package org.pac4j.cas.logout;

import java.util.Arrays;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.jasig.cas.client.session.HashMapBackedSessionMappingStorage;
import org.jasig.cas.client.session.SessionMappingStorage;
import org.jasig.cas.client.session.SingleSignOutHandler;
import org.jasig.cas.client.util.CommonUtils;
import org.jasig.cas.client.util.XmlUtils;
import org.pac4j.cas.client.CasClient;
import org.pac4j.core.context.J2EContext;
import org.pac4j.core.context.WebContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/pac4j/cas/logout/CasSingleSignOutHandler.class */
public class CasSingleSignOutHandler implements LogoutHandler {
    protected static final Logger logger = LoggerFactory.getLogger(CasSingleSignOutHandler.class);
    private SessionMappingStorage sessionMappingStorage = new HashMapBackedSessionMappingStorage();
    private String artifactParameterName = CasClient.SERVICE_TICKET_PARAMETER;
    private String logoutParameterName = "logoutRequest";
    private List<String> safeParameters = Arrays.asList(this.logoutParameterName);
    private boolean eagerlyCreateSessions = true;
    private LogoutStrategy logoutStrategy;

    /* loaded from: input_file:org/pac4j/cas/logout/CasSingleSignOutHandler$LogoutStrategy.class */
    private interface LogoutStrategy {
        void logout(HttpServletRequest httpServletRequest);
    }

    /* loaded from: input_file:org/pac4j/cas/logout/CasSingleSignOutHandler$Servlet25LogoutStrategy.class */
    private class Servlet25LogoutStrategy implements LogoutStrategy {
        private Servlet25LogoutStrategy() {
        }

        @Override // org.pac4j.cas.logout.CasSingleSignOutHandler.LogoutStrategy
        public void logout(HttpServletRequest httpServletRequest) {
        }
    }

    /* loaded from: input_file:org/pac4j/cas/logout/CasSingleSignOutHandler$Servlet30LogoutStrategy.class */
    private class Servlet30LogoutStrategy implements LogoutStrategy {
        private Servlet30LogoutStrategy() {
        }

        @Override // org.pac4j.cas.logout.CasSingleSignOutHandler.LogoutStrategy
        public void logout(HttpServletRequest httpServletRequest) {
            try {
                httpServletRequest.logout();
            } catch (ServletException e) {
                CasSingleSignOutHandler.logger.debug("Error performing request.logout.");
            }
        }
    }

    public CasSingleSignOutHandler() {
        this.logoutStrategy = isServlet30() ? new Servlet30LogoutStrategy() : new Servlet25LogoutStrategy();
    }

    @Deprecated
    public CasSingleSignOutHandler(SingleSignOutHandler singleSignOutHandler) {
        this.logoutStrategy = isServlet30() ? new Servlet30LogoutStrategy() : new Servlet25LogoutStrategy();
        logger.warn("The provided CAS SingleSignOutHandler is not taken into account anymore!");
    }

    @Override // org.pac4j.cas.logout.LogoutHandler
    public boolean isTokenRequest(WebContext webContext) {
        return CommonUtils.isNotBlank(CommonUtils.safeGetParameter(((J2EContext) webContext).getRequest(), this.artifactParameterName, this.safeParameters));
    }

    @Override // org.pac4j.cas.logout.LogoutHandler
    public boolean isLogoutRequest(WebContext webContext) {
        HttpServletRequest request = ((J2EContext) webContext).getRequest();
        return "POST".equals(request.getMethod()) && !isMultipartRequest(request) && CommonUtils.isNotBlank(CommonUtils.safeGetParameter(request, this.logoutParameterName, this.safeParameters));
    }

    @Override // org.pac4j.cas.logout.LogoutHandler
    public void recordSession(WebContext webContext, String str) {
        HttpServletRequest request = ((J2EContext) webContext).getRequest();
        HttpSession session = request.getSession(this.eagerlyCreateSessions);
        if (session == null) {
            logger.debug("No session currently exists (and none created).  Cannot record session information for single sign out.");
            return;
        }
        String safeGetParameter = CommonUtils.safeGetParameter(request, this.artifactParameterName, this.safeParameters);
        logger.debug("Recording session for token {}", safeGetParameter);
        try {
            this.sessionMappingStorage.removeBySessionById(session.getId());
        } catch (Exception e) {
        }
        this.sessionMappingStorage.addSessionById(safeGetParameter, session);
    }

    @Override // org.pac4j.cas.logout.LogoutHandler
    public void destroySession(WebContext webContext) {
        HttpSession removeSessionByMappingId;
        HttpServletRequest request = ((J2EContext) webContext).getRequest();
        String safeGetParameter = CommonUtils.safeGetParameter(request, this.logoutParameterName, this.safeParameters);
        logger.trace("Logout request:\n{}", safeGetParameter);
        String textForElement = XmlUtils.getTextForElement(safeGetParameter, "SessionIndex");
        if (!CommonUtils.isNotBlank(textForElement) || (removeSessionByMappingId = this.sessionMappingStorage.removeSessionByMappingId(textForElement)) == null) {
            return;
        }
        logger.debug("Invalidating session [{}] for token [{}]", removeSessionByMappingId.getId(), textForElement);
        try {
            removeSessionByMappingId.invalidate();
        } catch (IllegalStateException e) {
            logger.debug("Error invalidating session.", e);
        }
        this.logoutStrategy.logout(request);
    }

    private boolean isMultipartRequest(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getContentType() != null && httpServletRequest.getContentType().toLowerCase().startsWith("multipart");
    }

    private static boolean isServlet30() {
        try {
            return HttpServletRequest.class.getMethod("logout", new Class[0]) != null;
        } catch (NoSuchMethodException e) {
            return false;
        }
    }

    public SessionMappingStorage getSessionMappingStorage() {
        return this.sessionMappingStorage;
    }

    public void setSessionMappingStorage(SessionMappingStorage sessionMappingStorage) {
        this.sessionMappingStorage = sessionMappingStorage;
    }
}
