package com.prosysopc.ua.server;

import com.prosysopc.ua.C0094g;
import com.prosysopc.ua.N;
import com.prosysopc.ua.O;
import com.prosysopc.ua.Q;
import com.prosysopc.ua.stack.b.j;
import com.prosysopc.ua.stack.b.r;
import com.prosysopc.ua.stack.b.t;
import com.prosysopc.ua.stack.c.h;
import com.prosysopc.ua.stack.core.ApplicationDescription;
import com.prosysopc.ua.stack.core.EndpointDescription;
import com.prosysopc.ua.stack.core.K;
import com.prosysopc.ua.stack.core.SignatureData;
import com.prosysopc.ua.stack.core.SignedSoftwareCertificate;
import com.prosysopc.ua.stack.core.UserIdentityToken;
import com.prosysopc.ua.stack.core.UserTokenPolicy;
import com.prosysopc.ua.stack.transport.q;
import com.prosysopc.ua.stack.transport.security.SecurityPolicy;
import com.prosysopc.ua.stack.transport.security.g;
import com.prosysopc.ua.stack.transport.security.o;
import com.prosysopc.ua.stack.transport.security.v;
import com.prosysopc.ua.stack.utils.C0149f;
import com.prosysopc.ua.stack.utils.a.f;
import com.prosysopc.ua.stack.utils.i;
import com.prosysopc.ua.stack.utils.y;
import java.security.GeneralSecurityException;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Queue;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentLinkedQueue;
import java.util.concurrent.CopyOnWriteArrayList;
import java.util.concurrent.Executors;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.TimeUnit;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/prosysopc/ua/server/SessionManager.class */
public class SessionManager {
    static Logger logger = LoggerFactory.getLogger((Class<?>) SessionManager.class);
    private r cBQ;
    private volatile boolean cBU;
    private final UaServer cBV;
    private ScheduledExecutorService cBW;
    private int cBR = 100;
    private double cBS = 3600000.0d;
    private double cBT = 100.0d;
    private final Map<j, Session> cBX = new ConcurrentHashMap();
    protected List<SessionManagerListener> cyb = new CopyOnWriteArrayList();
    protected final Map<j, Session> cBY = new ConcurrentHashMap();
    protected final Queue<j> cBZ = new ConcurrentLinkedQueue();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/prosysopc/ua/server/SessionManager$a.class */
    public class a implements Runnable {
        private a() {
        }

        @Override // java.lang.Runnable
        public void run() {
            if (SessionManager.logger.isTraceEnabled()) {
                SessionManager.logger.trace("SessionMonitor.run: sessions=" + Arrays.toString(SessionManager.this.cBX.values().toArray()));
            }
            for (Session session : SessionManager.this.cBX.values()) {
                if (session.nC()) {
                    try {
                        if (SessionManager.logger.isDebugEnabled()) {
                            SessionManager.logger.debug("SessionMonitor: session timeout " + session.getSessionName());
                        }
                        SessionManager.this.a(session.ctW(), false);
                        SessionManager.this.cBV.cug().crr();
                    } catch (O e) {
                        SessionManager.logger.warn("SessionMonitor: " + e);
                    }
                }
            }
            SessionManager.this.cvx();
        }
    }

    public SessionManager(UaServer uaServer) {
        this.cBV = uaServer;
    }

    public void a(SessionManagerListener sessionManagerListener) {
        if (b(sessionManagerListener)) {
            return;
        }
        this.cyb.add(sessionManagerListener);
    }

    public void f(Session session) throws O {
        if (session == null) {
            throw new IllegalArgumentException("The given Session cannot be null");
        }
        a(session.ctW(), true);
    }

    public void a(Session session, boolean z) throws O {
        if (session == null) {
            throw new IllegalArgumentException("The given Session cannot be null");
        }
        a(session.ctW(), z);
    }

    public EndpointDescription[] pf() {
        return this.cBV.pf();
    }

    public int cvo() {
        return this.cBV.csk().csE().getServerCapabilitiesNode().getMaxBrowseContinuationPoints().intValue();
    }

    public int cvp() {
        return this.cBV.csk().csE().getServerCapabilitiesNode().getMaxHistoryContinuationPoints().intValue();
    }

    public int cvq() {
        return this.cBV.csk().csE().getServerCapabilitiesNode().getMaxQueryContinuationPoints().intValue();
    }

