package jcf.iam.core.filter.repository;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import jcf.iam.core.common.exception.IamException;
import org.apache.zookeeper.AsyncCallback;
import org.apache.zookeeper.CreateMode;
import org.apache.zookeeper.WatchedEvent;
import org.apache.zookeeper.Watcher;
import org.apache.zookeeper.ZooDefs;
import org.apache.zookeeper.ZooKeeper;
import org.apache.zookeeper.data.Stat;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.DisposableBean;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.authentication.AuthenticationTrustResolver;
import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.context.HttpRequestResponseHolder;
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
import org.springframework.security.web.context.SaveContextOnUpdateOrErrorResponseWrapper;
import org.springframework.security.web.context.SecurityContextRepository;
import org.springframework.util.StringUtils;

/* loaded from: input_file:jcf/iam/core/filter/repository/ZooKeeperSecurityContextRepository.class */
public class ZooKeeperSecurityContextRepository implements SecurityContextRepository, InitializingBean, DisposableBean {
    private static final Logger logger = LoggerFactory.getLogger(ZooKeeperSecurityContextRepository.class);
    private ZooKeeper zooKeeper;
    private Map<String, SecurityContext> contexts = new HashMap();
    private AuthenticationTrustResolver authenticationTrustResolver = new AuthenticationTrustResolverImpl();
    private boolean disableUrlRewriting = false;
    private String sessionTrackerString = "jcfiam_session_tracker";
    private String connectString = "127.0.0.1";
    private int sessionTimeout = Integer.MAX_VALUE;
    private Watcher watcher = new Watcher() { // from class: jcf.iam.core.filter.repository.ZooKeeperSecurityContextRepository.1
        public void process(WatchedEvent watchedEvent) {
            if (watchedEvent.getType() == Watcher.Event.EventType.None) {
                switch (AnonymousClass4.$SwitchMap$org$apache$zookeeper$Watcher$Event$KeeperState[watchedEvent.getState().ordinal()]) {
                    case 1:
                    case 2:
                        ZooKeeperSecurityContextRepository.this.monitor.notifyAll();
                        return;
                    default:
                        return;
                }
            }
        }
    };
    private Object monitor = new Object();
    private SecurityContextRepository sessionContextRepository = new HttpSessionSecurityContextRepository();

    /* renamed from: jcf.iam.core.filter.repository.ZooKeeperSecurityContextRepository$4, reason: invalid class name */
    /* loaded from: input_file:jcf/iam/core/filter/repository/ZooKeeperSecurityContextRepository$4.class */
    static /* synthetic */ class AnonymousClass4 {
        static final /* synthetic */ int[] $SwitchMap$org$apache$zookeeper$Watcher$Event$KeeperState = new int[Watcher.Event.KeeperState.values().length];

        static {
            try {
                $SwitchMap$org$apache$zookeeper$Watcher$Event$KeeperState[Watcher.Event.KeeperState.SyncConnected.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$apache$zookeeper$Watcher$Event$KeeperState[Watcher.Event.KeeperState.Disconnected.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    /* loaded from: input_file:jcf/iam/core/filter/repository/ZooKeeperSecurityContextRepository$SaveToZooKeeperResponseWrapper.class */
    final class SaveToZooKeeperResponseWrapper extends SaveContextOnUpdateOrErrorResponseWrapper {
        private HttpServletRequest request;
        private int contextHashBeforeChainExecution;
        private String sessionTracker;

        public SaveToZooKeeperResponseWrapper(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, int i) {
            super(httpServletResponse, ZooKeeperSecurityContextRepository.this.disableUrlRewriting);
            this.request = httpServletRequest;
            this.sessionTracker = str;
            this.contextHashBeforeChainExecution = i;
        }

        protected void saveContext(SecurityContext securityContext) {
            Authentication authentication = securityContext.getAuthentication();
            if (authentication == null || ZooKeeperSecurityContextRepository.this.authenticationTrustResolver.isAnonymous(authentication)) {
                if (ZooKeeperSecurityContextRepository.logger.isDebugEnabled()) {
                    ZooKeeperSecurityContextRepository.logger.debug("비인증사용자 또는 익명사용자의 경우 인증정보를 저장하지 않습니다.");
                }
                ZooKeeperSecurityContextRepository.this.removeContextFromZooKeeper(this.sessionTracker);
                ZooKeeperSecurityContextRepository.this.contexts.remove(this.sessionTracker);
                return;
            }
            if (ZooKeeperSecurityContextRepository.this.contexts.containsKey(this.sessionTracker) && ((SecurityContext) ZooKeeperSecurityContextRepository.this.contexts.get(this.sessionTracker)).hashCode() == this.contextHashBeforeChainExecution) {
                return;
            }
            try {
                try {
                    ZooKeeperSecurityContextRepository.this.saveSessionTrackerToZooKeeper(securityContext.getAuthentication().getName(), this.sessionTracker);
                    saveContextToZooKeeper(securityContext);
                    saveContextToHttpSession(securityContext);
                    ZooKeeperSecurityContextRepository.this.contexts.put(this.sessionTracker, securityContext);
                } catch (Exception e) {
                    throw new IamException(e);
                }
            } catch (Throwable th) {
                saveContextToHttpSession(securityContext);
                throw th;
            }
        }

