package tech.rsqn.useful.things.authz.sessions;

import java.util.ArrayList;
import java.util.Date;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ArrayBlockingQueue;
import java.util.concurrent.BlockingQueue;
import java.util.concurrent.Callable;
import java.util.concurrent.TimeUnit;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import tech.rsqn.cacheservice.CacheService;
import tech.rsqn.useful.things.authz.models.Credential;
import tech.rsqn.useful.things.authz.models.Identity;
import tech.rsqn.useful.things.authz.models.Token;
import tech.rsqn.useful.things.authz.sessions.model.SecureSession;
import tech.rsqn.useful.things.util.RandomUtil;
import tech.rsqn.useful.things.util.Requirement;

/* loaded from: input_file:tech/rsqn/useful/things/authz/sessions/SecureSessionManager.class */
public class SecureSessionManager {
    protected static final Logger LOG = LoggerFactory.getLogger(SecureSessionManager.class);
    private CacheService sessionCache;
    private CacheService tokenCache;
    private CacheService sessionRemoteIdCache;
    public static final String TOKEN_TYPE_SESSION_VALIDATION = "SESSION_VALIDATION";
    public static final String TOKEN_TYPE_AUTHENTICATION_WINDOW = "AUTHENTICATION_WINDOW";
    private Map<String, List<Callable>> cleanUpHandlers = new Hashtable();
    private BlockingQueue<Callable> q = new ArrayBlockingQueue(5000);
    private Map<String, Long> scheduledRemovals = new Hashtable();
    private long validationTokenTtl = 30000;
    private long authenticationTokenTtl = 60000;
    private long sessionTtl = SecureSession.DEFAULT_SESSION_TTL;
    private long tokenExpiryGracePeriod = 120000;
    private long sessionExpriyGracePeriod = 600000;

    public void setSessionCache(CacheService cacheService) {
        this.sessionCache = cacheService;
    }

    public void setTokenCache(CacheService cacheService) {
        this.tokenCache = cacheService;
    }

    public void setSessionTtl(long j) {
        this.sessionTtl = j;
    }

    public void setValidationTokenTtl(long j) {
        this.validationTokenTtl = j;
    }

    public void setSessionRemoteIdCache(CacheService cacheService) {
        this.sessionRemoteIdCache = cacheService;
    }

    public void setAuthenticationTokenTtl(long j) {
        this.authenticationTokenTtl = j;
    }

    public void setTokenExpiryGracePeriod(long j) {
        this.tokenExpiryGracePeriod = j;
    }

    public void setSessionExpriyGracePeriod(long j) {
        this.sessionExpriyGracePeriod = j;
    }

    public String resolveSessionIdForRemote(String str) {
        return (String) this.sessionRemoteIdCache.get(str);
    }

    public void init() throws Exception {
        Requirement.notNull(this.tokenCache, "tokenCache");
        Requirement.notNull(this.sessionCache, "sessionCache");
    }

    private SecureSession generateSession() {
        for (int i = 0; i < 5000; i++) {
            SecureSession secureSession = new SecureSession();
            secureSession.setId(RandomUtil.getUid());
            if (!this.sessionCache.containsKey(secureSession.getId())) {
                secureSession.setStartedTs(new Date());
                _commitSession(secureSession);
                return secureSession;
            }
        }
        throw new RuntimeException("Unable to generate a session");
    }

    private Token generateBlankToken(long j) {
        for (int i = 0; i < 5000; i++) {
            Token token = new Token();
            token.setValidTo(new Date(System.currentTimeMillis() + j));
            if (!this.tokenCache.containsKey(token.getCode())) {
                this.tokenCache.putWithTTL(token.getCode(), token, j + this.tokenExpiryGracePeriod);
                return token;
            }
        }
        throw new RuntimeException("Unable to generate a token");
    }

    private void processCleanupQueue() {
        if (this.q.size() <= 0) {
            return;
        }
        LOG.info("Processing cleanup queue ");
        while (true) {
            try {
                Callable poll = this.q.poll(100L, TimeUnit.MILLISECONDS);
                if (poll == null) {
                    return;
                } else {
                    try {
                        poll.call();
                    } catch (Exception e) {
                    }
                }
            } catch (Exception e2) {
                LOG.warn(e2.getMessage(), e2);
                return;
            }
        }
    }

    public void registerCleanupHandler(final String str, final Callable callable, final long j) {
        synchronized (this.cleanUpHandlers) {
            List<Callable> list = this.cleanUpHandlers.get(str);
            if (list == null) {
                list = new ArrayList();
            }
            list.add(new Callable() { // from class: tech.rsqn.useful.things.authz.sessions.SecureSessionManager.1
                @Override // java.util.concurrent.Callable
                public Object call() throws Exception {
                    try {
                        Thread.sleep(j);
                    } catch (Exception e) {
                        SecureSessionManager.LOG.warn("Error calling clean up handler for " + str, e);
                    }
                    try {
                        SecureSessionManager.LOG.info("Calling cleanup handler for session " + str);
                        callable.call();
                        return null;
                    } catch (Exception e2) {
                        SecureSessionManager.LOG.warn("Error calling clean up handler for " + str, e2);
                        return null;
                    }
                }
            });
            this.cleanUpHandlers.put(str, list);
        }
    }

