httpSession.getId());
            }
        }
    }

    public static Principal checkSessionAuthentication(HttpServletRequest httpServletRequest) throws FrameworkException {
        String requestedSessionId = httpServletRequest.getRequestedSessionId();
        HttpSession session = httpServletRequest.getSession(false);
        boolean z = false;
        if (requestedSessionId == null) {
            newSession(httpServletRequest);
            httpServletRequest.setAttribute(SESSION_IS_NEW, true);
            return null;
        }
        if (session == null) {
            session = newSession(httpServletRequest);
            clearSession(requestedSessionId);
        } else if (session.getId().equals(requestedSessionId)) {
            if (isSessionTimedOut(session)) {
                z = false;
                clearSession(requestedSessionId);
            } else {
                z = true;
            }
        }
        if (z) {
            Principal principalForSessionId = AuthHelper.getPrincipalForSessionId(session.getId());
            logger.log(Level.FINE, "Valid session found: {0}, last accessed {1}, authenticated with user {2}", new Object[]{session, Long.valueOf(session.getLastAccessedTime()), principalForSessionId});
            return principalForSessionId;
        }
        Principal principalForSessionId2 = AuthHelper.getPrincipalForSessionId(requestedSessionId);
        Logger logger2 = logger;
        Level level = Level.FINE;
        Object[] objArr = new Object[3];
        objArr[0] = session;
        objArr[1] = session != null ? Long.valueOf(session.getLastAccessedTime()) : "";
        objArr[2] = principalForSessionId2;
        logger2.log(level, "Invalid session: {0}, last accessed {1}, authenticated with user {2}", objArr);
        if (principalForSessionId2 != null) {
            AuthHelper.doLogout(httpServletRequest, principalForSessionId2);
        }
        try {
            httpServletRequest.logout();
            httpServletRequest.changeSessionId();
            return null;
        } catch (Throwable th) {
            return null;
        }
    }
}
