package org.keycloak.services.managers;

import org.jboss.logging.Logger;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.protocol.RestartLoginCookie;
import org.keycloak.services.util.CookieHelper;
import org.keycloak.sessions.AuthenticationSessionModel;
import org.keycloak.sessions.RootAuthenticationSessionModel;
import org.keycloak.sessions.StickySessionEncoderProvider;

/* loaded from: input_file:org/keycloak/services/managers/AuthenticationSessionManager.class */
public class AuthenticationSessionManager {
    public static final String AUTH_SESSION_ID = "AUTH_SESSION_ID";
    private static final Logger log = Logger.getLogger(AuthenticationSessionManager.class);
    private final KeycloakSession session;

    public AuthenticationSessionManager(KeycloakSession keycloakSession) {
        this.session = keycloakSession;
    }

    public RootAuthenticationSessionModel createAuthenticationSession(RealmModel realmModel, boolean z) {
        RootAuthenticationSessionModel createRootAuthenticationSession = this.session.authenticationSessions().createRootAuthenticationSession(realmModel);
        if (z) {
            setAuthSessionCookie(createRootAuthenticationSession.getId(), realmModel);
        }
        return createRootAuthenticationSession;
    }

    public String getCurrentAuthenticationSessionId(RealmModel realmModel) {
        return getAuthSessionCookieDecoded(realmModel);
    }

    public AuthenticationSessionModel getCurrentAuthenticationSession(RealmModel realmModel, ClientModel clientModel, String str) {
        String authSessionCookieDecoded = getAuthSessionCookieDecoded(realmModel);
        if (authSessionCookieDecoded == null) {
            return null;
        }
        return getAuthenticationSessionByIdAndClient(realmModel, authSessionCookieDecoded, clientModel, str);
    }

    public void setAuthSessionCookie(String str, RealmModel realmModel) {
        String realmCookiePath = AuthenticationManager.getRealmCookiePath(realmModel, this.session.getContext().getUri());
        boolean isRequired = realmModel.getSslRequired().isRequired(this.session.getContext().getConnection());
        String encodeSessionId = this.session.getProvider(StickySessionEncoderProvider.class).encodeSessionId(str);
        CookieHelper.addCookie(AUTH_SESSION_ID, encodeSessionId, realmCookiePath, null, null, -1, isRequired, true);
        log.debugf("Set AUTH_SESSION_ID cookie with value %s", encodeSessionId);
    }

    private String getAuthSessionCookieDecoded(RealmModel realmModel) {
        String cookieValue = CookieHelper.getCookieValue(AUTH_SESSION_ID);
        if (cookieValue == null) {
            log.debugf("Not found AUTH_SESSION_ID cookie", new Object[0]);
            return null;
        }
        log.debugf("Found AUTH_SESSION_ID cookie with value %s", cookieValue);
        StickySessionEncoderProvider provider = this.session.getProvider(StickySessionEncoderProvider.class);
        String decodeSessionId = provider.decodeSessionId(cookieValue);
        if (!provider.encodeSessionId(decodeSessionId).equals(cookieValue)) {
            log.debugf("Route changed. Will update authentication session cookie", new Object[0]);
            setAuthSessionCookie(decodeSessionId, realmModel);
        }
        return decodeSessionId;
    }

    public void removeAuthenticationSession(RealmModel realmModel, AuthenticationSessionModel authenticationSessionModel, boolean z) {
        RootAuthenticationSessionModel parentSession = authenticationSessionModel.getParentSession();
        log.debugf("Removing authSession '%s'. Expire restart cookie: %b", parentSession.getId(), Boolean.valueOf(z));
        this.session.authenticationSessions().removeRootAuthenticationSession(realmModel, parentSession);
        if (z) {
            RestartLoginCookie.expireRestartCookie(realmModel, this.session.getContext().getConnection(), this.session.getContext().getUri());
        }
    }

    public UserSessionModel getUserSession(AuthenticationSessionModel authenticationSessionModel) {
        return this.session.sessions().getUserSession(authenticationSessionModel.getRealm(), authenticationSessionModel.getParentSession().getId());
    }

    public AuthenticationSessionModel getAuthenticationSessionByIdAndClient(RealmModel realmModel, String str, ClientModel clientModel, String str2) {
        RootAuthenticationSessionModel rootAuthenticationSession = this.session.authenticationSessions().getRootAuthenticationSession(realmModel, str);
        if (rootAuthenticationSession == null) {
            return null;
        }
        return rootAuthenticationSession.getAuthenticationSession(clientModel, str2);
    }
}
