package org.springframework.session.web.http;

import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.regex.Pattern;
import javax.servlet.ServletRequest;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import org.springframework.beans.factory.BeanFactory;
import org.springframework.session.Session;

/* loaded from: input_file:lib/spring-session-1.0.2.RELEASE.jar:org/springframework/session/web/http/CookieHttpSessionStrategy.class */
public final class CookieHttpSessionStrategy implements MultiHttpSessionStrategy, HttpSessionManager {
    private static final String SESSION_IDS_WRITTEN_ATTR = CookieHttpSessionStrategy.class.getName().concat(".SESSIONS_WRITTEN_ATTR");
    static final String DEFAULT_ALIAS = "0";
    static final String DEFAULT_SESSION_ALIAS_PARAM_NAME = "_s";
    private Pattern ALIAS_PATTERN = Pattern.compile("^[\\w-]{1,50}$");
    private String cookieName = "SESSION";
    private String sessionParam = DEFAULT_SESSION_ALIAS_PARAM_NAME;
    private boolean isServlet3Plus = isServlet3();

    /* loaded from: input_file:lib/spring-session-1.0.2.RELEASE.jar:org/springframework/session/web/http/CookieHttpSessionStrategy$MultiSessionHttpServletResponse.class */
    class MultiSessionHttpServletResponse extends HttpServletResponseWrapper {
        private final HttpServletRequest request;

        public MultiSessionHttpServletResponse(HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) {
            super(httpServletResponse);
            this.request = httpServletRequest;
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public String encodeRedirectURL(String str) {
            return CookieHttpSessionStrategy.this.encodeURL(super.encodeRedirectURL(str), CookieHttpSessionStrategy.this.getCurrentSessionAlias(this.request));
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public String encodeURL(String str) {
            return CookieHttpSessionStrategy.this.encodeURL(super.encodeURL(str), CookieHttpSessionStrategy.this.getCurrentSessionAlias(this.request));
        }
    }

    @Override // org.springframework.session.web.http.HttpSessionStrategy
    public String getRequestedSessionId(HttpServletRequest httpServletRequest) {
        return getSessionIds(httpServletRequest).get(getCurrentSessionAlias(httpServletRequest));
    }

    @Override // org.springframework.session.web.http.HttpSessionManager
    public String getCurrentSessionAlias(HttpServletRequest httpServletRequest) {
        String parameter;
        return (this.sessionParam == null || (parameter = httpServletRequest.getParameter(this.sessionParam)) == null || !this.ALIAS_PATTERN.matcher(parameter).matches()) ? "0" : parameter;
    }

    @Override // org.springframework.session.web.http.HttpSessionManager
    public String getNewSessionAlias(HttpServletRequest httpServletRequest) {
        Set<String> keySet = getSessionIds(httpServletRequest).keySet();
        if (keySet.isEmpty()) {
            return "0";
        }
        long longValue = Long.decode("0").longValue();
        Iterator<String> it = keySet.iterator();
        while (it.hasNext()) {
            long safeParse = safeParse(it.next());
            if (safeParse > longValue) {
                longValue = safeParse;
            }
        }
        return Long.toHexString(longValue + 1);
    }

    private long safeParse(String str) {
        try {
            return Long.decode("0x" + str).longValue();
        } catch (NumberFormatException e) {
            return 0L;
        }
    }

    @Override // org.springframework.session.web.http.HttpSessionStrategy
    public void onNewSession(Session session, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Set<String> sessionIdsWritten = getSessionIdsWritten(httpServletRequest);
        if (sessionIdsWritten.contains(session.getId())) {
            return;
        }
        sessionIdsWritten.add(session.getId());
        Map<String, String> sessionIds = getSessionIds(httpServletRequest);
        sessionIds.put(getCurrentSessionAlias(httpServletRequest), session.getId());
        httpServletResponse.addCookie(createSessionCookie(httpServletRequest, sessionIds));
    }

    private Set<String> getSessionIdsWritten(HttpServletRequest httpServletRequest) {
        Set<String> set = (Set) httpServletRequest.getAttribute(SESSION_IDS_WRITTEN_ATTR);
        if (set == null) {
            set = new HashSet();
            httpServletRequest.setAttribute(SESSION_IDS_WRITTEN_ATTR, set);
        }
        return set;
    }