    public r cvr() {
        return this.cBQ;
    }

    public int cvs() {
        return this.cBR;
    }

    public double cvt() {
        return this.cBS;
    }

    public double cvu() {
        return this.cBT;
    }

    public UaServer getServer() {
        return this.cBV;
    }

    public Session K(j jVar) throws O {
        if (!isRunning()) {
            throw new O(K.fnv);
        }
        Session session = this.cBX.get(jVar);
        if (session != null) {
            return session;
        }
        if (!this.cBY.containsKey(jVar)) {
            throw new O(K.fnv);
        }
        this.cBY.remove(jVar);
        this.cBZ.remove(jVar);
        throw new O(K.fnx);
    }

    public int cvv() {
        return this.cBX.size() + this.cBY.size();
    }

    public synchronized Collection<Session> cvw() {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        linkedHashSet.addAll(this.cBX.values());
        linkedHashSet.addAll(this.cBY.values());
        return Collections.unmodifiableSet(linkedHashSet);
    }

    public boolean b(SessionManagerListener sessionManagerListener) {
        if (sessionManagerListener == null) {
            throw new NullPointerException("null listener not allowed");
        }
        return this.cyb.contains(sessionManagerListener);
    }

    public boolean isRunning() {
        boolean z = this.cBU && this.cBV.isRunning();
        if (!z) {
            logger.debug("isRunning: running=" + this.cBU + " server.isRunning()=" + this.cBV.isRunning());
        }
        return z;
    }

    public void c(SessionManagerListener sessionManagerListener) {
        this.cyb.remove(sessionManagerListener);
    }

    public void setMaxBrowseContinuationPoints(int i) {
        setMaxBrowseContinuationPoints(t.aA(i));
    }

    public void setMaxBrowseContinuationPoints(t tVar) {
        this.cBV.csk().csE().getServerCapabilitiesNode().setMaxBrowseContinuationPoints(tVar);
    }

    public void setMaxHistoryContinuationPoints(int i) {
        setMaxHistoryContinuationPoints(t.aA(i));
    }

    public void setMaxHistoryContinuationPoints(t tVar) {
        this.cBV.csk().csE().getServerCapabilitiesNode().setMaxHistoryContinuationPoints(tVar);
    }

    public void setMaxQueryContinuationPoints(int i) {
        setMaxQueryContinuationPoints(t.aA(i));
    }

    public void setMaxQueryContinuationPoints(t tVar) {
        this.cBV.csk().csE().getServerCapabilitiesNode().setMaxQueryContinuationPoints(tVar);
    }

    public void Y(int i) {
        I(r.A(i));
    }

    public void I(r rVar) {
        this.cBQ = rVar;
    }

    public void Z(int i) {
        this.cBR = i;
        this.cBV.cyj();
    }

    public void h(double d) {
        this.cBS = d;
    }

    public void i(double d) {
        this.cBT = d;
    }

    private double b(Double d) {
        return (d == null || d.doubleValue() < cvu()) ? cvu() : d.doubleValue() > cvt() ? cvt() : d.doubleValue();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void cvx() {
        for (Session session : this.cBY.values()) {
            if (session.nC()) {
                if (logger.isDebugEnabled()) {
                    logger.debug("SessionMonitor: new session timeout {}", session.getSessionName());
                }
                this.cBY.remove(session.ctW());
                this.cBZ.remove(session.ctW());
                this.cBV.cug().c(session);
                b(session, false);
            }
        }
    }

    private void a(Session session, ServerUserIdentity serverUserIdentity) throws Q {
        for (SessionManagerListener sessionManagerListener : this.cyb) {
            try {
            } catch (RuntimeException e) {
                listenerError("onActivateSession", sessionManagerListener, e);
            }
            if (!sessionManagerListener.b(session, serverUserIdentity)) {
                throw new Q("User identity rejected", K.flC);
                break;
            }
        }
    }

    private void a(Session session, UserIdentityToken userIdentityToken, Exception exc) {
        for (SessionManagerListener sessionManagerListener : this.cyb) {
            try {
                sessionManagerListener.c(session, userIdentityToken, exc);
            } catch (RuntimeException e) {
                listenerError("onActivateSessionError", sessionManagerListener, e);
            }
        }
    }

