package com.ibm.nex.dsi.session.validation;

import java.io.IOException;
import java.text.DateFormat;
import java.util.Date;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:com/ibm/nex/dsi/session/validation/HttpSessionValidationResource.class */
public class HttpSessionValidationResource extends HttpServlet {
    public static final String COPYRIGHT = "� Copyright IBM Corp. 2019  � Copyright UNICOM� Systems, Inc. 2019";
    private static Log log = LogFactory.getLog(HttpSessionValidationResource.class);
    private int TIMEOUT_VALUE = 3600;
    private static final long serialVersionUID = 4620023150429192882L;

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter("userName");
        String parameter2 = httpServletRequest.getParameter("type");
        long currentTimeMillis = System.currentTimeMillis();
        if (parameter == null || parameter.isEmpty()) {
            log.error("Invalid UserName passed to session api. It cannot be null or empty.");
            httpServletResponse.setStatus(400);
            return;
        }
        if (parameter2 == null || parameter2.isEmpty()) {
            log.error("Invalid type passed to session api. It cannot be null or empty.");
            httpServletResponse.setStatus(400);
            return;
        }
        if (!parameter2.equalsIgnoreCase(LoginSessionBean.TYPE_OCM) && !parameter2.equalsIgnoreCase(LoginSessionBean.TYPE_MANAGER) && !parameter2.equalsIgnoreCase(LoginSessionBean.TYPE_REST)) {
            log.error("Invalid value passed to session api for application type " + parameter2 + ". Valid values are " + LoginSessionBean.TYPE_OCM + " and " + LoginSessionBean.TYPE_MANAGER + "and " + LoginSessionBean.TYPE_REST);
            httpServletResponse.setStatus(400);
            return;
        }
        httpServletRequest.changeSessionId();
        if (parameter2.equalsIgnoreCase(LoginSessionBean.TYPE_REST)) {
            httpServletResponse.setStatus(200);
            return;
        }
        HttpSession session = httpServletRequest.getSession();
        LoginSessionBean loginSessionBean = new LoginSessionBean(parameter, parameter2);
        if (!loginSessionBean.canUserSessionBeEstablished()) {
            log.warn("HttpSessionValidationResource: Maximum login sessions have been reached for user " + parameter + ". Maximum sessions allowed per user = " + LoginSessionBean.userSessionsAllowed + ". Rejected the attempt");
            httpServletResponse.setStatus(403);
            return;
        }
        if (session.getMaxInactiveInterval() <= 0) {
            session.setMaxInactiveInterval(this.TIMEOUT_VALUE);
        }
        String str = "0";
        session.setAttribute("loginUser", loginSessionBean);
        long andSetLastLoggedInTime = loginSessionBean.getAndSetLastLoggedInTime(parameter, parameter2, currentTimeMillis);
        if (andSetLastLoggedInTime > 0) {
            Date date = new Date();
            date.setTime(andSetLastLoggedInTime);
            str = DateFormat.getDateTimeInstance(1, 1).format(date);
        } else if (andSetLastLoggedInTime == -1) {
            log.warn("HttpSessionValidationResource: Unable to create AuditOptimLoginUsers.xml");
        }
        httpServletResponse.setStatus(200);
        httpServletResponse.getOutputStream().write(("<user><id> " + parameter + "</id><lastLoggedInTime>" + str + "</lastLoggedInTime></user>").getBytes("UTF-8"));
    }
}
