package com.sojson.core.shiro.filter;

import com.sojson.common.utils.LoggerUtils;
import com.sojson.core.shiro.cache.VCache;
import com.sojson.core.shiro.session.ShiroSessionRepository;
import com.sojson.core.shiro.token.manager.TokenManager;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.Serializable;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import net.sf.json.JSONObject;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.apache.shiro.web.util.WebUtils;

/* loaded from: input_file:com/sojson/core/shiro/filter/KickoutSessionFilter.class */
public class KickoutSessionFilter extends AccessControlFilter {
    static String kickoutUrl;
    static final String ONLINE_USER = KickoutSessionFilter.class.getCanonicalName() + "_online_user";
    static final String KICKOUT_STATUS = KickoutSessionFilter.class.getCanonicalName() + "_kickout_status";
    static VCache cache;
    static ShiroSessionRepository shiroSessionRepository;

    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) throws Exception {
        String requestURI = ((HttpServletRequest) servletRequest).getRequestURI();
        Subject subject = getSubject(servletRequest, servletResponse);
        if (requestURI.startsWith("/open/") || !(subject.isAuthenticated() || subject.isRemembered())) {
            return Boolean.TRUE.booleanValue();
        }
        Session session = subject.getSession();
        Serializable id = session.getId();
        Boolean bool = (Boolean) session.getAttribute(KICKOUT_STATUS);
        if (null != bool && bool.booleanValue()) {
            HashMap hashMap = new HashMap();
            if (ShiroFilterUtils.isAjax(servletRequest)) {
                LoggerUtils.debug(getClass(), "当前用户已经在其他地方登录，并且是Ajax请求！");
                hashMap.put("user_status", "300");
                hashMap.put("message", "您已经在其他地方登录，请重新登录！");
                out(servletResponse, hashMap);
            }
            return Boolean.FALSE.booleanValue();
        }
        VCache vCache = cache;
        LinkedHashMap linkedHashMap = (LinkedHashMap) VCache.get(ONLINE_USER, LinkedHashMap.class);
        LinkedHashMap linkedHashMap2 = null == linkedHashMap ? new LinkedHashMap() : linkedHashMap;
        Long userId = TokenManager.getUserId();
        if (linkedHashMap2.containsKey(userId) && linkedHashMap2.containsValue(id)) {
            VCache vCache2 = cache;
            VCache.setex(ONLINE_USER, linkedHashMap2, 3600);
            return Boolean.TRUE.booleanValue();
        }
        if (!linkedHashMap2.containsKey(userId) || linkedHashMap2.containsValue(id)) {
            if (!linkedHashMap2.containsKey(userId) && !linkedHashMap2.containsValue(id)) {
                linkedHashMap2.put(userId, id);
                VCache vCache3 = cache;
                VCache.setex(ONLINE_USER, linkedHashMap2, 3600);
            }
            return Boolean.TRUE.booleanValue();
        }
        Serializable serializable = (Serializable) linkedHashMap2.get(userId);
        if (shiroSessionRepository == null) {
            LoggerUtils.error(getClass(), "shiroSessionRepository没有做IOC注入配置");
        }
        Session session2 = shiroSessionRepository.getSession(serializable);
        if (null != session2 && shiroSessionRepository != null) {
            session2.setAttribute(KICKOUT_STATUS, Boolean.TRUE);
            shiroSessionRepository.saveSession(session2);
            LoggerUtils.fmtDebug(getClass(), "kickout old session success,oldId[%s]", new Object[]{serializable});
        } else if (shiroSessionRepository != null) {
            shiroSessionRepository.deleteSession(serializable);
            linkedHashMap2.remove(userId);
            VCache vCache4 = cache;
            VCache.setex(ONLINE_USER, linkedHashMap2, 3600);
        }
        return Boolean.TRUE.booleanValue();
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        getSubject(servletRequest, servletResponse).logout();
        WebUtils.getSavedRequest(servletRequest);
        WebUtils.issueRedirect(servletRequest, servletResponse, kickoutUrl);
        return false;
    }

    private void out(ServletResponse servletResponse, Map<String, String> map) throws IOException {
        try {
            servletResponse.setCharacterEncoding("UTF-8");
            PrintWriter writer = servletResponse.getWriter();
            writer.println(JSONObject.fromObject(map).toString());
            writer.flush();
            writer.close();
        } catch (Exception e) {
            LoggerUtils.error(getClass(), "KickoutSessionFilter.class 输出JSON异常，可以忽略。");
        }
    }

    public static void setShiroSessionRepository(ShiroSessionRepository shiroSessionRepository2) {
        shiroSessionRepository = shiroSessionRepository2;
    }

    public static String getKickoutUrl() {
        return kickoutUrl;
    }

    public static void setKickoutUrl(String str) {
        kickoutUrl = str;
    }
}