    private void onCleanUp(String str) {
        synchronized (this.cleanUpHandlers) {
            List<Callable> list = this.cleanUpHandlers.get(str);
            if (list == null) {
                LOG.info("no cleanup handlers registered for " + str);
                return;
            }
            Iterator<Callable> it = list.iterator();
            while (it.hasNext()) {
                this.q.add(it.next());
            }
            processCleanupQueue();
        }
    }

    public void invalidate(SecureSession secureSession) {
        LOG.info("Invalidating session " + secureSession);
        SecureSession secureSession2 = (SecureSession) this.sessionCache.get(secureSession.getId());
        if (secureSession2 != null) {
            secureSession2.setSessionState(SecureSession.SessionState.INVALIDATED);
            this.sessionCache.putWithTTL(secureSession2.getId(), secureSession2, this.sessionExpriyGracePeriod);
        }
    }

    public void remove(SecureSession secureSession) {
        LOG.info("Removing session " + secureSession + " remote " + secureSession.getRemoteId());
        this.sessionCache.remove(secureSession.getId());
        this.sessionRemoteIdCache.remove(secureSession.getRemoteId());
        onCleanUp(secureSession.getId());
    }

    private void houseKeep() {
        synchronized (this.scheduledRemovals) {
            ArrayList<String> arrayList = new ArrayList();
            for (String str : this.scheduledRemovals.keySet()) {
                if (this.scheduledRemovals.get(str).longValue() <= System.currentTimeMillis()) {
                    arrayList.add(str);
                }
            }
            for (String str2 : arrayList) {
                remove(str2);
                this.scheduledRemovals.remove(str2);
            }
        }
    }

    public void scheduleRemoval(String str) {
        LOG.info("Scheduling session removal by id " + str);
        synchronized (this.scheduledRemovals) {
            this.scheduledRemovals.put(str, Long.valueOf(System.currentTimeMillis() + 600000));
        }
    }

    public void remove(String str) {
        LOG.info("Removing session by id " + str);
        SecureSession secureSession = (SecureSession) this.sessionCache.get(str);
        if (secureSession != null) {
            remove(secureSession);
        } else {
            LOG.info("Session not found " + str);
            onCleanUp(str);
        }
    }

    public SecureSession establishNewSession(String str) {
        SecureSession generateSession = generateSession();
        generateSession.setIdentity(null);
        generateSession.setRemoteId(str);
        generateSession.setAuthenticationState(SecureSession.AuthenticationState.NOT_AUTHENTICATED);
        generateSession.setSessionState(SecureSession.SessionState.VALIDATING);
        _commitSession(generateSession);
        return generateSession;
    }

    public Token generateValidationToken(SecureSession secureSession) {
        SecureSession secureSession2 = (SecureSession) this.sessionCache.get(secureSession.getId());
        if (secureSession2 == null) {
            throw new SessionException("Session validation information incorrect GV002");
        }
        Token generateBlankToken = generateBlankToken(this.validationTokenTtl);
        generateBlankToken.setResource(secureSession2.getId());
        generateBlankToken.setTokenScope(TOKEN_TYPE_SESSION_VALIDATION);
        generateBlankToken.setValidTo(new Date(System.currentTimeMillis() + this.validationTokenTtl));
        this.tokenCache.putWithTTL(generateBlankToken.getCode(), generateBlankToken, this.validationTokenTtl + this.tokenExpiryGracePeriod);
        return generateBlankToken;
    }

    public void _commitSession(SecureSession secureSession) {
        secureSession.setExpiresTs(new Date(System.currentTimeMillis() + this.sessionTtl));
        this.sessionCache.putWithTTL(secureSession.getId(), secureSession, this.sessionTtl + this.sessionExpriyGracePeriod);
        this.sessionRemoteIdCache.putWithTTL(secureSession.getRemoteId(), secureSession.getId(), this.sessionTtl * 2);
        if (this.scheduledRemovals.containsKey(secureSession.getId())) {
            synchronized (this.scheduledRemovals) {
                this.scheduledRemovals.remove(secureSession.getId());
            }
        }
    }

    public void touchSession(SecureSession secureSession) {
        SecureSession secureSession2 = (SecureSession) this.sessionCache.get(secureSession.getId());
        if (secureSession2 == null) {
            throw new SessionException("Session validation information incorrect VE002");
        }
        secureSession2.setAttributes(secureSession.getAttributes());
        _commitSession(secureSession2);
    }

