package com.openexchange.ajax;

import com.openexchange.ajax.helper.BrowserDetector;
import com.openexchange.ajax.login.HashCalculator;
import com.openexchange.config.ConfigurationService;
import com.openexchange.configuration.ClientWhitelist;
import com.openexchange.configuration.CookieHashSource;
import com.openexchange.configuration.ServerConfig;
import com.openexchange.exception.OXException;
import com.openexchange.groupware.contexts.Context;
import com.openexchange.groupware.contexts.impl.ContextExceptionCodes;
import com.openexchange.groupware.contexts.impl.ContextStorage;
import com.openexchange.groupware.ldap.LdapExceptionCode;
import com.openexchange.groupware.ldap.User;
import com.openexchange.groupware.ldap.UserExceptionCode;
import com.openexchange.groupware.ldap.UserStorage;
import com.openexchange.java.Autoboxing;
import com.openexchange.java.Strings;
import com.openexchange.log.LogProperties;
import com.openexchange.server.ServiceExceptionCode;
import com.openexchange.server.services.ServerServiceRegistry;
import com.openexchange.server.services.SessionInspector;
import com.openexchange.session.Reply;
import com.openexchange.session.Session;
import com.openexchange.session.SessionResult;
import com.openexchange.session.SessionSecretChecker;
import com.openexchange.sessiond.SessionExceptionCodes;
import com.openexchange.sessiond.SessiondService;
import com.openexchange.sessiond.impl.IPRange;
import com.openexchange.sessiond.impl.SubnetMask;
import com.openexchange.tools.servlet.http.Cookies;
import com.openexchange.tools.servlet.http.Tools;
import com.openexchange.tools.session.ServerSession;
import com.openexchange.tools.session.ServerSessionAdapter;
import java.lang.reflect.UndeclaredThrowableException;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Queue;
import java.util.Set;
import java.util.concurrent.ConcurrentLinkedQueue;
import javax.servlet.ServletRequest;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/openexchange/ajax/SessionUtility.class */
public final class SessionUtility {
    private static final String SESSION_KEY = "sessionObject";
    private static final String SESSION_WHITELIST_FILE = "noipcheck.cnf";
    private static final String PUBLIC_SESSION_KEY = "publicSessionObject";
    private static final String PARAMETER_PUBLIC_SESSION = "public_session";
    private static final String PARAMETER_SESSION = "session";
    private static volatile ClientWhitelist clientWhitelist;
    private static volatile CookieHashSource hashSource;
    private static volatile boolean rangesLoaded;
    private static volatile SubnetMask allowedSubnet;
    private static final String USER_AGENT = "user-agent";
    private static final Logger LOG = LoggerFactory.getLogger(SessionUtility.class);
    private static final Queue<IPRange> RANGES = new ConcurrentLinkedQueue();
    private static volatile boolean initialized = false;
    private static volatile boolean checkIP = true;
    private static final String PARAM_ALTERNATIVE_ID = Session.PARAM_ALTERNATIVE_ID;
    private static final String PUBLIC_SESSION_PREFIX = LoginServlet.PUBLIC_SESSION_PREFIX;
    private static final Set<String> AGENTS_WO_PUBLIC_SESSION_COOKIE = Collections.unmodifiableSet(new HashSet(Arrays.asList("open-xchange usm http client")));
    private static final String SECRET_PREFIX = LoginServlet.SECRET_PREFIX;
    private static final Set<String> MEDIA_AGENTS = Collections.unmodifiableSet(new HashSet(Arrays.asList("applecoremedia/", "stagefright/")));

    public static void initialize() {
        if (initialized) {
            return;
        }
        synchronized (SessionUtility.class) {
            if (!initialized) {
                ConfigurationService configurationService = (ConfigurationService) ServerServiceRegistry.getInstance().getService(ConfigurationService.class);
                if (null == configurationService) {
                    return;
                }
                checkIP = Boolean.parseBoolean(configurationService.getProperty(ServerConfig.Property.IP_CHECK.getPropertyName()));
                hashSource = CookieHashSource.parse(configurationService.getProperty(ServerConfig.Property.COOKIE_HASH.getPropertyName()));
                clientWhitelist = new ClientWhitelist().add(configurationService.getProperty(ServerConfig.Property.IP_CHECK_WHITELIST.getPropertyName()));
                allowedSubnet = new SubnetMask(configurationService.getProperty(ServerConfig.Property.IP_MASK_V4.getPropertyName()), configurationService.getProperty(ServerConfig.Property.IP_MASK_V6.getPropertyName()));
                initRanges(configurationService);
                initialized = true;
            }
        }
    }

