package eu.eudml.ui.security.spring.authentication.filters;

import eu.eudml.ui.security.spring.authentication.cookie.LogoutCookieManipulator;
import eu.eudml.ui.security.spring.service.NotificationUIService;
import eu.eudml.ui.security.spring.service.accessors.SecurityAccessor;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Required;
import org.springframework.security.authentication.AuthenticationTrustResolver;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:WEB-INF/classes/eu/eudml/ui/security/spring/authentication/filters/SessionTimeoutFilter.class */
public class SessionTimeoutFilter extends GenericFilterBean {
    public static final String FILTER_APPLIED = "__session_timeout_mgmt_filter_applied";
    private SecurityAccessor securityAccessor;
    private AuthenticationTrustResolver authenticationTrustResolver;
    private RedirectStrategy redirectStrategy;
    private LogoutCookieManipulator logoutCookieManipulator;
    private NotificationUIService notificationUIService;
    private String sessionTimeoutUrl;

    /* loaded from: input_file:WEB-INF/classes/eu/eudml/ui/security/spring/authentication/filters/SessionTimeoutFilter$MC.class */
    private static class MC {
        public static final String USER_SESSION_INVALIDATED = "msg.user.session.timeout";

        private MC() {
        }
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (httpServletRequest.getAttribute(FILTER_APPLIED) != null) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        httpServletRequest.setAttribute(FILTER_APPLIED, Boolean.TRUE);
        if (this.logoutCookieManipulator.extractLogoutCookiesFrom(httpServletRequest).isLogIn()) {
            if (this.authenticationTrustResolver.isAnonymous(this.securityAccessor.getCurrentAuthentication()) && isRequestSessionTimeout(httpServletRequest)) {
                this.logger.debug("Requested session ID" + httpServletRequest.getRequestedSessionId() + " is invalid.");
                this.logoutCookieManipulator.setLogoutCookie(httpServletResponse);
                this.redirectStrategy.sendRedirect(httpServletRequest, httpServletResponse, this.sessionTimeoutUrl);
                this.notificationUIService.notifyUIabout(MC.USER_SESSION_INVALIDATED);
                return;
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private boolean isRequestSessionTimeout(HttpServletRequest httpServletRequest) {
        return (httpServletRequest.getSession(false) == null || httpServletRequest.getRequestedSessionId() == null || httpServletRequest.isRequestedSessionIdValid()) ? false : true;
    }

    @Required
    public void setAuthenticationTrustResolver(AuthenticationTrustResolver authenticationTrustResolver) {
        this.authenticationTrustResolver = authenticationTrustResolver;
    }

    @Required
    public void setRedirectStrategy(RedirectStrategy redirectStrategy) {
        this.redirectStrategy = redirectStrategy;
    }

    @Required
    public void setNotificationUIService(NotificationUIService notificationUIService) {
        this.notificationUIService = notificationUIService;
    }

    @Required
    public void setSessionTimeoutUrl(String str) {
        this.sessionTimeoutUrl = str;
    }

    @Required
    public void setSecurityAccessor(SecurityAccessor securityAccessor) {
        this.securityAccessor = securityAccessor;
    }

    @Required
    public void setLogoutCookieManipulator(LogoutCookieManipulator logoutCookieManipulator) {
        this.logoutCookieManipulator = logoutCookieManipulator;
    }
}
