package org.webswing.server.util;

import java.lang.ref.WeakReference;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.session.ExpiredSessionException;
import org.apache.shiro.session.UnknownSessionException;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.webswing.server.base.UrlHandler;
import org.webswing.server.services.security.SecurityManagerService;
import org.webswing.server.services.security.WebswingPrincipal;
import org.webswing.server.services.security.api.AbstractWebswingUser;
import org.webswing.server.services.security.api.WebswingAction;
import org.webswing.server.services.websocket.WebSocketConnection;

/* loaded from: input_file:org/webswing/server/util/SecurityUtil.class */
public class SecurityUtil {
    private static final Logger log = LoggerFactory.getLogger(SecurityUtil.class);

    /* loaded from: input_file:org/webswing/server/util/SecurityUtil$LogoutHandle.class */
    public static class LogoutHandle {
        private WeakReference<Subject> subject;

        private LogoutHandle(Subject subject) {
            this.subject = new WeakReference<>(subject);
        }

        public void logout() {
            Subject subject = this.subject.get();
            if (subject != null) {
                try {
                    subject.logout();
                } catch (UnknownSessionException e) {
                    SecurityUtil.log.info("Logout failed. Session invalid: " + e.getMessage());
                }
            }
        }
    }

    public static AbstractWebswingUser getUser(UrlHandler urlHandler) {
        return resolveUser(SecurityUtils.getSubject(), urlHandler);
    }

    public static AbstractWebswingUser getUser(WebSocketConnection webSocketConnection) {
        try {
            return resolveUser((Subject) webSocketConnection.getRequest().getAttribute(SecurityManagerService.SECURITY_SUBJECT), webSocketConnection.getHandler());
        } catch (ExpiredSessionException e) {
            log.info("User session expired." + e.getMessage());
            return null;
        }
    }

    private static AbstractWebswingUser resolveUser(Subject subject, UrlHandler urlHandler) {
        String securedPath = urlHandler.getSecuredPath();
        if (subject == null || securedPath == null) {
            return null;
        }
        try {
            PrincipalCollection principals = subject.getPrincipals();
            if (principals == null || !subject.isAuthenticated()) {
                return null;
            }
            AbstractWebswingUser abstractWebswingUser = null;
            for (WebswingPrincipal webswingPrincipal : principals.byType(WebswingPrincipal.class)) {
                if (urlHandler.getRootHandler().getSecuredPath().equals(webswingPrincipal.getSecuredPath()) && webswingPrincipal.isPermitted(WebswingAction.master_admin_access.name())) {
                    abstractWebswingUser = webswingPrincipal.getUser();
                }
                if (securedPath.equals(webswingPrincipal.getSecuredPath())) {
                    return webswingPrincipal.getUser();
                }
            }
            return abstractWebswingUser;
        } catch (UnknownSessionException e) {
            log.info("User already logged out: " + e.getMessage());
            return null;
        }
    }

    public static Object getFromSecuritySession(String str) {
        return SecurityUtils.getSubject().getSession().getAttribute(str);
    }

    public static void setToSecuritySession(String str, Object obj) {
        SecurityUtils.getSubject().getSession().setAttribute(str, obj);
    }

    public static void logoutUser(WebSocketConnection webSocketConnection) {
        getLogoutHandle(webSocketConnection).logout();
    }

    public static LogoutHandle getLogoutHandle(WebSocketConnection webSocketConnection) {
        return new LogoutHandle((Subject) webSocketConnection.getRequest().getAttribute(SecurityManagerService.SECURITY_SUBJECT));
    }
}