    private static void initRanges(ConfigurationService configurationService) {
        if (rangesLoaded) {
            return;
        }
        if (!checkIP) {
            rangesLoaded = true;
            return;
        }
        String property = configurationService.getProperty("noipcheck.cnf");
        if (property == null) {
            ConfigurationService configurationService2 = (ConfigurationService) ServerServiceRegistry.getInstance().getService(ConfigurationService.class);
            if (configurationService2 == null) {
                return;
            } else {
                property = configurationService2.getText("noipcheck.cnf");
            }
        }
        rangesLoaded = true;
        if (property != null) {
            LOG.info("Exceptions from IP Check have been defined.");
            RANGES.clear();
            String[] splitByCRLF = Strings.splitByCRLF(property);
            LinkedList linkedList = new LinkedList();
            for (String str : splitByCRLF) {
                String replaceAll = str.replaceAll("\\s", "");
                if (!replaceAll.equals("") && (replaceAll.length() == 0 || replaceAll.trim().charAt(0) != '#')) {
                    linkedList.add(IPRange.parseRange(replaceAll));
                }
            }
            RANGES.addAll(linkedList);
        }
    }

    public static CookieHashSource getHashSource() {
        return hashSource;
    }

    public static SessionResult<ServerSession> defaultInitializeSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws OXException {
        ServerSession sessionObject = getSessionObject(httpServletRequest, true);
        if (null != sessionObject) {
            return new SessionResult<>(Reply.CONTINUE, sessionObject);
        }
        SessiondService sessiondService = (SessiondService) ServerServiceRegistry.getInstance().getService(SessiondService.class);
        if (sessiondService == null) {
            throw ServiceExceptionCode.SERVICE_UNAVAILABLE.create(new Object[]{SessiondService.class.getName()});
        }
        String parameter = httpServletRequest.getParameter("session");
        if (parameter != null && parameter.length() > 0) {
            String sessionId = getSessionId(httpServletRequest);
            SessionResult<ServerSession> session = getSession(httpServletRequest, httpServletResponse, sessionId, sessiondService);
            if (Reply.STOP == session.getReply()) {
                return session;
            }
            sessionObject = (ServerSession) session.getSession();
            if (null == sessionObject) {
                throw SessionExceptionCodes.SESSION_EXPIRED.create(new Object[]{sessionId});
            }
            verifySession(httpServletRequest, sessiondService, sessionId, sessionObject);
            rememberSession(httpServletRequest, sessionObject);
            checkPublicSessionCookie(httpServletRequest, httpServletResponse, sessionObject, sessiondService);
        }
        findPublicSessionId(httpServletRequest, sessionObject, sessiondService, false, false);
        return new SessionResult<>(Reply.CONTINUE, sessionObject);
    }

    public static boolean findPublicSessionId(HttpServletRequest httpServletRequest, ServerSession serverSession, SessiondService sessiondService, boolean z, boolean z2) throws OXException {
        Map<String, Cookie> cookieMapFor = Cookies.cookieMapFor(httpServletRequest);
        Cookie cookie = cookieMapFor.get(LoginServlet.getPublicSessionCookieName(httpServletRequest));
        if (null != cookie) {
            return handlePublicSessionIdentifier(cookie.getValue(), httpServletRequest, serverSession, sessiondService, false);
        }
        String parameter = httpServletRequest.getParameter("public_session");
        if (null != parameter) {
            return handlePublicSessionIdentifier(parameter, httpServletRequest, serverSession, sessiondService, z2);
        }
        if (!z || !isChangeable(httpServletRequest)) {
            return false;
        }
        for (Map.Entry<String, Cookie> entry : cookieMapFor.entrySet()) {
            if (entry.getKey().startsWith(PUBLIC_SESSION_PREFIX)) {
                return handlePublicSessionIdentifier(entry.getValue().getValue(), httpServletRequest, serverSession, sessiondService, false);
            }
        }
        return false;
    }

