package org.eclipse.jetty.security.authentication;

import f.a.y.f;
import f.a.y.h;
import j.c.a.e.l;
import j.c.a.f.e;
import j.c.a.f.y;
import j.c.a.h.v.b;
import j.c.a.h.v.c;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.Serializable;
import javax.servlet.http.HttpSessionBindingEvent;
import javax.servlet.http.HttpSessionEvent;

/* loaded from: classes2.dex */
public class SessionAuthentication implements e.k, Serializable, f, h {
    public static final c LOG = b.a((Class<?>) SessionAuthentication.class);
    public static final String __J_AUTHENTICATED = "org.eclipse.jetty.security.UserIdentity";
    public static final long serialVersionUID = -4643200685888258706L;
    public final Object _credentials;
    public final String _method;
    public final String _name;
    public transient f.a.y.e _session;
    public transient y _userIdentity;

    public SessionAuthentication(String str, y yVar, Object obj) {
        this._method = str;
        this._userIdentity = yVar;
        this._name = this._userIdentity.getUserPrincipal().getName();
        this._credentials = obj;
    }

    private void doLogout() {
        l U = l.U();
        if (U != null) {
            U.a((e.k) this);
        }
        f.a.y.e eVar = this._session;
        if (eVar != null) {
            eVar.a("org.eclipse.jetty.security.sessionKnownOnlytoAuthenticated");
        }
    }

    private void readObject(ObjectInputStream objectInputStream) throws IOException, ClassNotFoundException {
        objectInputStream.defaultReadObject();
        l U = l.U();
        if (U == null) {
            throw new IllegalStateException("!SecurityHandler");
        }
        j.c.a.e.h K = U.K();
        if (K == null) {
            throw new IllegalStateException("!LoginService");
        }
        this._userIdentity = K.a(this._name, this._credentials);
        LOG.debug("Deserialized and relogged in {}", this);
    }

    @Override // j.c.a.f.e.k
    public String getAuthMethod() {
        return this._method;
    }

    @Override // j.c.a.f.e.k
    public y getUserIdentity() {
        return this._userIdentity;
    }

    public boolean isUserInRole(y.b bVar, String str) {
        return this._userIdentity.a(str, bVar);
    }

    public void logout() {
        f.a.y.e eVar = this._session;
        if (eVar != null && eVar.getAttribute(__J_AUTHENTICATED) != null) {
            this._session.a(__J_AUTHENTICATED);
        }
        doLogout();
    }

    @Override // f.a.y.f
    public void sessionDidActivate(HttpSessionEvent httpSessionEvent) {
        if (this._session == null) {
            this._session = httpSessionEvent.getSession();
        }
    }

    @Override // f.a.y.f
    public void sessionWillPassivate(HttpSessionEvent httpSessionEvent) {
    }

    public String toString() {
        return "Session" + super.toString();
    }

    @Override // f.a.y.h
    public void valueBound(HttpSessionBindingEvent httpSessionBindingEvent) {
        if (this._session == null) {
            this._session = httpSessionBindingEvent.getSession();
        }
    }

    @Override // f.a.y.h
    public void valueUnbound(HttpSessionBindingEvent httpSessionBindingEvent) {
        doLogout();
    }
}
