package org.apache.shiro.biz.web.filter;

import java.io.Serializable;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.Deque;
import java.util.LinkedList;
import java.util.Map;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.biz.web.Constants;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.mgt.DefaultSessionKey;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.session.mgt.SimpleOnlineSession;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.apache.shiro.web.util.WebUtils;

/* loaded from: input_file:org/apache/shiro/biz/web/filter/HttpServletSessionDequeFilter.class */
public abstract class HttpServletSessionDequeFilter extends AccessControlFilter {
    public static final String DEFAULT_REDIRECT_URL = "/";
    public static final String DEFAULT_SESSION_DEQUE_CACHE_NAME = "shiro-sessionDequeCache";
    private Cache<String, Deque<Serializable>> sessionDequeCache;
    private CacheManager cacheManager;
    private SessionManager sessionManager;
    private boolean kickoutFirst = false;
    private int sessionMaximumKickout = 1;
    private String sessionDequeCacheName = DEFAULT_SESSION_DEQUE_CACHE_NAME;
    private String redirectUrl = "/";

    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) {
        Subject subject = getSubject(servletRequest, servletResponse);
        return (subject.isAuthenticated() || subject.isRemembered()) ? false : true;
    }

    protected abstract String getSessionDequeCacheKey(Object obj);

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        if (this.cacheManager == null) {
            throw new AuthenticationException("cacheManager must be set for this filter");
        }
        if (this.sessionDequeCache == null) {
            this.sessionDequeCache = getCacheManager().getCache(getSessionDequeCacheName());
        }
        Subject subject = getSubject(servletRequest, servletResponse);
        SimpleOnlineSession session = subject.getSession();
        Serializable id = session.getId();
        String sessionDequeCacheKey = getSessionDequeCacheKey(subject.getPrincipal());
        Deque deque = (Deque) this.sessionDequeCache.get(sessionDequeCacheKey);
        if (deque == null) {
            deque = new LinkedList();
            this.sessionDequeCache.put(sessionDequeCacheKey, deque);
        }
        if (!deque.contains(id) && session.getAttribute(Constants.SESSION_KICKOUT_KEY) == null) {
            deque.push(id);
        }
        while (deque.size() > getSessionMaximumKickout()) {
            try {
                Session session2 = getSessionManager().getSession(new DefaultSessionKey(isKickoutFirst() ? (Serializable) deque.removeFirst() : (Serializable) deque.removeLast()));
                if (session2 != null) {
                    session2.setAttribute(Constants.SESSION_KICKOUT_KEY, true);
                    if (session2 instanceof SimpleOnlineSession) {
                        session.setStatus(SimpleOnlineSession.OnlineStatus.FORCE_LOGOUT);
                    }
                }
            } catch (Exception e) {
            }
        }
        if (session.getAttribute(Constants.SESSION_KICKOUT_KEY) == null) {
            return true;
        }
        try {
            subject.logout();
        } catch (Exception e2) {
        }
        saveRequest(servletRequest);
        boolean z = true;
        if (escapeURL(getRedirectUrl()).contains(escapeURL(servletRequest.getScheme() + "://" + servletRequest.getServerName()))) {
            z = false;
        }
        WebUtils.issueRedirect(servletRequest, servletResponse, getRedirectUrl(), (Map) null, z);
        return false;
    }

    public String escapeURL(String str) {
        String str2 = "";
        try {
            str2 = URLEncoder.encode(str, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        }
        return str2;
    }

    public SessionManager getSessionManager() {
        return this.sessionManager;
    }

    public void setSessionManager(SessionManager sessionManager) {
        this.sessionManager = sessionManager;
    }

    public boolean isKickoutFirst() {
        return this.kickoutFirst;
    }

    public void setKickoutFirst(boolean z) {
        this.kickoutFirst = z;
    }

    public int getSessionMaximumKickout() {
        return this.sessionMaximumKickout;
    }

    public void setSessionMaximumKickout(int i) {
        this.sessionMaximumKickout = i;
    }

    public void setCacheManager(CacheManager cacheManager) {
        this.cacheManager = cacheManager;
    }

    public CacheManager getCacheManager() {
        return this.cacheManager;
    }

    public String getSessionDequeCacheName() {
        return this.sessionDequeCacheName;
    }

    public void setSessionDequeCacheName(String str) {
        this.sessionDequeCacheName = str;
    }

    public String getRedirectUrl() {
        return this.redirectUrl;
    }

    public void setRedirectUrl(String str) {
        this.redirectUrl = str;
    }
}
