package io.vertx.ext.web.handler.impl;

import io.vertx.core.AsyncResult;
import io.vertx.core.Future;
import io.vertx.core.Handler;
import io.vertx.core.Promise;
import io.vertx.core.Vertx;
import io.vertx.core.http.Cookie;
import io.vertx.core.http.CookieSameSite;
import io.vertx.core.http.HttpHeaders;
import io.vertx.core.http.HttpServerRequest;
import io.vertx.core.impl.logging.Logger;
import io.vertx.core.impl.logging.LoggerFactory;
import io.vertx.ext.auth.User;
import io.vertx.ext.web.RoutingContext;
import io.vertx.ext.web.Session;
import io.vertx.ext.web.handler.SessionHandler;
import io.vertx.ext.web.sstore.SessionStore;
import io.vertx.ext.web.sstore.impl.SessionInternal;

/* loaded from: input_file:BOOT-INF/lib/vertx-web-4.1.8.jar:io/vertx/ext/web/handler/impl/SessionHandlerImpl.class */
public class SessionHandlerImpl implements SessionHandler {
    public static final String SESSION_USER_HOLDER_KEY = "__vertx.userHolder";
    public static final String SESSION_FLUSHED_KEY = "__vertx.session-flushed";
    public static final String SESSION_STOREUSER_KEY = "__vertx.session-storeuser";
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) SessionHandlerImpl.class);
    private final SessionStore sessionStore;
    private String sessionCookieName = SessionHandler.DEFAULT_SESSION_COOKIE_NAME;
    private String sessionCookiePath = "/";
    private long sessionTimeout = 1800000;
    private boolean nagHttps = true;
    private boolean sessionCookieSecure = false;
    private boolean sessionCookieHttpOnly = false;
    private int minLength = 16;
    private boolean lazySession = false;
    private long cookieMaxAge = -1;
    private boolean cookieless;
    private CookieSameSite cookieSameSite;

    public SessionHandlerImpl(SessionStore sessionStore) {
        this.sessionStore = sessionStore;
    }

    @Override // io.vertx.ext.web.handler.SessionHandler
    public SessionHandler setSessionTimeout(long j) {
        this.sessionTimeout = j;
        return this;
    }

    @Override // io.vertx.ext.web.handler.SessionHandler
    public SessionHandler setNagHttps(boolean z) {
        this.nagHttps = z;
        return this;
    }

    @Override // io.vertx.ext.web.handler.SessionHandler
    public SessionHandler setCookieSecureFlag(boolean z) {
        this.sessionCookieSecure = z;
        return this;
    }

    @Override // io.vertx.ext.web.handler.SessionHandler
    public SessionHandler setCookieHttpOnlyFlag(boolean z) {
        this.sessionCookieHttpOnly = z;
        return this;
    }

    @Override // io.vertx.ext.web.handler.SessionHandler
    public SessionHandler setSessionCookieName(String str) {
        this.sessionCookieName = str;
        return this;
    }

    @Override // io.vertx.ext.web.handler.SessionHandler
    public SessionHandler setSessionCookiePath(String str) {
        this.sessionCookiePath = str;
        return this;
    }

    @Override // io.vertx.ext.web.handler.SessionHandler
    public SessionHandler setMinLength(int i) {
        this.minLength = i;
        return this;
    }

    @Override // io.vertx.ext.web.handler.SessionHandler
    public SessionHandler setCookieSameSite(CookieSameSite cookieSameSite) {
        this.cookieSameSite = cookieSameSite;
        return this;
    }

    @Override // io.vertx.ext.web.handler.SessionHandler
    public SessionHandler setLazySession(boolean z) {
        this.lazySession = z;
        return this;
    }

    @Override // io.vertx.ext.web.handler.SessionHandler
    public SessionHandler setCookieMaxAge(long j) {
        this.cookieMaxAge = j;
        return this;
    }

    @Override // io.vertx.ext.web.handler.SessionHandler
    public SessionHandler setCookieless(boolean z) {
        this.cookieless = z;
        return this;
    }

    @Override // io.vertx.ext.web.handler.SessionHandler
    public SessionHandler flush(RoutingContext routingContext, Handler<AsyncResult<Void>> handler) {
        return flush(routingContext, false, false, handler);
    }

