package org.kuali.rice.kim.client.acegi;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.acegisecurity.Authentication;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.ui.cas.CasProcessingFilter;
import org.kuali.rice.kim.sesn.DistributedSession;

/* loaded from: input_file:WEB-INF/lib/rice-impl-1.0.3.3.jar:org/kuali/rice/kim/client/acegi/KualiDistributedSessionFilter.class */
public class KualiDistributedSessionFilter extends CasProcessingFilter {
    private DistributedSession distributedSession;

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest) throws AuthenticationException {
        if (!(SecurityContextHolder.getContext().getAuthentication() instanceof KualiDistributedSessionExpiredAuthentication)) {
            return super.attemptAuthentication(httpServletRequest);
        }
        this.logger.debug("Authentication is dead in attemptAuthentication, setting authentication to null and throwing KualiDistributedSessionExpiredException");
        SecurityContextHolder.getContext().setAuthentication((Authentication) null);
        throw new KualiDistributedSessionExpiredException("Session Expired");
    }

    protected boolean requiresAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (isSesnValid() || getDST() == null) {
            return super.requiresAuthentication(httpServletRequest, httpServletResponse);
        }
        this.logger.debug("session invalid, setting dead authentication, and pushing through to attemptAuthentication");
        SecurityContextHolder.getContext().setAuthentication(new KualiDistributedSessionExpiredAuthentication());
        return true;
    }

    private boolean isSesnValid() {
        String dst = getDST();
        if (dst != null) {
            if (this.distributedSession.isSesnValid(dst)) {
                this.logger.debug("Session Valid");
                this.distributedSession.touchSesn(dst);
                return true;
            }
            this.distributedSession.clearSesn(dst);
        }
        this.logger.debug("Session Not Valid");
        return false;
    }

    private String getDST() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        String str = null;
        if (authentication != null) {
            GrantedAuthority[] authorities = authentication.getAuthorities();
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Granted Authority Count:" + authorities.length);
            }
            for (int i = 0; i < authorities.length; i++) {
                if (this.logger.isDebugEnabled()) {
                    this.logger.debug("Authority:" + authorities[i]);
                }
                if (authorities[i].toString().startsWith(DistributedSession.getPrefix())) {
                    str = authorities[0].toString();
                }
            }
        } else {
            this.logger.debug("Authentication is NULL");
        }
        return str;
    }

    public void setDistributedSession(DistributedSession distributedSession) {
        this.distributedSession = distributedSession;
    }
}
