package org.lamsfoundation.lams.security;

import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;

/* loaded from: input_file:org/lamsfoundation/lams/security/JspRedirectStrategy.class */
public class JspRedirectStrategy {
    public static final String AUTH_OBJECT_NAME = "authorizationObjectName";
    public static final String SECURITY_CHECK_NOT_PASSED = "SecurityCheckNotPassed";
    public static final String SECURITY_CHECK_PASSED = "securityCheckPassed";
    public static final String WELCOME_PAGE = "index.jsp ";
    private static Logger log = Logger.getLogger(JspRedirectStrategy.class);

    public static boolean loginPageRedirected(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null) {
            log.debug("===>LOGIN PAGE: session not found, simply stop here.");
            return true;
        }
        String str = (String) session.getAttribute(AUTH_OBJECT_NAME);
        String id = session.getId();
        if (str == null) {
            log.debug("===>LOGIN PAGE: there is no auth obj in session, auth obj created. session id: " + id);
            session.setAttribute(AUTH_OBJECT_NAME, SECURITY_CHECK_NOT_PASSED);
            httpServletResponse.sendRedirect(WELCOME_PAGE);
            return true;
        }
        if (str.equals(SECURITY_CHECK_NOT_PASSED)) {
            log.debug("===>LOGIN PAGE: accessing login page before login succeed, display login page. session id: " + id);
            return false;
        }
        if (str.equals(SECURITY_CHECK_PASSED)) {
            log.debug("===>LOGIN PAGE: accessing login after login succeed. Invalidate the session: " + id + " and redirect to " + WELCOME_PAGE);
            session.invalidate();
            httpServletResponse.sendRedirect(WELCOME_PAGE);
            return true;
        }
        log.debug("===>LOGIN PAGE: logically impossible to be here, no valid status found : " + id);
        session.invalidate();
        httpServletResponse.sendRedirect(WELCOME_PAGE);
        return true;
    }

    public static void welcomePageStatusUpdate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null) {
            log.debug("===>INDEX PAGE: session not found, simply stop here.");
        } else {
            if (session.getAttribute(AUTH_OBJECT_NAME).equals(SECURITY_CHECK_PASSED)) {
                return;
            }
            session.setAttribute(AUTH_OBJECT_NAME, new String(SECURITY_CHECK_PASSED));
        }
    }
}
