package org.picketlink.identity.federation.web.handlers.saml2;

import java.io.DataOutputStream;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.net.URLEncoder;
import java.security.Principal;
import java.util.Map;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.xml.parsers.ParserConfigurationException;
import org.picketlink.common.constants.JBossSAMLURIConstants;
import org.picketlink.common.exceptions.ConfigurationException;
import org.picketlink.common.exceptions.ParsingException;
import org.picketlink.common.exceptions.ProcessingException;
import org.picketlink.common.util.StringUtil;
import org.picketlink.config.federation.SPType;
import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request;
import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response;
import org.picketlink.identity.federation.core.audit.PicketLinkAuditEvent;
import org.picketlink.identity.federation.core.audit.PicketLinkAuditEventType;
import org.picketlink.identity.federation.core.audit.PicketLinkAuditHelper;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
import org.picketlink.identity.federation.core.saml.v2.common.SAMLProtocolContext;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS;
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
import org.picketlink.identity.federation.saml.v2.SAML2Object;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AuthnStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
import org.picketlink.identity.federation.saml.v2.protocol.StatusCodeType;
import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
import org.picketlink.identity.federation.web.core.HTTPContext;
import org.picketlink.identity.federation.web.core.IdentityServer;
import org.picketlink.identity.federation.web.core.SessionManager;
import org.picketlink.identity.federation.web.util.PostBindingUtil;
import org.picketlink.identity.federation.web.util.RedirectBindingUtil;
import org.w3c.dom.Document;

/* loaded from: input_file:org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler.class */
public class SAML2LogOutHandler extends BaseSAML2Handler {
    public static final String BACK_CHANNEL_LOGOUT = "BACK_CHANNEL_LOGOUT";
    private final IDPLogOutHandler idp = new IDPLogOutHandler();
    private final SPLogOutHandler sp = new SPLogOutHandler();

    /* loaded from: input_file:org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler$IDPLogOutHandler.class */
    private class IDPLogOutHandler {
        private IDPLogOutHandler() {
        }

        public void generateSAMLRequest(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
        }

