package dk.gov.oio.saml.session.database;

import dk.gov.oio.saml.audit.AuditService;
import dk.gov.oio.saml.model.NSISLevel;
import dk.gov.oio.saml.service.OIOSAML3Service;
import dk.gov.oio.saml.session.AssertionWrapper;
import dk.gov.oio.saml.session.AuthnRequestWrapper;
import dk.gov.oio.saml.session.LogoutRequestWrapper;
import dk.gov.oio.saml.session.SessionHandler;
import dk.gov.oio.saml.util.InternalException;
import dk.gov.oio.saml.util.StringUtil;
import java.io.StringReader;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Timestamp;
import java.time.Clock;
import java.time.LocalDateTime;
import javax.servlet.http.HttpSession;
import javax.sql.DataSource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:dk/gov/oio/saml/session/database/DatabaseSessionHandler.class */
public class DatabaseSessionHandler implements SessionHandler {
    private static final Logger log = LoggerFactory.getLogger(DatabaseSessionHandler.class);
    private final DataSource ds;

    public DatabaseSessionHandler(DataSource dataSource) {
        log.debug("Created database session handler");
        this.ds = dataSource;
    }

    @Override // dk.gov.oio.saml.session.SessionHandler
    public void storeAuthnRequest(HttpSession httpSession, AuthnRequestWrapper authnRequestWrapper) throws InternalException {
        PreparedStatement prepareStatement;
        if (null == authnRequestWrapper || null == authnRequestWrapper.getId()) {
            log.warn("Ignore AuthRequest with null value or missing ID");
            return;
        }
        try {
            Connection connection = this.ds.getConnection();
            try {
                connection.setAutoCommit(true);
                AuthnRequestWrapper authnRequest = getAuthnRequest(httpSession);
                if (null != authnRequest) {
                    log.debug("AuthRequest '{}' will replace '{}'", authnRequestWrapper.getId(), authnRequest.getId());
                    prepareStatement = connection.prepareStatement("DELETE FROM authn_requests_tbl WHERE session_id = ?");
                    try {
                        prepareStatement.setString(1, getSessionId(httpSession));
                        prepareStatement.executeUpdate();
                        if (prepareStatement != null) {
                            prepareStatement.close();
                        }
                    } finally {
                    }
                }
                log.debug("Store AuthRequest '{}'", authnRequestWrapper.getId());
                prepareStatement = connection.prepareStatement("INSERT INTO authn_requests_tbl (session_id, access_time, nsis_level, request_path, xml_object) VALUES (?,?,?,?,?)");
                try {
                    prepareStatement.setString(1, getSessionId(httpSession));
                    prepareStatement.setTimestamp(2, Timestamp.valueOf(LocalDateTime.now(Clock.systemDefaultZone())));
                    prepareStatement.setString(3, authnRequestWrapper.getRequestedNsisLevel().name());
                    prepareStatement.setString(4, authnRequestWrapper.getRequestPath());
                    prepareStatement.setClob(5, new StringReader(authnRequestWrapper.getAuthnRequestAsBase64()));
                    prepareStatement.executeUpdate();
                    if (prepareStatement != null) {
                        prepareStatement.close();
                    }
                    if (connection != null) {
                        connection.close();
                    }
                } finally {
                }
            } finally {
            }
        } catch (SQLException e) {
            log.error("Failure to persist authn request", e);
            throw new InternalException("Failure to persist authn request", e);
        }
    }

