package ru.org.openam.rest;

import com.iplanet.dpro.session.Session;
import com.iplanet.dpro.session.SessionException;
import com.iplanet.dpro.session.SessionID;
import com.iplanet.sso.SSOToken;
import com.sun.identity.common.configuration.ServerConfiguration;
import com.sun.identity.security.AdminTokenAction;
import java.net.InetAddress;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import org.forgerock.guice.core.InjectorHolder;
import org.forgerock.openam.session.SessionCache;
import org.forgerock.openam.session.service.access.SessionQueryManager;
import org.ntlmv2.liferay.util.HttpHeaders;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Path("/")
/* loaded from: input_file:WEB-INF/lib/web-14.8.2.1.jar:ru/org/openam/rest/SessionList.class */
public class SessionList {
    static final Logger logger = LoggerFactory.getLogger((Class<?>) SessionList.class);

    @GET
    @Produces({"text/plain"})
    @Path("/all")
    public String getSessionsAll(@Context HttpServletRequest httpServletRequest, @Context HttpServletResponse httpServletResponse) throws Throwable {
        httpServletResponse.setHeader("Cache-Control", "no-cache,no-store");
        httpServletResponse.setHeader("Pragma", HttpHeaders.PRAGMA_NO_CACHE_VALUE);
        httpServletResponse.setDateHeader("Expires", -1L);
        String str = "";
        try {
            InetAddress byName = InetAddress.getByName(httpServletRequest.getRemoteAddr());
            if (!byName.isLoopbackAddress() && !byName.isSiteLocalAddress()) {
                throw new WebApplicationException(403);
            }
            Session session = Session.getSession(new SessionID(((SSOToken) AccessController.doPrivileged((PrivilegedAction) AdminTokenAction.getInstance())).getTokenID().toString()));
            Iterator it = ServerConfiguration.getServers((SSOToken) AccessController.doPrivileged((PrivilegedAction) AdminTokenAction.getInstance())).iterator();
            while (it.hasNext()) {
                try {
                    Iterator it2 = session.getValidSessions((String) it.next(), "*").getSearchResults().iterator();
                    while (it2.hasNext()) {
                        str = str.concat(((Session) it2.next()).getClientID()).concat("\n");
                    }
                } catch (Throwable th) {
                    logger.warn("sessions", th);
                }
            }
            return str;
        } catch (Throwable th2) {
            logger.warn("sessions: {}", th2.toString());
            throw th2;
        }
    }

    public static Set<Session> getSessions(String str) {
        HashSet hashSet = new HashSet();
        try {
            for (String str2 : ((SessionQueryManager) InjectorHolder.getInstance(SessionQueryManager.class)).getAllSessionsByUUID(str).keySet()) {
                try {
                    hashSet.add(SessionCache.getInstance().getSession(new SessionID(str2), false, false));
                } catch (SessionException e) {
                    logger.warn("invalid session {}: {}", str2, e.toString());
                }
            }
        } catch (Throwable th) {
            logger.error("SessionCount_getAllSessionsByUUID: {}", th.getMessage());
        }
        return hashSet;
    }
}
