package org.springframework.security.config.annotation.web.configurers;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import org.springframework.security.authentication.AuthenticationTrustResolver;
import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.core.session.SessionRegistryImpl;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy;
import org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy;
import org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy;
import org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy;
import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
import org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy;
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
import org.springframework.security.web.context.NullSecurityContextRepository;
import org.springframework.security.web.context.SecurityContextRepository;
import org.springframework.security.web.savedrequest.NullRequestCache;
import org.springframework.security.web.savedrequest.RequestCache;
import org.springframework.security.web.session.ConcurrentSessionFilter;
import org.springframework.security.web.session.InvalidSessionStrategy;
import org.springframework.security.web.session.SessionManagementFilter;
import org.springframework.security.web.session.SimpleRedirectInvalidSessionStrategy;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/lib/spring-security-config-3.2.2.RELEASE.jar:org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurer.class */
public final class SessionManagementConfigurer<H extends HttpSecurityBuilder<H>> extends AbstractHttpConfigurer<SessionManagementConfigurer<H>, H> {
    private SessionAuthenticationStrategy sessionAuthenticationStrategy;
    private InvalidSessionStrategy invalidSessionStrategy;
    private Integer maximumSessions;
    private String expiredUrl;
    private boolean maxSessionsPreventsLogin;
    private boolean enableSessionUrlRewriting;
    private String invalidSessionUrl;
    private String sessionAuthenticationErrorUrl;
    private SessionAuthenticationStrategy sessionFixationAuthenticationStrategy = createDefaultSessionFixationProtectionStrategy();
    private List<SessionAuthenticationStrategy> sessionAuthenticationStrategies = new ArrayList();
    private SessionRegistry sessionRegistry = new SessionRegistryImpl();
    private SessionCreationPolicy sessionPolicy = SessionCreationPolicy.IF_REQUIRED;

    /* loaded from: input_file:WEB-INF/lib/spring-security-config-3.2.2.RELEASE.jar:org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurer$ConcurrencyControlConfigurer.class */
    public final class ConcurrencyControlConfigurer {
        public SessionManagementConfigurer<H>.ConcurrencyControlConfigurer expiredUrl(String str) {
            SessionManagementConfigurer.this.expiredUrl = str;
            return this;
        }

        public SessionManagementConfigurer<H>.ConcurrencyControlConfigurer maxSessionsPreventsLogin(boolean z) {
            SessionManagementConfigurer.this.maxSessionsPreventsLogin = z;
            return this;
        }

        public SessionManagementConfigurer<H>.ConcurrencyControlConfigurer sessionRegistry(SessionRegistry sessionRegistry) {
            SessionManagementConfigurer.this.sessionRegistry = sessionRegistry;
            return this;
        }

        public SessionManagementConfigurer<H> and() {
            return SessionManagementConfigurer.this;
        }

        private ConcurrencyControlConfigurer() {
        }
    }

    /* loaded from: input_file:WEB-INF/lib/spring-security-config-3.2.2.RELEASE.jar:org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurer$SessionFixationConfigurer.class */
    public final class SessionFixationConfigurer {
        public SessionFixationConfigurer() {
        }

        public SessionManagementConfigurer<H> newSession() {
            SessionFixationProtectionStrategy sessionFixationProtectionStrategy = new SessionFixationProtectionStrategy();
            sessionFixationProtectionStrategy.setMigrateSessionAttributes(false);
            SessionManagementConfigurer.this.setSessionFixationAuthenticationStrategy(sessionFixationProtectionStrategy);
            return SessionManagementConfigurer.this;
        }

        public SessionManagementConfigurer<H> migrateSession() {
            SessionManagementConfigurer.this.setSessionFixationAuthenticationStrategy(new SessionFixationProtectionStrategy());
            return SessionManagementConfigurer.this;
        }

        public SessionManagementConfigurer<H> changeSessionId() {
            SessionManagementConfigurer.this.setSessionFixationAuthenticationStrategy(new ChangeSessionIdAuthenticationStrategy());
            return SessionManagementConfigurer.this;
        }

