package org.opencms.main;

import java.io.PrintWriter;
import java.io.StringWriter;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionEvent;
import org.apache.commons.collections.Buffer;
import org.apache.commons.collections.BufferUtils;
import org.apache.commons.collections.buffer.CircularFifoBuffer;
import org.apache.commons.logging.Log;
import org.opencms.configuration.CmsSystemConfiguration;
import org.opencms.db.CmsUserSettings;
import org.opencms.file.CmsObject;
import org.opencms.file.CmsProject;
import org.opencms.file.CmsRequestContext;
import org.opencms.file.CmsUser;
import org.opencms.main.CmsBroadcast;
import org.opencms.security.CmsCustomLoginException;
import org.opencms.security.CmsRole;
import org.opencms.security.CmsSecurityException;
import org.opencms.security.CmsUserLog;
import org.opencms.ui.login.CmsLoginHelper;
import org.opencms.util.CmsRequestUtil;
import org.opencms.util.CmsStringUtil;
import org.opencms.util.CmsUUID;
import org.opencms.widgets.CmsHtmlWidgetOption;
import org.opencms.workplace.CmsWorkplace;
import org.opencms.workplace.CmsWorkplaceManager;
import org.opencms.workplace.tools.CmsToolManager;

/* loaded from: input_file:org/opencms/main/CmsSessionManager.class */
public class CmsSessionManager {
    public static final String HEADER_TRUE_CLIENT_IP = "true-client-ip";
    public static final String HEADER_USER_AGENT = "user-agent";
    public static final String HEADER_X_FORWARDED_FOR = "x-forwarded-for";
    private static final String CLIENT_TOKEN = "client-token";
    private Object m_lockSessionCount = new Object();
    private int m_sessionCountCurrent;
    private int m_sessionCountTotal;
    private I_CmsSessionStorageProvider m_sessionStorageProvider;
    private CmsSystemConfiguration.UserSessionMode m_userSessionMode;
    private CmsObject m_adminCms;
    private static final Log LOG = CmsLog.getLog(CmsSessionManager.class);
    public static final String NAME_USERSWITCH = "userswitch";
    private static final Log USERSWITCH = CmsLog.getLog(NAME_USERSWITCH);

    public void checkCreateSessionForUser(CmsUser cmsUser) throws CmsException {
        if (getUserSessionMode() == CmsSystemConfiguration.UserSessionMode.single && !getSessionInfos(cmsUser.getId()).isEmpty()) {
            throw new CmsCustomLoginException(org.opencms.security.Messages.get().container(org.opencms.security.Messages.ERR_ALREADY_LOGGED_IN_0));
        }
    }

    public Buffer getBroadcastQueue(String str) {
        CmsSessionInfo sessionInfo = getSessionInfo(getSessionUUID(str));
        return sessionInfo == null ? BufferUtils.synchronizedBuffer(new CircularFifoBuffer(10)) : sessionInfo.getBroadcastQueue();
    }

    public int getSessionCountAuthenticated() {
        if (this.m_sessionStorageProvider == null) {
            return 0;
        }
        return this.m_sessionStorageProvider.getSize();
    }

    public int getSessionCountCurrent() {
        return this.m_sessionCountCurrent;
    }

    public int getSessionCountTotal() {
        return this.m_sessionCountTotal;
    }

    public CmsSessionInfo getSessionInfo(CmsUUID cmsUUID) {
        if (this.m_sessionStorageProvider == null) {
            return null;
        }
        return this.m_sessionStorageProvider.get(cmsUUID);
    }

    public CmsSessionInfo getSessionInfo(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null) {
            return getSessionInfo(session);
        }
        String header = httpServletRequest.getHeader(CmsRequestUtil.HEADER_JSESSIONID);
        if (header == null) {
            return null;
        }
        return getSessionInfo(header);
    }

    public CmsSessionInfo getSessionInfo(HttpSession httpSession) {
        CmsUUID cmsUUID;
        if (httpSession == null || (cmsUUID = (CmsUUID) httpSession.getAttribute(CmsSessionInfo.ATTRIBUTE_SESSION_ID)) == null) {
            return null;
        }
        return getSessionInfo(cmsUUID);
    }