        public void handleStatusResponseType(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
            String str;
            StatusResponseType statusResponseType = (StatusResponseType) sAML2HandlerRequest.getSAML2Object();
            String value = statusResponseType.getIssuer().getValue();
            if (value.equals(SAML2LogOutHandler.this.getProviderconfig().getIdentityURL())) {
                sAML2HandlerResponse.setDestination(SAML2LogOutHandler.this.getProviderconfig().getIdentityURL());
                return;
            }
            HTTPContext hTTPContext = (HTTPContext) sAML2HandlerRequest.getContext();
            HttpServletRequest request = hTTPContext.getRequest();
            HttpSession session = request.getSession(false);
            String relayState = sAML2HandlerRequest.getRelayState();
            try {
                str = RedirectBindingUtil.urlDecode(relayState);
            } catch (IOException e) {
                str = relayState;
            }
            IdentityServer identityServer = (IdentityServer) hTTPContext.getServletContext().getAttribute("IDENTITY_SERVER");
            if (identityServer == null) {
                throw BaseSAML2Handler.logger.samlHandlerIdentityServerNotFoundError();
            }
            String id = session.getId();
            identityServer.stack().deRegisterTransitParticipant(id, value);
            String participant = getParticipant(identityServer, id, str);
            if (participant == null || participant.equals(str)) {
                AssertionType assertionType = (AssertionType) session.getAttribute("ASSERTION");
                if (assertionType != null) {
                    PicketLinkCoreSTS instance = PicketLinkCoreSTS.instance();
                    SAMLProtocolContext sAMLProtocolContext = new SAMLProtocolContext();
                    sAMLProtocolContext.setIssuedAssertion(assertionType);
                    instance.cancelToken(sAMLProtocolContext);
                    session.removeAttribute("ASSERTION");
                }
                try {
                    generateSuccessStatusResponseType(statusResponseType.getInResponseTo(), sAML2HandlerRequest, sAML2HandlerResponse, relayState);
                    sAML2HandlerResponse.setPostBindingForResponse(isPostBindingForResponse(identityServer, relayState, sAML2HandlerRequest));
                    Map<String, Object> options = sAML2HandlerRequest.getOptions();
                    PicketLinkAuditHelper picketLinkAuditHelper = (PicketLinkAuditHelper) options.get("AUDIT_HELPER");
                    if (picketLinkAuditHelper != null) {
                        PicketLinkAuditEvent picketLinkAuditEvent = new PicketLinkAuditEvent("Info");
                        picketLinkAuditEvent.setWhoIsAuditing((String) options.get("CONTEXT_PATH"));
                        picketLinkAuditEvent.setType(PicketLinkAuditEventType.INVALIDATE_HTTP_SESSION);
                        picketLinkAuditEvent.setHttpSessionID(session.getId());
                        picketLinkAuditHelper.audit(picketLinkAuditEvent);
                    }
                    session.invalidate();
                    return;
                } catch (Exception e2) {
                    throw BaseSAML2Handler.logger.processingError(e2);
                }
            }
            identityServer.stack().registerTransitParticipant(id, participant);
            sAML2HandlerResponse.setPostBindingForResponse(isPostBindingForResponse(identityServer, participant, sAML2HandlerRequest));
            sAML2HandlerResponse.setRelayState(relayState);
            sAML2HandlerResponse.setDestination(participant);
            SAML2Request sAML2Request = new SAML2Request();
            try {
                LogoutRequestType createLogoutRequest = sAML2Request.createLogoutRequest(sAML2HandlerRequest.getIssuer().getValue());
                Principal userPrincipal = request.getUserPrincipal();
                if (userPrincipal == null) {
                    throw BaseSAML2Handler.logger.samlHandlerPrincipalNotFoundError();
                }
                NameIDType nameIDType = new NameIDType();
                nameIDType.setValue(userPrincipal.getName());
                String str2 = (String) SAML2LogOutHandler.this.handlerConfig.getParameter("NAMEID_FORMAT");
                if (StringUtil.isNullOrEmpty(str2)) {
                    str2 = JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get();
                }
                nameIDType.setFormat(URI.create(str2));
                createLogoutRequest.setNameID(nameIDType);
                createLogoutRequest.setDestination(URI.create(participant));
                sAML2HandlerResponse.setResultingDocument(sAML2Request.convert(createLogoutRequest));
                sAML2HandlerResponse.setSendRequest(true);
            } catch (Exception e3) {
                throw BaseSAML2Handler.logger.processingError(e3);
            }
        }

        public void handleRequestType(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
            HTTPContext hTTPContext = (HTTPContext) sAML2HandlerRequest.getContext();
            HttpSession session = hTTPContext.getRequest().getSession(false);
            String parameter = hTTPContext.getRequest().getParameter("RelayState");
            LogoutRequestType logoutRequestType = (LogoutRequestType) sAML2HandlerRequest.getSAML2Object();
            try {
                String value = parameter == null ? logoutRequestType.getIssuer().getValue() : parameter;
                if (getIdentityServer(session.getServletContext()) == null) {
                    throw BaseSAML2Handler.logger.samlHandlerIdentityServerNotFoundError();
                }
                if (isBackChannelLogout()) {
                    performBackChannelLogout(sAML2HandlerRequest, value);
                } else {
                    performFrontChannelLogout(sAML2HandlerRequest, sAML2HandlerResponse, logoutRequestType, value, parameter);
                }
            } catch (ConfigurationException e) {
                throw BaseSAML2Handler.logger.processingError(e);
            } catch (ParsingException e2) {
                throw BaseSAML2Handler.logger.processingError(e2);
            } catch (ParserConfigurationException e3) {
                throw BaseSAML2Handler.logger.processingError(e3);
            }
        }