    @Override // dk.gov.oio.saml.session.SessionHandler
    public void storeAssertion(HttpSession httpSession, AssertionWrapper assertionWrapper) throws InternalException {
        PreparedStatement prepareStatement;
        if (null == assertionWrapper || StringUtil.isEmpty(assertionWrapper.getID())) {
            log.warn("Ignore Assertion with null value or missing ID");
            return;
        }
        if (StringUtil.isEmpty(assertionWrapper.getSessionIndex())) {
            log.info("Assertion '{}' with passive session and missing index", assertionWrapper.getID());
        }
        try {
            Connection connection = this.ds.getConnection();
            try {
                connection.setAutoCommit(true);
                PreparedStatement prepareStatement2 = connection.prepareStatement("SELECT '1' FROM replay_tbl WHERE assertion_id = ?");
                try {
                    prepareStatement2.setString(1, assertionWrapper.getID());
                    ResultSet executeQuery = prepareStatement2.executeQuery();
                    try {
                        if (executeQuery.next()) {
                            throw new IllegalArgumentException(String.format("Assertion with id '%s' and session index '%s' is already registered", assertionWrapper.getID(), assertionWrapper.getSessionIndex()));
                        }
                        if (executeQuery != null) {
                            executeQuery.close();
                        }
                        if (prepareStatement2 != null) {
                            prepareStatement2.close();
                        }
                        AssertionWrapper assertion = getAssertion(httpSession);
                        if (null != assertion) {
                            if (assertionWrapper.isReplayOf(assertion)) {
                                log.debug("Assertion '{}' is being replayed", assertionWrapper.getID(), assertion.getID());
                                throw new IllegalArgumentException(String.format("Assertion with id '%s' and session index '%s' is already registered", assertionWrapper.getID(), assertionWrapper.getSessionIndex()));
                            }
                            log.debug("Assertion '{}' will replace '{}'", assertionWrapper.getID(), assertion.getID());
                            prepareStatement = connection.prepareStatement("DELETE FROM assertions_tbl WHERE session_id = ?");
                            try {
                                prepareStatement.setString(1, getSessionId(httpSession));
                                prepareStatement.executeUpdate();
                                if (prepareStatement != null) {
                                    prepareStatement.close();
                                }
                            } finally {
                            }
                        }
                        log.debug("Store Assertion '{}'", assertionWrapper.getID());
                        prepareStatement2 = connection.prepareStatement("INSERT INTO assertions_tbl (session_id, session_index, assertion_id, subject_name_id, access_time, xml_object) VALUES (?,?,?,?,?,?)");
                        try {
                            prepareStatement2.setString(1, getSessionId(httpSession));
                            prepareStatement2.setString(2, StringUtil.defaultIfEmpty(assertionWrapper.getSessionIndex(), assertionWrapper.getID()));
                            prepareStatement2.setString(3, assertionWrapper.getID());
                            prepareStatement2.setString(4, assertionWrapper.getSubjectNameId());
                            prepareStatement2.setTimestamp(5, Timestamp.valueOf(LocalDateTime.now(Clock.systemDefaultZone())));
                            prepareStatement2.setClob(6, new StringReader(assertionWrapper.getAssertionAsBase64()));
                            prepareStatement2.executeUpdate();
                            if (prepareStatement2 != null) {
                                prepareStatement2.close();
                            }
                            log.debug("Add replay entry for assertion '{}'", assertionWrapper.getID());
                            prepareStatement = connection.prepareStatement("INSERT INTO replay_tbl (assertion_id, access_time) VALUES (?,?)");
                            try {
                                prepareStatement.setString(1, assertionWrapper.getID());
                                prepareStatement.setTimestamp(2, Timestamp.valueOf(LocalDateTime.now(Clock.systemDefaultZone())));
                                prepareStatement.executeUpdate();
                                if (prepareStatement != null) {
                                    prepareStatement.close();
                                }
                                if (connection != null) {
                                    connection.close();
                                }
                            } finally {
                                if (prepareStatement != null) {
                                    try {
                                        prepareStatement.close();
                                    } catch (Throwable th) {
                                        th.addSuppressed(th);
                                    }
                                }
                            }
                        } finally {
                            if (prepareStatement2 != null) {
                                try {
                                    prepareStatement2.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                        }
                    } catch (Throwable th3) {
                        if (executeQuery != null) {
                            try {
                                executeQuery.close();
                            } catch (Throwable th4) {
                                th3.addSuppressed(th4);
                            }
                        }
                        throw th3;
                    }
                } finally {
                }
            } finally {
            }
        } catch (SQLException e) {
            log.error("Failure to persist assertion", e);
            throw new InternalException("Failure to persist assertion", e);
        }
    }