    public CmsSessionInfo getSessionInfo(String str) {
        return getSessionInfo(getSessionUUID(str));
    }

    public List<CmsSessionInfo> getSessionInfos() {
        return this.m_sessionStorageProvider == null ? Collections.emptyList() : this.m_sessionStorageProvider.getAll();
    }

    public List<CmsSessionInfo> getSessionInfos(CmsUUID cmsUUID) {
        return this.m_sessionStorageProvider == null ? Collections.emptyList() : this.m_sessionStorageProvider.getAllOfUser(cmsUUID);
    }

    public CmsSystemConfiguration.UserSessionMode getUserSessionMode() {
        return this.m_userSessionMode;
    }

    public boolean hasValidClientToken(HttpServletRequest httpServletRequest) {
        String generateClientToken = generateClientToken(httpServletRequest);
        String str = null;
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null) {
            str = (String) session.getAttribute(CLIENT_TOKEN);
        }
        return generateClientToken.equals(str);
    }

    public void killSession(CmsObject cmsObject, CmsUser cmsUser) throws CmsException {
        OpenCms.getRoleManager().checkRole(cmsObject, CmsRole.ACCOUNT_MANAGER);
        Iterator<CmsSessionInfo> it = getSessionInfos(cmsUser.getId()).iterator();
        while (it.hasNext()) {
            this.m_sessionStorageProvider.remove(it.next().getSessionId());
        }
    }

    public void killSession(CmsObject cmsObject, CmsUUID cmsUUID) throws CmsException {
        OpenCms.getRoleManager().checkRole(cmsObject, CmsRole.ACCOUNT_MANAGER);
        this.m_sessionStorageProvider.remove(cmsUUID);
    }

    @Deprecated
    public void sendBroadcast(CmsObject cmsObject, String str) {
        sendBroadcast(cmsObject, str, CmsBroadcast.ContentMode.plain);
    }

    @Deprecated
    public void sendBroadcast(CmsObject cmsObject, String str, boolean z) {
        sendBroadcast(cmsObject, str, z, CmsBroadcast.ContentMode.plain);
    }

    public void sendBroadcast(CmsObject cmsObject, String str, boolean z, CmsBroadcast.ContentMode contentMode) {
        if (CmsStringUtil.isEmptyOrWhitespaceOnly(str)) {
            return;
        }
        CmsBroadcast cmsBroadcast = new CmsBroadcast(cmsObject.getRequestContext().getCurrentUser(), str, z, contentMode);
        for (CmsSessionInfo cmsSessionInfo : this.m_sessionStorageProvider.getAll()) {
            if (this.m_sessionStorageProvider.get(cmsSessionInfo.getSessionId()) != null) {
                cmsSessionInfo.getBroadcastQueue().add(cmsBroadcast);
            }
        }
    }

    public void sendBroadcast(CmsObject cmsObject, String str, CmsBroadcast.ContentMode contentMode) {
        sendBroadcast(cmsObject, str, false, contentMode);
    }

    @Deprecated
    public void sendBroadcast(CmsObject cmsObject, String str, String str2) {
        sendBroadcast(cmsObject, str, str2, false);
    }

    @Deprecated
    public void sendBroadcast(CmsObject cmsObject, String str, String str2, boolean z) {
        sendBroadcast(cmsObject, str, str2, z, CmsBroadcast.ContentMode.plain);
    }

    public void sendBroadcast(CmsObject cmsObject, String str, String str2, boolean z, CmsBroadcast.ContentMode contentMode) {
        CmsSessionInfo cmsSessionInfo;
        if (CmsStringUtil.isEmptyOrWhitespaceOnly(str) || (cmsSessionInfo = this.m_sessionStorageProvider.get(new CmsUUID(str2))) == null) {
            return;
        }
        cmsSessionInfo.getBroadcastQueue().add(new CmsBroadcast(cmsObject.getRequestContext().getCurrentUser(), str, z, contentMode));
    }

    public void sendBroadcast(CmsObject cmsObject, String str, String str2, CmsBroadcast.ContentMode contentMode) {
        sendBroadcast(cmsObject, str, str2, false, contentMode);
    }

