package org.gridgain.grid.kernal.managers.securesession.ent;

import java.util.Map;
import java.util.UUID;
import java.util.concurrent.ConcurrentMap;
import org.gridgain.grid.GridException;
import org.gridgain.grid.GridInterruptedException;
import org.gridgain.grid.events.GridEventType;
import org.gridgain.grid.events.GridSecureSessionEvent;
import org.gridgain.grid.kernal.GridKernalContext;
import org.gridgain.grid.kernal.managers.GridManagerAdapter;
import org.gridgain.grid.kernal.managers.securesession.GridSecureSession;
import org.gridgain.grid.kernal.managers.securesession.GridSecureSessionManager;
import org.gridgain.grid.kernal.managers.security.GridSecurityContext;
import org.gridgain.grid.security.GridSecuritySubject;
import org.gridgain.grid.security.GridSecuritySubjectType;
import org.gridgain.grid.spi.securesession.GridSecureSessionSpi;
import org.gridgain.grid.thread.GridThread;
import org.gridgain.grid.util.GridBusyLock;
import org.gridgain.grid.util.typedef.F;
import org.gridgain.grid.util.typedef.internal.U;
import org.gridgain.grid.util.worker.GridWorker;
import org.jdk8.backport.ConcurrentHashMap8;
import org.jetbrains.annotations.Nullable;

/* loaded from: input_file:org/gridgain/grid/kernal/managers/securesession/ent/GridEntSecureSessionManager.class */
public class GridEntSecureSessionManager extends GridManagerAdapter<GridSecureSessionSpi> implements GridSecureSessionManager {
    private GridSecureSessionHandler sesHnd;
    private ConcurrentMap<SubjectKey, GridSecureSession> sesMap;
    private GridWorker cleanupWorker;
    private GridBusyLock busyLock;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* loaded from: input_file:org/gridgain/grid/kernal/managers/securesession/ent/GridEntSecureSessionManager$CleanupThread.class */
    private class CleanupThread extends GridWorker {
        protected CleanupThread() {
            super(GridEntSecureSessionManager.this.ctx.gridName(), "secure-session-cleanup-worker", GridEntSecureSessionManager.this.ctx.log(GridEntSecureSessionManager.class));
        }

        @Override // org.gridgain.grid.util.worker.GridWorker
        protected void body() throws InterruptedException, GridInterruptedException {
            while (!isCancelled()) {
                U.sleep(60000L);
                if (!GridEntSecureSessionManager.this.busyLock.enterBusy()) {
                    return;
                }
                try {
                    for (Map.Entry entry : GridEntSecureSessionManager.this.sesMap.entrySet()) {
                        try {
                            GridSecureSession gridSecureSession = (GridSecureSession) entry.getValue();
                            GridSecuritySubject subject = gridSecureSession.authenticationSubjectContext().subject();
                            if (!GridEntSecureSessionManager.this.sesHnd.validate(subject.type(), subject.id(), gridSecureSession.sessionToken(), null)) {
                                GridEntSecureSessionManager.this.sesMap.remove(entry.getKey(), gridSecureSession);
                                GridEntSecureSessionManager.this.ctx.security().onSessionExpired(subject.id());
                            }
                        } catch (GridException e) {
                            U.warn(GridEntSecureSessionManager.this.log, "Failed to validate session token in cleanup thread.", e);
                        }
                    }
                } finally {
                    GridEntSecureSessionManager.this.busyLock.leaveBusy();
                }
            }
        }
    }

    /* loaded from: input_file:org/gridgain/grid/kernal/managers/securesession/ent/GridEntSecureSessionManager$SubjectKey.class */
    private static class SubjectKey {
        private final GridSecuritySubjectType subjType;
        private final UUID subjId;

        private SubjectKey(GridSecuritySubjectType gridSecuritySubjectType, UUID uuid) {
            this.subjType = gridSecuritySubjectType;
            this.subjId = uuid;
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (!(obj instanceof SubjectKey)) {
                return false;
            }
            SubjectKey subjectKey = (SubjectKey) obj;
            return F.eq(this.subjId, subjectKey.subjId) && this.subjType == subjectKey.subjType;
        }

        public int hashCode() {
            return (31 * this.subjType.hashCode()) + (this.subjId == null ? 0 : this.subjId.hashCode());
        }
    }

    public GridEntSecureSessionManager(GridKernalContext gridKernalContext) {
        super(gridKernalContext, gridKernalContext.config().getSecureSessionSpi());
        this.sesMap = new ConcurrentHashMap8();
        this.busyLock = new GridBusyLock();
    }