        private void performFrontChannelLogout(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse, LogoutRequestType logoutRequestType, String str, String str2) throws ConfigurationException, ParserConfigurationException, ProcessingException, ParsingException {
            HTTPContext hTTPContext = (HTTPContext) sAML2HandlerRequest.getContext();
            HttpSession session = hTTPContext.getRequest().getSession(false);
            String id = session.getId();
            IdentityServer identityServer = getIdentityServer(hTTPContext.getServletContext());
            String participant = getParticipant(identityServer, id, str);
            boolean equals = participant.equals(str);
            if (participant == null || equals) {
                session.invalidate();
                identityServer.stack().pop(id);
                if (participant.equals(SAML2LogOutHandler.this.getProviderconfig().getIdentityURL())) {
                    sAML2HandlerResponse.setDestination(SAML2LogOutHandler.this.getProviderconfig().getIdentityURL());
                    return;
                } else {
                    generateSuccessStatusResponseType(logoutRequestType.getID(), sAML2HandlerRequest, sAML2HandlerResponse, str);
                    sAML2HandlerResponse.setPostBindingForResponse(isPostBindingForResponse(identityServer, participant, sAML2HandlerRequest));
                    return;
                }
            }
            identityServer.stack().registerTransitParticipant(id, participant);
            sAML2HandlerResponse.setRelayState(str);
            sAML2HandlerResponse.setDestination(participant);
            sAML2HandlerResponse.setPostBindingForResponse(isPostBindingForResponse(identityServer, participant, sAML2HandlerRequest));
            sAML2HandlerResponse.setResultingDocument(new SAML2Request().convert(createLogoutRequest(sAML2HandlerRequest, participant)));
            sAML2HandlerResponse.setSendRequest(true);
        }

        private void performBackChannelLogout(SAML2HandlerRequest sAML2HandlerRequest, String str) throws ProcessingException {
            HTTPContext hTTPContext = (HTTPContext) sAML2HandlerRequest.getContext();
            HttpSession session = hTTPContext.getRequest().getSession(false);
            String id = session.getId();
            IdentityServer identityServer = getIdentityServer(hTTPContext.getServletContext());
            for (String str2 = str; str2 != null; str2 = identityServer.stack().pop(id)) {
                HttpURLConnection httpURLConnection = null;
                try {
                    try {
                        httpURLConnection = (HttpURLConnection) new URL(str2).openConnection();
                        httpURLConnection.setRequestMethod("POST");
                        httpURLConnection.setDoOutput(true);
                        httpURLConnection.setAllowUserInteraction(false);
                        httpURLConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
                        String base64Encode = PostBindingUtil.base64Encode(new String(DocumentUtil.getDocumentAsString(new SAML2Request().convert(createLogoutRequest(sAML2HandlerRequest, str2))).getBytes("UTF-8")));
                        StringBuilder sb = new StringBuilder();
                        sb.append("SAMLRequest").append("=").append(URLEncoder.encode(base64Encode, "UTF-8")).append("&").append(SAML2LogOutHandler.BACK_CHANNEL_LOGOUT).append("=").append(SAML2LogOutHandler.BACK_CHANNEL_LOGOUT);
                        httpURLConnection.setRequestProperty("Content-Length", Integer.toString(sb.length()));
                        DataOutputStream dataOutputStream = new DataOutputStream(httpURLConnection.getOutputStream());
                        dataOutputStream.writeBytes(sb.toString());
                        dataOutputStream.flush();
                        dataOutputStream.close();
                        httpURLConnection.getInputStream().close();
                        if (httpURLConnection != null) {
                            httpURLConnection.disconnect();
                        }
                    } catch (Exception e) {
                        BaseSAML2Handler.logger.warn("Could not perform global logout from service provider [" + str2 + "].");
                        BaseSAML2Handler.logger.samlLogoutError(e);
                        if (httpURLConnection != null) {
                            httpURLConnection.disconnect();
                        }
                    }
                } catch (Throwable th) {
                    if (httpURLConnection != null) {
                        httpURLConnection.disconnect();
                    }
                    throw th;
                }
            }
            session.invalidate();
            try {
                hTTPContext.getResponse().sendRedirect(SAML2LogOutHandler.this.getProviderconfig().getIdentityURL());
            } catch (IOException e2) {
                throw new ProcessingException("Could not redirect to IdP after a successful logout.", e2);
            }
        }

        private IdentityServer getIdentityServer(ServletContext servletContext) {
            return (IdentityServer) servletContext.getAttribute("IDENTITY_SERVER");
        }

