package tech.smartboot.servlet.plugins.session;

import jakarta.servlet.SessionCookieConfig;
import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.util.Base64;
import java.util.Map;
import java.util.Random;
import java.util.concurrent.ConcurrentHashMap;
import org.smartboot.http.common.logging.Logger;
import org.smartboot.http.common.logging.LoggerFactory;
import org.smartboot.http.common.utils.StringUtils;
import org.smartboot.socket.timer.HashedWheelTimer;
import tech.smartboot.servlet.impl.HttpServletRequestImpl;
import tech.smartboot.servlet.provider.SessionProvider;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:tech/smartboot/servlet/plugins/session/SessionProviderImpl.class */
public class SessionProviderImpl implements SessionProvider {
    private static final Logger LOGGER = LoggerFactory.getLogger(SessionProviderImpl.class);
    private static final byte[] DEFAULT_BYTES = "smart-servlet:v2.6".getBytes();
    private static final int maskLength = 4;
    private static final String MAGIC_NUMBER = "ss";
    private static final int DEFAULT_MAX_INACTIVE_INTERVAL = 1800;
    private final Map<String, HttpSessionImpl> sessionMap = new ConcurrentHashMap();
    private int maxInactiveInterval = DEFAULT_MAX_INACTIVE_INTERVAL;
    private final HashedWheelTimer timer = new HashedWheelTimer(runnable -> {
        return new Thread(runnable, "smartboot-session-timer");
    }, 10, 64);

    @Override // tech.smartboot.servlet.provider.SessionProvider
    public HttpSessionImpl getSession(HttpServletRequestImpl httpServletRequestImpl, HttpServletResponse httpServletResponse, boolean z) {
        HttpSessionImpl session = getSession(httpServletRequestImpl);
        if (z && session == null) {
            if (httpServletResponse.isCommitted()) {
                throw new IllegalStateException("response has already committed!");
            }
            session = new HttpSessionImpl(this, createSessionId(), httpServletRequestImpl.m13getServletContext()) { // from class: tech.smartboot.servlet.plugins.session.SessionProviderImpl.1
                @Override // tech.smartboot.servlet.plugins.session.HttpSessionImpl
                public void invalid() {
                    try {
                        super.invalid();
                    } finally {
                        SessionProviderImpl.this.sessionMap.remove(getId());
                    }
                }
            };
            session.setMaxInactiveInterval(this.maxInactiveInterval);
            SessionCookieConfig sessionCookieConfig = httpServletRequestImpl.m13getServletContext().getSessionCookieConfig();
            Cookie cookie = new Cookie(sessionCookieConfig.getName(), session.getId());
            cookie.setPath(sessionCookieConfig.getPath());
            if (sessionCookieConfig.getDomain() != null) {
                cookie.setDomain(sessionCookieConfig.getDomain());
            }
            cookie.setHttpOnly(sessionCookieConfig.isHttpOnly());
            cookie.setSecure(sessionCookieConfig.isSecure());
            cookie.setMaxAge(sessionCookieConfig.getMaxAge());
            httpServletResponse.addCookie(cookie);
            this.sessionMap.put(session.getId(), session);
            httpServletRequestImpl.setActualSessionId(session.getId());
        }
        if (session != null) {
            session.setResponse(httpServletResponse);
        }
        return session;
    }

    @Override // tech.smartboot.servlet.provider.SessionProvider
    public void changeSessionId(HttpSession httpSession) {
        if (!(httpSession instanceof HttpSessionImpl)) {
            throw new IllegalStateException();
        }
        HttpSessionImpl remove = this.sessionMap.remove(httpSession.getId());
        remove.changeSessionId(String.valueOf(System.currentTimeMillis()));
        this.sessionMap.put(remove.getId(), remove);
    }

    @Override // tech.smartboot.servlet.provider.SessionProvider
    public void updateAccessTime(HttpServletRequestImpl httpServletRequestImpl) {
        HttpSessionImpl session = getSession(httpServletRequestImpl);
        if (session != null) {
            session.setLastAccessed(System.currentTimeMillis());
        }
    }