    private void g(Session session) {
        for (SessionManagerListener sessionManagerListener : this.cyb) {
            try {
                sessionManagerListener.onAfterActivateSession(session);
            } catch (RuntimeException e) {
                listenerError("onAfterActivateSession", sessionManagerListener, e);
            }
        }
    }

    private void h(Session session) {
        for (SessionManagerListener sessionManagerListener : this.cyb) {
            try {
                sessionManagerListener.onCancelSession(session);
            } catch (RuntimeException e) {
                listenerError("onCancelSession", sessionManagerListener, e);
            }
        }
    }

    private void b(Session session, boolean z) {
        for (SessionManagerListener sessionManagerListener : this.cyb) {
            try {
                sessionManagerListener.c(session, z);
            } catch (RuntimeException e) {
                listenerError("onCloseSession", sessionManagerListener, e);
            }
        }
    }

    private void i(Session session) throws Q {
        for (SessionManagerListener sessionManagerListener : this.cyb) {
            try {
                sessionManagerListener.onCreateSession(session);
            } catch (RuntimeException e) {
                listenerError("onCreateSession", sessionManagerListener, e);
            }
        }
    }

    private void listenerError(String str, Object obj, RuntimeException runtimeException) {
        logger.error("Exception while calling " + str + " on object " + obj, (Throwable) runtimeException);
        throw runtimeException;
    }

    private void cvy() {
        if (this.cBW == null) {
            this.cBW = Executors.newScheduledThreadPool(1, y.gG("SessionMonitor"));
            this.cBW.scheduleWithFixedDelay(new a(), 1000L, 1000L, TimeUnit.MILLISECONDS);
            logger.debug("sessionMonitorExecutor scheduled");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Session a(q qVar, j jVar, UserIdentityToken userIdentityToken, SignatureData signatureData, SignedSoftwareCertificate[] signedSoftwareCertificateArr, SignatureData signatureData2, String[] strArr) throws O {
        Session remove;
        boolean z;
        logger.debug("activateSession: serverSecureChannel={}", qVar);
        synchronized (this) {
            remove = this.cBY.remove(jVar);
            this.cBZ.remove(jVar);
            if (remove == null) {
                try {
                    remove = K(jVar);
                    if (logger.isDebugEnabled()) {
                        logger.debug("activateSession: session.getChannel()={}", remove.ctX());
                    }
                    if (remove.ctX().fus() != qVar.fus()) {
                        remove.a(qVar);
                    }
                } catch (O e) {
                    logger.info("Session NOT Activated: Unknown Token={}", jVar);
                    this.cBV.cug().crp();
                    throw new O(K.fnw);
                }
            } else {
                if (remove.ctX().fus() != qVar.fus() && !remove.isActive()) {
                    this.cBV.cug().crp();
                    throw new O(K.fne);
                }
                Object fuB = qVar.fuB();
                g fuB2 = remove.ctX().fuB();
                if (fuB2 != null && !fuB2.equals(fuB)) {
                    logger.info("activateSession: Client certificate changed from the original. Cannot activate.");
                    this.cBV.cug().crp();
                    this.cBV.cug().crq();
                    throw new O(K.fng);
                }
                remove.a(qVar);
                this.cBX.put(jVar, remove);
            }
        }
        o fuA = qVar.fuA();
        if (fuA == null) {
            fuA = ox().bq();
            z = false;
        } else {
            z = true;
        }
        try {
            g bp = remove.ctY().bp();
            byte[] fvz = bp == null ? null : bp.fvz();
            if (!remove.ow().equals(v.gNu) && !a(signatureData, fuA.bp(), remove.cum(), remove.ow().fut(), fvz)) {
                remove.cuk();
                logger.info("Session NOT activated: {}", remove.getSessionName());
                this.cBV.cug().crp();
                this.cBV.cug().crq();
                throw new O(K.fkh);
            }
            String str = null;
            if (userIdentityToken != null) {
                try {
                    UserTokenPolicy userTokenPolicy = null;
                    UserTokenPolicy[] userTokenPolicies = this.cBV.getUserTokenPolicies();
                    int length = userTokenPolicies.length;
                    int i = 0;
                    while (true) {
                        if (i >= length) {
                            break;
                        }
                        UserTokenPolicy userTokenPolicy2 = userTokenPolicies[i];
                        if (userTokenPolicy2.cEY().equals(userIdentityToken.cEY())) {
                            userTokenPolicy = userTokenPolicy2;
                            break;
                        }
                        i++;
                    }
                    if (userTokenPolicy == null) {
                        this.cBV.cug().crp();
                        this.cBV.cug().crq();
                        throw new O("UserTokenPolicy unknown: " + userIdentityToken.cEY(), K.flB);
                    }
                    str = userTokenPolicy.getSecurityPolicyUri();
                } catch (N e2) {
                    this.cBV.cug().crp();
                    this.cBV.cug().crq();
                    b(remove, userIdentityToken, e2);
                    r bs = e2.bs();
                    if (bs == null) {
                        bs = K.flB;
                    }
                    throw new O(bs);
                } catch (Q e3) {
                    this.cBV.cug().crp();
                    this.cBV.cug().crq();
                    b(remove, userIdentityToken, e3);
                    throw new O(e3.bw(), e3.bt());
                }
            }
            try {
                SecurityPolicy fut = str == null ? qVar.fut() : SecurityPolicy.getSecurityPolicy(str);
                ServerUserIdentity serverUserIdentity = z ? new ServerUserIdentity(this, userIdentityToken, signatureData2, fuA, remove.cum(), fut) : new ServerUserIdentity(this, userIdentityToken, signatureData2, ox().N(), remove.cum(), fut);
                logger.debug("userIdentity: {}", serverUserIdentity);
                boolean z2 = false;
                UserTokenPolicy[] userTokenPolicies2 = this.cBV.getUserTokenPolicies();
                int length2 = userTokenPolicies2.length;
                int i2 = 0;
                while (true) {
                    if (i2 >= length2) {
                        break;
                    }
                    if (userTokenPolicies2[i2].dmx().equals(serverUserIdentity.dJ())) {
                        z2 = true;
                        break;
                    }
                    i2++;
                }
                if (!z2) {
                    this.cBV.cug().crp();
                    this.cBV.cug().crq();
                    throw new O(K.flC);
                }
                a(remove, serverUserIdentity);
                remove.a(serverUserIdentity);
                g(remove);
                logger.info("Session activated: {}", remove);
                remove.setLocaleIds(strArr);
                return remove;
            } catch (h e4) {
                this.cBV.cug().crp();
                this.cBV.cug().crq();
                throw new O("UserTokenPolicy unknown: " + (userIdentityToken == null ? "userToken is null" : userIdentityToken.cEY()), K.flB);
            }
        } catch (N e5) {
            remove.cuk();
            logger.info("Session NOT activated: {} - {}", remove.getSessionName(), e5);
            logger.debug("SecureIdentityException: {}", (Throwable) e5);
            this.cBV.cug().crp();
            this.cBV.cug().crq();
            throw new O(K.fkh);
        }
    }

