package io.hawt.web.auth;

import ch.qos.logback.classic.ClassicConstants;
import io.hawt.system.Authenticator;
import io.hawt.system.ConfigManager;
import java.util.GregorianCalendar;
import java.util.concurrent.atomic.AtomicReference;
import javax.security.auth.Subject;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/hawtio-system-3.0-M6.jar:io/hawt/web/auth/AuthSessionHelpers.class */
public final class AuthSessionHelpers {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) AuthSessionHelpers.class);
    public static final int DEFAULT_SESSION_TIMEOUT = 1800;

    private AuthSessionHelpers() {
    }

    public static int getSessionTimeout(ServletContext servletContext) {
        String str;
        int i = 1800;
        ConfigManager configManager = (ConfigManager) servletContext.getAttribute(ConfigManager.CONFIG_MANAGER);
        if (configManager != null && (str = configManager.get("sessionTimeout", Integer.toString(DEFAULT_SESSION_TIMEOUT))) != null) {
            try {
                i = Integer.parseInt(str);
                if (i == 0) {
                    i = 1800;
                }
            } catch (Exception e) {
            }
            return i;
        }
        return DEFAULT_SESSION_TIMEOUT;
    }

    public static void clear(HttpServletRequest httpServletRequest, AuthenticationConfiguration authenticationConfiguration, boolean z) {
        HttpSession session = httpServletRequest.getSession(false);
        if (isAuthenticated(session)) {
            Subject subject = (Subject) session.getAttribute("subject");
            LOG.info("Logging out existing user: {}", session.getAttribute(ClassicConstants.USER_MDC_KEY));
            if (z) {
                Authenticator.logout(authenticationConfiguration, subject);
            }
            session.invalidate();
        }
    }

    public static void setup(HttpSession httpSession, Subject subject, String str, int i) {
        httpSession.setAttribute("subject", subject);
        httpSession.setAttribute(ClassicConstants.USER_MDC_KEY, str);
        httpSession.setAttribute("org.osgi.service.http.authentication.remote.user", str);
        httpSession.setAttribute("org.osgi.service.http.authentication.type", "BASIC");
        httpSession.setAttribute("loginTime", Long.valueOf(GregorianCalendar.getInstance().getTimeInMillis()));
        httpSession.setMaxInactiveInterval(i);
        LOG.debug("Http session timeout for user {} is {} sec.", str, Integer.valueOf(httpSession.getMaxInactiveInterval()));
    }

    public static boolean validate(HttpServletRequest httpServletRequest, HttpSession httpSession, Subject subject) {
        if (httpSession == null || subject == null) {
            return false;
        }
        String str = (String) httpSession.getAttribute(ClassicConstants.USER_MDC_KEY);
        AtomicReference atomicReference = new AtomicReference();
        AtomicReference atomicReference2 = new AtomicReference();
        Authenticator.extractAuthHeader(httpServletRequest, (str2, str3) -> {
            atomicReference.set(str2);
            atomicReference2.set(str3);
        });
        if (atomicReference.get() == null || ((String) atomicReference.get()).equals(str)) {
            LOG.debug("Session subject - {}", subject);
            return true;
        }
        LOG.debug("User differs, re-authenticating: {} (request) != {} (session)", atomicReference.get(), str);
        httpSession.invalidate();
        return false;
    }

    public static boolean isAuthenticated(HttpSession httpSession) {
        return (httpSession == null || httpSession.getAttribute("subject") == null) ? false : true;
    }

    public static boolean isSpringSecurityEnabled() {
        try {
            Class.forName("org.springframework.security.core.SpringSecurityCoreVersion");
            return true;
        } catch (ClassNotFoundException e) {
            return false;
        }
    }
}
