package org.wso2.carbon.identity.sso.saml;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.context.SessionContext;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.event.IdentityEventConstants;
import org.wso2.carbon.identity.event.IdentityEventException;
import org.wso2.carbon.identity.event.event.Event;
import org.wso2.carbon.identity.event.handler.AbstractEventHandler;
import org.wso2.carbon.identity.sso.saml.SAMLSSOConstants;

/* loaded from: input_file:org/wso2/carbon/identity/sso/saml/SAMLLogoutHandler.class */
public class SAMLLogoutHandler extends AbstractEventHandler {
    private static final Log log = LogFactory.getLog(SAMLLogoutHandler.class);
    private SAMLSSOService samlSSOService = new SAMLSSOService();

    public void handleEvent(Event event) throws IdentityEventException {
        String str = null;
        if (StringUtils.equals(event.getEventName(), IdentityEventConstants.EventName.SESSION_TERMINATE.name())) {
            String samlSSOTokenIdFromEvent = getSamlSSOTokenIdFromEvent(event);
            String loggedInTenantDomainFromEvent = getLoggedInTenantDomainFromEvent(event);
            if (StringUtils.isNotBlank(samlSSOTokenIdFromEvent)) {
                if (!isIDPInitiatedLogoutRequest(event)) {
                    str = getIssuerFromContext(event);
                }
                try {
                    this.samlSSOService.doSingleLogout(samlSSOTokenIdFromEvent, str, loggedInTenantDomainFromEvent);
                    return;
                } catch (IdentityException e) {
                    log.error("Error while SAML Logout Listener is doing single logout.", e);
                    return;
                }
            }
            if (log.isDebugEnabled()) {
                AuthenticationContext authenticationContext = (AuthenticationContext) event.getEventProperties().get("context");
                if (authenticationContext != null) {
                    log.debug("There are no SAML participants in the session : " + authenticationContext.getSessionIdentifier());
                } else {
                    log.debug("There are no SAML participants in the session.");
                }
            }
        }
    }

    public String getName() {
        return "SAMLLogoutHandler";
    }

    protected String getSamlSSOTokenIdFromEvent(Event event) {
        Cookie cookie;
        String str = null;
        if ((event.getEventProperties().get("request") instanceof HttpServletRequest) && (cookie = FrameworkUtils.getCookie((HttpServletRequest) event.getEventProperties().get("request"), SAMLSSOConstants.SAML_SSO_TOKEN_ID_COOKIE)) != null) {
            if (log.isDebugEnabled()) {
                log.debug("Found samlssotokenId in the request object: " + cookie.getValue());
            }
            str = cookie.getValue();
        }
        if (StringUtils.isBlank(str)) {
            if (log.isDebugEnabled()) {
                log.debug("samlssoTokenId is not found in the request object. Hence getting it from the context");
            }
            str = getsamlssoTokenIdFromContext(event);
        }
        return str;
    }

    private String getLoggedInTenantDomainFromEvent(Event event) {
        if (!IdentityTenantUtil.isTenantedSessionsEnabled()) {
            return "carbon.super";
        }
        String str = null;
        if (event.getEventProperties().get("request") instanceof HttpServletRequest) {
            str = ((HttpServletRequest) event.getEventProperties().get("request")).getParameter("t");
        }
        if (StringUtils.isBlank(str)) {
            str = IdentityTenantUtil.resolveTenantDomain();
        }
        return str;
    }

    protected boolean isIDPInitiatedLogoutRequest(Event event) {
        boolean z = true;
        HttpServletRequest httpServletRequest = (HttpServletRequest) event.getEventProperties().get("request");
        if (httpServletRequest != null) {
            String parameter = httpServletRequest.getParameter(SAMLSSOConstants.QueryParameter.SLO.toString());
            if (((AuthenticationContext) event.getEventProperties().get("context")) != null && parameter == null) {
                z = false;
            }
        }
        return z;
    }

    protected String getIssuerFromContext(Event event) {
        return ((AuthenticationContext) event.getEventProperties().get("context")).getRelyingParty();
    }

    private String getsamlssoTokenIdFromContext(Event event) {
        if (event.getEventProperties().get("sessionContext") != null) {
            return (String) ((SessionContext) event.getEventProperties().get("sessionContext")).getProperty(SAMLSSOConstants.SAML_SSO_TOKEN_ID_COOKIE);
        }
        if (!log.isDebugEnabled()) {
            return null;
        }
        log.debug("Since the session context is not found in the event, Could not get the samlssoTokenId cookie");
        return null;
    }
}