    @Override // org.gridgain.grid.kernal.GridComponent
    public void start() throws GridException {
        this.sesHnd = new GridSecureSessionHandler(getSpis());
        startSpi();
        this.cleanupWorker = new CleanupThread();
        new GridThread(this.cleanupWorker).start();
        if (this.log.isDebugEnabled()) {
            this.log.debug(startInfo());
        }
    }

    @Override // org.gridgain.grid.kernal.GridComponent
    public void stop(boolean z) throws GridException {
        this.busyLock.block();
        if (this.cleanupWorker != null) {
            this.cleanupWorker.cancel();
            U.join(this.cleanupWorker, this.log);
        }
        stopSpi();
        if (this.log.isDebugEnabled()) {
            this.log.debug(stopInfo());
        }
    }

    @Override // org.gridgain.grid.kernal.managers.securesession.GridSecureSessionManager
    public boolean securityEnabled() {
        return this.sesHnd.securityEnabled();
    }

    @Override // org.gridgain.grid.kernal.managers.securesession.GridSecureSessionManager
    public GridSecureSession validateSession(GridSecuritySubjectType gridSecuritySubjectType, UUID uuid, @Nullable byte[] bArr, @Nullable Object obj) throws GridException {
        if (!$assertionsDisabled && this.sesHnd == null) {
            throw new AssertionError();
        }
        SubjectKey subjectKey = new SubjectKey(gridSecuritySubjectType, uuid);
        GridSecureSession gridSecureSession = this.sesMap.get(subjectKey);
        if (gridSecureSession == null) {
            return null;
        }
        if (this.sesHnd.validate(gridSecuritySubjectType, uuid, bArr, obj)) {
            if (this.ctx.event().isRecordable(GridEventType.EVT_SECURE_SESSION_VALIDATION_SUCCEEDED)) {
                recordEvent(GridEventType.EVT_SECURE_SESSION_VALIDATION_SUCCEEDED, gridSecuritySubjectType, uuid);
            }
            return gridSecureSession;
        }
        if (this.ctx.event().isRecordable(GridEventType.EVT_SECURE_SESSION_VALIDATION_FAILED)) {
            recordEvent(GridEventType.EVT_SECURE_SESSION_VALIDATION_FAILED, gridSecuritySubjectType, uuid);
        }
        this.sesMap.remove(subjectKey, gridSecureSession);
        return null;
    }

    @Override // org.gridgain.grid.kernal.managers.securesession.GridSecureSessionManager
    public byte[] updateSession(GridSecuritySubjectType gridSecuritySubjectType, UUID uuid, GridSecurityContext gridSecurityContext, @Nullable Object obj) throws GridException {
        byte[] generateSessionToken = this.sesHnd.generateSessionToken(gridSecuritySubjectType, uuid, obj);
        this.sesMap.put(new SubjectKey(gridSecuritySubjectType, uuid), new GridSecureSession(gridSecurityContext, generateSessionToken));
        return generateSessionToken;
    }

    private void recordEvent(int i, GridSecuritySubjectType gridSecuritySubjectType, UUID uuid) {
        String str;
        if (this.ctx.event().isRecordable(i)) {
            if (i == 113) {
                str = "Secure session validation succeeded.";
            } else {
                if (!$assertionsDisabled && i != 114) {
                    throw new AssertionError();
                }
                str = "Secure session validation failed.";
            }
            this.ctx.event().record(new GridSecureSessionEvent(this.ctx.discovery().localNode(), str, i, gridSecuritySubjectType, uuid));
        }
    }

    static {
        $assertionsDisabled = !GridEntSecureSessionManager.class.desiredAssertionStatus();
    }
}
