package at.gv.egovernment.moa.id.storage;

import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.slo.SLOInformationInterface;
import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AssertionAttributeExtractorExeption;
import at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore;
import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore;
import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore;
import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.commons.utils.JsonMapper;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameterDecorator;
import at.gv.egovernment.moa.id.data.EncryptedData;
import at.gv.egovernment.moa.id.util.SessionEncrytionUtil;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
import com.fasterxml.jackson.core.JsonProcessingException;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;
import javax.persistence.Query;
import org.apache.commons.lang.SerializationUtils;
import org.apache.commons.lang.StringEscapeUtils;
import org.hibernate.HibernateException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Repository;
import org.springframework.transaction.annotation.Transactional;

@Transactional("sessionTransactionManager")
@Repository("AuthenticationSessionStoreage")
/* loaded from: input_file:at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.class */
public class DBAuthenticationSessionStoreage implements IAuthenticationSessionStoreage {

    @PersistenceContext(unitName = "session")
    private EntityManager entityManager;

    @Autowired
    AuthConfiguration authConfig;
    private static JsonMapper mapper = new JsonMapper();

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public AuthenticationSession createInternalSSOSession(IRequest iRequest) throws MOADatabaseException, BuildException {
        String nextLongRandom = Random.nextLongRandom();
        try {
            AuthenticatedSessionStore authenticatedSessionStore = new AuthenticatedSessionStore();
            authenticatedSessionStore.setSessionid(nextLongRandom);
            Date date = new Date();
            authenticatedSessionStore.setCreated(date);
            authenticatedSessionStore.setUpdated(date);
            AuthenticationSessionExtensions authenticationSessionExtensions = new AuthenticationSessionExtensions();
            authenticationSessionExtensions.setUniqueSessionId(iRequest.getUniqueSessionIdentifier());
            authenticatedSessionStore.setAdditionalInformationBytes(mapper.serialize(authenticationSessionExtensions).getBytes("UTF-8"));
            AuthenticationSession authenticationSession = new AuthenticationSession(nextLongRandom, date, (IAuthenticationSession) iRequest.getSessionData(AuthenticationSessionWrapper.class));
            encryptSession(authenticationSession, authenticatedSessionStore);
            this.entityManager.persist(authenticatedSessionStore);
            Logger.info("Create MOA SSO-Session with internal sessionID: " + nextLongRandom);
            return authenticationSession;
        } catch (JsonProcessingException | UnsupportedEncodingException e) {
            Logger.warn("Extended session information can not be stored.", e);
            throw new MOADatabaseException("Extended session information can not be stored.", e);
        }
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public AuthenticationSession getInternalSSOSession(String str) throws MOADatabaseException {
        if (MiscUtil.isEmpty(str)) {
            return null;
        }
        try {
            return decryptSession(searchInDatabase(str));
        } catch (MOADatabaseException e) {
            Logger.info("No MOA Session with id: " + str);
            return null;
        } catch (Throwable th) {
            Logger.warn("MOASession deserialization-exception by using MOASessionID=" + str, th);
            throw new MOADatabaseException("MOASession deserialization-exception");
        }
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public AuthenticationSessionExtensions getAuthenticationSessionExtensions(String str) throws MOADatabaseException {
        AuthenticatedSessionStore searchInDatabase = searchInDatabase(str);
        if (searchInDatabase.getAdditionalInformationBytes() == null) {
            return null;
        }
        try {
            return (AuthenticationSessionExtensions) mapper.deserialize(new String(searchInDatabase.getAdditionalInformationBytes(), "UTF-8"), AuthenticationSessionExtensions.class);
        } catch (Exception e) {
            Logger.warn("Extended session information extraction FAILED!", e);
            return null;
        }
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public void setAuthenticationSessionExtensions(String str, AuthenticationSessionExtensions authenticationSessionExtensions) throws MOADatabaseException {
