package org.eclipse.scout.rt.server.commons.servlet.logging;

import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.stream.Stream;
import javax.servlet.http.HttpSession;
import org.eclipse.scout.rt.platform.ApplicationScoped;
import org.eclipse.scout.rt.platform.Platform;
import org.eclipse.scout.rt.platform.config.AbstractConfigProperty;
import org.eclipse.scout.rt.platform.config.CONFIG;
import org.eclipse.scout.rt.platform.util.HexUtility;
import org.eclipse.scout.rt.platform.util.StringUtility;

@ApplicationScoped
/* loaded from: input_file:org/eclipse/scout/rt/server/commons/servlet/logging/HttpSessionIdLogHelper.class */
public class HttpSessionIdLogHelper {
    public static final String SESSION_ATTRIBUTE = HttpSessionIdLogHelper.class.getName();

    /* loaded from: input_file:org/eclipse/scout/rt/server/commons/servlet/logging/HttpSessionIdLogHelper$HttpSessionIdLogMode.class */
    public enum HttpSessionIdLogMode {
        OFF("off"),
        SHORT("short"),
        FULL("full");

        private final String m_id;

        HttpSessionIdLogMode(String str) {
            this.m_id = str;
        }

        public String getId() {
            return this.m_id;
        }

        /* renamed from: values, reason: to resolve conflict with enum method */
        public static HttpSessionIdLogMode[] valuesCustom() {
            HttpSessionIdLogMode[] valuesCustom = values();
            int length = valuesCustom.length;
            HttpSessionIdLogMode[] httpSessionIdLogModeArr = new HttpSessionIdLogMode[length];
            System.arraycopy(valuesCustom, 0, httpSessionIdLogModeArr, 0, length);
            return httpSessionIdLogModeArr;
        }
    }

    /* loaded from: input_file:org/eclipse/scout/rt/server/commons/servlet/logging/HttpSessionIdLogHelper$HttpSessionIdLogModeProperty.class */
    public static class HttpSessionIdLogModeProperty extends AbstractConfigProperty<HttpSessionIdLogMode, String> {
        public String getKey() {
            return "scout.diagnostics.httpSessionIdLogMode";
        }

        /* renamed from: getDefaultValue, reason: merged with bridge method [inline-methods] */
        public HttpSessionIdLogMode m29getDefaultValue() {
            return Platform.get().inDevelopmentMode() ? HttpSessionIdLogMode.FULL : HttpSessionIdLogMode.SHORT;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        public HttpSessionIdLogMode parse(String str) {
            String trim = StringUtility.trim(str);
            return (HttpSessionIdLogMode) Stream.of((Object[]) HttpSessionIdLogMode.valuesCustom()).filter(httpSessionIdLogMode -> {
                return httpSessionIdLogMode.getId().equalsIgnoreCase(trim);
            }).findFirst().orElseThrow(() -> {
                return new IllegalArgumentException("Invalid value: '" + str + "'");
            });
        }

        public String description() {
            return "Specifies in which form the HTTP session ID is provided as diagnostic context value.\nPossible modes:\n'" + HttpSessionIdLogMode.OFF.getId() + "': No HTTP session ID is provided.\n'" + HttpSessionIdLogMode.SHORT.getId() + "': Only a short and obfuscated version of the HTTP session is provided. The actual ID cannot be recovered from this.\n'" + HttpSessionIdLogMode.FULL.getId() + "': The full HTTP session ID is provided, as reported by the application server. CAUTION: Only use this mode if you can guarantee that no malicious third party has access to the log files. Otherwise they might be able to hijack active sessions.\nIn development mode, the default value is '" + HttpSessionIdLogMode.FULL.getId() + "'. Otherwise, the default value is '" + HttpSessionIdLogMode.SHORT.getId() + "'.";
        }
    }

    public String getSessionIdForLogging(HttpSession httpSession) {
        if (httpSession == null) {
            return null;
        }
        String str = (String) httpSession.getAttribute(SESSION_ATTRIBUTE);
        if (str != null) {
            return StringUtility.nullIfEmpty(str);
        }
        String computeSessionIdForLogging = computeSessionIdForLogging(httpSession.getId(), (HttpSessionIdLogMode) CONFIG.getPropertyValue(HttpSessionIdLogModeProperty.class));
        httpSession.setAttribute(SESSION_ATTRIBUTE, StringUtility.emptyIfNull(computeSessionIdForLogging));
        return computeSessionIdForLogging;
    }

    protected String computeSessionIdForLogging(String str, HttpSessionIdLogMode httpSessionIdLogMode) {
        if (str == null || httpSessionIdLogMode == HttpSessionIdLogMode.FULL) {
            return str;
        }
        if (httpSessionIdLogMode != HttpSessionIdLogMode.SHORT) {
            return null;
        }
        try {
            return StringUtility.join("~", new Object[]{StringUtility.box("#", getShortHash(str), ""), getSuffix(str)});
        } catch (Exception unused) {
            return null;
        }
    }

    protected String getSuffix(String str) {
        if (str.length() < 30) {
            return null;
        }
        int indexOf = str.indexOf(".", 15);
        return indexOf >= 15 ? str.substring(indexOf - 4, indexOf) : str.substring(str.length() - 4);
    }

    protected String getShortHash(String str) throws NoSuchAlgorithmException {
        return StringUtility.substring(getHash(str), 0, 10);
    }

    protected String getHash(String str) throws NoSuchAlgorithmException {
        return HexUtility.encode(MessageDigest.getInstance("MD5").digest(str.getBytes(StandardCharsets.UTF_8)));
    }
}
