package kr.wisestone.owl.config.security.filter;

import kr.wisestone.owl.constant.Constants;
import org.apache.commons.io.FilenameUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.session.SessionInformation;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
import org.springframework.security.web.util.UrlUtils;
import org.springframework.util.Assert;
import org.springframework.web.filter.GenericFilterBean;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

public class AjaxSessionExpiredFilter extends GenericFilterBean {
    private final Logger log = LoggerFactory.getLogger(AjaxSessionExpiredFilter.class);

    private String ajaxHeader;
    private SessionRegistry sessionRegistry;
    private String expiredUrl;
    private LogoutHandler[] handlers = new LogoutHandler[]{new SecurityContextLogoutHandler()};
    private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();

    public void destroy() {
    }

    public AjaxSessionExpiredFilter(SessionRegistry sessionRegistry) {
        Assert.notNull(sessionRegistry, "SessionRegistry required");
        this.sessionRegistry = sessionRegistry;
    }

    public AjaxSessionExpiredFilter(SessionRegistry sessionRegistry, String expiredUrl) {
        Assert.notNull(sessionRegistry, "SessionRegistry required");
        Assert.isTrue(expiredUrl == null || UrlUtils.isValidRedirectUrl(expiredUrl), expiredUrl + " isn\'t a valid redirect URL");
        this.sessionRegistry = sessionRegistry;
        this.expiredUrl = expiredUrl;
    }

    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest)req;
        HttpServletResponse response = (HttpServletResponse)res;
        HttpSession session = request.getSession(false);

        String uri = request.getRequestURI();
        if (FilenameUtils.isExtension(uri, "html") || uri.contains("/user/getUserSession") || uri.contains("/owl-socket")) {
            chain.doFilter(request, response);
            return;
        }

        if(session != null) {
            SessionInformation info = this.sessionRegistry.getSessionInformation(session.getId());
            if(info != null) {
                if(info.isExpired()) {
                    this.doLogoutAndFireErrorMessage(request, response);
                    return;
                }

                this.sessionRegistry.refreshLastRequest(info.getSessionId());
            }
        }

        chain.doFilter(request, response);
    }

    private void doLogoutAndFireErrorMessage(HttpServletRequest request, HttpServletResponse response) throws IOException {
        this.doLogout(request, response);
        response.sendRedirect(Constants.SESSION_EXPIRE_REDIRECT_URL);
    }

    private void doLogout(HttpServletRequest request, HttpServletResponse response) {
        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
        LogoutHandler[] var4 = this.handlers;
        int var5 = var4.length;

        for(int var6 = 0; var6 < var5; ++var6) {
            LogoutHandler handler = var4[var6];
            handler.logout(request, response, auth);
        }

    }
}