package org.wso2.carbon.identity.application.authentication.framework.handler.request.impl;

import java.io.IOException;
import java.net.URLEncoder;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.AuthenticatorFlowStatus;
import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade;
import org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig;
import org.wso2.carbon.identity.application.authentication.framework.config.model.ExternalIdPConfig;
import org.wso2.carbon.identity.application.authentication.framework.config.model.SequenceConfig;
import org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.context.SessionContext;
import org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException;
import org.wso2.carbon.identity.application.authentication.framework.exception.FrameworkException;
import org.wso2.carbon.identity.application.authentication.framework.exception.LogoutFailedException;
import org.wso2.carbon.identity.application.authentication.framework.handler.request.LogoutRequestHandler;
import org.wso2.carbon.identity.application.authentication.framework.internal.FrameworkServiceDataHolder;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationResult;
import org.wso2.carbon.identity.application.authentication.framework.model.CommonAuthResponseWrapper;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils;
import org.wso2.carbon.idp.mgt.IdentityProviderManagementException;

/* loaded from: input_file:org/wso2/carbon/identity/application/authentication/framework/handler/request/impl/DefaultLogoutRequestHandler.class */
public class DefaultLogoutRequestHandler implements LogoutRequestHandler {
    private static volatile DefaultLogoutRequestHandler instance;
    private static final Log log = LogFactory.getLog(DefaultLogoutRequestHandler.class);
    private static final Log AUDIT_LOG = CarbonConstants.AUDIT_LOG;

    public static DefaultLogoutRequestHandler getInstance() {
        if (log.isTraceEnabled()) {
            log.trace("Inside getInstance()");
        }
        if (instance == null) {
            synchronized (DefaultLogoutRequestHandler.class) {
                if (instance == null) {
                    instance = new DefaultLogoutRequestHandler();
                }
            }
        }
        return instance;
    }

    @Override // org.wso2.carbon.identity.application.authentication.framework.handler.request.LogoutRequestHandler
    public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws FrameworkException {
        SessionContext sessionContextFromCache;
        AuthenticatorFlowStatus process;
        if (log.isTraceEnabled()) {
            log.trace("Inside handle()");
        }
        SequenceConfig sequenceConfig = authenticationContext.getSequenceConfig();
        if (authenticationContext.isPreviousSessionFound()) {
            if (authenticationContext.getCurrentStep() == 0) {
                authenticationContext.setCurrentStep(1);
            }
            int size = sequenceConfig.getStepMap().size();
            while (authenticationContext.getCurrentStep() <= size) {
                int currentStep = authenticationContext.getCurrentStep();
                StepConfig stepConfig = sequenceConfig.getStepMap().get(Integer.valueOf(currentStep));
                AuthenticatorConfig authenticatedAutenticator = stepConfig.getAuthenticatedAutenticator();
                if (authenticatedAutenticator == null) {
                    authenticatedAutenticator = sequenceConfig.getAuthenticatedReqPathAuthenticator();
                }
                ApplicationAuthenticator applicationAuthenticator = authenticatedAutenticator.getApplicationAuthenticator();
                String authenticatedIdP = stepConfig.getAuthenticatedIdP();
                if ((authenticatedIdP == null || "null".equalsIgnoreCase(authenticatedIdP) || authenticatedIdP.isEmpty()) && sequenceConfig.getAuthenticatedReqPathAuthenticator() != null) {
                    authenticatedIdP = "LOCAL";
                }
                try {
                    try {
                        ExternalIdPConfig idPConfigByName = ConfigurationFacade.getInstance().getIdPConfigByName(authenticatedIdP, authenticationContext.getTenantDomain());
                        authenticationContext.setExternalIdP(idPConfigByName);
                        authenticationContext.setAuthenticatorProperties(FrameworkUtils.getAuthenticatorPropertyMapFromIdP(idPConfigByName, applicationAuthenticator.getName()));
                        authenticationContext.setStateInfo(authenticatedAutenticator.getAuthenticatorStateInfo());
                        process = applicationAuthenticator.process(httpServletRequest, httpServletResponse, authenticationContext);
                        httpServletRequest.setAttribute(FrameworkConstants.RequestParams.FLOW_STATUS, process);
                    } catch (IdentityProviderManagementException e) {
                        log.error("Exception while getting IdP by name", e);
                    }
                    if (process.equals(AuthenticatorFlowStatus.INCOMPLETE)) {
                        FrameworkUtils.addAuthenticationContextToCache(authenticationContext.getContextIdentifier(), authenticationContext);
                        return;
                    }
                    authenticationContext.setCurrentStep(currentStep + 1);
                } catch (AuthenticationFailedException | LogoutFailedException e2) {
                    throw new FrameworkException("Exception while handling logout request", (Throwable) e2);
                }
            }
        }
        if (FrameworkServiceDataHolder.getInstance().getAuthnDataPublisherProxy() != null && FrameworkServiceDataHolder.getInstance().getAuthnDataPublisherProxy().isEnabled(authenticationContext) && (sessionContextFromCache = FrameworkUtils.getSessionContextFromCache(authenticationContext.getSessionIdentifier())) != null) {
            Object property = sessionContextFromCache.getProperty(FrameworkConstants.AUTHENTICATED_USER);
            AuthenticatedUser authenticatedUser = new AuthenticatedUser();
            if (property != null) {
                authenticatedUser = (AuthenticatedUser) property;
            }
            FrameworkUtils.publishSessionEvent(authenticationContext.getSessionIdentifier(), httpServletRequest, authenticationContext, sessionContextFromCache, authenticatedUser, FrameworkConstants.AnalyticsAttributes.SESSION_TERMINATE);
        }
        FrameworkUtils.removeSessionContextFromCache(authenticationContext.getSessionIdentifier());
        FrameworkUtils.removeAuthCookie(httpServletRequest, httpServletResponse);
        try {
            sendResponse(httpServletRequest, httpServletResponse, authenticationContext, true);
        } catch (ServletException | IOException e3) {
            throw new FrameworkException(e3.getMessage(), (Throwable) e3);
        }
    }