    private Cookie createSessionCookie(HttpServletRequest httpServletRequest, Map<String, String> map) {
        Cookie cookie = new Cookie(this.cookieName, "");
        if (this.isServlet3Plus) {
            cookie.setHttpOnly(true);
        }
        cookie.setSecure(httpServletRequest.isSecure());
        cookie.setPath(cookiePath(httpServletRequest));
        if (map.isEmpty()) {
            cookie.setMaxAge(0);
            return cookie;
        }
        if (map.size() == 1) {
            cookie.setValue(map.values().iterator().next());
            return cookie;
        }
        StringBuffer stringBuffer = new StringBuffer();
        for (Map.Entry<String, String> entry : map.entrySet()) {
            String key = entry.getKey();
            String value = entry.getValue();
            stringBuffer.append(key);
            stringBuffer.append(" ");
            stringBuffer.append(value);
            stringBuffer.append(" ");
        }
        stringBuffer.deleteCharAt(stringBuffer.length() - 1);
        cookie.setValue(stringBuffer.toString());
        return cookie;
    }

    @Override // org.springframework.session.web.http.HttpSessionStrategy
    public void onInvalidateSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Map<String, String> sessionIds = getSessionIds(httpServletRequest);
        sessionIds.remove(getCurrentSessionAlias(httpServletRequest));
        httpServletResponse.addCookie(createSessionCookie(httpServletRequest, sessionIds));
    }

    public void setSessionAliasParamName(String str) {
        this.sessionParam = str;
    }

    public void setCookieName(String str) {
        if (str == null) {
            throw new IllegalArgumentException("cookieName cannot be null");
        }
        this.cookieName = str;
    }

    private static Cookie getCookie(HttpServletRequest httpServletRequest, String str) {
        if (httpServletRequest == null) {
            throw new IllegalArgumentException("request cannot be null");
        }
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null) {
            return null;
        }
        for (Cookie cookie : cookies) {
            if (str.equals(cookie.getName())) {
                return cookie;
            }
        }
        return null;
    }

    private static String cookiePath(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getContextPath() + "/";
    }

    @Override // org.springframework.session.web.http.HttpSessionManager
    public Map<String, String> getSessionIds(HttpServletRequest httpServletRequest) {
        Cookie cookie = getCookie(httpServletRequest, this.cookieName);
        String value = cookie == null ? "" : cookie.getValue();
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        StringTokenizer stringTokenizer = new StringTokenizer(value, " ");
        if (stringTokenizer.countTokens() == 1) {
            linkedHashMap.put("0", stringTokenizer.nextToken());
            return linkedHashMap;
        }
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            if (!stringTokenizer.hasMoreTokens()) {
                break;
            }
            linkedHashMap.put(nextToken, stringTokenizer.nextToken());
        }
        return linkedHashMap;
    }

    @Override // org.springframework.session.web.http.RequestResponsePostProcessor
    public HttpServletRequest wrapRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        httpServletRequest.setAttribute(HttpSessionManager.class.getName(), this);
        return httpServletRequest;
    }

    @Override // org.springframework.session.web.http.RequestResponsePostProcessor
    public HttpServletResponse wrapResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return new MultiSessionHttpServletResponse(httpServletResponse, httpServletRequest);
    }

    @Override // org.springframework.session.web.http.HttpSessionManager
    public String encodeURL(String str, String str2) {
        String urlEncode = urlEncode(str2);
        int indexOf = str.indexOf("?");
        boolean equals = "0".equals(urlEncode);
        if (indexOf < 0) {
            return equals ? str : str + "?" + this.sessionParam + "=" + urlEncode;
        }
        String substring = str.substring(0, indexOf);
        String replaceFirst = str.substring(indexOf + 1, str.length()).replaceFirst("((^|&)" + this.sessionParam + "=)([^&]+)?", equals ? "" : "$1" + urlEncode);
        if (!equals && str.endsWith(replaceFirst)) {
            if (!replaceFirst.endsWith(BeanFactory.FACTORY_BEAN_PREFIX) && replaceFirst.length() != 0) {
                replaceFirst = replaceFirst + BeanFactory.FACTORY_BEAN_PREFIX;
            }
            replaceFirst = replaceFirst + this.sessionParam + "=" + urlEncode;
        }
        return substring + "?" + replaceFirst;
    }

    private String urlEncode(String str) {
        try {
            return URLEncoder.encode(str, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    private boolean isServlet3() {
        try {
            ServletRequest.class.getMethod("startAsync", new Class[0]);
            return true;
        } catch (NoSuchMethodException e) {
            return false;
        }
    }
}
