package com.ibm.ws.session;

import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ws.session.utils.LoggingUtil;
import com.ibm.wsspi.session.IProtocolAdapter;
import com.ibm.wsspi.session.ISession;
import com.ibm.wsspi.session.ISessionAffinityManager;
import com.ibm.wsspi.session.IStore;
import com.ibm.wsspi.session.SessionAffinityContext;
import java.util.List;
import java.util.logging.Level;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.ws.security.WSConstants;
import org.eclipse.equinox.http.servlet.internal.util.Const;
import org.eclipse.persistence.jpa.jpql.parser.Expression;

/* loaded from: input_file:wlp/lib/com.ibm.ws.session_1.0.16.jar:com/ibm/ws/session/SessionAffinityManager.class */
public class SessionAffinityManager implements ISessionAffinityManager {
    private static final String methodClassName = "SessionAffinityManager";
    protected SessionManagerConfig _smc;
    protected SessionContext _sessCtx;
    protected IStore _store;
    protected static final int GET_REQUESTED_SESSION_ID_FROM_URL = 0;
    protected static final int ANALYZE_REQUEST = 1;
    protected static final int SET_NEXT_ID = 2;
    protected static final int ENCODE_URL = 3;
    protected static final int SET_COOKIE = 4;
    protected static final int SET_SIP_COOKIE = 5;
    protected static final int ANALYZE_SSL_REQUEST = 6;
    private static final int UPDATE_CLONE_INFO = 7;
    protected static final String[] methodNames = {"getRequestedSessionIdFromURL", "analyzeRequest", "setNextId", "encodeURL", "setCookie", "setSIPCookie", "analyzeSSLRequest", "UpdateCloneInfo"};
    static final String[] unSecStrs = {"<", ">", Const.AMP, "!", Expression.QUOTE, "(", ")", "\""};
    protected String _cloneID = "";
    private final String _versionPrefix = "0000";
    protected int _versionPrefixLength = 4;
    protected String whichCookie = "";
    protected int _versionPlusIdLength = this._versionPrefixLength + SessionManagerConfig.getSessionIDLength();

    public SessionAffinityManager(SessionManagerConfig sessionManagerConfig, SessionContext sessionContext, IStore iStore) {
        this._smc = sessionManagerConfig;
        this._sessCtx = sessionContext;
        this._store = iStore;
    }

    public String getRequestedSessionIdFromURL(ServletRequest servletRequest) {
        if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.entering(methodClassName, methodNames[0]);
        }
        return null;
    }

    @Override // com.ibm.wsspi.session.ISessionAffinityManager
    public List getAllCookieValues(ServletRequest servletRequest) {
        return null;
    }

    @Override // com.ibm.wsspi.session.ISessionAffinityManager
    public SessionAffinityContext analyzeRequest(ServletRequest servletRequest) {
        if (!TraceComponent.isAnyTracingEnabled() || !LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            return null;
        }
        LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[1], "");
        return null;
    }