    @Override // dk.gov.oio.saml.session.SessionHandler
    public void storeLogoutRequest(HttpSession httpSession, LogoutRequestWrapper logoutRequestWrapper) throws InternalException {
        PreparedStatement prepareStatement;
        if (null == logoutRequestWrapper || null == logoutRequestWrapper.getID()) {
            log.warn("Ignore LogoutRequest with null value or missing ID");
            return;
        }
        try {
            Connection connection = this.ds.getConnection();
            try {
                connection.setAutoCommit(true);
                LogoutRequestWrapper logoutRequest = getLogoutRequest(httpSession);
                if (null != logoutRequest) {
                    log.debug("LogoutRequest '{}' will replace '{}'", logoutRequestWrapper.getID(), logoutRequest.getID());
                    prepareStatement = connection.prepareStatement("DELETE FROM logout_requests_tbl WHERE session_id = ?");
                    try {
                        prepareStatement.setString(1, getSessionId(httpSession));
                        prepareStatement.executeUpdate();
                        if (prepareStatement != null) {
                            prepareStatement.close();
                        }
                    } finally {
                    }
                }
                log.debug("Store LogoutRequest '{}'", logoutRequestWrapper.getID());
                prepareStatement = connection.prepareStatement("INSERT INTO logout_requests_tbl (session_id, access_time, xml_object) VALUES (?,?,?)");
                try {
                    prepareStatement.setString(1, getSessionId(httpSession));
                    prepareStatement.setTimestamp(2, Timestamp.valueOf(LocalDateTime.now(Clock.systemDefaultZone())));
                    prepareStatement.setClob(3, new StringReader(logoutRequestWrapper.getLogoutRequestAsBase64()));
                    prepareStatement.executeUpdate();
                    if (prepareStatement != null) {
                        prepareStatement.close();
                    }
                    if (connection != null) {
                        connection.close();
                    }
                } finally {
                }
            } finally {
            }
        } catch (SQLException e) {
            log.error("Failure to persist logout request", e);
            throw new InternalException("Failure to persist logout request", e);
        }
    }

    @Override // dk.gov.oio.saml.session.SessionHandler
    public AssertionWrapper getAssertion(HttpSession httpSession) {
        return getAssertionFromSessionId(getSessionId(httpSession));
    }

    @Override // dk.gov.oio.saml.session.SessionHandler
    public AssertionWrapper getAssertion(String str) {
        return getAssertionFromSessionId(getSessionId(str));
    }

    @Override // dk.gov.oio.saml.session.SessionHandler
    public AuthnRequestWrapper getAuthnRequest(HttpSession httpSession) {
        try {
            Connection connection = this.ds.getConnection();
            try {
                connection.setAutoCommit(true);
                AuthnRequestWrapper authnRequestWrapper = null;
                PreparedStatement prepareStatement = connection.prepareStatement("SELECT xml_object, nsis_level, request_path FROM authn_requests_tbl WHERE session_id = ?");
                try {
                    prepareStatement.setString(1, getSessionId(httpSession));
                    ResultSet executeQuery = prepareStatement.executeQuery();
                    try {
                        if (executeQuery.next()) {
                            authnRequestWrapper = new AuthnRequestWrapper(StringUtil.base64ToXMLObject(executeQuery.getString(1)), NSISLevel.valueOf(executeQuery.getString(2)), executeQuery.getString(3));
                        }
                        if (executeQuery != null) {
                            executeQuery.close();
                        }
                        if (prepareStatement != null) {
                            prepareStatement.close();
                        }
                        if (null != authnRequestWrapper) {
                            prepareStatement = connection.prepareStatement("UPDATE authn_requests_tbl SET access_time = ? WHERE session_id = ?");
                            try {
                                prepareStatement.setTimestamp(1, Timestamp.valueOf(LocalDateTime.now(Clock.systemDefaultZone())));
                                prepareStatement.setString(2, getSessionId(httpSession));
                                prepareStatement.executeUpdate();
                                if (prepareStatement != null) {
                                    prepareStatement.close();
                                }
                            } finally {
                            }
                        }
                        AuthnRequestWrapper authnRequestWrapper2 = authnRequestWrapper;
                        if (connection != null) {
                            connection.close();
                        }
                        return authnRequestWrapper2;
                    } catch (Throwable th) {
                        if (executeQuery != null) {
                            try {
                                executeQuery.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                    }
                } finally {
                }
            } catch (Throwable th3) {
                if (connection != null) {
                    try {
                        connection.close();
                    } catch (Throwable th4) {
                        th3.addSuppressed(th4);
                    }
                }
                throw th3;
            }
        } catch (InternalException | SQLException e) {
            log.error("Failed retrieving authn request matching sessionId", e);
            throw new RuntimeException("Failed retrieving authn request matching sessionId", e);
        }
    }