        public SessionManagementConfigurer<H> none() {
            SessionManagementConfigurer.this.setSessionFixationAuthenticationStrategy(new NullAuthenticatedSessionStrategy());
            return SessionManagementConfigurer.this;
        }
    }

    public SessionManagementConfigurer<H> invalidSessionUrl(String str) {
        this.invalidSessionUrl = str;
        return this;
    }

    public SessionManagementConfigurer<H> sessionAuthenticationErrorUrl(String str) {
        this.sessionAuthenticationErrorUrl = str;
        return this;
    }

    public SessionManagementConfigurer<H> enableSessionUrlRewriting(boolean z) {
        this.enableSessionUrlRewriting = z;
        return this;
    }

    public SessionManagementConfigurer<H> sessionCreationPolicy(SessionCreationPolicy sessionCreationPolicy) {
        Assert.notNull(sessionCreationPolicy, "sessionCreationPolicy cannot be null");
        this.sessionPolicy = sessionCreationPolicy;
        return this;
    }

    public SessionManagementConfigurer<H> sessionAuthenticationStrategy(SessionAuthenticationStrategy sessionAuthenticationStrategy) {
        this.sessionFixationAuthenticationStrategy = sessionAuthenticationStrategy;
        return this;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SessionManagementConfigurer<H> addSessionAuthenticationStrategy(SessionAuthenticationStrategy sessionAuthenticationStrategy) {
        this.sessionAuthenticationStrategies.add(sessionAuthenticationStrategy);
        return this;
    }

    public SessionManagementConfigurer<H>.SessionFixationConfigurer sessionFixation() {
        return new SessionFixationConfigurer();
    }

    public SessionManagementConfigurer<H>.ConcurrencyControlConfigurer maximumSessions(int i) {
        this.maximumSessions = Integer.valueOf(i);
        return new ConcurrencyControlConfigurer();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setSessionFixationAuthenticationStrategy(SessionAuthenticationStrategy sessionAuthenticationStrategy) {
        this.sessionFixationAuthenticationStrategy = (SessionAuthenticationStrategy) postProcess(sessionAuthenticationStrategy);
    }

    @Override // org.springframework.security.config.annotation.SecurityConfigurerAdapter, org.springframework.security.config.annotation.SecurityConfigurer
    public void init(H h) throws Exception {
        SecurityContextRepository securityContextRepository = (SecurityContextRepository) h.getSharedObject(SecurityContextRepository.class);
        boolean isStateless = isStateless();
        if (securityContextRepository == null) {
            if (isStateless) {
                h.setSharedObject(SecurityContextRepository.class, new NullSecurityContextRepository());
            } else {
                HttpSessionSecurityContextRepository httpSessionSecurityContextRepository = new HttpSessionSecurityContextRepository();
                httpSessionSecurityContextRepository.setDisableUrlRewriting(!this.enableSessionUrlRewriting);
                httpSessionSecurityContextRepository.setAllowSessionCreation(isAllowSessionCreation());
                AuthenticationTrustResolver authenticationTrustResolver = (AuthenticationTrustResolver) h.getSharedObject(AuthenticationTrustResolver.class);
                if (authenticationTrustResolver != null) {
                    httpSessionSecurityContextRepository.setTrustResolver(authenticationTrustResolver);
                }
                h.setSharedObject(SecurityContextRepository.class, httpSessionSecurityContextRepository);
            }
        }
        if (((RequestCache) h.getSharedObject(RequestCache.class)) == null && isStateless) {
            h.setSharedObject(RequestCache.class, new NullRequestCache());
        }
        h.setSharedObject(SessionAuthenticationStrategy.class, getSessionAuthenticationStrategy());
        h.setSharedObject(InvalidSessionStrategy.class, getInvalidSessionStrategy());
    }