    @Override // com.ibm.wsspi.session.ISessionAffinityManager
    public boolean setNextId(SessionAffinityContext sessionAffinityContext) {
        String substring;
        int length;
        int sessionIDLength;
        boolean z = false;
        String str = "";
        String str2 = "";
        boolean isAnyTracingEnabled = TraceComponent.isAnyTracingEnabled();
        if (isAnyTracingEnabled && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.entering(methodClassName, methodNames[2]);
        }
        List allSessionIds = sessionAffinityContext.getAllSessionIds();
        if (allSessionIds != null && !allSessionIds.isEmpty() && !sessionAffinityContext.isResponseIdSet()) {
            String str3 = (String) allSessionIds.remove(0);
            if (isAnyTracingEnabled && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[2], "Next id is " + (str3 != null ? str3 : WSConstants.NULL_NS));
            }
            if (sessionAffinityContext.isFirstSessionIdValid()) {
                if (str3 != null && (str3.length() >= this._versionPlusIdLength || this._smc.useSSLId())) {
                    z = true;
                    sessionAffinityContext.setRequestedVersion(0);
                    if (this._versionPrefixLength > 0) {
                        str = str3.substring(0, this._versionPrefixLength);
                        try {
                            sessionAffinityContext.setRequestedVersion(Integer.parseInt(str));
                        } catch (NumberFormatException e) {
                            if (isAnyTracingEnabled && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                                LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[2], "Caught exception when parsing JSessionID in cookie:", (Throwable) e);
                            }
                        }
                    }
                    int indexOf = str3.indexOf(SessionManagerConfig.getCloneSeparator());
                    if (indexOf == -1) {
                        substring = str3.substring(this._versionPrefixLength);
                    } else if (indexOf < this._versionPrefixLength) {
                        LoggingUtil.SESSION_LOGGER_CORE.logp(Level.WARNING, methodClassName, methodNames[2], "Symbol(:) exception caught in JSessionID, setting: " + ((String) null) + " to null.");
                        substring = null;
                    } else {
                        str2 = str3.substring(indexOf);
                        substring = str3.substring(this._versionPrefixLength, indexOf);
                    }
                    if (substring != null && (length = substring.length()) > (sessionIDLength = SessionManagerConfig.getSessionIDLength())) {
                        LoggingUtil.SESSION_LOGGER_CORE.logp(Level.WARNING, methodClassName, methodNames[2], "Detected JSESSIONID with invalid length; expected length of " + sessionIDLength + ", found " + length + ", setting: " + substring + " to null.");
                        substring = null;
                    }
                    sessionAffinityContext.setRequestedSessionID(substring);
                    if (SessionManagerConfig.isCloneIdPropertySet() && SessionManagerConfig.isExpectedCloneIdsPropertySet() && indexOf > 0) {
                        String[] split = str2.split(String.valueOf(SessionManagerConfig.getCloneSeparator()));
                        int i = 0;
                        while (true) {
                            if (i < split.length) {
                                if (split[i].length() > 0 && !SessionManagerConfig.getExpectedCloneIds().contains(split[i])) {
                                    LoggingUtil.SESSION_LOGGER_CORE.logp(Level.WARNING, methodClassName, methodNames[2], "Detected suspicious cloneId associated with the incoming request. The list of incoming cloneIds " + str2 + " is no longer valid and will be cleared.");
                                    str2 = "";
                                    break;
                                }
                                i++;
                            } else {
                                break;
                            }
                        }
                    }
                    sessionAffinityContext.setInputCloneInfo(str2);
                    if (isAnyTracingEnabled && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                        LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[2], new StringBuffer("Version:").append(str).append(":Id:").append(substring).append(":CloneInfo:").append(str2).toString());
                    }
                } else if (str3 != null && str3.length() < this._versionPlusIdLength) {
                    sessionAffinityContext.setFirstSessionIdValid(false);
                }
            }
        }
        if (isAnyTracingEnabled && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.exiting(methodClassName, methodNames[2], Boolean.valueOf(z));
        }
        return z;
    }

    private static boolean isSafe(String str) {
        for (int i = 0; i < unSecStrs.length; i++) {
            if (str.indexOf(unSecStrs[i]) != -1) {
                return false;
            }
        }
        return true;
    }

    public String encodeURL(HttpSession httpSession, String str) {
        return encodeURL(httpSession, (ServletRequest) null, str, (SessionAffinityContext) null);
    }