    private static boolean handlePublicSessionIdentifier(String str, HttpServletRequest httpServletRequest, ServerSession serverSession, SessiondService sessiondService, boolean z) throws OXException {
        if (null != str && null != serverSession && str.equals(serverSession.getParameter(PARAM_ALTERNATIVE_ID))) {
            rememberPublicSession(httpServletRequest, serverSession);
            return true;
        }
        ServerSession valueOf = null == str ? null : ServerSessionAdapter.valueOf(sessiondService.getSessionByAlternativeId(str, z));
        if (valueOf == null) {
            return false;
        }
        if (false == z) {
            try {
                checkSecret(hashSource, httpServletRequest, valueOf, false);
            } catch (OXException e) {
                return false;
            }
        }
        verifySession(httpServletRequest, sessiondService, valueOf.getSessionID(), valueOf);
        rememberPublicSession(httpServletRequest, valueOf);
        return true;
    }

    public static void verifySession(HttpServletRequest httpServletRequest, SessiondService sessiondService, String str, ServerSession serverSession) throws OXException {
        if (!str.equals(serverSession.getSessionID())) {
            LOG.info("Request's session identifier \"{}\" differs from the one indicated by SessionD service \"{}\".", str, serverSession.getSessionID());
            throw SessionExceptionCodes.WRONG_SESSION.create();
        }
        Context context = serverSession.getContext();
        if (context.isEnabled()) {
            checkIP(serverSession, httpServletRequest.getRemoteAddr());
        } else {
            sessiondService.removeSession(str);
            LOG.info("The context {} associated with session is locked.", Integer.toString(context.getContextId()));
            throw SessionExceptionCodes.CONTEXT_LOCKED.create(new Object[]{Integer.toString(context.getContextId()), context.getName()});
        }
    }

    private static void checkIP(Session session, String str) throws OXException {
        checkIP(checkIP, getRanges(), session, str, clientWhitelist);
    }

    private static Collection<IPRange> getRanges() {
        return RANGES;
    }

    public static boolean isIpCheckError(OXException oXException) {
        SessionExceptionCodes sessionExceptionCodes = SessionExceptionCodes.WRONG_CLIENT_IP;
        return sessionExceptionCodes.equals(oXException) && sessionExceptionCodes.getCategory().equals(oXException.getCategory());
    }

    public static void checkIP(boolean z, Collection<IPRange> collection, Session session, String str, ClientWhitelist clientWhitelist2) throws OXException {
        if (null == str || !str.equals(session.getLocalIp())) {
            if (!z || isWhitelistedFromIPCheck(str, collection) || isWhitelistedClient(session, clientWhitelist2) || allowedSubnet.areInSameSubnet(str, session.getLocalIp())) {
                if (null != str) {
                    if (isWhitelistedClient(session, clientWhitelist2)) {
                        session.setLocalIp(str);
                    } else if (!z && !isUsmEas(session.getClient())) {
                        session.setLocalIp(str);
                    }
                }
                if (!LOG.isDebugEnabled() || isWhitelistedFromIPCheck(str, collection) || isWhitelistedClient(session, clientWhitelist2)) {
                    return;
                }
                LOG.debug("Session {} requests now from {} but login came from {}", new Object[]{session.getSessionID(), str, session.getLocalIp()});
                return;
            }
            StringBuilder sb = new StringBuilder(96);
            sb.append("Request to server denied (IP check activated) for session: ");
            sb.append(session.getSessionID());
            sb.append(". Client login IP changed from ");
            sb.append(session.getLocalIp());
            sb.append(" to ");
            sb.append(null == str ? "<missing>" : str);
            sb.append(" and is not covered by IP white-list or netmask.");
            LOG.info(sb.toString());
            SessionExceptionCodes sessionExceptionCodes = SessionExceptionCodes.WRONG_CLIENT_IP;
            Object[] objArr = new Object[2];
            objArr[0] = session.getLocalIp();
            objArr[1] = null == str ? "<unknown>" : str;
            throw sessionExceptionCodes.create(objArr);
        }
    }

    private static boolean isUsmEas(String str) {
        if (Strings.isEmpty(str)) {
            return false;
        }
        String upperCase = Strings.toUpperCase(str);
        return upperCase.startsWith("USM-EAS") || upperCase.startsWith("USM-JSON");
    }

    private static boolean isWhitelistedClient(Session session, ClientWhitelist clientWhitelist2) {
        if (null == clientWhitelist2 || clientWhitelist2.isEmpty()) {
            return false;
        }
        return clientWhitelist2.isAllowed(session.getClient());
    }

