package de.contecon.picapport.server;

import com.google.common.net.HttpHeaders;
import de.contecon.picapport.PicApportProperties;
import de.contecon.picapport.server.servlet.PicApportResourceServlet;
import java.io.UnsupportedEncodingException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.essc.guicontrols.EsListSelection;
import net.essc.util.GenLog;
import org.apache.logging.log4j.message.ParameterizedMessage;

/* loaded from: input_file:de/contecon/picapport/server/PicApportWebApiSessionManager.class */
public class PicApportWebApiSessionManager {
    private static PicApportWebApiSessionManager instance;
    private int maxConnectionsPerIP;
    private long sessionTimeoutInMs;
    private Map<String, PicApportWebApiSession> apiSessionMap = new HashMap();
    private Map<String, Integer> ipAddressStatsMap = new HashMap();

    public static PicApportWebApiSessionManager getInstance() {
        return instance;
    }

    public static void setGlobalInstance(PicApportWebApiSessionManager picApportWebApiSessionManager) {
        instance = picApportWebApiSessionManager;
    }

    public void init() {
        PicApportProperties picApportProperties = PicApportProperties.getInstance();
        this.maxConnectionsPerIP = picApportProperties.getWebApiMaxConnectionsPerIP();
        this.sessionTimeoutInMs = picApportProperties.getWebApiSessionTimeoutInMillis();
    }

    public void dumpStatus() {
        GenLog.dumpFormattedMessage("WebApiSessionManager has " + this.apiSessionMap.size() + " active sessions on " + this.ipAddressStatsMap.size() + " different ip-adresses.");
    }

    public final PicApportWebApiSession createWebApiSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws PicApportWebApiException, NoSuchAlgorithmException, UnsupportedEncodingException {
        PicApportWebApiSession picApportWebApiSession;
        synchronized (this.apiSessionMap) {
            String clientIpAddr = getClientIpAddr(httpServletRequest);
            checkIPandIncrement(clientIpAddr);
            try {
                picApportWebApiSession = new PicApportWebApiSession(clientIpAddr);
                this.apiSessionMap.put(picApportWebApiSession.getAPIsid(), picApportWebApiSession);
            } catch (UnsupportedEncodingException | NoSuchAlgorithmException e) {
                checkIPandDecrement(clientIpAddr);
                if (GenLog.isTracelevel(4)) {
                    GenLog.dumpException(e);
                } else {
                    GenLog.dumpExceptionError("PicApportWebApiSessionManager.createWebApiSession", e);
                }
                checkIPandDecrement(clientIpAddr);
                throw e;
            }
        }
        return picApportWebApiSession;
    }

    public final PicApportWebApiSession getWebApiSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws PicApportWebApiException {
        String parameter = httpServletRequest.getParameter(PicApportResourceServlet.APISID);
        String clientIpAddr = getClientIpAddr(httpServletRequest);
        if (null == parameter) {
            parameter = "";
        }
        if (parameter.trim().length() == 0 && null != PicApportProperties.getInstance().getApiDefaultUid()) {
            parameter = PicApportProperties.getInstance().getApiDefaultUid();
        }
        PicApportWebApiSession picApportWebApiSession = this.apiSessionMap.get(parameter);
        if (null == picApportWebApiSession) {
            String str = clientIpAddr + ParameterizedMessage.ERROR_MSG_SEPARATOR + parameter;
            picApportWebApiSession = this.apiSessionMap.get(str);
            if (null == picApportWebApiSession) {
                PicApportSession picApportSession = new PicApportSession();
                if (picApportSession.getUserSession().doLogon(parameter, parameter)) {
                    synchronized (this.apiSessionMap) {
                        checkIPandIncrement(clientIpAddr);
                        picApportWebApiSession = new PicApportWebApiSession(clientIpAddr, str, picApportSession);
                        this.apiSessionMap.put(picApportWebApiSession.getAPIsid(), picApportWebApiSession);
                    }
                }
            }
        }
        if (null == picApportWebApiSession) {
            throw new PicApportWebApiException(403, "invalid apisid: " + parameter);
        }
        if (!clientIpAddr.equals(picApportWebApiSession.getRemoteAddress())) {
            throw new PicApportWebApiException(403, "IP-Address has changed for apisid: " + picApportWebApiSession.getRemoteAddress() + " -> " + clientIpAddr);
        }
        picApportWebApiSession.updateLastAccess();
        return picApportWebApiSession;
    }

