package pl.edu.icm.yadda.aas.proxy;

import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.util.Collection;
import java.util.Iterator;
import org.opensaml.lite.saml2.core.Assertion;
import pl.edu.icm.yadda.aas.client.ISecuritySession;
import pl.edu.icm.yadda.aas.client.session.AssertionIdentity;
import pl.edu.icm.yadda.aas.handler.ISecurityRequestHandler;
import pl.edu.icm.yadda.aas.proxy.event.AssertionPermanentlyExpiredSecurityEvent;
import pl.edu.icm.yadda.aas.proxy.event.ISecurityEventListener;
import pl.edu.icm.yadda.aas.refresher.IRefresher;
import pl.edu.icm.yadda.service2.usersession.ISessionService;

/* loaded from: input_file:WEB-INF/lib/yadda-aas2-common-1.7.3.jar:pl/edu/icm/yadda/aas/proxy/SessionBasedAssertionRefresherProxy.class */
public class SessionBasedAssertionRefresherProxy extends AbstractAssertionRefresherProxy implements InvocationHandler {
    protected final ISessionService sessionService;

    public SessionBasedAssertionRefresherProxy(Object obj, ISessionService iSessionService, ISecurityRequestHandler iSecurityRequestHandler, IRefresher<Assertion> iRefresher, ISecurityEventListener iSecurityEventListener) {
        super(obj, iSecurityRequestHandler, iRefresher, iSecurityEventListener);
        this.sessionService = iSessionService;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // pl.edu.icm.yadda.aas.proxy.AbstractAssertionRefresherProxy
    public Object handleRefreshing(Method method, Object[] objArr, Object obj) throws Throwable {
        Collection<String> permanentlyExpiredAssertionsIds = getPermanentlyExpiredAssertionsIds(obj);
        if (!handleSessionInvalidation(permanentlyExpiredAssertionsIds)) {
            return super.handleRefreshing(method, objArr, obj);
        }
        if (permanentlyExpiredAssertionsIds != null && !permanentlyExpiredAssertionsIds.isEmpty() && this.eventListener != null) {
            Iterator<String> it = permanentlyExpiredAssertionsIds.iterator();
            while (it.hasNext()) {
                this.eventListener.notify(new AssertionPermanentlyExpiredSecurityEvent(it.next()));
            }
        }
        return obj;
    }

    protected boolean handleSessionInvalidation(Collection<String> collection) {
        if (collection == null || collection.isEmpty()) {
            return false;
        }
        ISecuritySession iSecuritySession = (ISecuritySession) this.sessionService.get(ISecuritySession.SECURITY_SESSION_ATTRIBUTE_NAME);
        AssertionIdentity assertionIdentity = (AssertionIdentity) iSecuritySession.getAuthorities(AssertionIdentity.NAME);
        if (assertionIdentity == null || assertionIdentity.getAssertion() == null) {
            this.log.debug("no assertion found within session to be verified against invalidation ids!");
            return false;
        }
        if (!collection.contains(assertionIdentity.getAssertion().getID())) {
            this.log.warn("assertion id stored within session " + assertionIdentity.getAssertion().getID() + " does not match any of permanently expired assertions: " + collection);
            return false;
        }
        this.log.warn("assertion id stored within session " + assertionIdentity.getAssertion().getID() + " was found among permanently expired assertions: " + collection + ", performing session invalidation...");
        if (iSecuritySession.isInvalidated()) {
            this.log.debug("no need to invalidate session, already invalidated");
            return true;
        }
        iSecuritySession.invalidate();
        return true;
    }

    @Override // pl.edu.icm.yadda.aas.proxy.AbstractAssertionRefresherProxy
    protected void replaceStoredAssertion(Assertion assertion, Assertion assertion2) {
        ISecuritySession iSecuritySession = (ISecuritySession) this.sessionService.get(ISecuritySession.SECURITY_SESSION_ATTRIBUTE_NAME);
        if (iSecuritySession == null || !iSecuritySession.isAthenticated()) {
            this.log.warn("session not authenticated, unable to replace assertion!");
            return;
        }
        AssertionIdentity assertionIdentity = (AssertionIdentity) iSecuritySession.getAuthorities(AssertionIdentity.NAME);
        if (assertionIdentity == null || assertionIdentity.getAssertion() == null) {
            this.log.debug("no assertions found within session, unable to replace assertion!");
        } else if (assertion.getID().equals(assertionIdentity.getAssertion().getID())) {
            assertionIdentity.setAssertion(assertion2);
        } else {
            this.log.warn("refreshed assertion will not be replaced: assertion stored in session id: " + assertionIdentity.getAssertion().getID() + " was different than refreshed assertion id: " + assertion.getID());
        }
    }
}
