package org.ladsn.security.browser.session;

import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.ladsn.security.core.properties.SecurityProperties;
import org.ladsn.security.core.support.SimpleResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpStatus;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.util.UrlUtils;
import org.springframework.util.Assert;

/* loaded from: input_file:org/ladsn/security/browser/session/AbstractSessionStrategy.class */
public class AbstractSessionStrategy {
    private String destinationUrl;
    private SecurityProperties securityPropertie;
    private final Logger logger = LoggerFactory.getLogger(getClass());
    private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
    private boolean createNewSession = true;
    private ObjectMapper objectMapper = new ObjectMapper();

    public AbstractSessionStrategy(SecurityProperties securityProperties) {
        String sessionInvalidUrl = securityProperties.getBrowser().getSession().getSessionInvalidUrl();
        Assert.isTrue(UrlUtils.isValidRedirectUrl(sessionInvalidUrl), "url must start with '/' or with 'http(s)'");
        Assert.isTrue(StringUtils.endsWithIgnoreCase(sessionInvalidUrl, ".html"), "url must end with '.html'");
        this.destinationUrl = sessionInvalidUrl;
        this.securityPropertie = securityProperties;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void onSessionInvalid(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        this.logger.info("session失效");
        if (this.createNewSession) {
            httpServletRequest.getSession();
        }
        String requestURI = httpServletRequest.getRequestURI();
        if (StringUtils.endsWithIgnoreCase(requestURI, ".html")) {
            String str = (StringUtils.equals(requestURI, this.securityPropertie.getBrowser().getSignInPage()) || StringUtils.equals(requestURI, this.securityPropertie.getBrowser().getSignOutUrl())) ? requestURI : this.destinationUrl;
            this.logger.info("跳转到:" + str);
            this.redirectStrategy.sendRedirect(httpServletRequest, httpServletResponse, str);
        } else {
            Object buildResponseContent = buildResponseContent(httpServletRequest);
            httpServletResponse.setStatus(HttpStatus.UNAUTHORIZED.value());
            httpServletResponse.setContentType("application/json;charset=UTF-8");
            httpServletResponse.getWriter().write(this.objectMapper.writeValueAsString(buildResponseContent));
        }
    }

    protected Object buildResponseContent(HttpServletRequest httpServletRequest) {
        String str;
        str = "session已失效";
        return new SimpleResponse(isConcurrency() ? str + "，有可能是并发登录导致的" : "session已失效");
    }

    protected boolean isConcurrency() {
        return false;
    }

    public void setCreateNewSession(boolean z) {
        this.createNewSession = z;
    }
}