    @Deprecated
    public void sendBroadcast(CmsUser cmsUser, String str, CmsUser cmsUser2) {
        sendBroadcast(cmsUser, str, cmsUser2, CmsBroadcast.ContentMode.plain);
    }

    public void sendBroadcast(CmsUser cmsUser, String str, CmsUser cmsUser2, CmsBroadcast.ContentMode contentMode) {
        if (CmsStringUtil.isEmptyOrWhitespaceOnly(str)) {
            return;
        }
        CmsBroadcast cmsBroadcast = new CmsBroadcast(cmsUser, str, contentMode);
        for (CmsSessionInfo cmsSessionInfo : getSessionInfos(cmsUser2.getId())) {
            if (this.m_sessionStorageProvider.get(cmsSessionInfo.getSessionId()) != null) {
                cmsSessionInfo.getBroadcastQueue().add(cmsBroadcast);
            }
        }
    }

    public String switchUser(CmsObject cmsObject, HttpServletRequest httpServletRequest, CmsUser cmsUser) throws CmsException {
        return switchUserFromSession(cmsObject, httpServletRequest, cmsUser, null);
    }

    public String switchUserFromSession(CmsObject cmsObject, HttpServletRequest httpServletRequest, CmsUser cmsUser, CmsSessionInfo cmsSessionInfo) throws CmsException {
        CmsProject readProject;
        String siteRoot;
        OpenCms.getRoleManager().checkRole(cmsObject, CmsRole.ADMINISTRATOR.forOrgUnit(cmsUser.getOuFqn()));
        CmsSessionInfo sessionInfo = getSessionInfo(httpServletRequest);
        HttpSession session = httpServletRequest.getSession(false);
        if (sessionInfo == null || session == null) {
            throw new CmsException(Messages.get().container(Messages.ERR_NO_SESSIONINFO_SESSION_0));
        }
        if (!OpenCms.getRoleManager().hasRole(cmsObject, cmsUser.getName(), CmsRole.ELEMENT_AUTHOR)) {
            throw new CmsSecurityException(Messages.get().container(Messages.ERR_NO_WORKPLACE_PERMISSIONS_0));
        }
        String name = cmsObject.getRequestContext().getCurrentUser().getName();
        CmsUserSettings cmsUserSettings = new CmsUserSettings(cmsUser);
        String ouFqn = cmsUser.getOuFqn();
        if (cmsSessionInfo == null) {
            readProject = cmsObject.readProject(ouFqn + OpenCms.getWorkplaceManager().getDefaultUserSettings().getStartProject());
            try {
                readProject = cmsObject.readProject(cmsUserSettings.getStartProject());
            } catch (Exception e) {
            }
            siteRoot = CmsWorkplace.getStartSiteRoot(OpenCms.initCmsObject(this.m_adminCms, new CmsContextInfo(cmsUser.getName())), cmsUserSettings);
        } else {
            readProject = cmsObject.readProject(cmsSessionInfo.getProject());
            siteRoot = cmsSessionInfo.getSiteRoot();
        }
        CmsRequestContext cmsRequestContext = new CmsRequestContext(cmsUser, readProject, null, cmsObject.getRequestContext().getRequestMatcher(), siteRoot, cmsObject.getRequestContext().isSecureRequest(), null, null, null, 0L, null, null, ouFqn, false);
        session.removeAttribute(CmsWorkplaceManager.SESSION_WORKPLACE_SETTINGS);
        addSessionInfo(new CmsSessionInfo(cmsRequestContext, sessionInfo.getSessionId(), sessionInfo.getMaxInactiveInterval()));
        cmsObject.getRequestContext().setSiteRoot(siteRoot);
        cmsObject.getRequestContext().setCurrentProject(readProject);
        cmsObject.getRequestContext().setOuFqn(cmsUser.getOuFqn());
        USERSWITCH.info("User '" + name + "' switched to user '" + cmsUser.getName() + "'");
        CmsUserLog.logSwitchUser(cmsObject, cmsUser.getName());
        String directEditPath = CmsLoginHelper.getDirectEditPath(cmsObject, new CmsUserSettings(cmsUser), false);
        if (directEditPath != null) {
            return OpenCms.getLinkManager().substituteLink(cmsObject, directEditPath, siteRoot);
        }
        return null;
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("[CmsSessions]:\n");
        for (CmsSessionInfo cmsSessionInfo : this.m_sessionStorageProvider.getAll()) {
            stringBuffer.append(cmsSessionInfo.getSessionId().toString());
            stringBuffer.append(" : ");
            stringBuffer.append(cmsSessionInfo.getUserId().toString());
            stringBuffer.append('\n');
        }
        return stringBuffer.toString();
    }