    public SecureSession validateSession(SecureSession secureSession, String str) {
        Token token = (Token) this.tokenCache.get(str);
        SecureSession secureSession2 = (SecureSession) this.sessionCache.get(secureSession.getId());
        if (token == null) {
            throw new SessionException("Session validation information incorrect VE001");
        }
        if (secureSession2 == null) {
            throw new SessionException("Session validation information incorrect VE002");
        }
        if (!SecureSession.SessionState.VALIDATING.equals(secureSession2.getSessionState())) {
            throw new SessionException("Session is in invalid state to perform validation VE004");
        }
        if (!TOKEN_TYPE_SESSION_VALIDATION.equals(token.getTokenScope())) {
            invalidate(secureSession2);
            throw new SessionException("Session validation information incorrect VE007");
        }
        if (!secureSession2.getId().equals(token.getResource())) {
            invalidate(secureSession2);
            throw new SessionException("Session validation information incorrect VE006");
        }
        if (!token.isValid()) {
            invalidate(secureSession2);
            throw new SessionException("Session validation information incorrect VE005");
        }
        secureSession2.setSessionState(SecureSession.SessionState.VALIDATED);
        this.tokenCache.remove(token.getCode());
        _commitSession(secureSession2);
        return secureSession2;
    }

    public SecureSession identifyUserInSession(SecureSession secureSession, Identity identity) {
        SecureSession secureSession2 = (SecureSession) this.sessionCache.get(secureSession.getId());
        if (secureSession2 == null) {
            throw new SessionException("session state invalid for identification I001");
        }
        if (!SecureSession.SessionState.VALIDATED.equals(secureSession2.getSessionState())) {
            throw new SessionException("session state invalid for identification  I002");
        }
        if (secureSession2.getIdentity() != null && !identity.getUid().equals(secureSession2.getIdentity().getUid())) {
            throw new SessionException("session already has an identified user I003");
        }
        secureSession2.setIdentity(identity);
        _commitSession(secureSession2);
        return secureSession2;
    }

    public Token generateAuthenticationToken(SecureSession secureSession) {
        SecureSession secureSession2 = (SecureSession) this.sessionCache.get(secureSession.getId());
        if (secureSession2 == null) {
            throw new SessionException("session state invalid for authentication G001");
        }
        if (!SecureSession.SessionState.VALIDATED.equals(secureSession2.getSessionState())) {
            throw new SessionException("session state invalid for identification  G002");
        }
        Token generateBlankToken = generateBlankToken(this.authenticationTokenTtl);
        generateBlankToken.setResource(secureSession2.getId());
        generateBlankToken.setTokenScope(TOKEN_TYPE_AUTHENTICATION_WINDOW);
        generateBlankToken.setValidTo(new Date(System.currentTimeMillis() + this.authenticationTokenTtl));
        this.tokenCache.putWithTTL(generateBlankToken.getCode(), generateBlankToken, this.authenticationTokenTtl + this.tokenExpiryGracePeriod);
        return generateBlankToken;
    }

    public SecureSession authenticateSession(SecureSession secureSession, String str, Identity identity, Credential... credentialArr) {
        SecureSession secureSession2 = (SecureSession) this.sessionCache.get(secureSession.getId());
        Token token = (Token) this.tokenCache.get(str);
        if (secureSession2 == null) {
            throw new SessionException("session state invalid for authentication A001");
        }
        if (!TOKEN_TYPE_AUTHENTICATION_WINDOW.equals(token.getTokenScope())) {
            invalidate(secureSession2);
            throw new SessionException("Session validation information incorrect A004");
        }
        if (!secureSession2.getId().equals(token.getResource())) {
            invalidate(secureSession2);
            throw new SessionException("Session validation information incorrect A003");
        }
        if (!token.isValid()) {
            invalidate(secureSession2);
            throw new SessionException("Session validation information incorrect A002");
        }
        secureSession2.setAuthenticationState(SecureSession.AuthenticationState.AUTHENTICATED);
        secureSession2.setIdentity(identity);
        LOG.info("Session " + secureSession2 + " authenticated with credentials " + credentialArr);
        this.tokenCache.remove(token.getCode());
        _commitSession(secureSession2);
        if (!SecureSession.SessionState.VALIDATED.equals(secureSession2.getSessionState())) {
            throw new SessionException("session state invalid for authentication  A005");
        }
        if (SecureSession.AuthenticationState.AUTHENTICATED.equals(secureSession2.getSessionState())) {
            throw new SessionException("session state invalid for authentication  A006");
        }
        if (secureSession2.getIdentity() == null || identity.getUid().equals(secureSession2.getIdentity().getUid())) {
            return secureSession2;
        }
        throw new SessionException("session already authentication A007");
    }

    public SecureSession findSessionById(String str) {
        SecureSession secureSession = (SecureSession) this.sessionCache.get(str);
        if (secureSession == null) {
            throw new SessionException("Session not found");
        }
        if (secureSession.isExpired()) {
            throw new SessionExpiredException("Session has expired");
        }
        return secureSession;
    }

    public SecureSession checkIfSecureSessionExists(String str) {
        SecureSession secureSession = (SecureSession) this.sessionCache.get(str);
        if (secureSession == null || secureSession.isExpired()) {
            return null;
        }
        return secureSession;
    }
}
