package com.tridium.jetty;

import com.tridium.authn.LoginFailureCause;
import com.tridium.session.NiagaraSession;
import com.tridium.session.SessionManager;
import com.tridium.web.CookieUtil;
import com.tridium.web.session.NiagaraWebSession;
import java.security.AccessController;
import java.util.concurrent.TimeUnit;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.baja.web.authn.AuthMessage;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.eclipse.jetty.http.HttpCookie;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.session.Session;
import org.eclipse.jetty.server.session.SessionHandler;

/* loaded from: input_file:com/tridium/jetty/NiagaraSessionHandler.class */
public class NiagaraSessionHandler extends SessionHandler {
    private static final int DEFAULT_MAX_INACTIVE_TIME = (int) TimeUnit.MINUTES.toSeconds(((Long) AccessController.doPrivileged(() -> {
        return Long.getLong("niagara.session.inactive.time", 240L);
    })).longValue());
    private static final Logger LOGGER = Logger.getLogger(NiagaraSessionHandler.class.getName());

    public NiagaraSessionHandler() {
        addEventListener(new SessionIdChangeHandler());
        addEventListener(new SessionInvalidationHandler());
    }

    protected void doStart() throws Exception {
        super.doStart();
        setMaxInactiveInterval(DEFAULT_MAX_INACTIVE_TIME);
    }

    public HttpCookie access(HttpSession httpSession, boolean z) {
        if (httpSession instanceof Session) {
            Session session = (Session) httpSession;
            for (SessionHandler sessionHandler : session.getSessionHandler().getSessionIdManager().getSessionHandlers()) {
                HttpSession httpSession2 = (Session) AccessController.doPrivileged(() -> {
                    return sessionHandler.getSession(session.getId());
                });
                if (httpSession2 != null) {
                    if (sessionHandler instanceof NiagaraSessionHandler) {
                        ((NiagaraSessionHandler) sessionHandler).accessSingle(httpSession2, z);
                    } else {
                        sessionHandler.access(httpSession2, z);
                    }
                }
            }
        }
        return super.access(httpSession, z);
    }

    private void accessSingle(HttpSession httpSession, boolean z) {
        super.access(httpSession, z);
    }

    protected void checkRequestedSessionId(Request request, HttpServletRequest httpServletRequest) {
        String header;
        super.checkRequestedSessionId(request, httpServletRequest);
        String requestedSessionId = httpServletRequest.getRequestedSessionId();
        LoginFailureCause closeCause = SessionManager.getCloseCause(requestedSessionId);
        HttpSession session = httpServletRequest.getSession(false);
        if ((requestedSessionId == null || session == null) && (header = httpServletRequest.getHeader("Authorization")) != null) {
            try {
                AuthMessage decodeFromString = AuthMessage.decodeFromString(header);
                requestedSessionId = decodeFromString.getParameter("handshakeToken");
                if (requestedSessionId == null && decodeFromString.getScheme().equalsIgnoreCase("BEARER")) {
                    requestedSessionId = decodeFromString.getParameter("authToken");
                }
                if (requestedSessionId != null) {
                    session = getHttpSession(requestedSessionId);
                    request.setRequestedSessionId(requestedSessionId);
                    if (session == null || !isValid(session)) {
                        requestedSessionId = null;
                    } else {
                        request.setSession(session);
                    }
                }
            } catch (IllegalArgumentException e) {
            }
        }
        Cookie cookieFromName = CookieUtil.getCookieFromName(httpServletRequest, "NTOKEN");
        if (cookieFromName != null && (requestedSessionId == null || session == null)) {
            String value = cookieFromName.getValue();
            String requestURI = httpServletRequest.getRequestURI();
            String sessionFromNtoken = SessionManager.getSessionFromNtoken(value, NiagaraHttpSession.class, requestURI);
            if (sessionFromNtoken != null) {
                session = getHttpSession(sessionFromNtoken);
                request.setRequestedSessionId(sessionFromNtoken);
                request.setRequestedSessionIdFromCookie(sessionFromNtoken != null);
                if (session != null && isValid(session)) {
                    request.setSession(session);
                }
                if (requestURI.startsWith("/wb/killntokens")) {
                    ((Request) httpServletRequest).getResponse().addCookie(getSessionCookie(session, httpServletRequest.getContextPath(), httpServletRequest.isSecure()));
                }
            }
            if (sessionFromNtoken == null || session == null || !isValid(session)) {
                Cookie createCookie = CookieUtil.createCookie("NTOKEN", "", 0);
                createCookie.setHttpOnly(false);
                ((Request) httpServletRequest).getResponse().addCookie(createCookie);
            }
        }
        if (closeCause != null) {
            httpServletRequest.getSession(true).setAttribute("loginFailureCause", closeCause);
        }
    }

    public HttpSession newHttpSession(HttpServletRequest httpServletRequest) {
        HttpSession newHttpSession = super.newHttpSession(httpServletRequest);
        LOGGER.fine(() -> {
            return String.format("[%s] Created new HttpSession: id = %s", httpServletRequest.getRequestURI(), newHttpSession.getId());
        });
        NiagaraSession niagaraSession = (NiagaraHttpSession) SessionManager.getNiagaraSession(newHttpSession.getId(), NiagaraWebSession.class);
        if (niagaraSession == null) {
            niagaraSession = new NiagaraHttpSession(newHttpSession, httpServletRequest);
            SessionManager.addSession(niagaraSession, NiagaraWebSession.class);
            if (LOGGER.isLoggable(Level.FINE)) {
                LOGGER.fine(String.format("[%s] Created new NiagaraHttpSession: id = %s, superId = %s", httpServletRequest.getRequestURI(), niagaraSession.getId(), niagaraSession.getSuperId()));
            }
        }
        if (niagaraSession.isCreatedWithSuperSessionId()) {
            newHttpSession.setMaxInactiveInterval(0);
        }
        niagaraSession.addHttpSession(newHttpSession);
        return newHttpSession;
    }

    public void invalidate(String str) {
        AccessController.doPrivileged(() -> {
            super.invalidate(str);
            return null;
        });
    }
}
