package com.huawei.bigdata.om.web.security.session;

import com.huawei.bigdata.om.client.Client;
import com.huawei.bigdata.om.client.ClientProvider;
import com.huawei.bigdata.om.client.ClientProviderFactory;
import com.huawei.bigdata.om.northbound.snmp.constdefinition.ConstDefinition;
import com.huawei.bigdata.om.web.client.SecurityClient;
import com.huawei.bigdata.om.web.client.WebClient;
import com.huawei.bigdata.om.web.client.WebContext;
import com.huawei.bigdata.om.web.constant.Resource;
import com.huawei.bigdata.om.web.model.proto.Response;
import com.huawei.bigdata.om.web.security.FISingleSignOutFilter;
import com.huawei.bigdata.om.web.security.iam.constant.IAMConstant;
import com.huawei.bigdata.om.web.security.iam.util.FISessionRegistryImp;
import com.huawei.bigdata.om.web.security.iam.util.IAMUserDetails;
import com.huawei.bigdata.om.web.security.iam.util.IAMUtil;
import com.huawei.bigdata.om.web.util.ApplicationConfiguration;
import com.huawei.bigdata.om.web.util.WebSecurityUtil;
import com.huawei.bigdata.om.web.util.WebUtils;
import com.huawei.hadoop.security.crypter.CrypterUtil;
import java.security.Principal;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.commons.configuration2.Configuration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.AnnotationConfigApplicationContext;
import org.springframework.stereotype.Controller;
import org.springframework.util.StringUtils;
import org.springframework.web.client.RestTemplate;
import org.wcc.framework.AppRuntimeException;

@Controller
/* loaded from: input_file:com/huawei/bigdata/om/web/security/session/SessionService.class */
public class SessionService {
    private static final String SESSION_ATTRIBUTE_WEBCLIENT = "webClient";
    private static final String SESSION_ATTRIBUTE_SECURITYCLIENT = "securityClient";
    private static final String CLIENT_PROVIDER_FACTORY_BEAN_NAME = "clientProviderFactory";
    private static final String SESSION_ATTRIBUTE_CONTROLLERCLIENT = "controllerClient";
    private static final String CONFIGURATION_BEAN_NAME = "configuration";
    private static final String IS_SECOND_AUTHORIZATION = "is_second_authorization";
    private static final String IS_SESSION_REFRESH = "is_session_refresh";

    @Autowired
    private ApplicationContext applicationContext;

    @Autowired
    private FISessionRegistryImp sessionRegistry;

    @Autowired
    private RestTemplate restTemplate;
    private static final Logger LOGGER = LoggerFactory.getLogger(SessionService.class);
    private static final String CONFIG_FILE_DIR = System.getenv(ConstDefinition.OM_TOMCAT_HOME) + "/webapps/web/WEB-INF/classes/config/";

