package com.atlassian.jira.web.filters.accesslog;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.zip.CRC32;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/atlassian/jira/web/filters/accesslog/AtlassianSessionIdUtil.class */
public class AtlassianSessionIdUtil {
    public static final String ASESSIONID_NAME = "ASESSIONID";
    public static final String JSESSIONID_NAME = "JSESSIONID";
    public static final String X_ASESSIONID_HEADER = "X-ASESSIONID";
    private static final Logger log = Logger.getLogger(AtlassianSessionIdUtil.class);

    public static String generateAtlassianSessionHash(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        ArrayList arrayList = new ArrayList();
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                if (ASESSIONID_NAME.equals(cookie.getName())) {
                    arrayList.add(new Cookie(cookie.getName(), cookie.getValue()));
                }
            }
        }
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null) {
            if (arrayList.isEmpty()) {
                return null;
            }
            deleteASESSIONIDCookie(httpServletRequest, httpServletResponse);
            return null;
        }
        String str = (String) session.getAttribute(ASESSIONID_NAME);
        if (str == null) {
            String id = session.getId();
            str = generateASESSIONID(id);
            if (str == null) {
                log.debug("Session with id '" + id + "' generated a null hash. Not setting ASESSIONID cookie or header.");
                return null;
            }
            session.setAttribute(ASESSIONID_NAME, str);
            addASESSIONIDCookie(httpServletRequest, httpServletResponse, str);
        } else if (arrayList.isEmpty()) {
            addASESSIONIDCookie(httpServletRequest, httpServletResponse, str);
        } else {
            boolean z = false;
            Iterator it = arrayList.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (str.equals(((Cookie) it.next()).getValue())) {
                    z = true;
                    break;
                }
            }
            if (!z) {
                addASESSIONIDCookie(httpServletRequest, httpServletResponse, str);
            }
        }
        httpServletResponse.addHeader(X_ASESSIONID_HEADER, str);
        httpServletRequest.setAttribute(ASESSIONID_NAME, str);
        return str;
    }

    private static void addASESSIONIDCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        Cookie cookie = new Cookie(ASESSIONID_NAME, str);
        cookie.setPath(getCookiePath(httpServletRequest));
        cookie.setMaxAge(-1);
        httpServletResponse.addCookie(cookie);
    }

    private static void deleteASESSIONIDCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Cookie cookie = new Cookie(ASESSIONID_NAME, "");
        cookie.setPath(getCookiePath(httpServletRequest));
        cookie.setMaxAge(0);
        httpServletResponse.addCookie(cookie);
    }

    private static String getCookiePath(HttpServletRequest httpServletRequest) {
        String contextPath = httpServletRequest.getContextPath();
        if (StringUtils.isEmpty(contextPath)) {
            contextPath = "/";
        }
        return contextPath;
    }

    public static String generateASESSIONID(String str) {
        if (str == null) {
            return null;
        }
        MessageDigest messageDigest = getMessageDigest("MD5");
        if (messageDigest == null) {
            messageDigest = getMessageDigest("SHA");
        }
        if (messageDigest == null) {
            return null;
        }
        messageDigest.update(str.getBytes());
        return encode(messageDigest.digest());
    }

    private static String encode(byte[] bArr) {
        CRC32 crc32 = new CRC32();
        crc32.update(bArr);
        return Long.toString(crc32.getValue(), 36);
    }

    private static MessageDigest getMessageDigest(String str) {
        try {
            return MessageDigest.getInstance(str);
        } catch (NoSuchAlgorithmException e) {
            return null;
        }
    }
}