    protected void b(Session session, UserIdentityToken userIdentityToken, Exception exc) {
        a(session, userIdentityToken, exc);
        logger.info("Session NOT activated: {} - {}", session.getSessionName(), exc);
        logger.debug("SessionManager.activateSessionError()", (Throwable) exc);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void L(j jVar) throws O {
        Session K = K(jVar);
        h(K);
        K.cuj();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void close() {
        logger.debug("close");
        for (j jVar : this.cBX.keySet()) {
            try {
                a(jVar, true);
            } catch (O e) {
                logger.debug("While closing session " + jVar + ": ", (Throwable) e);
            }
        }
        if (this.cBW != null) {
            this.cBW.shutdownNow();
        }
        this.cBW = null;
        this.cBU = false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void a(j jVar, boolean z) throws O {
        logger.debug("closeSession: Token={}", jVar);
        Session remove = this.cBX.remove(jVar);
        if (remove == null) {
            remove = this.cBY.remove(jVar);
            this.cBZ.remove(jVar);
            if (remove == null) {
                throw new O(K.fnw);
            }
        }
        b(remove, z);
        logger.info("Session closed: {}", remove);
        this.cBV.cug().c(remove);
        remove.C(z);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public synchronized Session a(q qVar, byte[] bArr, ApplicationDescription applicationDescription, r rVar, Double d, String str, v vVar) throws O {
        g gVar;
        if (logger.isDebugEnabled()) {
            logger.debug("createSession: serverSecureChannel={} clientDescription={} clientCertificate={}", qVar, applicationDescription, Arrays.toString(bArr));
            logger.debug("createSession: sessionCount={} maxSessionCount={}", Integer.valueOf(cvv()), Integer.valueOf(cvs()));
        }
        if (!qVar.fuz().a(vVar.fut())) {
            logger.info("The requested SecurityPolicy(" + vVar.fut() + ") is not supported by the endpoint. Client=" + applicationDescription.getApplicationUri());
            this.cBV.cug().crp();
            throw new O(K.fnj);
        }
        if (!qVar.fuz().d(vVar)) {
            logger.info("The requested SecurityMode(" + vVar + ") is not supported by the endpoint. Client=" + applicationDescription.getApplicationUri());
            this.cBV.cug().crp();
            throw new O(K.fni);
        }
        if (cvv() >= cvs()) {
            if (cvv() == this.cBX.size()) {
                logger.info("createSession: MaxSessionCount exceeded, rejecting connection from {}", applicationDescription.getApplicationUri());
                this.cBV.cug().crp();
                throw new O(K.fnX);
            }
            Session remove = this.cBY.remove(this.cBZ.poll());
            logger.info("createSession: MaxSessionCount exceeded, removing the oldest non-activated Session :{}", remove);
            if (remove != null) {
                this.cBV.cug().c(remove);
                b(remove, false);
            }
        }
        if (bArr == null) {
            gVar = null;
        } else {
            try {
                gVar = new g(bArr);
            } catch (h e) {
                logger.error(e.getMessage());
                this.cBV.cug().crp();
                this.cBV.cug().crq();
                throw new O(K.fkr);
            }
        }
        g gVar2 = gVar;
        if (gVar2 != null && !qVar.fuC()) {
            logger.info("Client sent a certificate, although SecurityPolicy NONE is used");
        }
        C0094g c0094g = new C0094g(gVar2, null);
        c0094g.b(applicationDescription);
        Session a2 = a(str, c0094g, vVar);
        a2.setMaxResponseMessageSize(rVar);
        double b = b(d);
        if (logger.isTraceEnabled()) {
            logger.trace("createSession: requestedSessionTimeout=" + d + " revisedSessionTimeout=" + b);
        }
        a2.g(b);
        a2.a(qVar);
        try {
            i(a2);
            this.cBY.put(a2.ctW(), a2);
            this.cBZ.add(a2.ctW());
            this.cBV.cug().a(a2);
            logger.info("Session created: " + a2);
            return a2;
        } catch (Q e2) {
            this.cBV.cug().crp();
            this.cBV.cug().crq();
            throw new O(e2.bw(), e2.bt());
        }
    }

