package blackboard.platform.session.impl;

import blackboard.base.InitializationException;
import blackboard.data.BbObject;
import blackboard.data.user.User;
import blackboard.db.CIConstants;
import blackboard.db.DbUtil;
import blackboard.persist.DataType;
import blackboard.persist.Id;
import blackboard.persist.PersistenceException;
import blackboard.persist.impl.DbBbObjectMapUnmarshaller;
import blackboard.persist.impl.DbUnmarshaller;
import blackboard.persist.impl.InsertProcedureQuery;
import blackboard.persist.impl.Query;
import blackboard.persist.impl.SimpleSelectQuery;
import blackboard.persist.impl.StoredProcedureQuery;
import blackboard.persist.impl.UpdateQuery;
import blackboard.persist.impl.mapping.DbBbObjectMap;
import blackboard.persist.impl.mapping.DbCalendarMapping;
import blackboard.persist.impl.mapping.DbIdMapping;
import blackboard.persist.impl.mapping.DbIntegerMapping;
import blackboard.persist.impl.mapping.DbMapping;
import blackboard.persist.impl.mapping.DbObjectMap;
import blackboard.persist.impl.mapping.DbStringMapping;
import blackboard.persist.user.impl.UserDbMap;
import blackboard.platform.BbServiceException;
import blackboard.platform.BbServiceManager;
import blackboard.platform.config.ConfigurationService;
import blackboard.platform.log.LogService;
import blackboard.platform.security.SecurityUtil;
import blackboard.platform.security.authentication.servlet.LoginBrokerServlet;
import blackboard.platform.session.BbSession;
import blackboard.platform.session.BbSessionManagerService;
import blackboard.util.RequestUtil;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.SecureRandom;
import java.sql.CallableStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Random;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:blackboard/platform/session/impl/BbSessionManagerServiceImpl.class */
public class BbSessionManagerServiceImpl implements BbSessionManagerService {
    private static final String PRNG_ALGORITHM = "SHA1PRNG";
    private static final String BSESSION_MD5 = "bsession_md5";
    private static final String SESSION_PREFIX = "@@";
    private static final String SESSION_ID = "session_id";
    private static final String REQUEST_KEY = "bb-session-key";
    private Random _random;
    private LogService _log;
    static final int NO_SESSION = -1;
    static DbObjectMap SESSION_MAP = new DbBbObjectMap(BbSessionImpl.class, "sessions");
    static DbObjectMap SESSION_IND_MAP;
    static DbObjectMap SESSION_IND_CR_MAP;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:blackboard/platform/session/impl/BbSessionManagerServiceImpl$LoadByHashQuery.class */
    public class LoadByHashQuery extends StoredProcedureQuery {
        private String _hash;
        private BbSessionImpl _session;

        private LoadByHashQuery(String str) {
            super("get_session_data");
            this._hash = str;
            addInputParameter("md5_in");
            addOutputParameter("scursor");
        }

        @Override // blackboard.persist.impl.StoredProcedureQuery
        protected void marshallParams(CallableStatement callableStatement) throws SQLException, PersistenceException {
            callableStatement.setString(1, this._hash);
            if (getUseResultSet()) {
                return;
            }
            callableStatement.registerOutParameter(2, -10);
        }

        protected DbUnmarshaller createUnmarshaller() {
            DbBbObjectMapUnmarshaller dbBbObjectMapUnmarshaller = new DbBbObjectMapUnmarshaller(BbSessionManagerServiceImpl.SESSION_MAP, "s");
            dbBbObjectMapUnmarshaller.addNestedMapping("User", UserDbMap.MAP, "u");
            return dbBbObjectMapUnmarshaller;
        }

        @Override // blackboard.persist.impl.StoredProcedureQuery
        public void processResults(CallableStatement callableStatement) throws SQLException, PersistenceException {
            ResultSet cursorToResultSet = DbUtil.cursorToResultSet(callableStatement, 2);
            if (cursorToResultSet.next()) {
                processResults(cursorToResultSet);
            }
            cursorToResultSet.close();
        }

        @Override // blackboard.persist.impl.StoredProcedureQuery
        public void processResults(ResultSet resultSet) throws SQLException, PersistenceException {
            DbUnmarshaller createUnmarshaller = createUnmarshaller();
            createUnmarshaller.init(getContainer(), resultSet);
            do {
                this._session = (BbSessionImpl) createUnmarshaller.unmarshall();
            } while (resultSet.next());
        }

        public BbSessionImpl getResult() {
            return this._session;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:blackboard/platform/session/impl/BbSessionManagerServiceImpl$RemoveSessionKeysQuery.class */
    public static class RemoveSessionKeysQuery extends StoredProcedureQuery {
        static String[] _paramList = {"ind_name", "sesn_session_id"};
        BbSessionImpl _session;

        public RemoveSessionKeysQuery(BbSessionImpl bbSessionImpl) {
            super("session_inds_rm", _paramList);
            this._session = bbSessionImpl;
        }