    @Override // tech.smartboot.servlet.provider.SessionProvider
    public void pauseAccessTime(HttpServletRequestImpl httpServletRequestImpl) {
        HttpSessionImpl session = getSession(httpServletRequestImpl);
        if (session != null) {
            session.pauseTimeoutTask();
        }
    }

    @Override // tech.smartboot.servlet.provider.SessionProvider
    public boolean isRequestedSessionIdValid(HttpServletRequestImpl httpServletRequestImpl) {
        HttpSessionImpl session = getSession(httpServletRequestImpl);
        if (session == null) {
            return false;
        }
        return session.getId().equals(httpServletRequestImpl.getRequestedSessionId());
    }

    @Override // tech.smartboot.servlet.provider.SessionProvider
    public void destroy() {
        LOGGER.info("destroy session provider");
        this.timer.shutdown();
    }

    private HttpSessionImpl getSession(HttpServletRequestImpl httpServletRequestImpl) {
        String actualSessionId = httpServletRequestImpl.getActualSessionId();
        if (actualSessionId == null) {
            actualSessionId = httpServletRequestImpl.getRequestedSessionId();
        }
        if (actualSessionId == null) {
            return null;
        }
        HttpSessionImpl httpSessionImpl = this.sessionMap.get(actualSessionId);
        if (httpSessionImpl == null && StringUtils.isNotBlank(httpServletRequestImpl.getRequestedSessionId()) && validateSessionId(httpServletRequestImpl.getRequestedSessionId())) {
            LOGGER.error("invalid sessionId:" + actualSessionId);
        }
        if (httpSessionImpl == null || httpSessionImpl.isInvalid()) {
            return null;
        }
        httpSessionImpl.pauseTimeoutTask();
        return httpSessionImpl;
    }

    public void setMaxInactiveInterval(int i) {
        this.maxInactiveInterval = i;
    }

    public HashedWheelTimer getTimer() {
        return this.timer;
    }

    private static String createSessionId() {
        Random random = new Random();
        byte[] bArr = new byte[4 + DEFAULT_BYTES.length + 4];
        int i = 0;
        while (i < 4) {
            int nextInt = random.nextInt();
            int min = Math.min(4 - i, 4);
            while (true) {
                int i2 = min;
                min--;
                if (i2 > 0) {
                    int i3 = i;
                    i++;
                    bArr[i3] = (byte) nextInt;
                    nextInt >>= 8;
                }
            }
        }
        System.arraycopy(DEFAULT_BYTES, 0, bArr, 4, DEFAULT_BYTES.length);
        int nanoTime = (int) System.nanoTime();
        bArr[4 + DEFAULT_BYTES.length] = (byte) (nanoTime >>> 24);
        bArr[4 + DEFAULT_BYTES.length + 1] = (byte) (nanoTime >>> 16);
        bArr[4 + DEFAULT_BYTES.length + 2] = (byte) (nanoTime >>> 8);
        bArr[4 + DEFAULT_BYTES.length + 3] = (byte) nanoTime;
        for (int i4 = 4; i4 < bArr.length; i4++) {
            bArr[i4] = (byte) (bArr[i4] ^ bArr[i4 % 4]);
        }
        return "ss" + Base64.getUrlEncoder().withoutPadding().encodeToString(bArr);
    }

    private static boolean validateSessionId(String str) {
        if (!str.startsWith(MAGIC_NUMBER)) {
            LOGGER.warn("invalid sessionId:{},ignore", str);
            return false;
        }
        byte[] decode = Base64.getUrlDecoder().decode(str.substring(2));
        int length = 4 + DEFAULT_BYTES.length;
        for (int i = 4; i < decode.length; i++) {
            decode[i] = (byte) (decode[i] ^ decode[i % 4]);
            if (i < length && decode[i] != DEFAULT_BYTES[i - 4]) {
                return true;
            }
        }
        return false;
    }
}
