package org.apache.isis.viewer.restfulobjects.viewer.webmodule.auth;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.isis.core.security.authentication.Authentication;
import org.apache.isis.core.security.authentication.manager.AuthenticationManager;

/* loaded from: input_file:org/apache/isis/viewer/restfulobjects/viewer/webmodule/auth/AuthenticationStrategyDefault.class */
public class AuthenticationStrategyDefault extends AuthenticationStrategyAbstract {
    public static final String HTTP_SESSION_AUTHENTICATION_SESSION_KEY = AuthenticationStrategyDefault.class.getPackage().getName() + ".authentication";

    @Override // org.apache.isis.viewer.restfulobjects.viewer.webmodule.auth.AuthenticationStrategy
    public Authentication lookupValid(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        AuthenticationManager authenticationManager = super.getAuthenticationManager(httpServletRequest);
        Authentication authentication = (Authentication) getHttpSession(httpServletRequest).getAttribute(HTTP_SESSION_AUTHENTICATION_SESSION_KEY);
        if (authentication == null || !authenticationManager.isSessionValid(authentication)) {
            return null;
        }
        return authentication;
    }

    @Override // org.apache.isis.viewer.restfulobjects.viewer.webmodule.auth.AuthenticationStrategy
    public void bind(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        HttpSession httpSession = getHttpSession(httpServletRequest);
        if (authentication != null) {
            httpSession.setAttribute(HTTP_SESSION_AUTHENTICATION_SESSION_KEY, authentication);
        } else {
            httpSession.removeAttribute(HTTP_SESSION_AUTHENTICATION_SESSION_KEY);
        }
    }
}