        @Override // blackboard.persist.impl.StoredProcedureQuery
        protected void marshallParams(CallableStatement callableStatement) throws SQLException, PersistenceException {
            DbUtil.setString(callableStatement, 1, null);
            DbUtil.setInteger(callableStatement, 2, this._session.getBbSessionId());
        }
    }

    /* loaded from: input_file:blackboard/platform/session/impl/BbSessionManagerServiceImpl$RemoveSessionQuery.class */
    private static class RemoveSessionQuery extends StoredProcedureQuery {
        static String[] _paramList = {"p1"};
        BbSession _session;

        public RemoveSessionQuery(BbSession bbSession) {
            super("sessions_rm", _paramList);
            this._session = bbSession;
        }

        @Override // blackboard.persist.impl.StoredProcedureQuery
        protected void marshallParams(CallableStatement callableStatement) throws SQLException, PersistenceException {
            DbUtil.setInteger(callableStatement, 1, this._session.getBbSessionId());
        }
    }

    /* loaded from: input_file:blackboard/platform/session/impl/BbSessionManagerServiceImpl$SessionKey.class */
    public static class SessionKey extends BbObject {
        public static DataType DATA_TYPE = new DataType(SessionKey.class);

        @Override // blackboard.data.BbObject, blackboard.data.IBbObject, blackboard.data.Identifiable
        public DataType getDataType() {
            return new DataType(getClass());
        }

        public SessionKey() {
            this._bbAttributes.setString(BbSessionDef.SESSION_IND, null);
            this._bbAttributes.setString(BbSessionDef.SESSION_VAL, null);
            this._bbAttributes.setId(BbSessionDef.SESSION_REF, Id.UNSET_ID);
        }

        public SessionKey(String str, String str2, BbSessionImpl bbSessionImpl) {
            this._bbAttributes.setString(BbSessionDef.SESSION_IND, str);
            this._bbAttributes.setString(BbSessionDef.SESSION_VAL, str2);
            this._bbAttributes.setId(BbSessionDef.SESSION_REF, bbSessionImpl.getId());
        }
    }

    @Override // blackboard.platform.session.BbSessionManagerService
    public BbSession getSession(HttpServletRequest httpServletRequest) {
        BbSession bbSession;
        BbSession bbSession2 = (BbSession) httpServletRequest.getAttribute(REQUEST_KEY);
        if (bbSession2 != null) {
            return bbSession2;
        }
        try {
            LoadByHashQuery loadByHashQuery = new LoadByHashQuery(findSessionHash(httpServletRequest));
            runQuery(loadByHashQuery);
            bbSession = loadByHashQuery.getResult();
            ((BbSessionImpl) bbSession).setSessionManager(this);
            ((BbSessionImpl) bbSession).setContext(new RequestContextImpl());
        } catch (Exception e) {
            this._log.logInfo("Error loading session", e);
            bbSession = NullSession.INSTANCE;
        }
        httpServletRequest.setAttribute(REQUEST_KEY, bbSession);
        return bbSession;
    }

    @Override // blackboard.platform.session.BbSessionManagerService
    public BbSession safeGetSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        BbSession session = getSession(httpServletRequest);
        if (session.getBbSessionId() == -1) {
            session = createSession(httpServletRequest, httpServletResponse);
            httpServletRequest.setAttribute(REQUEST_KEY, session);
        }
        return session;
    }

    @Override // blackboard.platform.session.BbSessionManagerService
    public List<BbSession> getActiveSessionList() {
        ArrayList arrayList;
        try {
            SimpleSelectQuery simpleSelectQuery = new SimpleSelectQuery(SESSION_MAP);
            runQuery(simpleSelectQuery);
            arrayList = simpleSelectQuery.getResults();
        } catch (Exception e) {
            this._log.logWarning("", e);
            arrayList = new ArrayList();
        }
        return arrayList;
    }

    public BbSession createSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        BbSession createSession = createSession();
        RequestUtil.setCookie(httpServletRequest, httpServletResponse, "session_id", SESSION_PREFIX + createSession.getBbSessionIdMd5());
        httpServletRequest.setAttribute("int-session-id", String.valueOf(createSession.getBbSessionId()));
        return createSession;
    }