        private LogoutRequestType createLogoutRequest(SAML2HandlerRequest sAML2HandlerRequest, String str) throws ConfigurationException, ProcessingException {
            HttpServletRequest request = ((HTTPContext) sAML2HandlerRequest.getContext()).getRequest();
            LogoutRequestType createLogoutRequest = new SAML2Request().createLogoutRequest(sAML2HandlerRequest.getIssuer().getValue());
            Principal userPrincipal = request.getUserPrincipal();
            if (userPrincipal == null) {
                throw BaseSAML2Handler.logger.samlHandlerPrincipalNotFoundError();
            }
            NameIDType nameIDType = new NameIDType();
            nameIDType.setValue(userPrincipal.getName());
            String str2 = (String) SAML2LogOutHandler.this.handlerConfig.getParameter("NAMEID_FORMAT");
            if (StringUtil.isNullOrEmpty(str2)) {
                str2 = JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get();
            }
            nameIDType.setFormat(URI.create(str2));
            createLogoutRequest.setNameID(nameIDType);
            createLogoutRequest.setNotOnOrAfter(XMLTimeUtil.add(createLogoutRequest.getIssueInstant(), PicketLinkCoreSTS.instance().getConfiguration().getIssuedTokenTimeout()));
            createLogoutRequest.setDestination(URI.create(str));
            return createLogoutRequest;
        }

        private boolean isBackChannelLogout() {
            if (SAML2LogOutHandler.this.handlerConfig.getParameter(SAML2LogOutHandler.BACK_CHANNEL_LOGOUT) != null) {
                return Boolean.valueOf(SAML2LogOutHandler.this.handlerConfig.getParameter(SAML2LogOutHandler.BACK_CHANNEL_LOGOUT).toString()).booleanValue();
            }
            return false;
        }

        private void generateSuccessStatusResponseType(String str, SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse, String str2) throws ConfigurationException, ParserConfigurationException, ProcessingException {
            BaseSAML2Handler.logger.trace("Generating Success Status Response for " + str2);
            StatusResponseType statusResponseType = new StatusResponseType(IDGenerator.create("ID_"), XMLTimeUtil.getIssueInstant());
            StatusType statusType = new StatusType();
            StatusCodeType statusCodeType = new StatusCodeType();
            statusCodeType.setValue(URI.create(JBossSAMLURIConstants.STATUS_SUCCESS.get()));
            statusType.setStatusCode(statusCodeType);
            statusResponseType.setStatus(statusType);
            statusResponseType.setInResponseTo(str);
            statusResponseType.setIssuer(sAML2HandlerRequest.getIssuer());
            statusResponseType.setDestination(str2);
            try {
                sAML2HandlerResponse.setResultingDocument(new SAML2Response().convert(statusResponseType));
                sAML2HandlerResponse.setDestination(str2);
            } catch (ParsingException e) {
                throw BaseSAML2Handler.logger.processingError(e);
            }
        }

        /* JADX WARN: Code restructure failed: missing block: B:11:0x0033, code lost:
        
            return r8;
         */
        /* JADX WARN: Code restructure failed: missing block: B:2:0x0011, code lost:
        
            if (r7 > 0) goto L4;
         */
        /* JADX WARN: Code restructure failed: missing block: B:3:0x0014, code lost:
        
            r8 = r4.stack().pop(r5);
            r7 = r7 - 1;
         */
        /* JADX WARN: Code restructure failed: missing block: B:4:0x0025, code lost:
        
            if (r7 <= 0) goto L10;
         */
        /* JADX WARN: Code restructure failed: missing block: B:6:0x002e, code lost:
        
            if (r8.equals(r6) != false) goto L12;
         */
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        private java.lang.String getParticipant(org.picketlink.identity.federation.web.core.IdentityServer r4, java.lang.String r5, java.lang.String r6) {
            /*
                r3 = this;
                r0 = r4
                org.picketlink.identity.federation.web.core.IdentityParticipantStack r0 = r0.stack()
                r1 = r5
                int r0 = r0.getParticipants(r1)
                r7 = r0
                r0 = r6
                r8 = r0
                r0 = r7
                if (r0 <= 0) goto L31
            L14:
                r0 = r4
                org.picketlink.identity.federation.web.core.IdentityParticipantStack r0 = r0.stack()
                r1 = r5
                java.lang.String r0 = r0.pop(r1)
                r8 = r0
                int r7 = r7 + (-1)
                r0 = r7
                if (r0 <= 0) goto L31
                r0 = r8
                r1 = r6
                boolean r0 = r0.equals(r1)
                if (r0 != 0) goto L14
            L31:
                r0 = r8
                return r0
            */
            throw new UnsupportedOperationException("Method not decompiled: org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler.IDPLogOutHandler.getParticipant(org.picketlink.identity.federation.web.core.IdentityServer, java.lang.String, java.lang.String):java.lang.String");
        }