    protected Session a(String str, C0094g c0094g, v vVar) {
        return new Session(this, c0094g, str, vVar);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void start() throws Q {
        if (logger.isDebugEnabled()) {
            logger.debug("start");
        }
        this.cBU = true;
        cvy();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public C0094g ox() {
        return this.cBV.cc();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Type inference failed for: r0v22, types: [byte[], byte[][]] */
    public boolean a(SignatureData signatureData, g gVar, com.prosysopc.ua.stack.b.b bVar, SecurityPolicy securityPolicy, byte[] bArr) throws N {
        if (signatureData == null || signatureData.dhw() == null || signatureData.cPP() == null) {
            throw new N("Signature invalid", K.flB);
        }
        if (securityPolicy.equals(SecurityPolicy.NONE)) {
            return false;
        }
        if (!signatureData.dhw().equals(securityPolicy.getAsymmetricSignatureAlgorithm().getUri())) {
            logger.error("Client specified incorrect SignatureData algorithm: {}, expected: {}, using: {}", signatureData.dhw(), securityPolicy.getAsymmetricSignatureAlgorithm().getUri(), securityPolicy.getAsymmetricSignatureAlgorithm().getUri());
        }
        byte[] fvz = gVar.fvz();
        if (bVar != null) {
            fvz = f.a(new byte[]{fvz, bVar.czY()});
        }
        try {
            return i.b(C0149f.r(bArr), securityPolicy.getAsymmetricSignatureAlgorithm(), fvz, com.prosysopc.ua.stack.b.b.h(signatureData.cPP()));
        } catch (h e) {
            throw new N("Signature invalid", e);
        } catch (IllegalArgumentException e2) {
            throw new N("Signature invalid", e2);
        } catch (GeneralSecurityException e3) {
            throw new N("Signature invalid", e3);
        }
    }
}
