package com.sun.enterprise.security.web;

import com.sun.enterprise.web.WebContainer;
import java.io.IOException;
import java.util.ArrayList;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.catalina.HttpRequest;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.Realm;
import org.apache.catalina.Request;
import org.apache.catalina.Response;
import org.apache.catalina.Session;
import org.apache.catalina.SessionEvent;
import org.apache.catalina.authenticator.SingleSignOn;
import org.apache.catalina.authenticator.SingleSignOnEntry;

/* loaded from: input_file:com/sun/enterprise/security/web/GlassFishSingleSignOn.class */
public class GlassFishSingleSignOn extends SingleSignOn implements Runnable, SingleSignOnMBean {
    private static final Logger logger = WebContainer.logger;
    private static final String SESSION_DESTROYED = "AS-WEB-GLUE-00030";
    private static final String REQUEST_PROCESSED = "AS-WEB-GLUE-00031";
    private static final String PRINCIPAL_ALREADY_AUTHENTICATED = "AS-WEB-GLUE-00032";
    private static final String CHECKING_SSO_COOKIE = "AS-WEB-GLUE-00033";
    private static final String SSO_COOKIE_NOT_PRESENT = "AS-WEB-GLUE-00034";
    private static final String NO_REALM_CONFIGURED = "AS-WEB-GLUE-00035";
    private static final String APP_REALM = "AS-WEB-GLUE-00036";
    private static final String CHECKING_CACHED_PRINCIPAL = "AS-WEB-GLUE-00037";
    private static final String FOUND_CACHED_PRINCIPAL = "AS-WEB-GLUE-00038";
    private static final String IGNORING_SSO = "AS-WEB-GLUE-00039";
    private static final String NO_CACHED_PRINCIPAL_FOUND = "AS-WEB-GLUE-00040";
    private static final String DEREGISTER_SSO = "AS-WEB-GLUE-00041";
    private static final String SSO_EXPIRATION_STARTED = "AS-WEB-GLUE-00042";
    private static final String SSO_CACHE_EXPIRE = "AS-WEB-GLUE-00043";
    private static final String SSO_EXPRIRATION_REMOVING_ENTRY = "AS-WEB-GLUE-00044";
    private static final String EXCEPTION_DURING_SSO_EXPIRATION = "AS-WEB-GLUE-00045";
    private static final String REMOVE_SESSION_FROM_SSO = "AS-WEB-GLUE-00046";
    private Thread thread = null;
    private boolean threadDone = false;
    private int ssoReapInterval = 60;
    private int ssoMaxInactive = 300;
    private AtomicInteger hitCount = new AtomicInteger(0);
    private AtomicInteger missCount = new AtomicInteger(0);

    public int getReapInterval() {
        return this.ssoReapInterval;
    }

    public void setReapInterval(int i) {
        this.ssoReapInterval = i;
    }

    public int getMaxInactive() {
        return this.ssoMaxInactive;
    }

    public void setMaxInactive(int i) {
        this.ssoMaxInactive = i;
    }

    public void start() throws LifecycleException {
        if (this.started) {
            return;
        }
        super.start();
        threadStart();
    }

    public void stop() throws LifecycleException {
        if (this.started) {
            threadStop();
            super.stop();
        }
    }

    public void sessionEvent(SessionEvent sessionEvent) {
        if ("destroySession".equals(sessionEvent.getType())) {
            Session session = sessionEvent.getSession();
            if (logger.isLoggable(Level.FINE)) {
                logger.log(Level.FINE, SESSION_DESTROYED, session);
            }
            String ssoId = session.getSsoId();
            if (ssoId == null) {
                return;
            }
            if (session.hasExpired()) {
                removeSession(ssoId, session);
            } else {
                deregister(ssoId);
            }
        }
    }

