package org.graylog2.security;

import com.google.common.eventbus.EventBus;
import com.google.common.eventbus.Subscribe;
import java.util.EnumSet;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import javax.inject.Inject;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.mgt.DefaultSessionKey;
import org.apache.shiro.session.mgt.SessionManager;
import org.graylog2.plugin.database.users.User;
import org.graylog2.shared.users.UserService;
import org.graylog2.users.events.UserChangedEvent;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/graylog2/security/UserSessionTerminationListener.class */
public class UserSessionTerminationListener {
    private static final Logger LOG = LoggerFactory.getLogger(UserSessionTerminationListener.class);
    private static final EnumSet<User.AccountStatus> SESSION_TERMINATION_STATUS = EnumSet.of(User.AccountStatus.DELETED, User.AccountStatus.DISABLED);
    private final MongoDBSessionService sessionService;
    private final DefaultSecurityManager securityManager;
    private final UserService userService;

    @Inject
    public UserSessionTerminationListener(MongoDBSessionService mongoDBSessionService, DefaultSecurityManager defaultSecurityManager, UserService userService, EventBus eventBus) {
        this.sessionService = mongoDBSessionService;
        this.securityManager = defaultSecurityManager;
        this.userService = userService;
        eventBus.register(this);
    }

    @Subscribe
    public void handleUserChanged(UserChangedEvent userChangedEvent) {
        User loadById = this.userService.loadById(userChangedEvent.userId());
        if (loadById == null || !SESSION_TERMINATION_STATUS.contains(loadById.getAccountStatus())) {
            return;
        }
        terminateSessionsFor(loadById);
    }

    private void terminateSessionsFor(User user) {
        try {
            Set<String> sessionIDsForUser = getSessionIDsForUser(user);
            SessionManager sessionManager = this.securityManager.getSessionManager();
            for (String str : sessionIDsForUser) {
                Session session = sessionManager.getSession(new DefaultSessionKey(str));
                if (session != null) {
                    LOG.info("Stopping session <{}> for user <{}/{}>", new Object[]{str, user.getName(), user.getId()});
                    session.stop();
                }
            }
        } catch (Exception e) {
            LOG.error("Couldn't stop session for user <{}/{}>", new Object[]{user.getName(), user.getId(), e});
        }
    }

    private Set<String> getSessionIDsForUser(User user) {
        String str = (String) Objects.requireNonNull(user.getId(), "user ID cannot be null");
        return (Set) this.sessionService.loadAll().stream().filter(mongoDbSession -> {
            return str.equals(mongoDbSession.getUserIdAttribute().orElse(null));
        }).map((v0) -> {
            return v0.getSessionId();
        }).collect(Collectors.toSet());
    }
}