        try {
            AuthenticatedSessionStore searchInDatabase = searchInDatabase(str);
            searchInDatabase.setAdditionalInformationBytes(mapper.serialize(authenticationSessionExtensions).getBytes("UTF-8"));
            this.entityManager.merge(searchInDatabase);
            Logger.debug("MOASession with sessionID=" + str + " is stored in Database");
        } catch (MOADatabaseException e) {
            Logger.warn("MOASession could not be stored.");
            throw new MOADatabaseException("MOASession could not be stored.", e);
        } catch (JsonProcessingException | UnsupportedEncodingException e2) {
            Logger.warn("Extended session information can not be stored.", e2);
            throw new MOADatabaseException("Extended session information can not be stored.", e2);
        }
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public void destroyInternalSSOSession(String str) throws MOADatabaseException {
        Query createNamedQuery = this.entityManager.createNamedQuery("getSessionWithID");
        createNamedQuery.setParameter("sessionid", str);
        List resultList = createNamedQuery.getResultList();
        Logger.trace("Found entries: " + resultList.size());
        if (resultList.size() != 1) {
            Logger.trace("No entries found.");
            throw new MOADatabaseException("No session found with this sessionID");
        }
        cleanDelete((AuthenticatedSessionStore) resultList.get(0));
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public void setAuthenticated(String str, boolean z) {
        try {
            AuthenticatedSessionStore searchInDatabase = searchInDatabase(str);
            searchInDatabase.setAuthenticated(z);
            this.entityManager.merge(searchInDatabase);
        } catch (MOADatabaseException e) {
            Logger.warn("isAuthenticated can not be stored in MOASession " + str, e);
        }
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public String getInternalSSOSessionWithSSOID(String str) throws MOADatabaseException {
        MiscUtil.assertNotNull(str, "SSOsessionID");
        Logger.trace("Get authenticated session with SSOID " + str + " from database.");
        Query createNamedQuery = this.entityManager.createNamedQuery("getSessionWithSSOID");
        createNamedQuery.setParameter("sessionid", str);
        List resultList = createNamedQuery.getResultList();
        Logger.trace("Found entries: " + resultList.size());
        if (resultList.size() != 1) {
            Logger.trace("No entries found.");
            return null;
        }
        try {
            return decryptSession((AuthenticatedSessionStore) resultList.get(0)).getSSOSessionID();
        } catch (Throwable th) {
            Logger.warn("MOASession deserialization-exception by using internal MOASessionID=" + ((AuthenticatedSessionStore) resultList.get(0)).getSessionid(), th);
            throw new MOADatabaseException("MOASession deserialization-exception");
        }
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public boolean isSSOSession(String str) throws MOADatabaseException {
        try {
            return searchInDatabase(str).isSSOSession();
        } catch (MOADatabaseException e) {
            Logger.info("No MOA Session with id: " + str);
            throw new MOADatabaseException("No MOA Session with id: " + str);
        }
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public AuthenticatedSessionStore isValidSessionWithSSOID(String str) {
        MiscUtil.assertNotNull(str, "SSOSessionID");
        Logger.trace("Get authenticated session with SSOID " + str + " from database.");
        Query createNamedQuery = this.entityManager.createNamedQuery("getSessionWithSSOID");
        createNamedQuery.setParameter("sessionid", str);
        List resultList = createNamedQuery.getResultList();
        Logger.trace("Found entries: " + resultList.size());
        if (resultList.size() == 1) {
            return (AuthenticatedSessionStore) resultList.get(0);
        }
        Logger.trace("No entries found.");
        return null;
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public void addSSOInformation(String str, String str2, SLOInformationInterface sLOInformationInterface, IRequest iRequest) throws AuthenticationException {
        Query createNamedQuery = this.entityManager.createNamedQuery("getSessionWithID");
        createNamedQuery.setParameter("sessionid", str);
        List resultList = createNamedQuery.getResultList();
        Logger.trace("Found entries: " + resultList.size());
        if (resultList.size() != 1) {
            Logger.trace("No entries found.");
            throw new AuthenticationException("No session found with this sessionID", null);
        }