    public static boolean isWhitelistedFromIPCheck(String str, Collection<IPRange> collection) {
        Iterator<IPRange> it = collection.iterator();
        while (it.hasNext()) {
            if (it.next().contains(str)) {
                return true;
            }
        }
        return false;
    }

    public static String getSessionId(ServletRequest servletRequest) throws OXException {
        String parameter = servletRequest.getParameter("session");
        if (null != parameter) {
            return parameter;
        }
        StringBuilder sb = new StringBuilder(32);
        sb.append("Parameter \"").append("session").append("\" not found");
        if (LOG.isDebugEnabled()) {
            sb.append(": ");
            Enumeration parameterNames = servletRequest.getParameterNames();
            while (parameterNames.hasMoreElements()) {
                sb.append(parameterNames.nextElement());
                sb.append(',');
            }
            if (sb.length() > 0) {
                sb.setCharAt(sb.length() - 1, '.');
            }
        }
        LOG.info(sb.toString());
        throw SessionExceptionCodes.SESSION_PARAMETER_MISSING.create();
    }

    public static SessionResult<ServerSession> getSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, SessiondService sessiondService) throws OXException {
        return getSession(hashSource, httpServletRequest, httpServletResponse, str, sessiondService);
    }

    public static SessionResult<ServerSession> getSession(CookieHashSource cookieHashSource, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, SessiondService sessiondService) throws OXException {
        return getSession(cookieHashSource, httpServletRequest, httpServletResponse, str, sessiondService, null);
    }

    public static SessionResult<ServerSession> getSession(CookieHashSource cookieHashSource, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, SessiondService sessiondService, SessionSecretChecker sessionSecretChecker) throws OXException {
        int code;
        Session session = sessiondService.getSession(str);
        if (null == session) {
            if (!"unset".equals(str)) {
                LOG.info("There is no session associated with session identifier: {}", str);
            }
            if (Reply.STOP == SessionInspector.getInstance().getChain().onSessionMiss(str, httpServletRequest, httpServletResponse)) {
                return new SessionResult<>(Reply.STOP, (Session) null);
            }
            throw SessionExceptionCodes.SESSION_EXPIRED.create(new Object[]{str});
        }
        if (Reply.STOP == SessionInspector.getInstance().getChain().onSessionHit(session, httpServletRequest, httpServletResponse)) {
            return new SessionResult<>(Reply.STOP, ServerSessionAdapter.valueOf(session));
        }
        if (null == sessionSecretChecker) {
            checkSecret(cookieHashSource, httpServletRequest, session);
        } else {
            sessionSecretChecker.checkSecret(session, httpServletRequest, cookieHashSource.name());
        }
        try {
            User user = UserStorage.getInstance().getUser(session.getUserId(), ContextStorage.getInstance().getContext(session.getContextId()));
            if (user.isMailEnabled()) {
                return new SessionResult<>(Reply.CONTINUE, ServerSessionAdapter.valueOf(session));
            }
            LOG.info("User {} in context {} is not activated.", Integer.toString(user.getId()), Integer.toString(session.getContextId()));
            throw SessionExceptionCodes.SESSION_EXPIRED.create(new Object[]{session.getSessionID()});
        } catch (OXException e) {
            if (ContextExceptionCodes.NOT_FOUND.equals(e)) {
                sessiondService.removeSession(str);
                LOG.info("The context associated with session \"{}\" cannot be found. Obviously an outdated session which is invalidated now.", str);
                throw SessionExceptionCodes.SESSION_EXPIRED.create(new Object[]{str});
            }
            if (!UserExceptionCode.USER_NOT_FOUND.getPrefix().equals(e.getPrefix()) || (UserExceptionCode.USER_NOT_FOUND.getNumber() != (code = e.getCode()) && LdapExceptionCode.USER_NOT_FOUND.getNumber() != code)) {
                throw e;
            }
            sessiondService.removeSession(str);
            LOG.info("The user associated with session \"{}\" cannot be found. Obviously an outdated session which is invalidated now.", str);
            throw SessionExceptionCodes.SESSION_EXPIRED.create(new Object[]{str});
        } catch (UndeclaredThrowableException e2) {
            throw UserExceptionCode.USER_NOT_FOUND.create(e2, Autoboxing.I(session.getUserId()), Autoboxing.I(session.getContextId()));
        }
    }