    protected void sendResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext, boolean z) throws ServletException, IOException {
        String callerPath;
        if (log.isTraceEnabled()) {
            log.trace("Inside sendLogoutResponseToCaller()");
        }
        httpServletRequest.setAttribute(FrameworkConstants.ResponseParams.LOGGED_OUT, Boolean.valueOf(z));
        if (authenticationContext.getCallerSessionKey() != null) {
            httpServletRequest.setAttribute("sessionDataKey", authenticationContext.getCallerSessionKey());
            AuthenticationResult authenticationResult = new AuthenticationResult();
            authenticationResult.setLoggedOut(true);
            SequenceConfig sequenceConfig = authenticationContext.getSequenceConfig();
            if (sequenceConfig != null) {
                authenticationResult.setSaaSApp(sequenceConfig.getApplicationConfig().isSaaSApp());
            }
            if (FrameworkUtils.getCacheDisabledAuthenticators().contains(authenticationContext.getRequestType()) && (httpServletResponse instanceof CommonAuthResponseWrapper)) {
                addAuthenticationResultToRequest(httpServletRequest, authenticationResult);
            } else {
                FrameworkUtils.addAuthenticationResultToCache(authenticationContext.getCallerSessionKey(), authenticationResult);
            }
            callerPath = FrameworkUtils.appendQueryParamsStringToUrl(authenticationContext.getCallerPath(), "sessionDataKey=" + URLEncoder.encode(authenticationContext.getCallerSessionKey(), FrameworkUtils.UTF_8));
        } else {
            callerPath = authenticationContext.getCallerPath();
        }
        if (System.getProperty("retainCache") == null) {
            FrameworkUtils.removeAuthenticationContextFromCache(authenticationContext.getContextIdentifier());
        }
        if (log.isDebugEnabled()) {
            log.debug("Sending response back to: " + authenticationContext.getCallerPath() + "...\n" + FrameworkConstants.ResponseParams.LOGGED_OUT + " : " + z + "\nsessionDataKey: " + authenticationContext.getCallerSessionKey());
        }
        httpServletResponse.sendRedirect(callerPath);
    }

    private void addAuthenticationResultToRequest(HttpServletRequest httpServletRequest, AuthenticationResult authenticationResult) {
        httpServletRequest.setAttribute(FrameworkConstants.RequestAttribute.AUTH_RESULT, authenticationResult);
    }
}
