package org.forgerock.openam.authentication;

import com.iplanet.dpro.session.service.InternalSession;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.saml2.common.SAML2FailoverUtils;
import com.sun.identity.saml2.profile.IDPCache;
import com.sun.identity.saml2.profile.IDPSession;
import com.sun.identity.saml2.profile.IDPSessionCopy;
import com.sun.identity.shared.debug.Debug;
import org.forgerock.guice.core.InjectorHolder;
import org.forgerock.openam.authentication.service.SessionUpgradeHandler;
import org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException;
import org.forgerock.openam.utils.StringUtils;
import org.forgerock.openam.utils.Time;

/* loaded from: input_file:org/forgerock/openam/authentication/Saml2SessionUpgradeHandler.class */
public class Saml2SessionUpgradeHandler implements SessionUpgradeHandler {
    private static final Debug debug = Debug.getInstance("libSAML2");
    private final SSOTokenManager ssoTokenManager = (SSOTokenManager) InjectorHolder.getInstance(SSOTokenManager.class);

    public void handleSessionUpgrade(InternalSession internalSession, InternalSession internalSession2) {
        String property = internalSession.getProperty("SAML2IDPSessionIndex");
        if (StringUtils.isNotEmpty(property)) {
            String sessionID = internalSession.getID().toString();
            String sessionID2 = internalSession2.getID().toString();
            try {
                SSOToken createSSOToken = this.ssoTokenManager.createSSOToken(sessionID);
                SSOToken createSSOToken2 = this.ssoTokenManager.createSSOToken(sessionID2);
                IDPSession iDPSession = (IDPSession) IDPCache.idpSessionsByIndices.get(property);
                if (iDPSession == null && SAML2FailoverUtils.isSAML2FailoverEnabled()) {
                    try {
                        IDPSessionCopy iDPSessionCopy = (IDPSessionCopy) SAML2FailoverUtils.retrieveSAML2Token(property);
                        if (iDPSessionCopy != null) {
                            iDPSession = new IDPSession(iDPSessionCopy);
                        }
                    } catch (SAML2TokenRepositoryException e) {
                        debug.warning("Unable to retrieve IDPSessionCopy from SAML failover store", e);
                    }
                }
                if (iDPSession != null) {
                    iDPSession.setSession(createSSOToken2);
                    if (SAML2FailoverUtils.isSAML2FailoverEnabled()) {
                        try {
                            SAML2FailoverUtils.deleteSAML2Token(property);
                            SAML2FailoverUtils.saveSAML2TokenWithoutSecondaryKey(property, new IDPSessionCopy(iDPSession), (Time.currentTimeMillis() / 1000) + internalSession2.getTimeLeft());
                        } catch (SAML2TokenRepositoryException e2) {
                            debug.error("Failed to update IDPSession in SAML failover store", e2);
                        }
                    }
                    IDPCache.idpSessionsByIndices.put(property, iDPSession);
                    IDPCache.idpSessionsBySessionID.put(sessionID2, iDPSession);
                }
                IDPCache.idpSessionsBySessionID.remove(sessionID);
                String str = (String) IDPCache.spSessionPartnerBySessionID.remove(sessionID);
                if (str != null) {
                    IDPCache.spSessionPartnerBySessionID.put(sessionID2, str);
                }
                try {
                    createSSOToken.setProperty("SAML2IDPSessionIndex", "dummy");
                } catch (SSOException e3) {
                    debug.error("Failed to set IDP Session Index for old session", e3);
                }
            } catch (SSOException e4) {
                debug.warning("Unable to create an SSOToken for the session ID due to " + e4.toString());
            }
        }
    }
}
