package com.atlassian.bamboo.rest;

import com.atlassian.bamboo.user.BambooUserManager;
import com.atlassian.bamboo.utils.BambooRandomStringUtils;
import com.google.common.cache.CacheBuilder;
import com.google.common.cache.CacheLoader;
import java.util.concurrent.ConcurrentMap;
import java.util.concurrent.TimeUnit;
import org.acegisecurity.Authentication;
import org.acegisecurity.context.SecurityContextHolder;
import org.apache.commons.lang3.StringUtils;
import org.jetbrains.annotations.Nullable;

/* loaded from: input_file:com/atlassian/bamboo/rest/DefaultSessionManager.class */
public class DefaultSessionManager implements SessionManager {
    private final BambooUserManager bambooUserManager;
    private final ConcurrentMap<String, String> sessions;

    public DefaultSessionManager(BambooUserManager bambooUserManager) {
        this(bambooUserManager, 30, TimeUnit.MINUTES);
    }

    public DefaultSessionManager(BambooUserManager bambooUserManager, int i, TimeUnit timeUnit) {
        this.bambooUserManager = bambooUserManager;
        this.sessions = CacheBuilder.newBuilder().expireAfterAccess(i, timeUnit).build(new CacheLoader<String, String>() { // from class: com.atlassian.bamboo.rest.DefaultSessionManager.1
            @Nullable
            public String load(String str) throws Exception {
                return null;
            }
        }).asMap();
    }

    public String login(String str, String str2) throws BambooRemoteException {
        if (this.bambooUserManager.getBambooUser(str) != null && this.bambooUserManager.authenticate(str, str2)) {
            return createToken(str);
        }
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            throw new BambooRemoteException("Invalid username or password.");
        }
        String name = authentication.getName();
        if ("anonymousUser".equals(name) || StringUtils.isBlank(name)) {
            throw new BambooRemoteException("Invalid username or password.");
        }
        return createToken(name);
    }

    public void logout(String str) {
        this.sessions.remove(str);
    }

    public String getUserNameFromSession(String str) throws BambooRemoteException {
        String str2 = this.sessions.get(str);
        if (str2 == null) {
            throw new BambooRemoteException("User not authenticated yet, or session timed out.");
        }
        return str2;
    }

    private String createToken(String str) throws BambooRemoteException {
        for (int i = 0; i < 10; i++) {
            String generateSessionId = generateSessionId();
            if (this.sessions.putIfAbsent(generateSessionId, str) == null) {
                return generateSessionId;
            }
        }
        throw new BambooRemoteException("Error generating authentication sessionId, please try again.");
    }

    private String generateSessionId() {
        return BambooRandomStringUtils.randomAlphanumeric(10);
    }
}