        AuthenticatedSessionStore authenticatedSessionStore = (AuthenticatedSessionStore) resultList.get(0);
        OASessionStore oASessionStore = null;
        if (authenticatedSessionStore.getActiveOAsessions() != null) {
            for (OASessionStore oASessionStore2 : authenticatedSessionStore.getActiveOAsessions()) {
                if (oASessionStore2.getOaurlprefix().equals(iRequest.getSPEntityId())) {
                    oASessionStore = oASessionStore2;
                }
            }
        }
        if (oASessionStore == null) {
            oASessionStore = new OASessionStore();
        }
        oASessionStore.setOaurlprefix(iRequest.getSPEntityId());
        oASessionStore.setMoasession(authenticatedSessionStore);
        oASessionStore.setCreated(new Date());
        if (sLOInformationInterface != null) {
            oASessionStore.setAssertionSessionID(sLOInformationInterface.getSessionIndex());
            oASessionStore.setUserNameID(sLOInformationInterface.getUserNameIdentifier());
            oASessionStore.setUserNameIDFormat(sLOInformationInterface.getUserNameIDFormat());
            oASessionStore.setProtocolType(sLOInformationInterface.getProtocolType());
            oASessionStore.setAttributeQueryUsed(false);
            oASessionStore.setAuthURL(iRequest.getAuthURL());
        }
        List activeOAsessions = authenticatedSessionStore.getActiveOAsessions();
        activeOAsessions.add(oASessionStore);
        authenticatedSessionStore.setActiveOAsessions(activeOAsessions);
        if (authenticatedSessionStore.getSSOsessionid() != null) {
            OldSSOSessionIDStore oldSSOSessionIDStore = new OldSSOSessionIDStore();
            oldSSOSessionIDStore.setOldsessionid(authenticatedSessionStore.getSSOsessionid());
            oldSSOSessionIDStore.setMoasession(authenticatedSessionStore);
            authenticatedSessionStore.getOldssosessionids().add(oldSSOSessionIDStore);
        }
        authenticatedSessionStore.setSSOSession(true);
        authenticatedSessionStore.setSSOsessionid(str2);
        authenticatedSessionStore.setAuthenticated(true);
        this.entityManager.merge(authenticatedSessionStore);
        if (sLOInformationInterface != null) {
            Logger.info("Add SSO-Session login information for OA: " + iRequest.getSPEntityId() + " and AssertionID: " + sLOInformationInterface.getSessionIndex());
        } else {
            Logger.info("Add SSO-Session login information for OA: " + iRequest.getSPEntityId());
        }
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public List<OASessionStore> getAllActiveOAFromMOASession(String str) {
        MiscUtil.assertNotNull(str, "MOASession");
        Logger.trace("Get OAs for moaSession " + str + " from database.");
        Query createNamedQuery = this.entityManager.createNamedQuery("getAllActiveOAsForSessionID");
        createNamedQuery.setParameter("sessionID", str);
        List<OASessionStore> resultList = createNamedQuery.getResultList();
        Logger.trace("Found entries: " + resultList.size());
        return resultList;
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public List<InterfederationSessionStore> getAllActiveIDPsFromMOASession(String str) {
        MiscUtil.assertNotNull(str, "MOASession");
        Logger.trace("Get active IDPs for moaSession " + str + " from database.");
        Query createNamedQuery = this.entityManager.createNamedQuery("getAllActiveIDPsForSessionID");
        createNamedQuery.setParameter("sessionID", str);
        List<InterfederationSessionStore> resultList = createNamedQuery.getResultList();
        Logger.trace("Found entries: " + resultList.size());
        return resultList;
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public String searchSSOSessionWithNameIDandOAID(String str, String str2) {
        MiscUtil.assertNotNull(str, "OnlineApplicationIdentifier");
        MiscUtil.assertNotNull(str2, "userNameID");
        Logger.trace("Get moaSession for userNameID " + str2 + " and OA " + str + " from database.");
        Query createNamedQuery = this.entityManager.createNamedQuery("getMOASessionWithNameIDandOAID");
        createNamedQuery.setParameter("oaID", str);
        createNamedQuery.setParameter("nameID", str2);
        List resultList = createNamedQuery.getResultList();
        Logger.trace("Found entries: " + resultList.size());
        if (resultList.size() != 1) {
            Logger.trace("No unique entry found.");
            return null;
        }
        try {
            return decryptSession((AuthenticatedSessionStore) resultList.get(0)).getSSOSessionID();
        } catch (BuildException e) {
            Logger.warn("MOASession deserialization-exception by using MOASessionID=" + ((AuthenticatedSessionStore) resultList.get(0)).getSessionid(), e);
            return null;
        }