    public static void checkPublicSessionCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Session session, SessiondService sessiondService) {
        Map<String, Cookie> cookieMapFor;
        String userAgent = HashCalculator.getUserAgent(httpServletRequest);
        if (AGENTS_WO_PUBLIC_SESSION_COOKIE.contains(userAgent.toLowerCase()) || null == (cookieMapFor = Cookies.cookieMapFor(httpServletRequest))) {
            return;
        }
        String publicSessionCookieName = LoginServlet.getPublicSessionCookieName(httpServletRequest);
        if (null == cookieMapFor.get(publicSessionCookieName) && LoginServlet.writePublicSessionCookie(httpServletRequest, httpServletResponse, session, httpServletRequest.isSecure(), httpServletRequest.getServerName(), LoginServlet.getLoginConfiguration())) {
            LOG.info("Restored public session cookie for \"{}\": {} (User-Agent: {})", new Object[]{session.getLogin(), publicSessionCookieName, userAgent});
        }
    }

    public static void checkSecret(CookieHashSource cookieHashSource, HttpServletRequest httpServletRequest, Session session) throws OXException {
        checkSecret(cookieHashSource, httpServletRequest, session, true);
    }

    public static void checkSecret(CookieHashSource cookieHashSource, HttpServletRequest httpServletRequest, Session session, boolean z) throws OXException {
        String extractSecret = extractSecret(cookieHashSource, httpServletRequest, session.getHash(), session.getClient(), (String) session.getParameter("user-agent"));
        if (extractSecret == null || !session.getSecret().equals(extractSecret)) {
            if (z && null != extractSecret) {
                LOG.info("Session secret is different. Given secret \"{}\" differs from secret in session \"{}\".", extractSecret, session.getSecret());
            }
            OXException create = SessionExceptionCodes.WRONG_SESSION_SECRET.create();
            create.setProperty(SessionExceptionCodes.WRONG_SESSION_SECRET.name(), null == extractSecret ? "null" : extractSecret);
            throw create;
        }
    }

    public static String extractSecret(CookieHashSource cookieHashSource, HttpServletRequest httpServletRequest, String str, String str2) {
        return extractSecret(cookieHashSource, httpServletRequest, str, str2, null);
    }

    public static String extractSecret(CookieHashSource cookieHashSource, HttpServletRequest httpServletRequest, String str, String str2, String str3) {
        Map<String, Cookie> cookieMapFor = Cookies.cookieMapFor(httpServletRequest);
        if (null == cookieMapFor) {
            LOG.info("Missing Cookies in HTTP request. No session secret can be looked up.");
            return null;
        }
        if (cookieMapFor.isEmpty()) {
            LOG.info("Empty Cookies in HTTP request. No session secret can be looked up.");
            return null;
        }
        String str4 = SECRET_PREFIX;
        StringBuilder sb = new StringBuilder(256);
        String sb2 = sb.append(str4).append(getHash(cookieHashSource, httpServletRequest, str, str2)).toString();
        Cookie cookie = cookieMapFor.get(sb2);
        if (null != cookie) {
            return cookie.getValue();
        }
        if (isChangeable(httpServletRequest)) {
            sb.setLength(0);
            Cookie cookie2 = cookieMapFor.get(sb.append(str4).append(str).toString());
            if (null != cookie2) {
                return cookie2.getValue();
            }
        }
        sb.setLength(0);
        for (String str5 : cookieMapFor.keySet()) {
            if (str5.startsWith(str4)) {
                sb.append(str5.substring(str4.length())).append(", ");
            }
        }
        int length = sb.length();
        if (length <= 0) {
            LOG.info("Didn't find an appropriate Cookie for expected name \"{}\" (CookieHashSource={}) which provides the session secret. Remembered hash={}. No available hashes.", new Object[]{sb2, cookieHashSource.toString(), str});
            return null;
        }
        sb.setLength(length - 2);
        LOG.info("Didn't find an appropriate Cookie for expected name \"{}\" (CookieHashSource={}) which provides the session secret. Remembered hash: {}. Available hashes: {}", new Object[]{sb2, cookieHashSource.toString(), str, sb.toString()});
        return null;
    }

    private static boolean isChangeable(HttpServletRequest httpServletRequest) {
        return isChangeableUserAgent(httpServletRequest.getHeader("user-agent"));
    }

    private static boolean isChangeableUserAgent(String str) {
        return isMediaPlayerAgent(str) || isMSIE11(str);
    }