        private boolean isPostBindingForResponse(IdentityServer identityServer, String str, SAML2HandlerRequest sAML2HandlerRequest) {
            Boolean binding = identityServer.stack().getBinding(str);
            if (binding == null) {
                binding = Boolean.TRUE;
            }
            Boolean bool = (Boolean) sAML2HandlerRequest.getOptions().get("SAML_IDP_STRICT_POST_BINDING");
            if (bool == null) {
                bool = Boolean.FALSE;
            }
            return binding.booleanValue() || bool.booleanValue();
        }
    }

    /* loaded from: input_file:org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler$SPLogOutHandler.class */
    private class SPLogOutHandler {
        private SPLogOutHandler() {
        }

        public void generateSAMLRequest(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
            SAML2Request sAML2Request = new SAML2Request();
            HttpServletRequest request = ((HTTPContext) sAML2HandlerRequest.getContext()).getRequest();
            Principal principal = (Principal) request.getSession().getAttribute("picketlink.principal");
            if (principal == null) {
                principal = request.getUserPrincipal();
            }
            if (principal == null) {
                return;
            }
            try {
                LogoutRequestType createLogoutRequest = sAML2Request.createLogoutRequest(sAML2HandlerRequest.getIssuer().getValue());
                NameIDType nameIDType = new NameIDType();
                nameIDType.setValue(principal.getName());
                String str = (String) SAML2LogOutHandler.this.handlerConfig.getParameter("NAMEID_FORMAT");
                if (StringUtil.isNullOrEmpty(str)) {
                    str = JBossSAMLURIConstants.NAMEID_FORMAT_PERSISTENT.get();
                }
                nameIDType.setFormat(URI.create(str));
                createLogoutRequest.setNameID(nameIDType);
                SPType providerconfig = SAML2LogOutHandler.this.getProviderconfig();
                String logoutUrl = providerconfig.getLogoutUrl();
                if (logoutUrl == null) {
                    logoutUrl = providerconfig.getIdentityURL();
                }
                createLogoutRequest.setDestination(URI.create(logoutUrl));
                populateSessionIndex(request, createLogoutRequest);
                sAML2HandlerResponse.setResultingDocument(sAML2Request.convert(createLogoutRequest));
                sAML2HandlerResponse.setSendRequest(true);
            } catch (Exception e) {
                throw BaseSAML2Handler.logger.processingError(e);
            }
        }

        private void populateSessionIndex(HttpServletRequest httpServletRequest, LogoutRequestType logoutRequestType) throws ProcessingException, ConfigurationException, ParsingException {
            Document document = (Document) httpServletRequest.getSession().getAttribute("ASSERTION_SESSION_ATTRIBUTE_NAME");
            if (document != null) {
                for (StatementAbstractType statementAbstractType : SAMLUtil.fromElement(document.getDocumentElement()).getStatements()) {
                    if (AuthnStatementType.class.isInstance(statementAbstractType)) {
                        String sessionIndex = ((AuthnStatementType) statementAbstractType).getSessionIndex();
                        if (sessionIndex != null) {
                            logoutRequestType.addSessionIndex(sessionIndex);
                            return;
                        }
                        return;
                    }
                }
            }
        }

        public void handleStatusResponseType(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
            StatusResponseType statusResponseType = (StatusResponseType) sAML2HandlerRequest.getSAML2Object();
            HttpSession session = ((HTTPContext) sAML2HandlerRequest.getContext()).getRequest().getSession(false);
            URI value = statusResponseType.getStatus().getStatusCode().getValue();
            if (value != null) {
                if (JBossSAMLURIConstants.STATUS_SUCCESS.get().equals(value.toString())) {
                    session.invalidate();
                }
            }
        }