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public OASessionStore searchActiveOASSOSession(IAuthenticationSession iAuthenticationSession, String str, String str2) {
        MiscUtil.assertNotNull(iAuthenticationSession, "MOASession");
        MiscUtil.assertNotNull(str, "OnlineApplicationIdentifier");
        MiscUtil.assertNotNull(str2, "usedProtocol");
        Logger.trace("Get active OnlineApplication for sessionID " + iAuthenticationSession.getSSOSessionID() + " with OAID " + str + " from database.");
        Query createNamedQuery = this.entityManager.createNamedQuery("getActiveOAWithSessionIDandOAIDandProtocol");
        createNamedQuery.setParameter("sessionID", iAuthenticationSession.getSSOSessionID());
        createNamedQuery.setParameter("oaID", str);
        createNamedQuery.setParameter("protocol", str2);
        List resultList = createNamedQuery.getResultList();
        Logger.trace("Found entries: " + resultList.size());
        if (resultList.size() != 0) {
            return (OASessionStore) ((AuthenticatedSessionStore) resultList.get(0)).getActiveOAsessions().get(0);
        }
        Logger.trace("No entries found.");
        return null;
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public void markOAWithAttributeQueryUsedFlag(IAuthenticationSession iAuthenticationSession, String str, String str2) {
        OASessionStore searchActiveOASSOSession = searchActiveOASSOSession(iAuthenticationSession, str, str2);
        if (searchActiveOASSOSession != null) {
            searchActiveOASSOSession.setAttributeQueryUsed(true);
            this.entityManager.merge(searchActiveOASSOSession);
        }
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public IAuthenticationSession getSessionWithUserNameID(String str) {
        MiscUtil.assertNotNull(str, "nameID");
        Logger.trace("Get authenticated session with pedingRequestID " + str + " from database.");
        Query createNamedQuery = this.entityManager.createNamedQuery("getMOAISessionWithUserNameID");
        createNamedQuery.setParameter("usernameid", StringEscapeUtils.escapeHtml(str));
        List resultList = createNamedQuery.getResultList();
        Logger.trace("Found entries: " + resultList.size());
        if (resultList.size() == 0) {
            Logger.trace("No entries found.");
            return null;
        }
        try {
            return decryptSession((AuthenticatedSessionStore) resultList.get(0));
        } catch (Throwable th) {
            Logger.warn("MOASession deserialization-exception by using MOASessionID=" + str);
            return null;
        }
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public InterfederationSessionStore searchInterfederatedIDPFORSSOWithMOASession(String str) {
        MiscUtil.assertNotNull(str, "MOASession");
        Logger.trace("Get interfederated IDP for SSO with sessionID " + str + " from database.");
        Query createNamedQuery = this.entityManager.createNamedQuery("getInterfederatedIDPForSSOWithSessionID");
        createNamedQuery.setParameter("sessionID", str);
        List resultList = createNamedQuery.getResultList();
        Logger.trace("Found entries: " + resultList.size());
        if (resultList.size() != 0) {
            return (InterfederationSessionStore) ((AuthenticatedSessionStore) resultList.get(0)).getInderfederation().get(0);
        }
        Logger.trace("No entries found.");
        return null;
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public InterfederationSessionStore searchInterfederatedIDPFORSSOWithMOASessionIDPID(String str, String str2) {
        MiscUtil.assertNotNull(str, "MOASession");
        MiscUtil.assertNotNull(str2, "Interfederated IDP ID");
        Logger.trace("Get interfederated IDP " + str2 + " for SSO with sessionID " + str + " from database.");
        Query createNamedQuery = this.entityManager.createNamedQuery("getInterfederatedIDPForSSOWithSessionIDIDPID");
        createNamedQuery.setParameter("sessionID", str);
        createNamedQuery.setParameter("idpID", str2);
        List resultList = createNamedQuery.getResultList();
        Logger.trace("Found entries: " + resultList.size());
        if (resultList.size() != 0) {
            return (InterfederationSessionStore) ((AuthenticatedSessionStore) resultList.get(0)).getInderfederation().get(0);
        }
        Logger.trace("No entries found.");
        return null;
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public void addFederatedSessionInformation(IRequest iRequest, String str, AssertionAttributeExtractor assertionAttributeExtractor) throws MOADatabaseException, AssertionAttributeExtractorExeption, BuildException, EAAFConfigurationException {
        String sSOSessionID;
        Date date = new Date();
        if (MiscUtil.isNotEmpty(iRequest.getInternalSSOSessionIdentifier())) {