    public void updateSessionInfo(CmsObject cmsObject, HttpServletRequest httpServletRequest) {
        updateSessionInfo(cmsObject, httpServletRequest, false);
    }

    public void updateSessionInfo(CmsObject cmsObject, HttpServletRequest httpServletRequest, boolean z) {
        if (!cmsObject.getRequestContext().isUpdateSessionEnabled() || cmsObject.getRequestContext().getUri().equals(CmsToolManager.VIEW_JSPPAGE_LOCATION) || cmsObject.getRequestContext().getCurrentUser().isGuestUser()) {
            return;
        }
        CmsSessionInfo sessionInfo = getSessionInfo(httpServletRequest);
        if (sessionInfo != null) {
            sessionInfo.update(cmsObject.getRequestContext(), z);
            addSessionInfo(sessionInfo);
            return;
        }
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null) {
            CmsSessionInfo cmsSessionInfo = new CmsSessionInfo(cmsObject.getRequestContext(), new CmsUUID(), session.getMaxInactiveInterval());
            session.setAttribute(CmsSessionInfo.ATTRIBUTE_SESSION_ID, cmsSessionInfo.getSessionId().clone());
            session.setAttribute(CLIENT_TOKEN, generateClientToken(httpServletRequest));
            addSessionInfo(cmsSessionInfo);
        }
    }

    public void updateSessionInfo(CmsObject cmsObject, HttpSession httpSession) {
        if (httpSession == null || !cmsObject.getRequestContext().isUpdateSessionEnabled() || cmsObject.getRequestContext().getUri().equals(CmsToolManager.VIEW_JSPPAGE_LOCATION) || cmsObject.getRequestContext().getCurrentUser().isGuestUser()) {
            return;
        }
        CmsSessionInfo sessionInfo = getSessionInfo(httpSession);
        if (sessionInfo != null) {
            sessionInfo.update(cmsObject.getRequestContext());
            addSessionInfo(sessionInfo);
        } else {
            CmsSessionInfo cmsSessionInfo = new CmsSessionInfo(cmsObject.getRequestContext(), new CmsUUID(), httpSession.getMaxInactiveInterval());
            httpSession.setAttribute(CmsSessionInfo.ATTRIBUTE_SESSION_ID, cmsSessionInfo.getSessionId().clone());
            addSessionInfo(cmsSessionInfo);
        }
    }

    public void updateSessionInfos(CmsObject cmsObject) {
        for (CmsSessionInfo cmsSessionInfo : getSessionInfos()) {
            try {
                cmsObject.readProject(cmsSessionInfo.getProject());
            } catch (CmsException e) {
                cmsSessionInfo.setProject(CmsProject.ONLINE_PROJECT_ID);
                addSessionInfo(cmsSessionInfo);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addSessionInfo(CmsSessionInfo cmsSessionInfo) {
        if (getUserSessionMode() == CmsSystemConfiguration.UserSessionMode.standard) {
            this.m_sessionStorageProvider.put(cmsSessionInfo);
            return;
        }
        if (getUserSessionMode() == CmsSystemConfiguration.UserSessionMode.single) {
            List<CmsSessionInfo> sessionInfos = getSessionInfos(cmsSessionInfo.getUserId());
            if (!sessionInfos.isEmpty() && (sessionInfos.size() != 1 || !sessionInfos.get(0).getSessionId().equals(cmsSessionInfo.getSessionId()))) {
                throw new RuntimeException("Can't create another session for the same user.");
            }
            this.m_sessionStorageProvider.put(cmsSessionInfo);
        }
    }