        public void handleRequestType(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
            SAML2Object sAML2Object = sAML2HandlerRequest.getSAML2Object();
            if (sAML2Object instanceof LogoutRequestType) {
                SPType providerconfig = SAML2LogOutHandler.this.getProviderconfig();
                LogoutRequestType logoutRequestType = (LogoutRequestType) sAML2Object;
                HttpServletRequest request = ((HTTPContext) sAML2HandlerRequest.getContext()).getRequest();
                SessionManager sessionManager = SessionManager.get(request.getSession(false).getServletContext());
                final String value = logoutRequestType.getNameID().getValue();
                sessionManager.invalidate(new Principal() { // from class: org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler.SPLogOutHandler.1
                    @Override // java.security.Principal
                    public String getName() {
                        return value;
                    }
                });
                try {
                    StatusResponseType statusResponseType = new StatusResponseType(IDGenerator.create("ID_"), XMLTimeUtil.getIssueInstant());
                    StatusType statusType = new StatusType();
                    StatusCodeType statusCodeType = new StatusCodeType();
                    statusCodeType.setValue(URI.create(JBossSAMLURIConstants.STATUS_SUCCESS.get()));
                    statusType.setStatusCode(statusCodeType);
                    statusResponseType.setStatus(statusType);
                    statusResponseType.setInResponseTo(logoutRequestType.getID());
                    statusResponseType.setIssuer(sAML2HandlerRequest.getIssuer());
                    String logoutResponseLocation = providerconfig.getLogoutResponseLocation();
                    if (logoutResponseLocation == null) {
                        sAML2HandlerResponse.setDestination(logoutRequestType.getIssuer().getValue());
                    } else {
                        sAML2HandlerResponse.setDestination(logoutResponseLocation);
                    }
                    statusResponseType.setDestination(sAML2HandlerResponse.getDestination());
                    try {
                        sAML2HandlerResponse.setResultingDocument(new SAML2Response().convert(statusResponseType));
                        sAML2HandlerResponse.setRelayState(request.getParameter("RelayState"));
                        sAML2HandlerResponse.setSendRequest(false);
                    } catch (Exception e) {
                        throw BaseSAML2Handler.logger.processingError(e);
                    }
                } catch (ConfigurationException e2) {
                    throw BaseSAML2Handler.logger.processingError(e2);
                }
            }
        }
    }

    @Override // org.picketlink.identity.federation.web.handlers.saml2.BaseSAML2Handler, org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler
    public void generateSAMLRequest(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
        if (sAML2HandlerRequest.getTypeOfRequestToBeGenerated() != null && SAML2HandlerRequest.GENERATE_REQUEST_TYPE.LOGOUT == sAML2HandlerRequest.getTypeOfRequestToBeGenerated()) {
            if (getType() == SAML2Handler.HANDLER_TYPE.IDP) {
                this.idp.generateSAMLRequest(sAML2HandlerRequest, sAML2HandlerResponse);
            } else {
                this.sp.generateSAMLRequest(sAML2HandlerRequest, sAML2HandlerResponse);
            }
        }
    }

    @Override // org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler
    public void handleRequestType(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
        if (sAML2HandlerRequest.getSAML2Object() instanceof LogoutRequestType) {
            if (getType() == SAML2Handler.HANDLER_TYPE.IDP) {
                this.idp.handleRequestType(sAML2HandlerRequest, sAML2HandlerResponse);
            } else {
                this.sp.handleRequestType(sAML2HandlerRequest, sAML2HandlerResponse);
            }
        }
    }

    @Override // org.picketlink.identity.federation.web.handlers.saml2.BaseSAML2Handler, org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler
    public void handleStatusResponseType(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
        if (!(sAML2HandlerRequest.getSAML2Object() instanceof ResponseType) && (sAML2HandlerRequest.getSAML2Object() instanceof StatusResponseType)) {
            if (getType() == SAML2Handler.HANDLER_TYPE.IDP) {
                this.idp.handleStatusResponseType(sAML2HandlerRequest, sAML2HandlerResponse);
            } else {
                this.sp.handleStatusResponseType(sAML2HandlerRequest, sAML2HandlerResponse);
            }
        }
    }

    public static boolean isBackChannelLogoutRequest(SAML2HandlerRequest sAML2HandlerRequest) {
        return ((HTTPContext) sAML2HandlerRequest.getContext()).getRequest().getParameter(BACK_CHANNEL_LOGOUT) != null;
    }
}