            Logger.debug("Internal SSO-Session object: " + iRequest.getInternalSSOSessionIdentifier() + " used for federated SSO");
            sSOSessionID = iRequest.getInternalSSOSessionIdentifier();
        } else {
            Logger.debug("No internal SSO-Session object exists for federated SSO --> create new session object");
            sSOSessionID = createInternalSSOSession(iRequest).getSSOSessionID();
        }
        if (!MiscUtil.isNotEmpty(sSOSessionID)) {
            Logger.error("NO MOASession found but MOASession MUST already exist!");
            throw new MOADatabaseException("NO MOASession found but MOASession MUST already exist!");
        }
        try {
            AuthenticatedSessionStore searchInDatabase = searchInDatabase(sSOSessionID);
            searchInDatabase.setUpdated(date);
            AuthenticationSession decryptSession = decryptSession(searchInDatabase);
            decryptSession.setAuthenticated(false);
            searchInDatabase.setAuthenticated(false);
            encryptSession(decryptSession, searchInDatabase);
            searchInDatabase.setInterfederatedSSOSession(true);
            List<InterfederationSessionStore> inderfederation = searchInDatabase.getInderfederation();
            InterfederationSessionStore interfederationSessionStore = null;
            if (inderfederation == null) {
                inderfederation = new ArrayList();
                searchInDatabase.setInderfederation(inderfederation);
            } else {
                for (InterfederationSessionStore interfederationSessionStore2 : inderfederation) {
                    if (interfederationSessionStore2.getIdpurlprefix().equals(str)) {
                        interfederationSessionStore = interfederationSessionStore2;
                    }
                }
            }
            if (interfederationSessionStore == null) {
                interfederationSessionStore = new InterfederationSessionStore();
                interfederationSessionStore.setCreated(date);
                interfederationSessionStore.setIdpurlprefix(str);
                interfederationSessionStore.setAuthURL(iRequest.getAuthURL());
                interfederationSessionStore.setStoreSSOInformation(((IOAAuthParameters) this.authConfig.getServiceProviderConfiguration(interfederationSessionStore.getIdpurlprefix(), OAAuthParameterDecorator.class)).isInterfederationSSOStorageAllowed());
                interfederationSessionStore.setMoasession(searchInDatabase);
                inderfederation.add(interfederationSessionStore);
            }
            interfederationSessionStore.setSessionIndex(assertionAttributeExtractor.getSessionIndex());
            interfederationSessionStore.setUserNameID(assertionAttributeExtractor.getNameID());
            interfederationSessionStore.setAttributesRequested(false);
            interfederationSessionStore.setQAALevel(assertionAttributeExtractor.getQAALevel());
            this.entityManager.merge(searchInDatabase);
        } catch (MOADatabaseException e) {
            Logger.error("NO MOASession found but MOASession MUST already exist!");
            throw e;
        }
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public InterfederationSessionStore searchInterfederatedIDPFORAttributeQueryWithSessionID(String str) {
        MiscUtil.assertNotNull(str, "MOASessionID");
        Logger.trace("Get interfederated IDP for AttributeQuery with sessionID " + str + " from database.");
        Query createNamedQuery = this.entityManager.createNamedQuery("getInterfederatedIDPForAttributeQueryWithSessionID");
        createNamedQuery.setParameter("sessionID", str);
        List resultList = createNamedQuery.getResultList();
        Logger.trace("Found entries: " + resultList.size());
        if (resultList.size() != 0) {
            return (InterfederationSessionStore) ((AuthenticatedSessionStore) resultList.get(0)).getInderfederation().get(0);
        }
        Logger.trace("No entries found.");
        return null;
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public boolean removeInterfederetedSession(String str, String str2) {
        try {
            Logger.debug("Remove interfederated IDP from local SSO session ...");
            MiscUtil.assertNotNull(str2, "pedingRequestID");
            Logger.trace("Get authenticated session with pedingRequestID " + str2 + " from database.");
            Query createNamedQuery = this.entityManager.createNamedQuery("getSessionWithPendingRequestID");
            createNamedQuery.setParameter("sessionid", str2);
            List resultList = createNamedQuery.getResultList();
            Logger.trace("Found entries: " + resultList.size());
            if (resultList.size() != 1) {
                Logger.trace("No entries found.");
