package pl.edu.icm.yadda.aas.client.authn;

import java.util.Iterator;
import java.util.List;
import org.opensaml.lite.common.IdentifierGenerator;
import org.opensaml.lite.saml2.core.Assertion;
import org.springframework.beans.factory.annotation.Required;
import pl.edu.icm.yadda.aas.client.AbstractAuthenticationManager;
import pl.edu.icm.yadda.aas.client.ISecuritySession;
import pl.edu.icm.yadda.aas.client.SecuritySessionImpl;
import pl.edu.icm.yadda.aas.client.authn.session.ISessionEnricher;
import pl.edu.icm.yadda.service2.user.token.IpAwareSecurityToken;
import pl.edu.icm.yadda.service2.user.token.SecurityToken;
import pl.edu.icm.yadda.service2.usersession.ISessionService;

/* loaded from: input_file:WEB-INF/lib/yadda-aas2-common-4.4.13.jar:pl/edu/icm/yadda/aas/client/authn/SessionServiceAwareAuthenticationManager.class */
public class SessionServiceAwareAuthenticationManager extends AbstractAuthenticationManager implements IAuthenticationManager {
    protected ISessionService sessionService;
    protected IdentifierGenerator idGenerator;
    protected List<ISessionEnricher> sessionEnrichers;
    protected boolean recreateMissingSession = true;

    @Override // pl.edu.icm.yadda.aas.client.AbstractAuthenticationManager
    protected void handlePermitInternally(SecurityToken securityToken, Assertion assertion) throws Exception {
        ISecuritySession iSecuritySession = (ISecuritySession) this.sessionService.get(ISecuritySession.SECURITY_SESSION_ATTRIBUTE_NAME);
        if (iSecuritySession != null) {
            iSecuritySession.setSecuritySessionId(assertion != null ? assertion.getID() : this.idGenerator.generateIdentifier());
        } else {
            if (!this.recreateMissingSession) {
                throw new IllegalStateException("current session was not initialized!");
            }
            iSecuritySession = new SecuritySessionImpl(assertion != null ? assertion.getID() : this.idGenerator.generateIdentifier(), (String) null, extractIpWhenAvailable(securityToken));
            this.sessionService.bind(ISecuritySession.SECURITY_SESSION_ATTRIBUTE_NAME, iSecuritySession);
        }
        if (this.sessionEnrichers != null) {
            Iterator<ISessionEnricher> it = this.sessionEnrichers.iterator();
            while (it.hasNext()) {
                it.next().enrich(iSecuritySession, securityToken, assertion);
            }
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    protected String extractIpWhenAvailable(SecurityToken securityToken) {
        if (securityToken instanceof IpAwareSecurityToken) {
            return ((IpAwareSecurityToken) securityToken).getIpAddress();
        }
        return null;
    }

    @Override // pl.edu.icm.yadda.aas.client.authn.IAuthenticationManager
    public void logout() {
        ((ISecuritySession) this.sessionService.get(ISecuritySession.SECURITY_SESSION_ATTRIBUTE_NAME)).invalidate();
    }

    @Required
    public void setSessionService(ISessionService iSessionService) {
        this.sessionService = iSessionService;
    }

    public void setSessionEnrichers(List<ISessionEnricher> list) {
        this.sessionEnrichers = list;
    }

    public void setIdGenerator(IdentifierGenerator identifierGenerator) {
        this.idGenerator = identifierGenerator;
    }

    public void setRecreateMissingSession(boolean z) {
        this.recreateMissingSession = z;
    }
}
