package net.shibboleth.idp.session.impl;

import com.google.common.base.Predicates;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.idp.authn.AbstractAuthenticationAction;
import net.shibboleth.idp.authn.context.AuthenticationContext;
import net.shibboleth.idp.authn.context.SubjectContext;
import net.shibboleth.idp.session.IdPSession;
import net.shibboleth.idp.session.SessionException;
import net.shibboleth.idp.session.SessionManager;
import net.shibboleth.idp.session.context.SessionContext;
import net.shibboleth.utilities.java.support.annotation.constraint.NonnullAfterInit;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.component.ComponentSupport;
import net.shibboleth.utilities.java.support.logic.Constraint;
import org.opensaml.profile.action.ActionSupport;
import org.opensaml.profile.context.ProfileRequestContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/shibboleth/idp/session/impl/UpdateSessionWithAuthenticationResult.class */
public class UpdateSessionWithAuthenticationResult extends AbstractAuthenticationAction {

    @Nonnull
    private final Logger log = LoggerFactory.getLogger(UpdateSessionWithAuthenticationResult.class);

    @NonnullAfterInit
    private SessionManager sessionManager;

    @Nullable
    private SessionContext sessionCtx;

    @Nullable
    private SubjectContext subjectCtx;

    public void setSessionManager(@Nonnull SessionManager sessionManager) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.sessionManager = (SessionManager) Constraint.isNotNull(sessionManager, "SessionManager cannot be null");
    }

    protected void doInitialize() throws ComponentInitializationException {
        super.doInitialize();
        if (!getActivationCondition().equals(Predicates.alwaysFalse()) && this.sessionManager == null) {
            throw new ComponentInitializationException("SessionManager cannot be null");
        }
    }

    protected boolean doPreExecute(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext) {
        if (authenticationContext.getAuthenticationResult() == null) {
            return false;
        }
        this.subjectCtx = profileRequestContext.getSubcontext(SubjectContext.class, false);
        this.sessionCtx = profileRequestContext.getSubcontext(SessionContext.class, true);
        if (this.sessionCtx.getIdPSession() == null && (this.subjectCtx == null || this.subjectCtx.getPrincipalName() == null)) {
            return false;
        }
        return super.doPreExecute(profileRequestContext, authenticationContext);
    }

    protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext) {
        IdPSession idPSession = this.sessionCtx.getIdPSession();
        if (idPSession != null) {
            try {
                updateIdPSession(authenticationContext, idPSession);
                return;
            } catch (SessionException e) {
                this.log.error(getLogPrefix() + " Error updating session " + idPSession.getId(), e);
                ActionSupport.buildEvent(profileRequestContext, "InputOutputError");
                return;
            }
        }
        try {
            createIdPSession(authenticationContext);
        } catch (SessionException e2) {
            this.log.error(getLogPrefix() + " Error creating session for " + this.subjectCtx.getPrincipalName(), e2);
            ActionSupport.buildEvent(profileRequestContext, "InputOutputError");
        }
    }

    private void updateIdPSession(@Nonnull AuthenticationContext authenticationContext, @Nonnull IdPSession idPSession) throws SessionException {
        if (authenticationContext.getAttemptedFlow() == null) {
            this.log.info("{} Updating activity time on reused AuthenticationResult for flow {} in existing session {}", new Object[]{getLogPrefix(), authenticationContext.getAuthenticationResult().getAuthenticationFlowId(), idPSession.getId()});
            idPSession.updateAuthenticationResultActivity(authenticationContext.getAuthenticationResult());
        } else if (authenticationContext.isResultCacheable()) {
            this.log.info("{} Adding new AuthenticationResult for flow {} to existing session {}", new Object[]{getLogPrefix(), authenticationContext.getAuthenticationResult().getAuthenticationFlowId(), idPSession.getId()});
            idPSession.addAuthenticationResult(authenticationContext.getAuthenticationResult());
        }
    }

    private void createIdPSession(@Nonnull AuthenticationContext authenticationContext) throws SessionException {
        this.log.info("{} Creating new session for principal {}", getLogPrefix(), this.subjectCtx.getPrincipalName());
        this.sessionCtx.setIdPSession(this.sessionManager.createSession(this.subjectCtx.getPrincipalName()));
        if (authenticationContext.isResultCacheable()) {
            this.sessionCtx.getIdPSession().addAuthenticationResult(authenticationContext.getAuthenticationResult());
        }
    }
}