    public BbSession createSession() {
        try {
            BbSessionImpl bbSessionImpl = new BbSessionImpl();
            bbSessionImpl.setSessionManager(this);
            runQuery(new InsertProcedureQuery(SESSION_MAP, bbSessionImpl));
            bbSessionImpl.getBbAttributes().setString(BbSessionDef.ID_HASH, generateSessionHash(bbSessionImpl));
            runQuery(new UpdateQuery(SESSION_MAP, bbSessionImpl));
            return bbSessionImpl;
        } catch (Exception e) {
            this._log.logInfo("Could not create session. Return NullSession.INSTANCE", e);
            return NullSession.INSTANCE;
        }
    }

    public void removeSession(BbSession bbSession) {
        try {
            runQuery(new RemoveSessionQuery(bbSession));
        } catch (Exception e) {
            this._log.logWarning("Could not delete session: " + String.valueOf(bbSession.getBbSessionId()), e);
        }
    }

    public BbSession loadSession(String str) throws PersistenceException {
        LoadByHashQuery loadByHashQuery = new LoadByHashQuery(str);
        runQuery(loadByHashQuery);
        BbSessionImpl result = loadByHashQuery.getResult();
        result.setSessionManager(this);
        return result;
    }

    private String generateSessionHash(BbSession bbSession) {
        return SecurityUtil.getHashValue(String.valueOf(bbSession.getBbSessionId()) + String.valueOf(this._random.nextInt()));
    }

    private String findSessionHash(HttpServletRequest httpServletRequest) throws BbServiceException {
        String value;
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                if (cookie.getName().toLowerCase().startsWith("session_id") && (value = cookie.getValue()) != null && value.length() > 2) {
                    return value.startsWith(SESSION_PREFIX) ? value.substring(2) : value;
                }
            }
        }
        String parameter = httpServletRequest.getParameter(BSESSION_MD5);
        if (parameter == null || parameter.length() <= 0) {
            throw new BbServiceException("Session id not found.");
        }
        return parameter;
    }

    @Override // blackboard.platform.CorePlatformService
    public void serviceInit(ConfigurationService configurationService) throws InitializationException, BbServiceException {
        this._log = BbServiceManager.getLogService();
    }

    @Override // blackboard.platform.CorePlatformService
    public Class getServiceInterface() {
        return BbSessionManagerService.class;
    }

    @Override // blackboard.platform.CorePlatformService
    public void serviceShutdown() throws BbServiceException {
    }

    @Override // blackboard.platform.CorePlatformService
    public void serviceStartup() throws BbServiceException {
        try {
            this._random = SecureRandom.getInstance(PRNG_ALGORITHM);
        } catch (Exception e) {
            this._random = new Random(new Date().getTime());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void storeKey(String str, String str2, BbSessionImpl bbSessionImpl) throws PersistenceException {
        try {
            runQuery(new InsertProcedureQuery(SESSION_IND_CR_MAP, new SessionKey(str, str2, bbSessionImpl)));
        } catch (Exception e) {
            this._log.logError("Could not store key for session.", e);
            throw new PersistenceException("Could not store key for session.", e);
        }
    }

    public void removeAllKeys(BbSessionImpl bbSessionImpl) {
        try {
            runQuery(new RemoveSessionKeysQuery(bbSessionImpl));
        } catch (Exception e) {
            this._log.logError("Could not delete session keys for session " + String.valueOf(bbSessionImpl.getBbSessionId()), e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Map loadKeys(BbSessionImpl bbSessionImpl) throws PersistenceException {
        try {
            HashMap hashMap = new HashMap();
            SimpleSelectQuery simpleSelectQuery = new SimpleSelectQuery(SESSION_IND_MAP);
            simpleSelectQuery.addWhere(BbSessionDef.SESSION_REF, bbSessionImpl.getId());
            runQuery(simpleSelectQuery);
            for (SessionKey sessionKey : simpleSelectQuery.getResults()) {
                hashMap.put(sessionKey.getBbAttributes().getString(BbSessionDef.SESSION_IND), sessionKey.getBbAttributes().getString(BbSessionDef.SESSION_VAL));
            }
            return hashMap;
        } catch (Exception e) {
            this._log.logError("Could not store key for session.", e);
            throw new PersistenceException("Could not store key for session.", e);
        }
    }

    public void authenticateSession(User user, BbSession bbSession) {
        if (bbSession instanceof BbSessionImpl) {
            BbSessionImpl bbSessionImpl = (BbSessionImpl) bbSession;
            bbSessionImpl.getBbAttributes().setString("BatchUid", user.getBatchUid());
            bbSessionImpl.getBbAttributes().setString("UserName", user.getUserName());
            bbSessionImpl.getBbAttributes().setId("UserId", user.getId());
            bbSessionImpl.getBbAttributes().setInteger(BbSessionDef.USER_ID_SOS_PK2, 1);
            updateSession(bbSessionImpl);
        }
    }

