package org.jenkinsci.plugins.saml;

import javax.annotation.Nonnull;
import javax.servlet.http.HttpSession;
import jenkins.security.SecurityListener;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.providers.AbstractAuthenticationToken;

/* loaded from: input_file:WEB-INF/lib/saml.jar:org/jenkinsci/plugins/saml/SamlAuthenticationToken.class */
public final class SamlAuthenticationToken extends AbstractAuthenticationToken {
    private static final long serialVersionUID = 2;
    private final SamlUserDetails userDetails;
    private final transient HttpSession session;
    private final Long expiration;

    public SamlAuthenticationToken(@Nonnull SamlUserDetails samlUserDetails, @Nonnull HttpSession httpSession) {
        super(samlUserDetails.getAuthorities());
        this.userDetails = samlUserDetails;
        setDetails(samlUserDetails);
        setAuthenticated(true);
        this.session = httpSession;
        this.expiration = (Long) httpSession.getAttribute(SamlSecurityRealm.EXPIRATION_ATTRIBUTE);
    }

    /* renamed from: getPrincipal, reason: merged with bridge method [inline-methods] */
    public SamlUserDetails m778getPrincipal() {
        if (this.expiration != null && System.currentTimeMillis() > this.expiration.longValue()) {
            setAuthenticated(false);
            this.session.invalidate();
            SecurityContextHolder.clearContext();
            SecurityListener.fireLoggedOut(this.userDetails.getUsername());
        }
        return this.userDetails;
    }

    /* renamed from: getCredentials, reason: merged with bridge method [inline-methods] */
    public String m779getCredentials() {
        return "SAML does not use passwords";
    }
}