    protected CmsUUID getSessionUUID(String str) {
        return new CmsUUID(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void initialize(I_CmsSessionStorageProvider i_CmsSessionStorageProvider, CmsObject cmsObject) {
        this.m_sessionStorageProvider = i_CmsSessionStorageProvider;
        this.m_sessionStorageProvider.initialize();
        this.m_adminCms = cmsObject;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void sessionCreated(HttpSessionEvent httpSessionEvent) {
        HttpServletRequest pVar = OpenCmsServlet.currentRequestStack.top();
        String str = CmsHtmlWidgetOption.BUTTONBAR_BLOCK_START + Thread.currentThread().getId() + "] ";
        synchronized (this.m_lockSessionCount) {
            this.m_sessionCountCurrent = this.m_sessionCountCurrent <= 0 ? 1 : this.m_sessionCountCurrent + 1;
            this.m_sessionCountTotal++;
            if (LOG.isInfoEnabled()) {
                LOG.info(str + Messages.get().getBundle().key(Messages.LOG_SESSION_CREATED_2, new Integer(this.m_sessionCountTotal), new Integer(this.m_sessionCountCurrent)));
            }
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug(str + Messages.get().getBundle().key(Messages.LOG_SESSION_CREATED_1, httpSessionEvent.getSession().getId()));
            if (pVar != null) {
                LOG.debug(str + "Session created in request: " + ((Object) pVar.getRequestURL()));
            }
            StringWriter stringWriter = new StringWriter();
            new Throwable("").printStackTrace(new PrintWriter(stringWriter));
            LOG.debug(str + "Stack = \n" + stringWriter.toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void sessionDestroyed(HttpSessionEvent httpSessionEvent) {
        synchronized (this.m_lockSessionCount) {
            this.m_sessionCountCurrent = this.m_sessionCountCurrent <= 0 ? 0 : this.m_sessionCountCurrent - 1;
            if (LOG.isInfoEnabled()) {
                LOG.info(Messages.get().getBundle().key(Messages.LOG_SESSION_DESTROYED_2, new Integer(this.m_sessionCountTotal), new Integer(this.m_sessionCountCurrent)));
            }
        }
        CmsSessionInfo sessionInfo = getSessionInfo(httpSessionEvent.getSession());
        CmsUUID cmsUUID = null;
        if (sessionInfo != null) {
            cmsUUID = sessionInfo.getUserId();
            this.m_sessionStorageProvider.remove(sessionInfo.getSessionId());
        }
        if (cmsUUID != null && getSessionInfos(cmsUUID).size() == 0) {
            OpenCmsCore.getInstance().getLockManager().removeTempLocks(cmsUUID);
        }
        HttpSession session = httpSessionEvent.getSession();
        Enumeration attributeNames = session.getAttributeNames();
        while (attributeNames.hasMoreElements()) {
            Object attribute = session.getAttribute((String) attributeNames.nextElement());
            if (attribute instanceof I_CmsSessionDestroyHandler) {
                try {
                    ((I_CmsSessionDestroyHandler) attribute).onSessionDestroyed();
                } catch (Exception e) {
                    LOG.error(e.getLocalizedMessage(), e);
                }
            }
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug(Messages.get().getBundle().key(Messages.LOG_SESSION_DESTROYED_1, httpSessionEvent.getSession().getId()));
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setUserSessionMode(CmsSystemConfiguration.UserSessionMode userSessionMode) {
        this.m_userSessionMode = userSessionMode;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void shutdown() throws Exception {
        if (this.m_sessionStorageProvider != null) {
            this.m_sessionStorageProvider.shutdown();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void validateSessionInfos() {
        if (this.m_sessionStorageProvider == null) {
            return;
        }
        this.m_sessionStorageProvider.validate();
    }

    private String generateClientToken(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(HEADER_TRUE_CLIENT_IP);
        if (CmsStringUtil.isEmptyOrWhitespaceOnly(header)) {
            header = httpServletRequest.getHeader("x-forwarded-for");
            if (header != null && header.contains(",")) {
                header = header.split(",")[0];
            }
        }
        if (header == null || CmsStringUtil.isEmptyOrWhitespaceOnly(header)) {
            header = httpServletRequest.getRemoteAddr();
        }
        return String.valueOf(header.hashCode());
    }

    static {
        CmsLog.makeChannelNonManageable(NAME_USERSWITCH);
    }
}