    private void addWebClientToSession(HttpServletRequest httpServletRequest, HttpSession httpSession, ServletContext servletContext, Principal principal) {
        Configuration configuration = (Configuration) this.applicationContext.getBean(CONFIGURATION_BEAN_NAME, Configuration.class);
        WebContext webContext = new WebContext();
        webContext.setConfiguration(configuration);
        webContext.setPrincipal(principal);
        webContext.setServletContext(servletContext);
        ClientProvider newClientProvider = ((ClientProviderFactory) this.applicationContext.getBean(CLIENT_PROVIDER_FACTORY_BEAN_NAME, ClientProviderFactory.class)).newClientProvider(webContext);
        AnnotationConfigApplicationContext annotationConfigApplicationContext = new AnnotationConfigApplicationContext(new Class[]{ApplicationConfiguration.class});
        String property = annotationConfigApplicationContext.getEnvironment().getProperty(WebUtils.CONTROLLER_URL);
        LOGGER.info("Controller url is {}.", property);
        Client newClient = newClientProvider.newClient(property);
        String property2 = annotationConfigApplicationContext.getEnvironment().getProperty("acs.rest.server.url");
        LOGGER.info("Acs url is {}.", property2);
        Client newClient2 = newClientProvider.newClient(property2);
        String property3 = annotationConfigApplicationContext.getEnvironment().getProperty("aos.rest.server.url");
        LOGGER.info("Aos url is {}.", property3);
        Client newClient3 = newClientProvider.newClient(property3);
        WebClient webClient = new WebClient(newClient, webContext);
        SecurityClient securityClient = new SecurityClient(newClient2, newClient3);
        securityClient.setClientProvider(newClientProvider);
        securityClient.setAcsurl(property2);
        securityClient.setAosurl(property3);
        securityClient.setClientContext(webContext);
        securityClient.setRestTemplate(this.restTemplate);
        httpSession.setAttribute("webClient", webClient);
        httpSession.setAttribute("securityClient", securityClient);
        httpSession.setAttribute(SESSION_ATTRIBUTE_CONTROLLERCLIENT, newClient);
        String str = httpServletRequest.getRemoteAddr() + httpServletRequest.getHeader("USER-AGENT");
        try {
            str = CrypterUtil.encrypt(str);
        } catch (AppRuntimeException e) {
            LOGGER.error("Encrypt addr and agent failed.");
        }
        httpSession.setAttribute("IP_AND_USER_AGENT", str);
        if (StringUtils.isEmpty((String) httpSession.getAttribute("CHECK_LOGIN"))) {
            httpSession.setAttribute("CHECK_LOGIN", IAMConstant.TRUE);
        }
    }

    private void updateSessionContent(HttpServletRequest httpServletRequest, HttpSession httpSession, Principal principal) {
        httpSession.setAttribute("FIRST_LOGIN", IAMConstant.TRUE);
        httpSession.setAttribute("needtoken", Resource.SCREEN_LOCK);
        addWebClientToSession(httpServletRequest, httpSession, httpSession.getServletContext(), principal);
        httpSession.setAttribute("is_second_authorization", Boolean.valueOf(WebSecurityUtil.getIsSecondAuthentication()));
        IAMUserDetails userDetails = IAMUtil.getUserDetails();
        if (userDetails != null) {
            LOGGER.info("Add user details and session to memery");
            this.sessionRegistry.addPrincipalAndUserDetails(userDetails.getUsername(), httpSession, userDetails);
        }
    }

    public void rebuildSession(HttpSession httpSession, HttpServletRequest httpServletRequest, Response response, Principal principal) {
        LOGGER.info("Enter rebuild Session. ");
        Object attribute = httpSession.getAttribute("is_second_authorization");
        if (attribute == null) {
            LOGGER.error("The value of is_second_authorization is null.");
            return;
        }
        if (!((Boolean) attribute).booleanValue()) {
            LOGGER.info("second auth not work, no need to rebuild session.");
            return;
        }
        String id = httpSession.getId();
        FISingleSignOutFilter fISingleSignOutFilter = (FISingleSignOutFilter) this.applicationContext.getBean("singleLogoutFilter", FISingleSignOutFilter.class);
        if (null == fISingleSignOutFilter) {
            response.setErrorCode(-1);
            LOGGER.error("can not get application context filter.");
            return;
        }
        String keyBySessionIdInMappingStorage = fISingleSignOutFilter.getKeyBySessionIdInMappingStorage(id);
        IAMUserDetails userDetails = IAMUtil.getUserDetails();
        if (this.sessionRegistry != null && userDetails != null) {
            String username = userDetails.getUsername();
            LOGGER.info("Delset session from sessionRegistry.");
            this.sessionRegistry.deleteUserSessionAndUserDetails(username, httpSession.getId());
        }
        String str = (String) httpSession.getAttribute("Token");
        httpSession.setAttribute(IS_SESSION_REFRESH, true);
        httpSession.invalidate();
        HttpSession session = httpServletRequest.getSession(true);
        fISingleSignOutFilter.updatSeesionInMappingStorage(keyBySessionIdInMappingStorage, session);
        updateSessionContent(httpServletRequest, session, principal);
        session.setAttribute("Token", str);
    }
}