    @Override // dk.gov.oio.saml.session.SessionHandler
    public LogoutRequestWrapper getLogoutRequest(HttpSession httpSession) {
        try {
            Connection connection = this.ds.getConnection();
            try {
                connection.setAutoCommit(true);
                LogoutRequestWrapper logoutRequestWrapper = null;
                PreparedStatement prepareStatement = connection.prepareStatement("SELECT xml_object FROM logout_requests_tbl WHERE session_id = ?");
                try {
                    prepareStatement.setString(1, getSessionId(httpSession));
                    ResultSet executeQuery = prepareStatement.executeQuery();
                    try {
                        if (executeQuery.next()) {
                            logoutRequestWrapper = new LogoutRequestWrapper(StringUtil.base64ToXMLObject(executeQuery.getString(1)));
                        }
                        if (executeQuery != null) {
                            executeQuery.close();
                        }
                        if (prepareStatement != null) {
                            prepareStatement.close();
                        }
                        if (null != logoutRequestWrapper) {
                            prepareStatement = connection.prepareStatement("UPDATE logout_requests_tbl SET access_time = ? WHERE session_id = ?");
                            try {
                                prepareStatement.setTimestamp(1, Timestamp.valueOf(LocalDateTime.now(Clock.systemDefaultZone())));
                                prepareStatement.setString(2, getSessionId(httpSession));
                                prepareStatement.executeUpdate();
                                if (prepareStatement != null) {
                                    prepareStatement.close();
                                }
                            } finally {
                            }
                        }
                        LogoutRequestWrapper logoutRequestWrapper2 = logoutRequestWrapper;
                        if (connection != null) {
                            connection.close();
                        }
                        return logoutRequestWrapper2;
                    } catch (Throwable th) {
                        if (executeQuery != null) {
                            try {
                                executeQuery.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                    }
                } finally {
                }
            } catch (Throwable th3) {
                if (connection != null) {
                    try {
                        connection.close();
                    } catch (Throwable th4) {
                        th3.addSuppressed(th4);
                    }
                }
                throw th3;
            }
        } catch (InternalException | SQLException e) {
            log.error("Failed retrieving authn request matching sessionId", e);
            throw new RuntimeException("Failed retrieving authn request matching sessionId", e);
        }
    }

    @Override // dk.gov.oio.saml.session.SessionHandler
    public String getSessionId(String str) {
        try {
            Connection connection = this.ds.getConnection();
            try {
                connection.setAutoCommit(true);
                PreparedStatement prepareStatement = connection.prepareStatement("SELECT session_id FROM assertions_tbl WHERE session_index = ?");
                try {
                    prepareStatement.setString(1, str);
                    ResultSet executeQuery = prepareStatement.executeQuery();
                    try {
                        if (!executeQuery.next()) {
                            if (executeQuery != null) {
                                executeQuery.close();
                            }
                            if (prepareStatement != null) {
                                prepareStatement.close();
                            }
                            if (connection != null) {
                                connection.close();
                            }
                            return null;
                        }
                        String string = executeQuery.getString(1);
                        if (executeQuery != null) {
                            executeQuery.close();
                        }
                        if (prepareStatement != null) {
                            prepareStatement.close();
                        }
                        if (connection != null) {
                            connection.close();
                        }
                        return string;
                    } catch (Throwable th) {
                        if (executeQuery != null) {
                            try {
                                executeQuery.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                    }
                } catch (Throwable th3) {
                    if (prepareStatement != null) {
                        try {
                            prepareStatement.close();
                        } catch (Throwable th4) {
                            th3.addSuppressed(th4);
                        }
                    }
                    throw th3;
                }
            } catch (Throwable th5) {
                if (connection != null) {
                    try {
                        connection.close();
                    } catch (Throwable th6) {
                        th5.addSuppressed(th6);
                    }
                }
                throw th5;
            }
        } catch (SQLException e) {
            log.error("Failed retrieving sessionId from session index '{}'", str, e);
            throw new RuntimeException("Failed retrieving sessionId from session index", e);
        }
    }