        private void saveContextToHttpSession(SecurityContext securityContext) {
            this.request.getSession().setAttribute("SPRING_SECURITY_CONTEXT", securityContext);
        }

        private void saveContextToZooKeeper(SecurityContext securityContext) throws Exception {
            String str = "/" + this.sessionTracker;
            ZooKeeperSecurityContextRepository.this.connectToZooKeeper();
            if (ZooKeeperSecurityContextRepository.this.zooKeeper.exists(str, false) == null) {
                ZooKeeperSecurityContextRepository.this.zooKeeper.create(str, (byte[]) null, ZooDefs.Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT);
            }
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ObjectOutputStream objectOutputStream = new ObjectOutputStream(byteArrayOutputStream);
            try {
                objectOutputStream.writeObject(securityContext);
                objectOutputStream.close();
                byteArrayOutputStream.close();
                ZooKeeperSecurityContextRepository.this.zooKeeper.setData(str, byteArrayOutputStream.toByteArray(), -1, new AsyncCallback.StatCallback() { // from class: jcf.iam.core.filter.repository.ZooKeeperSecurityContextRepository.SaveToZooKeeperResponseWrapper.1
                    public void processResult(int i, String str2, Object obj, Stat stat) {
                        ZooKeeperSecurityContextRepository.logger.debug("ZooKeeper로 사용자 인증정보를 전송하였습니다. - 사용자ID={} SessionTracker={}", ((Authentication) obj).getName(), SaveToZooKeeperResponseWrapper.this.sessionTracker);
                    }
                }, securityContext.getAuthentication());
            } catch (Throwable th) {
                objectOutputStream.close();
                byteArrayOutputStream.close();
                throw th;
            }
        }
    }

    public SecurityContext loadContext(HttpRequestResponseHolder httpRequestResponseHolder) {
        SecurityContext readSecurityContextFromZooKeeper;
        String sessionTracker = getSessionTracker(httpRequestResponseHolder.getRequest());
        if (StringUtils.hasText(sessionTracker) && this.contexts.containsKey(sessionTracker)) {
            readSecurityContextFromZooKeeper = this.contexts.get(sessionTracker);
        } else {
            try {
                readSecurityContextFromZooKeeper = readSecurityContextFromZooKeeper(sessionTracker);
                if (readSecurityContextFromZooKeeper == null) {
                    readSecurityContextFromZooKeeper = readSecurityContextFromHttpSession(httpRequestResponseHolder.getRequest());
                }
            } catch (Exception e) {
                logger.warn("ZooKeeper로의 접속에 실패하였습니다. WAS세션 기반으로 동작합니다. - Error={}", e.getMessage());
                return this.sessionContextRepository.loadContext(httpRequestResponseHolder);
            }
        }
        httpRequestResponseHolder.getResponse().addCookie(generateCookieForSessionTracker(sessionTracker));
        httpRequestResponseHolder.setResponse(new SaveToZooKeeperResponseWrapper(httpRequestResponseHolder.getRequest(), httpRequestResponseHolder.getResponse(), sessionTracker, readSecurityContextFromZooKeeper.hashCode()));
        return readSecurityContextFromZooKeeper;
    }

    public void saveContext(SecurityContext securityContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (!(httpServletResponse instanceof SaveToZooKeeperResponseWrapper)) {
            this.sessionContextRepository.saveContext(securityContext, httpServletRequest, httpServletResponse);
            return;
        }
        SaveToZooKeeperResponseWrapper saveToZooKeeperResponseWrapper = (SaveToZooKeeperResponseWrapper) httpServletResponse;
        if (saveToZooKeeperResponseWrapper.isContextSaved()) {
            return;
        }
        saveToZooKeeperResponseWrapper.saveContext(securityContext);
    }

    public boolean containsContext(HttpServletRequest httpServletRequest) {
        return this.contexts.containsKey(getSessionTracker(httpServletRequest)) || this.sessionContextRepository.containsContext(httpServletRequest);
    }