    @Override // org.springframework.security.config.annotation.SecurityConfigurerAdapter, org.springframework.security.config.annotation.SecurityConfigurer
    public void configure(H h) throws Exception {
        SessionManagementFilter sessionManagementFilter = new SessionManagementFilter((SecurityContextRepository) h.getSharedObject(SecurityContextRepository.class), getSessionAuthenticationStrategy());
        if (this.sessionAuthenticationErrorUrl != null) {
            sessionManagementFilter.setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler(this.sessionAuthenticationErrorUrl));
        }
        if (this.invalidSessionUrl != null) {
            sessionManagementFilter.setInvalidSessionStrategy(getInvalidSessionStrategy());
        }
        AuthenticationTrustResolver authenticationTrustResolver = (AuthenticationTrustResolver) h.getSharedObject(AuthenticationTrustResolver.class);
        if (authenticationTrustResolver != null) {
            sessionManagementFilter.setTrustResolver(authenticationTrustResolver);
        }
        h.addFilter((SessionManagementFilter) postProcess(sessionManagementFilter));
        if (isConcurrentSessionControlEnabled()) {
            h.addFilter((ConcurrentSessionFilter) postProcess(new ConcurrentSessionFilter(this.sessionRegistry, this.expiredUrl)));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public InvalidSessionStrategy getInvalidSessionStrategy() {
        if (this.invalidSessionUrl == null) {
            return null;
        }
        if (this.invalidSessionStrategy == null) {
            this.invalidSessionStrategy = new SimpleRedirectInvalidSessionStrategy(this.invalidSessionUrl);
        }
        return this.invalidSessionStrategy;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SessionCreationPolicy getSessionCreationPolicy() {
        return this.sessionPolicy;
    }

    private boolean isAllowSessionCreation() {
        return SessionCreationPolicy.ALWAYS == this.sessionPolicy || SessionCreationPolicy.IF_REQUIRED == this.sessionPolicy;
    }

    private boolean isStateless() {
        return SessionCreationPolicy.STATELESS == this.sessionPolicy;
    }

    private SessionAuthenticationStrategy getSessionAuthenticationStrategy() {
        if (this.sessionAuthenticationStrategy != null) {
            return this.sessionAuthenticationStrategy;
        }
        List<SessionAuthenticationStrategy> list = this.sessionAuthenticationStrategies;
        if (isConcurrentSessionControlEnabled()) {
            ConcurrentSessionControlAuthenticationStrategy concurrentSessionControlAuthenticationStrategy = new ConcurrentSessionControlAuthenticationStrategy(this.sessionRegistry);
            concurrentSessionControlAuthenticationStrategy.setMaximumSessions(this.maximumSessions.intValue());
            concurrentSessionControlAuthenticationStrategy.setExceptionIfMaximumExceeded(this.maxSessionsPreventsLogin);
            list.addAll(Arrays.asList((ConcurrentSessionControlAuthenticationStrategy) postProcess(concurrentSessionControlAuthenticationStrategy), this.sessionFixationAuthenticationStrategy, (RegisterSessionAuthenticationStrategy) postProcess(new RegisterSessionAuthenticationStrategy(this.sessionRegistry))));
        } else {
            list.add(this.sessionFixationAuthenticationStrategy);
        }
        this.sessionAuthenticationStrategy = (SessionAuthenticationStrategy) postProcess(new CompositeSessionAuthenticationStrategy(list));
        return this.sessionAuthenticationStrategy;
    }

    private boolean isConcurrentSessionControlEnabled() {
        return this.maximumSessions != null;
    }

    private static SessionAuthenticationStrategy createDefaultSessionFixationProtectionStrategy() {
        try {
            return new ChangeSessionIdAuthenticationStrategy();
        } catch (IllegalStateException e) {
            return new SessionFixationProtectionStrategy();
        }
    }

    @Override // org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer
    public /* bridge */ /* synthetic */ HttpSecurityBuilder disable() {
        return super.disable();
    }
}
