package org.wso2.carbon.identity.oidc.session.servlet;

import java.io.IOException;
import java.util.Enumeration;
import java.util.UUID;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.authentication.framework.AuthenticatorFlowStatus;
import org.wso2.carbon.identity.application.authentication.framework.CommonAuthenticationHandler;
import org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationRequestCacheEntry;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationRequest;
import org.wso2.carbon.identity.application.authentication.framework.model.CommonAuthRequestWrapper;
import org.wso2.carbon.identity.application.authentication.framework.model.CommonAuthResponseWrapper;
import org.wso2.carbon.identity.oidc.session.OIDCSessionConstants;
import org.wso2.carbon.identity.oidc.session.cache.OIDCSessionDataCache;
import org.wso2.carbon.identity.oidc.session.cache.OIDCSessionDataCacheEntry;
import org.wso2.carbon.identity.oidc.session.cache.OIDCSessionDataCacheKey;
import org.wso2.carbon.identity.oidc.session.util.OIDCSessionManagementUtil;

/* loaded from: input_file:org/wso2/carbon/identity/oidc/session/servlet/OIDCLogoutServlet.class */
public class OIDCLogoutServlet extends HttpServlet {
    private static final Log log = LogFactory.getLog(OIDCLogoutServlet.class);

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String oIDCLogoutConsentURL;
        Cookie oPBrowserStateCookie = OIDCSessionManagementUtil.getOPBrowserStateCookie(httpServletRequest);
        if (oPBrowserStateCookie == null) {
            if (log.isDebugEnabled()) {
                log.debug("opbs cookie not received. Missing session state.");
            }
            httpServletResponse.sendRedirect(OIDCSessionManagementUtil.getErrorPageURL("access_denied", "opbs cookie not received. Missing session state."));
        } else {
            if (!OIDCSessionManagementUtil.getSessionManager().sessionExists(oPBrowserStateCookie.getValue())) {
                if (log.isDebugEnabled()) {
                    log.debug("No valid session found for the received session state.");
                }
                httpServletResponse.sendRedirect(OIDCSessionManagementUtil.getErrorPageURL("access_denied", "No valid session found for the received session state."));
                return;
            }
            String parameter = httpServletRequest.getParameter(OIDCSessionConstants.OIDC_LOGOUT_CONSENT_PARAM);
            if (!StringUtils.isNotBlank(parameter)) {
                oIDCLogoutConsentURL = OIDCSessionManagementUtil.getOIDCLogoutConsentURL();
            } else {
                if (parameter.equals("approve")) {
                    sendToFrameworkForLogout(httpServletRequest, httpServletResponse);
                    return;
                }
                oIDCLogoutConsentURL = OIDCSessionManagementUtil.getErrorPageURL("access_denied", "End User denied the logout request");
            }
            httpServletResponse.sendRedirect(oIDCLogoutConsentURL);
        }
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doGet(httpServletRequest, httpServletResponse);
    }

    private void sendToFrameworkForLogout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String uuid = UUID.randomUUID().toString();
        addSessionDataToCache(uuid);
        AuthenticationRequest authenticationRequest = new AuthenticationRequest();
        authenticationRequest.setRequestQueryParams(httpServletRequest.getParameterMap());
        authenticationRequest.addRequestQueryParam("commonAuthLogout", new String[]{"true"});
        authenticationRequest.setCommonAuthCallerPath(httpServletRequest.getRequestURI());
        authenticationRequest.setPost(true);
        Enumeration headerNames = httpServletRequest.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String obj = headerNames.nextElement().toString();
            authenticationRequest.addHeader(obj, httpServletRequest.getHeader(obj));
        }
        addAuthenticationRequestToRequest(httpServletRequest, new AuthenticationRequestCacheEntry(authenticationRequest));
        sendRequestToFramework(httpServletRequest, httpServletResponse, uuid, "oidc");
    }

    private void handleLogoutResponseFromFramework(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter("sessionDataKey");
        if (getSessionDataFromCache(parameter) == null) {
            httpServletResponse.sendRedirect(OIDCSessionManagementUtil.getErrorPageURL("server_error", "User logout failed"));
            return;
        }
        removeSessionDataFromCache(parameter);
        OIDCSessionManagementUtil.getSessionManager().removeOIDCSessionState(OIDCSessionManagementUtil.removeOPBrowserStateCookie(httpServletRequest, httpServletResponse).getValue());
        httpServletResponse.sendRedirect(OIDCSessionManagementUtil.getOIDCLogoutURL());
    }

    private void addAuthenticationRequestToRequest(HttpServletRequest httpServletRequest, AuthenticationRequestCacheEntry authenticationRequestCacheEntry) {
        httpServletRequest.setAttribute("authRequest", authenticationRequestCacheEntry);
    }

    private void sendRequestToFramework(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) throws ServletException, IOException {
        CommonAuthenticationHandler commonAuthenticationHandler = new CommonAuthenticationHandler();
        CommonAuthRequestWrapper commonAuthRequestWrapper = new CommonAuthRequestWrapper(httpServletRequest);
        commonAuthRequestWrapper.setParameter("sessionDataKey", str);
        commonAuthRequestWrapper.setParameter("type", str2);
        CommonAuthResponseWrapper commonAuthResponseWrapper = new CommonAuthResponseWrapper(httpServletResponse);
        commonAuthenticationHandler.doGet(commonAuthRequestWrapper, commonAuthResponseWrapper);
        Object attribute = httpServletRequest.getAttribute("authenticatorFlowStatus");
        if (attribute != null && ((AuthenticatorFlowStatus) attribute) == AuthenticatorFlowStatus.INCOMPLETE) {
            httpServletResponse.sendRedirect(commonAuthResponseWrapper.getRedirectURL());
        }
        if (attribute == null) {
            handleLogoutResponseFromFramework(commonAuthRequestWrapper, httpServletResponse);
        } else if (((AuthenticatorFlowStatus) attribute) == AuthenticatorFlowStatus.INCOMPLETE) {
            httpServletResponse.sendRedirect(commonAuthResponseWrapper.getRedirectURL());
        } else {
            handleLogoutResponseFromFramework(commonAuthRequestWrapper, httpServletResponse);
        }
    }

    private void addSessionDataToCache(String str) {
        OIDCSessionDataCache.getInstance().addToCache(new OIDCSessionDataCacheKey(str), new OIDCSessionDataCacheEntry());
    }

    private OIDCSessionDataCacheEntry getSessionDataFromCache(String str) {
        return (OIDCSessionDataCacheEntry) OIDCSessionDataCache.getInstance().getValueFromCache(new OIDCSessionDataCacheKey(str));
    }

    private void removeSessionDataFromCache(String str) {
        OIDCSessionDataCache.getInstance().clearCacheEntry(new OIDCSessionDataCacheKey(str));
    }
}