    private String getSessionTracker(HttpServletRequest httpServletRequest) {
        String str = "";
        if (httpServletRequest.getCookies() != null) {
            Cookie[] cookies = httpServletRequest.getCookies();
            int length = cookies.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                Cookie cookie = cookies[i];
                if (cookie.getName().equals(this.sessionTrackerString)) {
                    str = cookie.getValue();
                    logger.debug("Browser로 부터 전송된 SessionTracker가 검색되었습니다. - SessionTracker={}", str);
                    break;
                }
                i++;
            }
        }
        if (!StringUtils.hasText(str)) {
            str = generateSessionTracker();
        }
        return str;
    }

    private Cookie generateCookieForSessionTracker(String str) {
        Cookie cookie = new Cookie(this.sessionTrackerString, str);
        cookie.setMaxAge(-1);
        return cookie;
    }

    private String generateSessionTracker() {
        String uuid = UUID.randomUUID().toString();
        logger.debug("신규 SessionTracker를 생성합니다. - New SessionTracker={}", uuid);
        return uuid;
    }

    private SecurityContext readSecurityContextFromHttpSession(HttpServletRequest httpServletRequest) {
        SecurityContext securityContext = (SecurityContext) httpServletRequest.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
        if (securityContext == null) {
            securityContext = SecurityContextHolder.createEmptyContext();
        }
        return securityContext;
    }

    private SecurityContext readSecurityContextFromZooKeeper(String str) throws Exception {
        String str2 = "/" + str;
        if (this.zooKeeper.exists(str2, false) == null) {
            return null;
        }
        SecurityContext securityContext = null;
        byte[] data = this.zooKeeper.getData(str2, false, (Stat) null);
        if (data != null && data.length > 0) {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(data);
            ObjectInputStream objectInputStream = new ObjectInputStream(byteArrayInputStream);
            try {
                securityContext = (SecurityContext) objectInputStream.readObject();
                objectInputStream.close();
                byteArrayInputStream.close();
            } catch (Throwable th) {
                objectInputStream.close();
                byteArrayInputStream.close();
                throw th;
            }
        }
        if (securityContext != null) {
            logger.debug("ZooKeeper로부터 사용자 인증정보가 전송되었습니다. - 사용자ID={}", securityContext.getAuthentication().getName());
        }
        return securityContext;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void removeContextFromZooKeeper(String str) {
        String str2 = "/" + str;
        try {
            connectToZooKeeper();
            if (this.zooKeeper.exists(str2, false) != null) {
                this.zooKeeper.delete(str2, -1, new AsyncCallback.VoidCallback() { // from class: jcf.iam.core.filter.repository.ZooKeeperSecurityContextRepository.2
                    public void processResult(int i, String str3, Object obj) {
                        ZooKeeperSecurityContextRepository.logger.debug("사용자 인증정보 삭제작업 종료 - ResultCode={}, Path={}", Integer.valueOf(i), str3);
                    }
                }, (Object) null);
            }
        } catch (Exception e) {
            logger.debug("사용자 인증정보 삭제실패 - {}", e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void saveSessionTrackerToZooKeeper(final String str, final String str2) throws Exception {
        String str3 = "/" + str;
        connectToZooKeeper();
        if (this.zooKeeper.exists(str3, false) == null) {
            this.zooKeeper.create(str3, (byte[]) null, ZooDefs.Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT);
        }
        this.zooKeeper.setData(str3, str2.getBytes(), -1, new AsyncCallback.StatCallback() { // from class: jcf.iam.core.filter.repository.ZooKeeperSecurityContextRepository.3
            public void processResult(int i, String str4, Object obj, Stat stat) {
                ZooKeeperSecurityContextRepository.logger.debug("ZooKeeper로 SessionTracker를 전송하였습니다. - 사용자ID={} SessionTracker={}", str, str2);
            }
        }, (Object) null);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void connectToZooKeeper() throws IOException {
        if (this.zooKeeper == null || !this.zooKeeper.getState().isAlive()) {
            this.zooKeeper = new ZooKeeper(this.connectString, this.sessionTimeout, this.watcher);
            logger.debug("ZooKeeper[IP:{} SessionTimeOut={}] 가 연결되었습니다.", this.connectString, Integer.valueOf(this.sessionTimeout));
        }
    }

    public void setDisableUrlRewriting(boolean z) {
        this.disableUrlRewriting = z;
    }

    public void setConnectString(String str) {
        this.connectString = str;
    }

    public void setSessionTimeout(int i) {
        this.sessionTimeout = i;
    }

    public void setSessionTrackerString(String str) {
        this.sessionTrackerString = str;
    }

    public void afterPropertiesSet() throws Exception {
        connectToZooKeeper();
        synchronized (this.monitor) {
        }
    }

    public void destroy() throws Exception {
        this.zooKeeper.close();
        synchronized (this.monitor) {
        }
    }
}