    @Override // dk.gov.oio.saml.session.SessionHandler
    public void logout(HttpSession httpSession, AssertionWrapper assertionWrapper) {
        log.debug("Logout from session '{}' and assertion '{}'", null != httpSession ? getSessionId(httpSession) : "", null != assertionWrapper ? assertionWrapper.getID() : "");
        if (null != assertionWrapper && StringUtil.isNotEmpty(assertionWrapper.getSessionIndex())) {
            logout(getSessionId(assertionWrapper.getSessionIndex()));
        }
        logout(getSessionId(httpSession));
    }

    @Override // dk.gov.oio.saml.session.SessionHandler
    public void cleanup(long j) {
        try {
            Connection connection = this.ds.getConnection();
            try {
                connection.setAutoCommit(true);
                PreparedStatement prepareStatement = connection.prepareStatement("SELECT session_id, assertion_id, subject_name_id FROM assertions_tbl WHERE access_time < ?");
                try {
                    prepareStatement.setTimestamp(1, Timestamp.valueOf(LocalDateTime.now(Clock.systemDefaultZone()).minusSeconds(j)));
                    ResultSet executeQuery = prepareStatement.executeQuery();
                    while (executeQuery.next()) {
                        try {
                            OIOSAML3Service.getAuditService().auditLog(new AuditService.Builder().withAuthnAttribute("ACTION", "TIMEOUT").withAuthnAttribute("DESCRIPTION", "SessionDestroyed").withAuthnAttribute("SP_SESSION_ID", executeQuery.getString(1)).withAuthnAttribute("ASSERTION_ID", executeQuery.getString(2)).withAuthnAttribute("SUBJECT_NAME_ID", executeQuery.getString(3)));
                        } catch (Throwable th) {
                            if (executeQuery != null) {
                                try {
                                    executeQuery.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    }
                    if (executeQuery != null) {
                        executeQuery.close();
                    }
                    if (prepareStatement != null) {
                        prepareStatement.close();
                    }
                    PreparedStatement prepareStatement2 = connection.prepareStatement("DELETE FROM assertions_tbl WHERE access_time < ?");
                    try {
                        prepareStatement2.setTimestamp(1, Timestamp.valueOf(LocalDateTime.now(Clock.systemDefaultZone()).minusSeconds(j)));
                        prepareStatement2.executeUpdate();
                        if (prepareStatement2 != null) {
                            prepareStatement2.close();
                        }
                        PreparedStatement prepareStatement3 = connection.prepareStatement("DELETE FROM authn_requests_tbl WHERE access_time < ?");
                        try {
                            prepareStatement3.setTimestamp(1, Timestamp.valueOf(LocalDateTime.now(Clock.systemDefaultZone()).minusSeconds(j)));
                            prepareStatement3.executeUpdate();
                            if (prepareStatement3 != null) {
                                prepareStatement3.close();
                            }
                            PreparedStatement prepareStatement4 = connection.prepareStatement("DELETE FROM logout_requests_tbl WHERE access_time < ?");
                            try {
                                prepareStatement4.setTimestamp(1, Timestamp.valueOf(LocalDateTime.now(Clock.systemDefaultZone()).minusSeconds(j)));
                                prepareStatement4.executeUpdate();
                                if (prepareStatement4 != null) {
                                    prepareStatement4.close();
                                }
                                prepareStatement3 = connection.prepareStatement("DELETE FROM replay_tbl WHERE access_time < ?");
                                try {
                                    prepareStatement3.setTimestamp(1, Timestamp.valueOf(LocalDateTime.now(Clock.systemDefaultZone()).minusSeconds(86400L)));
                                    prepareStatement3.executeUpdate();
                                    if (prepareStatement3 != null) {
                                        prepareStatement3.close();
                                    }
                                    if (connection != null) {
                                        connection.close();
                                    }
                                } finally {
                                }
                            } finally {
                            }
                        } finally {
                            if (prepareStatement3 != null) {
                                try {
                                    prepareStatement3.close();
                                } catch (Throwable th3) {
                                    th.addSuppressed(th3);
                                }
                            }
                        }
                    } finally {
                        if (prepareStatement2 != null) {
                            try {
                                prepareStatement2.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        }
                    }
                } finally {
                    if (prepareStatement != null) {
                        try {
                            prepareStatement.close();
                        } catch (Throwable th5) {
                            th.addSuppressed(th5);
                        }
                    }
                }
            } finally {
            }
        } catch (SQLException e) {
            log.error("Failed running cleanup", e);
        }
    }