    public void logoutSession(BbSession bbSession) {
        if (bbSession instanceof BbSessionImpl) {
            BbSessionImpl bbSessionImpl = (BbSessionImpl) bbSession;
            bbSessionImpl.getBbAttributes().setString("BatchUid", null);
            bbSessionImpl.getBbAttributes().setString("UserName", null);
            bbSessionImpl.getBbAttributes().setId("UserId", Id.UNSET_ID);
            updateSession(bbSessionImpl);
            removeAllKeys(bbSessionImpl);
        }
    }

    private void updateSession(BbSessionImpl bbSessionImpl) {
        try {
            runQuery(new UpdateQuery(SESSION_MAP, bbSessionImpl));
        } catch (Exception e) {
            e.printStackTrace();
            this._log.logError("Could not update session.", e);
        }
    }

    private void runQuery(final Query query) throws PersistenceException {
        try {
            AccessController.doPrivileged(new PrivilegedExceptionAction() { // from class: blackboard.platform.session.impl.BbSessionManagerServiceImpl.1
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    BbServiceManager.getPersistenceService().getDbPersistenceManager().runDbQuery(query);
                    return null;
                }
            });
        } catch (PrivilegedActionException e) {
            throw new PersistenceException(e.getCause());
        }
    }

    static {
        SESSION_MAP.addMapping(new DbIdMapping("id", BbSessionImpl.DATA_TYPE, "session_id", DbMapping.Use.OUTPUT, DbMapping.Use.NONE, true));
        SESSION_MAP.addMapping(new DbStringMapping("UserName", "user_id", DbMapping.Use.NONE, DbMapping.Use.INPUT, false, true));
        SESSION_MAP.addMapping(new DbStringMapping(BbSessionDef.ID_HASH, CIConstants.SESSKEY_MD5, DbMapping.Use.NONE, DbMapping.Use.INPUT, false));
        SESSION_MAP.addMapping(new DbStringMapping("BatchUid", LoginBrokerServlet.BATCH_UID_PARAM, DbMapping.Use.NONE, DbMapping.Use.INPUT, false, true));
        SESSION_MAP.addMapping(new DbCalendarMapping("Timestamp", "timestamp", DbMapping.Use.NONE, DbMapping.Use.NONE, false));
        SESSION_MAP.addMapping(new DbStringMapping(BbSessionDef.ONE_TIME_TOKEN, CIConstants.TKN_CHALLENGE, DbMapping.Use.NONE, DbMapping.Use.INPUT, false));
        SESSION_MAP.addMapping(new DbIdMapping("UserId", User.DATA_TYPE, CIConstants.SESSKEY_PK1, DbMapping.Use.NONE, DbMapping.Use.INPUT, false));
        SESSION_MAP.addMapping(new DbIntegerMapping(BbSessionDef.USER_ID_SOS_PK2, CIConstants.SESSKEY_SOS_PK2, DbMapping.Use.NONE, DbMapping.Use.INPUT, false));
        SESSION_IND_MAP = new DbBbObjectMap(SessionKey.class, "session_inds");
        SESSION_IND_MAP.addMapping(new DbStringMapping(BbSessionDef.SESSION_IND, "ind_name", DbMapping.Use.INPUT, DbMapping.Use.INPUT, false));
        SESSION_IND_MAP.addMapping(new DbStringMapping(BbSessionDef.SESSION_VAL, "ind_value", DbMapping.Use.INPUT, DbMapping.Use.INPUT, false, true));
        SESSION_IND_MAP.addMapping(new DbIdMapping(BbSessionDef.SESSION_REF, BbSessionImpl.DATA_TYPE, "sesn_session_id", DbMapping.Use.INPUT, DbMapping.Use.INPUT, false));
        SESSION_IND_CR_MAP = new DbBbObjectMap(SessionKey.class, "session_inds");
        SESSION_IND_CR_MAP.addMapping(new DbIdMapping("id", SessionKey.DATA_TYPE, "pk1", DbMapping.Use.OUTPUT, DbMapping.Use.NONE, false));
        SESSION_IND_CR_MAP.addMapping(new DbStringMapping(BbSessionDef.SESSION_IND, "ind_name", DbMapping.Use.INPUT, DbMapping.Use.INPUT, false));
        SESSION_IND_CR_MAP.addMapping(new DbStringMapping(BbSessionDef.SESSION_VAL, "ind_value", DbMapping.Use.INPUT, DbMapping.Use.INPUT, false, true));
        SESSION_IND_CR_MAP.addMapping(new DbIdMapping(BbSessionDef.SESSION_REF, BbSessionImpl.DATA_TYPE, "sesn_session_id", DbMapping.Use.INPUT, DbMapping.Use.INPUT, false));
    }
}
