package net.roseboy.jeee.admin.secutity;

import java.io.Serializable;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.roseboy.jeee.admin.config.ShiroConfig;
import net.roseboy.jeee.admin.util.CacheUtils;
import net.roseboy.jeee.admin.util.UserUtils;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.mgt.SessionContext;
import org.apache.shiro.session.mgt.SessionKey;
import org.apache.shiro.web.servlet.ShiroHttpServletRequest;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.apache.shiro.web.util.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/roseboy/jeee/admin/secutity/JeeeSessionManager.class */
public class JeeeSessionManager extends DefaultWebSessionManager {
    private static final Logger log = LoggerFactory.getLogger(DefaultWebSessionManager.class);
    private static final String AUTH = "Authorization";
    private String lastToken = null;

    private String getToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String header = httpServletRequest.getHeader(AUTH);
        String str = null;
        if (header == null || header.length() == 0) {
            header = httpServletRequest.getParameter(AUTH);
            str = CacheUtils.Redis().get("login:token:" + header, (String) null);
            storeToken(str, httpServletRequest, httpServletResponse);
        }
        if (str == null || str.length() == 0) {
            str = CacheUtils.Redis().get("login:token:" + header, (String) null);
        }
        if (!CacheUtils.Redis().exists("shiro:session:" + str)) {
            CacheUtils.Redis().del(new String[]{"login:token:" + header});
            header = null;
        }
        return header;
    }

    public Serializable getSessionId(SessionKey sessionKey) {
        Serializable serializable = null;
        HttpServletRequest httpServletRequest = (HttpServletRequest) WebUtils.getRequest(sessionKey);
        HttpServletResponse httpServletResponse = (HttpServletResponse) WebUtils.getResponse(sessionKey);
        String token = getToken(httpServletRequest, httpServletResponse);
        if (token != null && token.length() > 0) {
            serializable = CacheUtils.Redis().get("login:token:" + token, (String) null);
            if (serializable != null && httpServletRequest.getHeader(AUTH) != null && !token.equals(this.lastToken)) {
                String makeToken = UserUtils.makeToken(token + serializable.toString());
                CacheUtils.Redis().set("login:token:" + makeToken, serializable.toString(), ShiroConfig.SESSION_TIMEOUT.intValue());
                CacheUtils.Redis().expire("login:token:" + token, 180);
                httpServletResponse.setHeader(AUTH, makeToken);
                this.lastToken = token;
            }
        }
        if (serializable == null) {
            serializable = super.getSessionId(sessionKey);
        }
        return serializable;
    }

    protected void onStart(Session session, SessionContext sessionContext) {
        if (!WebUtils.isHttp(sessionContext)) {
            log.debug("SessionContext argument is not HTTP compatible or does not have an HTTP request/response pair. No session ID cookie will be set.");
            return;
        }
        HttpServletRequest httpRequest = WebUtils.getHttpRequest(sessionContext);
        HttpServletResponse httpResponse = WebUtils.getHttpResponse(sessionContext);
        if (isSessionIdCookieEnabled()) {
            Serializable id = session.getId();
            if (getToken(httpRequest, httpResponse) == null) {
                storeSessionId(id, httpRequest, httpResponse);
            }
        } else {
            log.debug("Session ID cookie is disabled.  No cookie has been set for new session with id {}", session.getId());
        }
        httpRequest.removeAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_SOURCE);
        httpRequest.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_IS_NEW, Boolean.TRUE);
    }

    private void storeSessionId(Serializable serializable, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (serializable == null) {
            throw new IllegalArgumentException("sessionId cannot be null when persisting for subsequent requests.");
        }
        SimpleCookie simpleCookie = new SimpleCookie(getSessionIdCookie());
        String obj = serializable.toString();
        simpleCookie.setValue(obj);
        simpleCookie.saveTo(httpServletRequest, httpServletResponse);
        log.trace("Set session ID cookie for session with id {}", obj);
    }

    private void storeToken(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (str == null || str.length() == 0) {
            return;
        }
        SimpleCookie simpleCookie = new SimpleCookie("JSESSIONID");
        simpleCookie.setValue(str);
        simpleCookie.setHttpOnly(true);
        simpleCookie.setMaxAge(-1);
        simpleCookie.saveTo(httpServletRequest, httpServletResponse);
    }
}