                return false;
            }
            AuthenticatedSessionStore authenticatedSessionStore = (AuthenticatedSessionStore) resultList.get(0);
            List<InterfederationSessionStore> inderfederation = authenticatedSessionStore.getInderfederation();
            if (inderfederation != null) {
                for (InterfederationSessionStore interfederationSessionStore : inderfederation) {
                    if (interfederationSessionStore.getIdpurlprefix().equals(str)) {
                        inderfederation.remove(interfederationSessionStore);
                    }
                }
            }
            this.entityManager.merge(authenticatedSessionStore);
            return true;
        } catch (Throwable th) {
            Logger.warn("MOASession deserialization-exception by using MOASessionID=" + str2);
            return false;
        }
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public void clean(Date date, long j, long j2) {
        Date date2 = new Date(date.getTime() - j);
        Date date3 = new Date(date.getTime() - j2);
        Query createNamedQuery = this.entityManager.createNamedQuery("getMOAISessionsWithTimeOut");
        createNamedQuery.setParameter("timeoutcreate", date2);
        createNamedQuery.setParameter("timeoutupdate", date3);
        List<AuthenticatedSessionStore> resultList = createNamedQuery.getResultList();
        if (resultList.size() != 0) {
            for (AuthenticatedSessionStore authenticatedSessionStore : resultList) {
                try {
                    cleanDelete(authenticatedSessionStore);
                    Logger.info("Authenticated session with sessionID=" + authenticatedSessionStore.getSessionid() + " after session timeout.");
                } catch (HibernateException e) {
                    Logger.warn("Authenticated session with sessionID=" + authenticatedSessionStore.getSessionid() + " not removed after timeout! (Error during Database communication)", e);
                }
            }
        }
    }

    private static void encryptSession(AuthenticationSession authenticationSession, AuthenticatedSessionStore authenticatedSessionStore) throws BuildException {
        EncryptedData encrypt = SessionEncrytionUtil.getInstance().encrypt(SerializationUtils.serialize(authenticationSession));
        authenticatedSessionStore.setSession(encrypt.getEncData());
        authenticatedSessionStore.setIv(encrypt.getIv());
    }

    private static AuthenticationSession decryptSession(AuthenticatedSessionStore authenticatedSessionStore) throws BuildException {
        return (AuthenticationSession) SerializationUtils.deserialize(SessionEncrytionUtil.getInstance().decrypt(new EncryptedData(authenticatedSessionStore.getSession(), authenticatedSessionStore.getIv())));
    }

    private void cleanDelete(AuthenticatedSessionStore authenticatedSessionStore) {
        authenticatedSessionStore.setSession("blank".getBytes());
        this.entityManager.merge(authenticatedSessionStore);
        this.entityManager.remove(authenticatedSessionStore);
    }

    private AuthenticatedSessionStore searchInDatabase(String str) throws MOADatabaseException {
        MiscUtil.assertNotNull(str, "moasessionID");
        Logger.trace("Get authenticated session with sessionID " + str + " from database.");
        Query createNamedQuery = this.entityManager.createNamedQuery("getSessionWithID");
        createNamedQuery.setParameter("sessionid", str);
        List resultList = createNamedQuery.getResultList();
        Logger.trace("Found entries: " + resultList.size());
        if (resultList.size() == 1) {
            return (AuthenticatedSessionStore) resultList.get(0);
        }
        Logger.trace("No entries found.");
        throw new MOADatabaseException("No session found with this sessionID");
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public void deleteIdpInformation(InterfederationSessionStore interfederationSessionStore) {
        this.entityManager.remove(interfederationSessionStore);
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public void persistIdpInformation(InterfederationSessionStore interfederationSessionStore) {
        this.entityManager.merge(interfederationSessionStore);
    }

    @Override // at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage
    public OldSSOSessionIDStore checkSSOTokenAlreadyUsed(String str) {
        Query createNamedQuery = this.entityManager.createNamedQuery("getSSOSessionWithOldSessionID");
        createNamedQuery.setParameter("sessionid", str);
        List resultList = createNamedQuery.getResultList();
        Logger.trace("Found entries: " + resultList.size());
        if (resultList.size() == 0) {
            return null;
        }
        return (OldSSOSessionIDStore) resultList.get(0);
    }
}