    private void logout(String str) {
        log.debug("Invalidate OIOSAML session '{}'", str);
        try {
            Connection connection = this.ds.getConnection();
            try {
                connection.setAutoCommit(true);
                if (StringUtil.isEmpty(str)) {
                    if (connection != null) {
                        connection.close();
                        return;
                    }
                    return;
                }
                PreparedStatement prepareStatement = connection.prepareStatement("DELETE FROM assertions_tbl WHERE session_id = ?");
                try {
                    prepareStatement.setString(1, str);
                    prepareStatement.executeUpdate();
                    if (prepareStatement != null) {
                        prepareStatement.close();
                    }
                    if (connection != null) {
                        connection.close();
                    }
                } catch (Throwable th) {
                    if (prepareStatement != null) {
                        try {
                            prepareStatement.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } finally {
            }
        } catch (SQLException e) {
            log.warn("Unable to remove OIOSAML session '{}'", str, e);
        }
    }

    private AssertionWrapper getAssertionFromSessionId(String str) {
        try {
            Connection connection = this.ds.getConnection();
            try {
                connection.setAutoCommit(true);
                AssertionWrapper assertionWrapper = null;
                PreparedStatement prepareStatement = connection.prepareStatement("SELECT xml_object FROM assertions_tbl WHERE session_id = ?");
                try {
                    prepareStatement.setString(1, str);
                    ResultSet executeQuery = prepareStatement.executeQuery();
                    try {
                        if (executeQuery.next()) {
                            assertionWrapper = new AssertionWrapper(StringUtil.base64ToXMLObject(executeQuery.getString(1)));
                        }
                        if (executeQuery != null) {
                            executeQuery.close();
                        }
                        if (prepareStatement != null) {
                            prepareStatement.close();
                        }
                        if (null != assertionWrapper) {
                            prepareStatement = connection.prepareStatement("UPDATE assertions_tbl SET access_time = ? WHERE session_id = ?");
                            try {
                                prepareStatement.setTimestamp(1, Timestamp.valueOf(LocalDateTime.now(Clock.systemDefaultZone())));
                                prepareStatement.setString(2, str);
                                prepareStatement.executeUpdate();
                                if (prepareStatement != null) {
                                    prepareStatement.close();
                                }
                            } finally {
                            }
                        }
                        AssertionWrapper assertionWrapper2 = assertionWrapper;
                        if (connection != null) {
                            connection.close();
                        }
                        return assertionWrapper2;
                    } catch (Throwable th) {
                        if (executeQuery != null) {
                            try {
                                executeQuery.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                    }
                } finally {
                }
            } catch (Throwable th3) {
                if (connection != null) {
                    try {
                        connection.close();
                    } catch (Throwable th4) {
                        th3.addSuppressed(th4);
                    }
                }
                throw th3;
            }
        } catch (InternalException | SQLException e) {
            log.error("Failed retrieving assertion matching sessionId", e);
            throw new RuntimeException("Failed retrieving assertion matching sessionId", e);
        }
    }
}
