package de.kune.sessionxs;

import de.kune.sessionxs.failurehandler.InvalidatingSessionMatchingFailureHandler;
import de.kune.sessionxs.failurehandler.SessionMatchingFailureHandler;
import de.kune.sessionxs.matcher.ClientIPAddressMatcher;
import de.kune.sessionxs.matcher.SessionMatcher;
import de.kune.sessionxs.matcher.UserAgentHeaderMatcher;
import de.kune.sessionxs.matcher.context.SessionMatcherContext;
import java.io.IOException;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:de/kune/sessionxs/SessionMatcherFilter.class */
public class SessionMatcherFilter implements Filter {
    private static final Logger LOGGER = LoggerFactory.getLogger(SessionMatcherFilter.class);
    private String sessionIdentifierMapKey = getClass().getName() + ".sessionIdentifierMap";
    private List<SessionMatcher> sessionMatchers = new LinkedList();
    private SessionMatchingFailureHandler sessionMatchingFailureHandler;

    public void init(FilterConfig filterConfig) throws ServletException {
        String initParameter = filterConfig.getInitParameter("session-matchers");
        if (initParameter == null) {
            this.sessionMatchers.add(new ClientIPAddressMatcher());
            this.sessionMatchers.add(new UserAgentHeaderMatcher());
        } else {
            try {
                initSessionMatchers(initParameter);
            } catch (Exception e) {
                throw new ServletException("Could not initialize session matchers [" + initParameter + "].", e);
            }
        }
        String initParameter2 = filterConfig.getInitParameter("failure-handler");
        if (initParameter2 == null) {
            this.sessionMatchingFailureHandler = new InvalidatingSessionMatchingFailureHandler();
            return;
        }
        try {
            initFailureHandler(initParameter2);
        } catch (Exception e2) {
            throw new ServletException("Could not initialize failure handler [" + initParameter2 + "].", e2);
        }
    }

    private void initFailureHandler(String str) throws InstantiationException, IllegalAccessException, ClassNotFoundException {
        this.sessionMatchingFailureHandler = (SessionMatchingFailureHandler) Class.forName(str.trim()).newInstance();
    }

    private void initSessionMatchers(String str) throws InstantiationException, IllegalAccessException, ClassNotFoundException {
        for (String str2 : str.split("[,\\s]")) {
            this.sessionMatchers.add((SessionMatcher) Class.forName(str2.trim()).newInstance());
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpSession session;
        if ((servletRequest instanceof HttpServletRequest) && (servletResponse instanceof HttpServletResponse) && (session = ((HttpServletRequest) servletRequest).getSession(false)) != null) {
            Map map = (Map) session.getAttribute(this.sessionIdentifierMapKey);
            if (map == null) {
                HashMap hashMap = new HashMap();
                initSessionMatchers((HttpServletRequest) servletRequest, hashMap);
                session.setAttribute(this.sessionIdentifierMapKey, hashMap);
            } else {
                for (SessionMatcher sessionMatcher : this.sessionMatchers) {
                    if (!sessionMatcher.matches((SessionMatcherContext) map.get(sessionMatcher.getClass().getName()), (HttpServletRequest) servletRequest)) {
                        if (LOGGER.isInfoEnabled()) {
                            LOGGER.info("Session mismatch reported by [" + sessionMatcher + "], invoking handler [" + this.sessionMatchingFailureHandler + "].");
                        }
                        if (LOGGER.isDebugEnabled()) {
                            LOGGER.debug("Session matcher context is [" + map.get(sessionMatcher.getClass().getName()) + "].");
                            LOGGER.debug("Request was [" + servletRequest + "].");
                        }
                        this.sessionMatchingFailureHandler.handleSessionMatchingFailure(filterChain, (HttpServletRequest) servletRequest, (HttpServletResponse) servletResponse);
                        return;
                    }
                }
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private void initSessionMatchers(HttpServletRequest httpServletRequest, Map<String, SessionMatcherContext> map) {
        for (SessionMatcher sessionMatcher : this.sessionMatchers) {
            map.put(sessionMatcher.getClass().getName(), sessionMatcher.init(httpServletRequest));
        }
    }

    public void destroy() {
        this.sessionMatchers.clear();
        this.sessionMatchers = null;
        this.sessionMatchingFailureHandler = null;
    }
}
