package org.graylog2.rest.resources.system;

import jakarta.inject.Inject;
import jakarta.ws.rs.container.ContainerRequestContext;
import jakarta.ws.rs.container.ContainerResponseContext;
import jakarta.ws.rs.container.ContainerResponseFilter;
import jakarta.ws.rs.core.NewCookie;
import java.io.IOException;
import java.util.Optional;
import org.apache.shiro.session.Session;
import org.graylog2.rest.models.system.sessions.responses.SessionResponseFactory;
import org.graylog2.security.realm.SessionAuthenticator;
import org.graylog2.shared.security.ShiroPrincipal;

/* loaded from: input_file:org/graylog2/rest/resources/system/SlidingExpirationCookieFilter.class */
public class SlidingExpirationCookieFilter implements ContainerResponseFilter {
    private final CookieFactory cookieFactory;
    private final SessionResponseFactory sessionResponseFactory;

    @Inject
    public SlidingExpirationCookieFilter(CookieFactory cookieFactory, SessionResponseFactory sessionResponseFactory) {
        this.cookieFactory = cookieFactory;
        this.sessionResponseFactory = sessionResponseFactory;
    }

    public void filter(ContainerRequestContext containerRequestContext, ContainerResponseContext containerResponseContext) throws IOException {
        if (noSessionExtension(containerRequestContext)) {
            return;
        }
        sessionFromRequest(containerRequestContext).ifPresent(session -> {
            setCookie(containerResponseContext, this.cookieFactory.createAuthenticationCookie(this.sessionResponseFactory.forSession(session), containerRequestContext));
        });
    }

    private Optional<Session> sessionFromRequest(ContainerRequestContext containerRequestContext) {
        return Optional.ofNullable(containerRequestContext.getSecurityContext()).map((v0) -> {
            return v0.getUserPrincipal();
        }).filter(principal -> {
            return principal instanceof ShiroPrincipal;
        }).map(principal2 -> {
            return ((ShiroPrincipal) principal2).getSubject();
        }).filter((v0) -> {
            return v0.isAuthenticated();
        }).map(subject -> {
            return subject.getSession(false);
        });
    }

    private boolean noSessionExtension(ContainerRequestContext containerRequestContext) {
        String str = "true";
        return ((Boolean) Optional.ofNullable(containerRequestContext.getHeaderString(SessionAuthenticator.X_GRAYLOG_NO_SESSION_EXTENSION)).map(str::equalsIgnoreCase).orElse(false)).booleanValue();
    }

    private void setCookie(ContainerResponseContext containerResponseContext, NewCookie newCookie) {
        containerResponseContext.getHeaders().add("Set-Cookie", newCookie);
    }
}