    public final String closeWebApiSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws PicApportWebApiException {
        String removeWebApiSession;
        synchronized (this.apiSessionMap) {
            removeWebApiSession = removeWebApiSession(getWebApiSession(httpServletRequest, httpServletResponse));
        }
        return removeWebApiSession;
    }

    private String removeWebApiSession(PicApportWebApiSession picApportWebApiSession) throws PicApportWebApiException {
        this.apiSessionMap.remove(picApportWebApiSession.getAPIsid());
        checkIPandDecrement(picApportWebApiSession.getRemoteAddress());
        return picApportWebApiSession.getAPIsid();
    }

    public final void removeInactiveSessions() throws PicApportWebApiException {
        ArrayList arrayList = new ArrayList();
        for (PicApportWebApiSession picApportWebApiSession : this.apiSessionMap.values()) {
            if (picApportWebApiSession.isInactive(this.sessionTimeoutInMs)) {
                arrayList.add(picApportWebApiSession.getAPIsid());
            }
        }
        if (arrayList.isEmpty()) {
            return;
        }
        synchronized (this.apiSessionMap) {
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                PicApportWebApiSession picApportWebApiSession2 = this.apiSessionMap.get((String) it.next());
                if (picApportWebApiSession2.isInactive(this.sessionTimeoutInMs)) {
                    removeWebApiSession(picApportWebApiSession2);
                    if (GenLog.isTracelevel(4)) {
                        GenLog.dumpDebugMessage("PicApportWebApiSessionManager.removeInactiveSession: " + picApportWebApiSession2.getAPIsid() + " on " + picApportWebApiSession2.getRemoteAddress());
                    }
                }
            }
        }
    }

    private String getClientIpAddr(HttpServletRequest httpServletRequest) {
        try {
            String header = httpServletRequest.getHeader(HttpHeaders.X_FORWARDED_FOR);
            if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
                header = httpServletRequest.getHeader("Proxy-Client-IP");
            }
            if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
                header = httpServletRequest.getHeader("WL-Proxy-Client-IP");
            }
            if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
                header = httpServletRequest.getHeader("HTTP_X_FORWARDED_FOR");
            }
            if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
                header = httpServletRequest.getHeader("HTTP_X_FORWARDED");
            }
            if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
                header = httpServletRequest.getHeader("HTTP_X_CLUSTER_CLIENT_IP");
            }
            if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
                header = httpServletRequest.getHeader("HTTP_CLIENT_IP");
            }
            if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
                header = httpServletRequest.getHeader("HTTP_FORWARDED_FOR");
            }
            if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
                header = httpServletRequest.getHeader("HTTP_FORWARDED");
            }
            if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
                header = httpServletRequest.getHeader("HTTP_VIA");
            }
            if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
                header = httpServletRequest.getHeader("REMOTE_ADDR");
            }
            if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
                header = httpServletRequest.getRemoteAddr();
            }
            return header.split(EsListSelection.DELIM)[0].trim();
        } catch (Exception e) {
            if (GenLog.isTracelevel(4)) {
                GenLog.dumpException(e);
            } else {
                GenLog.dumpExceptionError("PicApportWebApiSessionManager.getClientIpAddr", e);
            }
            return httpServletRequest.getRemoteAddr();
        }
    }

    private void checkIPandIncrement(String str) throws PicApportWebApiException {
        synchronized (this.ipAddressStatsMap) {
            Integer num = this.ipAddressStatsMap.get(str);
            if (null == num) {
                num = 0;
            } else if (num.intValue() >= this.maxConnectionsPerIP) {
                throw new PicApportWebApiException(403, "Max connection per IP reached: " + str);
            }
            this.ipAddressStatsMap.put(str, Integer.valueOf(num.intValue() + 1));
        }
    }

    private void checkIPandDecrement(String str) throws PicApportWebApiException {
        synchronized (this.ipAddressStatsMap) {
            Integer num = this.ipAddressStatsMap.get(str);
            if (null != num) {
                if (num.intValue() > 1) {
                    this.ipAddressStatsMap.put(str, Integer.valueOf(num.intValue() - 1));
                } else {
                    this.ipAddressStatsMap.remove(str);
                }
            }
        }
    }
}