    public int invoke(Request request, Response response) throws IOException, ServletException {
        HttpServletRequest request2 = request.getRequest();
        HttpServletResponse response2 = response.getResponse();
        request.removeNote("org.apache.catalina.request.SSOID");
        request.removeNote("org.apache.catalina.request.SSOVersion");
        if (logger.isLoggable(Level.FINE)) {
            logger.log(Level.FINE, PRINCIPAL_ALREADY_AUTHENTICATED, request2.getRequestURI());
        }
        if (request2.getUserPrincipal() != null) {
            if (!logger.isLoggable(Level.FINE)) {
                return 1;
            }
            logger.log(Level.FINE, REQUEST_PROCESSED, request2.getUserPrincipal().getName());
            return 1;
        }
        if (logger.isLoggable(Level.FINE)) {
            logger.log(Level.FINE, CHECKING_SSO_COOKIE);
        }
        Cookie[] cookies = request2.getCookies();
        if (cookies == null) {
            return 1;
        }
        Cookie cookie = null;
        Cookie cookie2 = null;
        for (Cookie cookie3 : cookies) {
            if ("JSESSIONIDSSO".equals(cookie3.getName())) {
                cookie = cookie3;
            } else if ("JSESSIONIDSSOVERSION".equals(cookie3.getName())) {
                cookie2 = cookie3;
            }
            if (cookie != null && cookie2 != null) {
                break;
            }
        }
        if (cookie == null) {
            if (!logger.isLoggable(Level.FINE)) {
                return 1;
            }
            logger.log(Level.FINE, SSO_COOKIE_NOT_PRESENT);
            return 1;
        }
        Realm realm = request.getContext().getRealm();
        if (realm == null) {
            if (!logger.isLoggable(Level.FINE)) {
                return 1;
            }
            logger.log(Level.FINE, NO_REALM_CONFIGURED);
            return 1;
        }
        String realmName = realm.getRealmName();
        if (realmName == null) {
            if (!logger.isLoggable(Level.FINE)) {
                return 1;
            }
            logger.log(Level.FINE, NO_REALM_CONFIGURED);
            return 1;
        }
        if (this.debug >= 1 && logger.isLoggable(Level.FINE)) {
            logger.log(Level.FINE, APP_REALM);
        }
        if (logger.isLoggable(Level.FINE)) {
            logger.log(Level.FINE, CHECKING_CACHED_PRINCIPAL);
        }
        long j = 0;
        if (isVersioningSupported() && cookie2 != null) {
            j = Long.parseLong(cookie2.getValue());
        }
        SingleSignOnEntry lookup = lookup(cookie.getValue(), j);
        if (lookup == null) {
            if (logger.isLoggable(Level.FINE)) {
                logger.log(Level.FINE, NO_CACHED_PRINCIPAL_FOUND);
            }
            cookie.setMaxAge(0);
            response2.addCookie(cookie);
            this.missCount.incrementAndGet();
            return 1;
        }
        if (logger.isLoggable(Level.FINE)) {
            logger.log(Level.FINE, FOUND_CACHED_PRINCIPAL, new Object[]{lookup.getPrincipal().getName(), lookup.getAuthType(), lookup.getRealmName()});
        }
        if (!lookup.getRealmName().equals(realmName)) {
            if (logger.isLoggable(Level.FINE)) {
                logger.log(Level.FINE, IGNORING_SSO, realmName);
            }
            this.missCount.incrementAndGet();
            return 1;
        }
        request.setNote("org.apache.catalina.request.SSOID", cookie.getValue());
        ((HttpRequest) request).setAuthType(lookup.getAuthType());
        ((HttpRequest) request).setUserPrincipal(lookup.getPrincipal());
        lookup.setLastAccessTime(System.currentTimeMillis());
        if (isVersioningSupported()) {
            request.setNote("org.apache.catalina.request.SSOVersion", Long.valueOf(lookup.incrementAndGetVersion()));
        }
        this.hitCount.incrementAndGet();
        return 1;
    }

    protected void deregister(String str) {
        SingleSignOnEntry singleSignOnEntry;
        if (logger.isLoggable(Level.FINE)) {
            logger.log(Level.FINE, DEREGISTER_SSO);
        }
        synchronized (this.cache) {
            singleSignOnEntry = (SingleSignOnEntry) this.cache.remove(str);
        }
        if (singleSignOnEntry == null) {
            return;
        }
        singleSignOnEntry.expireSessions();
    }

    private void processExpires() {
        if (this.ssoMaxInactive < 0) {
            return;
        }
        long currentTimeMillis = System.currentTimeMillis() - (this.ssoMaxInactive * 1000);
        if (logger.isLoggable(Level.FINE)) {
            logger.log(Level.FINE, SSO_EXPIRATION_STARTED, Integer.valueOf(this.cache.size()));
        }
        ArrayList arrayList = new ArrayList(this.cache.size() / 2);
        try {
            synchronized (this.cache) {
                for (String str : this.cache.keySet()) {
                    SingleSignOnEntry singleSignOnEntry = (SingleSignOnEntry) this.cache.get(str);
                    if (singleSignOnEntry.isEmpty() && singleSignOnEntry.getLastAccessTime() < currentTimeMillis) {
                        arrayList.add(str);
                    }
                }
            }
            int size = arrayList.size();
            if (logger.isLoggable(Level.FINE)) {
                logger.log(Level.FINE, SSO_CACHE_EXPIRE, Integer.valueOf(size));
            }
            for (int i = 0; i < size; i++) {
                if (logger.isLoggable(Level.FINE)) {
                    logger.log(Level.FINE, SSO_EXPRIRATION_REMOVING_ENTRY, arrayList.get(i));
                }
                deregister((String) arrayList.get(i));
            }
        } catch (Throwable th) {
            logger.log(Level.WARNING, EXCEPTION_DURING_SSO_EXPIRATION, th);
        }
    }

    private void threadSleep() {
        try {
            Thread.sleep(this.ssoReapInterval * 1000);
        } catch (InterruptedException e) {
        }
    }

    private void threadStart() {
        if (this.thread != null) {
            return;
        }
        this.threadDone = false;
        this.thread = new Thread(this, "SingleSignOnExpiration");
        this.thread.setDaemon(true);
        this.thread.start();
    }

    private void threadStop() {
        if (this.thread == null) {
            return;
        }
        this.threadDone = true;
        this.thread.interrupt();
        try {
            this.thread.join();
        } catch (InterruptedException e) {
        }
        this.thread = null;
    }

    @Override // java.lang.Runnable
    public void run() {
        while (!this.threadDone) {
            threadSleep();
            processExpires();
        }
    }

    protected void removeSession(String str, Session session) {
        if (logger.isLoggable(Level.FINE)) {
            logger.log(Level.FINE, REMOVE_SESSION_FROM_SSO, new Object[]{session.toString(), str});
        }
        SingleSignOnEntry lookup = lookup(str);
        if (lookup == null) {
            return;
        }
        lookup.removeSession(session);
        if (lookup.isEmpty()) {
            deregister(str);
        }
    }

    @Override // com.sun.enterprise.security.web.SingleSignOnMBean
    public int getActiveSessionCount() {
        return this.cache.size();
    }

    @Override // com.sun.enterprise.security.web.SingleSignOnMBean
    public int getHitCount() {
        return this.hitCount.intValue();
    }

    @Override // com.sun.enterprise.security.web.SingleSignOnMBean
    public int getMissCount() {
        return this.missCount.intValue();
    }
}