    private static boolean isMediaPlayerAgent(String str) {
        if (null == str) {
            return false;
        }
        String lowerCase = Strings.toLowerCase(str);
        Iterator<String> it = MEDIA_AGENTS.iterator();
        while (it.hasNext()) {
            if (lowerCase.startsWith(it.next())) {
                return true;
            }
        }
        return false;
    }

    private static boolean isMSIE11(String str) {
        if (null == str) {
            return false;
        }
        BrowserDetector detectorFor = BrowserDetector.detectorFor(str);
        return BrowserDetector.MOZILLA.equals(detectorFor.getBrowserName()) && BrowserDetector.WINDOWS.equals(detectorFor.getBrowserPlatform()) && 5.0f == detectorFor.getBrowserVersion();
    }

    public static String getHash(CookieHashSource cookieHashSource, HttpServletRequest httpServletRequest, String str, String str2) {
        return CookieHashSource.REMEMBER == cookieHashSource ? str : HashCalculator.getInstance().getHash(httpServletRequest, str2);
    }

    public static void rememberSession(HttpServletRequest httpServletRequest, ServerSession serverSession) {
        httpServletRequest.setAttribute("sessionObject", serverSession);
        serverSession.setParameter(Tools.JSESSIONID_COOKIE, httpServletRequest.getSession().getId());
    }

    public static void rememberPublicSession(HttpServletRequest httpServletRequest, ServerSession serverSession) {
        httpServletRequest.setAttribute(PUBLIC_SESSION_KEY, serverSession);
        serverSession.setParameter(Tools.JSESSIONID_COOKIE, httpServletRequest.getSession().getId());
    }

    public static void removeOXCookies(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        removeOXCookies(httpServletRequest, httpServletResponse, (List<String>) Arrays.asList(LoginServlet.SESSION_PREFIX + str, SECRET_PREFIX + str, LoginServlet.getPublicSessionCookieName(httpServletRequest)));
    }

    public static void removeOXCookies(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, List<String> list) {
        Map<String, Cookie> cookieMapFor = Cookies.cookieMapFor(httpServletRequest);
        if (cookieMapFor == null) {
            return;
        }
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            Cookie cookie = cookieMapFor.get(it.next());
            if (null != cookie) {
                removeCookie(cookie, httpServletResponse);
            }
        }
    }

    public static void removeJSESSIONID(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Cookie cookie;
        Map<String, Cookie> cookieMapFor = Cookies.cookieMapFor(httpServletRequest);
        if (cookieMapFor == null || null == (cookie = cookieMapFor.get(Tools.JSESSIONID_COOKIE))) {
            return;
        }
        removeCookie(cookie, httpServletResponse);
    }

    public static void removeCookie(Cookie cookie, HttpServletResponse httpServletResponse) {
        String name = cookie.getName();
        String value = cookie.getValue();
        Cookie cookie2 = new Cookie(name, value);
        cookie2.setPath("/");
        String extractDomainValue = Cookies.extractDomainValue(value);
        if (null != extractDomainValue) {
            cookie2.setDomain(extractDomainValue);
            Cookie cookie3 = new Cookie(name, value);
            cookie3.setPath("/");
            cookie3.setMaxAge(0);
            httpServletResponse.addCookie(cookie3);
        }
        cookie2.setMaxAge(0);
        httpServletResponse.addCookie(cookie2);
    }

    public static ServerSession getSessionObject(ServletRequest servletRequest) {
        return getSessionObject(servletRequest, false);
    }

    public static ServerSession getSessionObject(ServletRequest servletRequest, boolean z) {
        Object attribute = servletRequest.getAttribute("sessionObject");
        if (attribute != null) {
            return (ServerSession) attribute;
        }
        if (z) {
            return (ServerSession) servletRequest.getAttribute(PUBLIC_SESSION_KEY);
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        LogProperties.put(LogProperties.Name.SERVLET_SERVLET_PATH, httpServletRequest.getServletPath());
        String pathInfo = httpServletRequest.getPathInfo();
        if (null != pathInfo) {
            LogProperties.put(LogProperties.Name.SERVLET_PATH_INFO, pathInfo);
        }
        String queryString = httpServletRequest.getQueryString();
        if (null == queryString) {
            return null;
        }
        LogProperties.put(LogProperties.Name.SERVLET_QUERY_STRING, LogProperties.getSanitizedQueryString(queryString));
        return null;
    }

    private SessionUtility() {
    }
}