    @Override // io.vertx.ext.web.handler.SessionHandler
    public SessionHandler flush(RoutingContext routingContext, boolean z, Handler<AsyncResult<Void>> handler) {
        return flush(routingContext, false, z, handler);
    }

    private void setCookieProperties(Cookie cookie, boolean z) {
        cookie.setPath(this.sessionCookiePath);
        cookie.setSecure(this.sessionCookieSecure);
        cookie.setHttpOnly(this.sessionCookieHttpOnly);
        cookie.setSameSite(this.cookieSameSite);
        if (z || this.cookieMaxAge < 0) {
            return;
        }
        cookie.setMaxAge(this.cookieMaxAge);
    }

    private SessionHandler flush(RoutingContext routingContext, boolean z, boolean z2, Handler<AsyncResult<Void>> handler) {
        Cookie removeCookie;
        boolean isSessionAccessed = routingContext.isSessionAccessed();
        Session session = routingContext.session();
        if (session.isDestroyed()) {
            if (!this.cookieless && (removeCookie = routingContext.removeCookie(this.sessionCookieName)) != null) {
                setCookieProperties(removeCookie, true);
            }
            if (session.isRegenerated()) {
                this.sessionStore.delete(session.oldId(), asyncResult -> {
                    if (asyncResult.failed()) {
                        handler.handle(Future.failedFuture(asyncResult.cause()));
                    } else {
                        this.sessionStore.delete(session.id(), asyncResult -> {
                            if (asyncResult.failed()) {
                                handler.handle(Future.failedFuture(asyncResult.cause()));
                            } else {
                                routingContext.put(SESSION_FLUSHED_KEY, true);
                                handler.handle(Future.succeededFuture());
                            }
                        });
                    }
                });
            } else {
                this.sessionStore.delete(session.id(), asyncResult2 -> {
                    if (asyncResult2.failed()) {
                        handler.handle(Future.failedFuture(asyncResult2.cause()));
                    } else {
                        routingContext.put(SESSION_FLUSHED_KEY, true);
                        handler.handle(Future.succeededFuture());
                    }
                });
            }
        } else {
            int statusCode = routingContext.response().getStatusCode();
            if (z2 || (statusCode >= 200 && statusCode < 400)) {
                Boolean bool = (Boolean) routingContext.get(SESSION_STOREUSER_KEY);
                if (bool != null && bool.booleanValue() && routingContext.user() != null) {
                    session.put(SESSION_USER_HOLDER_KEY, new UserHolder(routingContext));
                }
                if (session.isRegenerated()) {
                    if (this.cookieless) {
                        session.setAccessed();
                    } else {
                        Cookie sessionCookie = sessionCookie(routingContext, session);
                        session.setAccessed();
                        sessionCookie.setValue(session.value());
                        setCookieProperties(sessionCookie, false);
                    }
                    this.sessionStore.delete(session.oldId(), asyncResult3 -> {
                        if (asyncResult3.failed()) {
                            handler.handle(Future.failedFuture(asyncResult3.cause()));
                        } else {
                            this.sessionStore.put(session, asyncResult3 -> {
                                if (asyncResult3.failed()) {
                                    handler.handle(Future.failedFuture(asyncResult3.cause()));
                                    return;
                                }
                                routingContext.put(SESSION_FLUSHED_KEY, true);
                                if (session instanceof SessionInternal) {
                                    ((SessionInternal) session).flushed(z);
                                }
                                handler.handle(Future.succeededFuture());
                            });
                        }
                    });
                } else if (!this.lazySession || isSessionAccessed) {
                    if (!this.cookieless) {
                        sessionCookie(routingContext, session);
                    }
                    session.setAccessed();
                    this.sessionStore.put(session, asyncResult4 -> {
                        if (asyncResult4.failed()) {
                            handler.handle(Future.failedFuture(asyncResult4.cause()));
                            return;
                        }
                        routingContext.put(SESSION_FLUSHED_KEY, true);
                        if (session instanceof SessionInternal) {
                            ((SessionInternal) session).flushed(z);
                        }
                        handler.handle(Future.succeededFuture());
                    });
                }
            }
        }
        return this;
    }

    @Override // io.vertx.core.Handler
    public void handle(RoutingContext routingContext) {
        HttpServerRequest request = routingContext.request();
        if (this.nagHttps && LOG.isDebugEnabled()) {
            String absoluteURI = request.absoluteURI();
            if (!absoluteURI.startsWith("https:")) {
                LOG.debug("Using session cookies without https could make you susceptible to session hijacking: " + absoluteURI);
            }
        }
        String sessionId = getSessionId(routingContext);
        if (sessionId == null || sessionId.length() <= this.minLength) {
            createNewSession(routingContext);
            routingContext.next();
        } else {
            boolean isEnded = request.isEnded();
            if (!isEnded) {
                request.pause2();
            }
            getSession(routingContext.vertx(), sessionId, asyncResult -> {
                if (!isEnded && !request.headers().contains(HttpHeaders.UPGRADE, HttpHeaders.WEBSOCKET, true)) {
                    request.resume2();
                }
                if (asyncResult.succeeded()) {
                    Session session = (Session) asyncResult.result();
                    if (session != null) {
                        routingContext.setSession(session);
                        UserHolder userHolder = (UserHolder) session.get(SESSION_USER_HOLDER_KEY);
                        if (userHolder != null) {
                            userHolder.refresh(routingContext);
                        } else {
                            routingContext.put(SESSION_STOREUSER_KEY, true);
                        }
                        addStoreSessionHandler(routingContext);
                    } else {
                        createNewSession(routingContext);
                    }
                } else {
                    routingContext.fail(asyncResult.cause());
                }
                routingContext.next();
            });
        }
    }