    private String encodeURL(HttpSession httpSession, ServletRequest servletRequest, String str, SessionAffinityContext sessionAffinityContext) {
        String id;
        String versionString;
        StringBuffer stringBuffer;
        if (sessionAffinityContext != null) {
            int responseSessionVersion = sessionAffinityContext.getResponseSessionVersion();
            id = sessionAffinityContext.getResponseSessionID();
            versionString = getVersionString(responseSessionVersion);
        } else {
            ISession iSession = ((SessionData) httpSession).getISession();
            id = iSession.getId();
            versionString = getVersionString(iSession.getVersion());
        }
        String concat = versionString.concat(id);
        if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.entering(methodClassName, methodNames[3]);
        }
        if (!isSafe(concat)) {
            if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                LoggingUtil.SESSION_LOGGER_CORE.exiting(methodClassName, methodNames[3], "URL is not safe");
            }
            return str;
        }
        int i = -1;
        int indexOf = str.indexOf(this._smc.getSessUrlRewritePrefix());
        if (indexOf != -1) {
            i = str.indexOf(";", indexOf + 1);
        }
        if (i == -1) {
            int indexOf2 = str.indexOf("?");
            int indexOf3 = str.indexOf("#");
            if (indexOf2 != -1 && indexOf3 != -1 && indexOf3 < indexOf2) {
                indexOf2 = indexOf3;
            }
            if (indexOf2 == -1 && indexOf3 != -1) {
                indexOf2 = indexOf3;
            }
            i = indexOf2;
        }
        if (indexOf == -1) {
            indexOf = i;
        }
        String str2 = null;
        if (indexOf != -1) {
            stringBuffer = new StringBuffer(str.substring(0, indexOf));
            if (i != -1) {
                str2 = str.substring(i, str.length());
            }
        } else {
            stringBuffer = new StringBuffer(str);
        }
        stringBuffer.append(this._smc.getSessUrlRewritePrefix());
        stringBuffer.append(concat);
        String separatorPlusAffinityToken = getSeparatorPlusAffinityToken(id);
        if (sessionAffinityContext != null) {
            String updateCloneInfo = updateCloneInfo(sessionAffinityContext, separatorPlusAffinityToken);
            if (!isSafe(updateCloneInfo)) {
                if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                    LoggingUtil.SESSION_LOGGER_CORE.exiting(methodClassName, methodNames[3], "AffinityContext cloneID is not safe");
                }
                return str;
            }
            stringBuffer.append(updateCloneInfo);
        } else {
            if (!isSafe(separatorPlusAffinityToken)) {
                if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                    LoggingUtil.SESSION_LOGGER_CORE.exiting(methodClassName, methodNames[3], "CloneID in URL is not safe");
                }
                return str;
            }
            stringBuffer.append(separatorPlusAffinityToken);
        }
        if (stringBuffer.length() > SessionManagerConfig.getMaxSessionIdentifierLength() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.WARNING)) {
            LoggingUtil.SESSION_LOGGER_CORE.logp(Level.WARNING, methodClassName, methodNames[3], "SessionContext.maxSessionIdLengthExceeded", (Object[]) new String[]{stringBuffer.toString(), new Integer(SessionManagerConfig.getMaxSessionIdentifierLength()).toString()});
        }
        if (i != -1) {
            stringBuffer.append(str2);
        }
        String stringBuffer2 = stringBuffer.toString();
        if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.exiting(methodClassName, methodNames[3], stringBuffer2);
        }
        return stringBuffer2;
    }

    @Override // com.ibm.wsspi.session.ISessionAffinityManager
    public String encodeURL(ServletRequest servletRequest, String str, SessionAffinityContext sessionAffinityContext) {
        return encodeURL((HttpSession) null, servletRequest, str, sessionAffinityContext);
    }

    @Override // com.ibm.wsspi.session.ISessionAffinityManager
    public void setCookie(ServletRequest servletRequest, ServletResponse servletResponse, SessionAffinityContext sessionAffinityContext, Object obj) {
        if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[4], "");
        }
    }

