package org.cloudfoundry.identity.uaa.authentication;

import java.util.List;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.cloudfoundry.identity.uaa.util.UaaUrlUtils;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.NoSuchClientException;
import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;
import org.springframework.util.StringUtils;

/* loaded from: input_file:org/cloudfoundry/identity/uaa/authentication/WhitelistLogoutHandler.class */
public class WhitelistLogoutHandler extends SimpleUrlLogoutSuccessHandler {
    private static final Log logger = LogFactory.getLog(WhitelistLogoutHandler.class);
    private List<String> whitelist;
    private ClientDetailsService clientDetailsService;

    public WhitelistLogoutHandler(List<String> list) {
        this.whitelist = null;
        this.whitelist = list;
    }

    public List<String> getWhitelist() {
        return this.whitelist;
    }

    public void setWhitelist(List<String> list) {
        this.whitelist = list;
    }

    public ClientDetailsService getClientDetailsService() {
        return this.clientDetailsService;
    }

    public void setClientDetailsService(ClientDetailsService clientDetailsService) {
        this.clientDetailsService = clientDetailsService;
    }

    public String getClientRedirect(HttpServletRequest httpServletRequest, String str) {
        String parameter = httpServletRequest.getParameter(AbstractClientParametersAuthenticationFilter.CLIENT_ID);
        logger.debug(String.format("Evaluating client logout redirect client_id:%s and redirect:%s", parameter, str));
        if (!StringUtils.hasText(parameter) || !StringUtils.hasText(str)) {
            return null;
        }
        Set set = null;
        try {
            set = this.clientDetailsService.loadClientByClientId(parameter).getRegisteredRedirectUri();
        } catch (NoSuchClientException e) {
            logger.debug(String.format("Unable to find client with ID:%s for logout redirect", parameter));
        }
        return UaaUrlUtils.findMatchingRedirectUri(set, str);
    }

    protected String determineTargetUrl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String determineTargetUrl = super.determineTargetUrl(httpServletRequest, httpServletResponse);
        String findMatchingRedirectUri = UaaUrlUtils.findMatchingRedirectUri(getWhitelist(), determineTargetUrl);
        boolean z = false;
        if (StringUtils.hasText(findMatchingRedirectUri)) {
            determineTargetUrl = findMatchingRedirectUri;
            z = true;
        }
        String clientRedirect = getClientRedirect(httpServletRequest, determineTargetUrl);
        if (StringUtils.hasText(clientRedirect)) {
            determineTargetUrl = clientRedirect;
            z = true;
        }
        if (!z && getWhitelist() != null) {
            determineTargetUrl = getDefaultTargetUrl();
        }
        logger.debug("Logout redirect[whitelisted:" + z + "; redirect:" + httpServletRequest.getParameter(getTargetUrlParameter()) + "] returning:" + determineTargetUrl);
        return determineTargetUrl;
    }
}