    @Override // io.vertx.ext.web.handler.SessionHandler
    public Session newSession(RoutingContext routingContext) {
        Session createSession = this.sessionStore.createSession(this.sessionTimeout, this.minLength);
        routingContext.setSession(createSession);
        if (!this.cookieless) {
            routingContext.removeCookie(this.sessionCookieName, false);
        }
        routingContext.put(SESSION_STOREUSER_KEY, true);
        flush(routingContext, true, true, asyncResult -> {
            if (asyncResult.failed()) {
                LOG.warn("Failed to flush the session to the underlying store", asyncResult.cause());
            }
        });
        return createSession;
    }

    @Override // io.vertx.ext.web.handler.SessionHandler
    public Future<Void> setUser(RoutingContext routingContext, User user) {
        if (!this.cookieless) {
            routingContext.removeCookie(this.sessionCookieName, false);
        }
        routingContext.setUser(user);
        routingContext.put(SESSION_STOREUSER_KEY, true);
        Promise promise = Promise.promise();
        flush(routingContext, true, true, promise);
        return promise.future();
    }

    private String getSessionId(RoutingContext routingContext) {
        if (!this.cookieless) {
            Cookie cookie = routingContext.getCookie(this.sessionCookieName);
            if (cookie != null) {
                return cookie.getValue();
            }
            return null;
        }
        String normalizedPath = routingContext.normalizedPath();
        int i = -1;
        int i2 = -1;
        int i3 = 0;
        while (true) {
            if (i3 >= normalizedPath.length()) {
                break;
            }
            if (normalizedPath.charAt(i3) != '(') {
                if (normalizedPath.charAt(i3) == ')' && i != -1) {
                    i2 = i3;
                    break;
                }
            } else {
                i = i3 + 1;
            }
            i3++;
        }
        if (i == -1 || i2 == -1 || i >= i2) {
            return null;
        }
        return normalizedPath.substring(i, i2);
    }

    private void getSession(Vertx vertx, String str, Handler<AsyncResult<Session>> handler) {
        doGetSession(vertx, System.currentTimeMillis(), str, handler);
    }

    private void doGetSession(Vertx vertx, long j, String str, Handler<AsyncResult<Session>> handler) {
        this.sessionStore.get(str, asyncResult -> {
            if (asyncResult.succeeded() && asyncResult.result() == null) {
                long retryTimeout = this.sessionStore.retryTimeout();
                if (retryTimeout > 0 && System.currentTimeMillis() - j < retryTimeout) {
                    vertx.setTimer(5L, l -> {
                        doGetSession(vertx, j, str, handler);
                    });
                    return;
                }
            }
            handler.handle(asyncResult);
        });
    }

    private void addStoreSessionHandler(RoutingContext routingContext) {
        routingContext.addHeadersEndHandler(r8 -> {
            Boolean bool = (Boolean) routingContext.get(SESSION_FLUSHED_KEY);
            if (bool == null || !bool.booleanValue()) {
                flush(routingContext, true, false, asyncResult -> {
                    if (asyncResult.failed()) {
                        LOG.warn("Failed to flush the session to the underlying store", asyncResult.cause());
                    }
                });
            }
        });
    }

    private void createNewSession(RoutingContext routingContext) {
        routingContext.setSession(this.sessionStore.createSession(this.sessionTimeout, this.minLength));
        if (!this.cookieless) {
            routingContext.removeCookie(this.sessionCookieName, false);
        }
        routingContext.put(SESSION_STOREUSER_KEY, true);
        addStoreSessionHandler(routingContext);
    }

    private Cookie sessionCookie(RoutingContext routingContext, Session session) {
        Cookie cookie = routingContext.getCookie(this.sessionCookieName);
        if (cookie != null) {
            return cookie;
        }
        Cookie cookie2 = Cookie.cookie(this.sessionCookieName, session.value());
        setCookieProperties(cookie2, false);
        routingContext.addCookie(cookie2);
        return cookie2;
    }
}
