package org.terasoluna.gfw.web.token.transaction;

import java.io.Serializable;
import java.util.Enumeration;
import java.util.HashSet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import org.springframework.web.util.WebUtils;
import org.terasoluna.gfw.web.token.TokenStringGenerator;

/* loaded from: input_file:WEB-INF/lib/terasoluna-gfw-web-1.0.0-20130910.021231-54.jar:org/terasoluna/gfw/web/token/transaction/HttpSessionTransactionTokenStore.class */
public class HttpSessionTransactionTokenStore implements TransactionTokenStore {
    public static final String TOKEN_HOLDER_SESSION_ATTRIBUTE_PREFIX = HttpSessionTransactionTokenStore.class.getName() + "_TOKEN_";
    public static final int NO_OF_TOKENS_PER_TOKEN_NAME = 10;
    public static final int DEFAULT_RETRY_CREATE_TOKEN_NAME = 10;
    private static final String SESSION_KEY_SEPARATOR = "~";
    private final int transactionTokensPerTokenName;
    private final int retryCreateTokenName;
    private final TokenStringGenerator generator;

    /* loaded from: input_file:WEB-INF/lib/terasoluna-gfw-web-1.0.0-20130910.021231-54.jar:org/terasoluna/gfw/web/token/transaction/HttpSessionTransactionTokenStore$TokenHolder.class */
    private static final class TokenHolder implements Serializable {
        private static final long serialVersionUID = 1;
        private final String token;
        private final long timestamp;

        public TokenHolder(String str, long j) {
            this.token = str;
            this.timestamp = j;
        }

        public String getToken() {
            return this.token;
        }

        public long getTimestamp() {
            return this.timestamp;
        }
    }

    public HttpSessionTransactionTokenStore() {
        this(new TokenStringGenerator(), 10, 10);
    }

    public HttpSessionTransactionTokenStore(int i) {
        this(new TokenStringGenerator(), i, 10);
    }

    public HttpSessionTransactionTokenStore(int i, int i2) {
        this(new TokenStringGenerator(), i, i2);
    }

    public HttpSessionTransactionTokenStore(TokenStringGenerator tokenStringGenerator, int i, int i2) {
        this.generator = tokenStringGenerator;
        this.transactionTokensPerTokenName = i;
        this.retryCreateTokenName = i2;
    }

    @Override // org.terasoluna.gfw.web.token.transaction.TransactionTokenStore
    public String getAndClear(TransactionToken transactionToken) {
        TokenHolder tokenHolder;
        String createSessionAttributeName = createSessionAttributeName(transactionToken);
        HttpSession session = getSession();
        synchronized (WebUtils.getSessionMutex(session)) {
            tokenHolder = (TokenHolder) session.getAttribute(createSessionAttributeName);
            if (tokenHolder != null) {
                session.setAttribute(createSessionAttributeName, new TokenHolder(null, System.currentTimeMillis()));
            }
        }
        if (tokenHolder != null) {
            return tokenHolder.getToken();
        }
        return null;
    }

    @Override // org.terasoluna.gfw.web.token.transaction.TransactionTokenStore
    public void remove(TransactionToken transactionToken) {
        getSession().removeAttribute(createSessionAttributeName(transactionToken));
    }

    @Override // org.terasoluna.gfw.web.token.transaction.TransactionTokenStore
    public String createAndReserveTokenKey(String str) {
        String str2 = TOKEN_HOLDER_SESSION_ATTRIBUTE_PREFIX + str;
        HashSet<String> hashSet = new HashSet();
        HttpSession session = getRequest().getSession(true);
        String str3 = null;
        synchronized (getMutex(session)) {
            Enumeration attributeNames = session.getAttributeNames();
            while (attributeNames.hasMoreElements()) {
                String str4 = (String) attributeNames.nextElement();
                if (str2.equals(str4.split("~")[0])) {
                    hashSet.add(str4);
                }
            }
            if (hashSet.size() >= this.transactionTokensPerTokenName) {
                String str5 = null;
                TokenHolder tokenHolder = new TokenHolder(null, Long.MAX_VALUE);
                for (String str6 : hashSet) {
                    TokenHolder tokenHolder2 = (TokenHolder) session.getAttribute(str6);
                    if (tokenHolder2.getTimestamp() < tokenHolder.getTimestamp()) {
                        str5 = str6;
                        tokenHolder = tokenHolder2;
                    }
                }
                session.removeAttribute(str5);
                hashSet.remove(str5);
            }
            int i = 0;
            while (true) {
                if (i >= this.retryCreateTokenName) {
                    break;
                }
                String generate = this.generator.generate(session.getId());
                if (!hashSet.contains(str2 + "~" + generate)) {
                    str3 = generate;
                    break;
                }
                i++;
            }
        }
        if (str3 == null) {
            throw new IllegalStateException();
        }
        return str3;
    }

    @Override // org.terasoluna.gfw.web.token.transaction.TransactionTokenStore
    public void store(TransactionToken transactionToken) {
        getSession().setAttribute(createSessionAttributeName(transactionToken), new TokenHolder(transactionToken.getTokenValue(), System.currentTimeMillis()));
    }

    Object getMutex(HttpSession httpSession) {
        return WebUtils.getSessionMutex(httpSession);
    }

    HttpSession getSession() {
        return getRequest().getSession(true);
    }

    HttpServletRequest getRequest() {
        return ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getRequest();
    }

    String createSessionAttributeName(TransactionToken transactionToken) {
        return TOKEN_HOLDER_SESSION_ATTRIBUTE_PREFIX + transactionToken.getTokenName() + "~" + transactionToken.getTokenKey();
    }
}
