package com.predic8.membrane.core.interceptor.authentication.session;

import com.predic8.membrane.annot.MCAttribute;
import com.predic8.membrane.annot.MCElement;
import com.predic8.membrane.core.Router;
import com.predic8.membrane.core.config.AbstractXmlElement;
import com.predic8.membrane.core.exchange.Exchange;
import com.predic8.membrane.core.http.Header;
import com.predic8.membrane.core.http.Request;
import com.predic8.membrane.core.interceptor.authentication.session.CleanupThread;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.UUID;
import javax.xml.stream.XMLStreamReader;
import org.apache.commons.lang.StringUtils;
import org.apache.http.cookie.ClientCookie;

@MCElement(name = "sessionManager", topLevel = false)
/* loaded from: input_file:lib/service-proxy-core-4.1.0.jar:com/predic8/membrane/core/interceptor/authentication/session/SessionManager.class */
public class SessionManager extends AbstractXmlElement implements CleanupThread.Cleaner {
    private String cookieName;
    private long timeout;
    private String domain;
    HashMap<String, Session> sessions = new HashMap<>();

    /* loaded from: input_file:lib/service-proxy-core-4.1.0.jar:com/predic8/membrane/core/interceptor/authentication/session/SessionManager$Session.class */
    public static class Session {
        private Map<String, String> userAttributes;
        private int level = 0;
        private long lastUse;
        private String userName;

        public synchronized boolean isAuthorized() {
            return this.level == 2;
        }

        public synchronized boolean isPreAuthorized() {
            return this.level == 1;
        }

        public synchronized Map<String, String> getUserAttributes() {
            return this.userAttributes;
        }

        public synchronized void clear() {
            this.level = 0;
            this.userAttributes = null;
        }

        public synchronized void preAuthorize(String str, Map<String, String> map) {
            this.userName = str;
            this.userAttributes = map;
            this.level = 1;
        }

        public synchronized void authorize() {
            this.level = 2;
        }

        public synchronized void touch() {
            this.lastUse = System.currentTimeMillis();
        }

        public synchronized long getLastUse() {
            return this.lastUse;
        }

        public synchronized String getUserName() {
            return this.userName;
        }
    }

    @Override // com.predic8.membrane.core.config.AbstractXmlElement
    protected void parseAttributes(XMLStreamReader xMLStreamReader) throws Exception {
        this.cookieName = xMLStreamReader.getAttributeValue("", "cookieName");
        this.timeout = Long.parseLong(StringUtils.defaultIfEmpty(xMLStreamReader.getAttributeValue("", Header.TIMEOUT), "300000"));
        this.domain = xMLStreamReader.getAttributeValue("", ClientCookie.DOMAIN_ATTR);
    }

    public void init(Router router) {
        this.cookieName = StringUtils.defaultIfEmpty(this.cookieName, "SESSIONID");
        this.timeout = this.timeout == 0 ? 300000L : this.timeout;
    }

    private String generateSessionID() {
        return UUID.randomUUID().toString();
    }

    public Session getSession(Request request) {
        Session session;
        String firstCookie = request.getHeader().getFirstCookie(this.cookieName);
        if (firstCookie == null) {
            return null;
        }
        synchronized (this.sessions) {
            session = this.sessions.get(firstCookie);
        }
        if (session != null) {
            session.touch();
        }
        return session;
    }

    public Session createSession(Exchange exchange) {
        String generateSessionID = generateSessionID();
        Session session = new Session();
        synchronized (this.sessions) {
            this.sessions.put(generateSessionID, session);
        }
        exchange.getResponse().getHeader().addCookieSession(this.cookieName, generateSessionID + "; " + (this.domain != null ? "Domain=" + this.domain + "; " : "") + "Path=/" + (exchange.getRule().getSslInboundContext() != null ? "; Secure" : ""));
        return session;
    }

    @Override // com.predic8.membrane.core.interceptor.authentication.session.CleanupThread.Cleaner
    public void cleanup() {
        long currentTimeMillis = System.currentTimeMillis() - this.timeout;
        ArrayList arrayList = new ArrayList();
        synchronized (this.sessions) {
            for (Map.Entry<String, Session> entry : this.sessions.entrySet()) {
                if (entry.getValue().getLastUse() < currentTimeMillis) {
                    arrayList.add(entry.getKey());
                }
            }
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                this.sessions.remove((String) it.next());
            }
        }
    }

    public String getCookieName() {
        return this.cookieName;
    }

    @MCAttribute
    public void setCookieName(String str) {
        this.cookieName = str;
    }

    public long getTimeout() {
        return this.timeout;
    }

    @MCAttribute
    public void setTimeout(long j) {
        this.timeout = j;
    }

    public String getDomain() {
        return this.domain;
    }

    @MCAttribute
    public void setDomain(String str) {
        this.domain = str;
    }
}
