package com.bcxin.platform.framework.shiro.web.filter.kickout;

import com.bcxin.platform.common.core.domain.AjaxResult;
import com.bcxin.platform.common.utils.ServletUtils;
import com.bcxin.platform.common.utils.ShiroUtils;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.io.Serializable;
import java.util.ArrayDeque;
import java.util.Deque;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.mgt.DefaultSessionKey;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.apache.shiro.web.util.WebUtils;

/* loaded from: input_file:com/bcxin/platform/framework/shiro/web/filter/kickout/KickoutSessionFilter.class */
public class KickoutSessionFilter extends AccessControlFilter {
    private static final ObjectMapper objectMapper = new ObjectMapper();
    private int maxSession = -1;
    private Boolean kickoutAfter = false;
    private String kickoutUrl;
    private SessionManager sessionManager;
    private Cache<String, Deque<Serializable>> cache;

    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) throws Exception {
        return false;
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        Subject subject = getSubject(servletRequest, servletResponse);
        if ((!subject.isAuthenticated() && !subject.isRemembered()) || this.maxSession == -1) {
            return true;
        }
        try {
            Session session = subject.getSession();
            String loginName = ShiroUtils.getSysUser().getLoginName();
            Serializable id = session.getId();
            Deque deque = (Deque) this.cache.get(loginName);
            if (deque == null) {
                deque = new ArrayDeque();
            }
            if (!deque.contains(id) && session.getAttribute("kickout") == null) {
                deque.push(id);
                this.cache.put(loginName, deque);
            }
            while (deque.size() > this.maxSession) {
                Serializable serializable = this.kickoutAfter.booleanValue() ? (Serializable) deque.removeFirst() : (Serializable) deque.removeLast();
                this.cache.put(loginName, deque);
                try {
                    Session session2 = this.sessionManager.getSession(new DefaultSessionKey(serializable));
                    if (null != session2) {
                        session2.setAttribute("kickout", true);
                    }
                } catch (Exception e) {
                }
            }
            if (((Boolean) session.getAttribute("kickout")) == null || !((Boolean) session.getAttribute("kickout")).booleanValue()) {
                return true;
            }
            subject.logout();
            saveRequest(servletRequest);
            return isAjaxResponse(servletRequest, servletResponse);
        } catch (Exception e2) {
            return isAjaxResponse(servletRequest, servletResponse);
        }
    }

    private boolean isAjaxResponse(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException {
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (!ServletUtils.isAjaxRequest((HttpServletRequest) servletRequest)) {
            WebUtils.issueRedirect(servletRequest, servletResponse, this.kickoutUrl);
            return false;
        }
        ServletUtils.renderString(httpServletResponse, objectMapper.writeValueAsString(AjaxResult.error("您已在别处登录，请您修改密码或重新登录")));
        return false;
    }

    public void setMaxSession(int i) {
        this.maxSession = i;
    }

    public void setKickoutAfter(boolean z) {
        this.kickoutAfter = Boolean.valueOf(z);
    }

    public void setKickoutUrl(String str) {
        this.kickoutUrl = str;
    }

    public void setSessionManager(SessionManager sessionManager) {
        this.sessionManager = sessionManager;
    }

    public void setCacheManager(CacheManager cacheManager) {
        this.cache = cacheManager.getCache("sys-userCache");
    }
}