    public void setSIPCookie(ServletRequest servletRequest, ServletResponse servletResponse, String str) {
        if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[5], "");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getVersionString(int i) {
        String str = "0000";
        if (this._versionPrefixLength <= 0) {
            str = "";
        } else if (i > 0) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("0000").append(i);
            str = stringBuffer.substring(stringBuffer.length() - this._versionPrefixLength, stringBuffer.length());
        }
        return str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getSeparatorPlusAffinityToken(String str) {
        StringBuffer stringBuffer = new StringBuffer();
        String affinityToken = this._store.getAffinityToken(str, this._sessCtx.getAppName());
        if (affinityToken == null) {
            affinityToken = this._cloneID;
        }
        if (affinityToken != null && affinityToken.length() > 0) {
            stringBuffer.append(SessionManagerConfig.getCloneSeparator()).append(affinityToken);
        }
        return stringBuffer.toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String updateCloneInfo(SessionAffinityContext sessionAffinityContext, String str) {
        boolean isAnyTracingEnabled = TraceComponent.isAnyTracingEnabled();
        String outputCloneInfo = sessionAffinityContext.isOutputCloneInfoSet() ? sessionAffinityContext.getOutputCloneInfo() : sessionAffinityContext.getInputCloneInfo();
        String requestedSessionID = sessionAffinityContext.getRequestedSessionID();
        String responseSessionID = sessionAffinityContext.getResponseSessionID();
        if (responseSessionID != null && !responseSessionID.equals(requestedSessionID)) {
            sessionAffinityContext.setInputCloneInfo("");
            outputCloneInfo = str;
            if (isAnyTracingEnabled && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[7], "Setting cloneID:" + outputCloneInfo + ":");
            }
        }
        int indexOf = outputCloneInfo.indexOf(str);
        if (indexOf == -1) {
            StringBuffer stringBuffer = new StringBuffer();
            if (SessionManagerConfig.isNoAffinitySwitchBack()) {
                stringBuffer.append(str).append(outputCloneInfo);
            } else {
                stringBuffer.append(outputCloneInfo).append(str);
            }
            outputCloneInfo = stringBuffer.toString();
            sessionAffinityContext.setOutputCloneInfo(outputCloneInfo);
        } else if (SessionManagerConfig.isNoAffinitySwitchBack() && indexOf > 0) {
            outputCloneInfo = str + outputCloneInfo.substring(0, indexOf) + outputCloneInfo.substring(indexOf + str.length());
            if (isAnyTracingEnabled && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[7], "New cloneString : " + outputCloneInfo + ".");
            }
        }
        return outputCloneInfo;
    }

    @Override // com.ibm.wsspi.session.ISessionAffinityManager
    public String getInUseSessionID(ServletRequest servletRequest, SessionAffinityContext sessionAffinityContext) {
        String responseSessionID;
        if (!sessionAffinityContext.isRequestedSessionIDFromSSL() || servletRequest == null) {
            responseSessionID = sessionAffinityContext.getResponseSessionID();
            if (responseSessionID == null) {
                responseSessionID = sessionAffinityContext.getRequestedSessionID();
            }
        } else {
            responseSessionID = getActualSSLSessionId(servletRequest);
        }
        return responseSessionID;
    }

    @Override // com.ibm.wsspi.session.ISessionAffinityManager
    public int getInUseSessionVersion(ServletRequest servletRequest, SessionAffinityContext sessionAffinityContext) {
        int responseSessionVersion = sessionAffinityContext.getResponseSessionVersion();
        if (responseSessionVersion == -1) {
            responseSessionVersion = sessionAffinityContext.getRequestedSessionVersion();
        }
        return responseSessionVersion;
    }

    public String getActualSSLSessionId(ServletRequest servletRequest) {
        return null;
    }

    public SessionAffinityContext analyzeSSLRequest(ServletRequest servletRequest, String str) {
        return null;
    }

    public void setSessionId(HttpServletRequest httpServletRequest, SessionAffinityContext sessionAffinityContext) {
    }

    public void setResponseData(String str, SessionAffinityContext sessionAffinityContext) {
    }

    public String getCloneId() {
        return this._cloneID;
    }

    @Override // com.ibm.wsspi.session.ISessionAffinityManager
    public String encodeURL(ServletRequest servletRequest, String str, SessionAffinityContext sessionAffinityContext, IProtocolAdapter iProtocolAdapter) {
        return null;
    }

    @Override // com.ibm.wsspi.session.ISessionAffinityManager
    public String getLocalCloneID() {
        return null;
    }

    @Override // com.ibm.wsspi.session.ISessionAffinityManager
    public void setCookie(ServletRequest servletRequest, ServletResponse servletResponse, SessionAffinityContext sessionAffinityContext, IProtocolAdapter iProtocolAdapter, Object obj) {
    }

    @Override // com.ibm.wsspi.session.ISessionAffinityManager
    public void setCookieName(String str) {
    }

    @Override // com.ibm.wsspi.session.ISessionAffinityManager
    public void setUseURLEncoding(boolean z) {
    }
}
