package dk.gov.oio.saml.servlet;

import dk.gov.oio.saml.service.IdPMetadataService;
import dk.gov.oio.saml.service.LogoutRequestService;
import dk.gov.oio.saml.service.LogoutResponseService;
import dk.gov.oio.saml.service.OIOSAML3Service;
import dk.gov.oio.saml.session.AssertionWrapper;
import dk.gov.oio.saml.util.AuditRequestUtil;
import dk.gov.oio.saml.util.Constants;
import dk.gov.oio.saml.util.ExternalException;
import dk.gov.oio.saml.util.InternalException;
import dk.gov.oio.saml.util.SamlHelper;
import dk.gov.oio.saml.util.StringUtil;
import java.io.IOException;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import org.opensaml.core.config.InitializationException;
import org.opensaml.core.xml.io.MarshallingException;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.messaging.encoder.MessageEncodingException;
import org.opensaml.saml.common.SAMLObject;
import org.opensaml.saml.saml2.core.LogoutRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:dk/gov/oio/saml/servlet/LogoutRequestHandler.class */
public class LogoutRequestHandler extends SAMLHandler {
    private static final Logger log = LoggerFactory.getLogger(LogoutRequestHandler.class);

    @Override // dk.gov.oio.saml.servlet.SAMLHandler
    public void handleGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ExternalException, InternalException {
        log.debug("Handling LogoutRequest");
        HttpSession session = httpServletRequest.getSession();
        AssertionWrapper assertionWrapper = (AssertionWrapper) session.getAttribute(Constants.SESSION_ASSERTION);
        boolean equals = "true".equals(httpServletRequest.getSession().getAttribute(Constants.SESSION_AUTHENTICATED));
        String str = (String) session.getAttribute(Constants.SESSION_NAME_ID);
        String str2 = (String) session.getAttribute(Constants.SESSION_NAME_ID_FORMAT);
        String str3 = (String) session.getAttribute(Constants.SESSION_SESSION_INDEX);
        String parameter = httpServletRequest.getParameter("SAMLRequest");
        if (parameter != null && !parameter.isEmpty()) {
            LogoutRequest logoutRequest = (LogoutRequest) getSamlObject(decodeGet(httpServletRequest), LogoutRequest.class);
            try {
                log.debug("LogoutRequest: {}", StringUtil.elementToString(SamlHelper.marshallObject(logoutRequest)));
            } catch (MarshallingException e) {
                log.error("Could not marshall LogoutRequest for logging purposes");
            }
            log.info("Incoming LogoutRequest - ID:'{}' Issuer:'{}' IssueInstant:'{}' SessionIndexes:'{}' Destination:'{}'", new Object[]{logoutRequest.getID(), getIssuer(logoutRequest), getIssueInstant(logoutRequest), getSessionIndexes(logoutRequest), logoutRequest.getDestination()});
            log.info("Authenticated: {}", Boolean.valueOf(equals));
            OIOSAML3Service.getAuditService().auditLog(AuditRequestUtil.createBasicAuditBuilder(httpServletRequest, "SLO4", "IncomingLogoutRequest").withAuthnAttribute("SP_SESSION_ID", session.getId()).withAuthnAttribute("ASSERTION_ID", null != assertionWrapper ? assertionWrapper.getID() : "").withAuthnAttribute("SUBJECT_NAME_ID", null != assertionWrapper ? assertionWrapper.getSubjectNameId() : "").withAuthnAttribute("LOGOUT_REQUEST_ID", logoutRequest.getID()).withAuthnAttribute("SIGNATURE_REFERENCE", logoutRequest.getSignatureReferenceID()).withAuthnAttribute("LOGOUT_REQUEST_DESTINATION", logoutRequest.getDestination()).withAuthnAttribute("REQUEST", equals ? "VALID" : "INVALID"));
            session.invalidate();
            log.debug("Session invalidated");
            OIOSAML3Service.getAuditService().auditLog(AuditRequestUtil.createBasicAuditBuilder(httpServletRequest, "SLO4", "InvalidatedSession").withAuthnAttribute("SP_SESSION_ID", session.getId()));
            try {
                MessageContext<SAMLObject> createMessageWithLogoutResponse = LogoutResponseService.createMessageWithLogoutResponse(logoutRequest, IdPMetadataService.getInstance().getLogoutResponseEndpoint());
                try {
                    log.debug("LogoutRequest: {}", StringUtil.elementToString(SamlHelper.marshallObject(logoutRequest)));
                } catch (MarshallingException e2) {
                    log.error("Could not marshall LogoutRequest for logging purposes");
                }
                log.info("Outgoing LogoutRequest - ID:'{}' Issuer:'{}' IssueInstant:'{}' SessionIndexes:'{}' Destination:'{}'", new Object[]{logoutRequest.getID(), getIssuer(logoutRequest), getIssueInstant(logoutRequest), getSessionIndexes(logoutRequest), logoutRequest.getDestination()});
                sendPost(httpServletResponse, createMessageWithLogoutResponse);
                return;
            } catch (InitializationException | ComponentInitializationException | MessageEncodingException e3) {
                throw new InternalException((Exception) e3);
            }
        }
        OIOSAML3Service.getAuditService().auditLog(AuditRequestUtil.createBasicAuditBuilder(httpServletRequest, "SLO1", "ServiceProviderLogout").withAuthnAttribute("SP_SESSION_ID", session.getId()).withAuthnAttribute("ASSERTION_ID", null != assertionWrapper ? assertionWrapper.getID() : "").withAuthnAttribute("REQUEST", equals ? "VALID" : "INVALID"));
        session.invalidate();
        if (!equals) {
            String url = StringUtil.getUrl(httpServletRequest, OIOSAML3Service.getConfig().getLogoutPage());
            log.warn("User not logged in, redirecting to " + url);
            httpServletResponse.sendRedirect(url);
            return;
        }
        log.debug("Session invalidated");
        try {
            MessageContext<SAMLObject> createMessageWithLogoutRequest = LogoutRequestService.createMessageWithLogoutRequest(str, str2, IdPMetadataService.getInstance().getLogoutEndpoint().getLocation(), str3);
            LogoutRequest logoutRequest2 = (LogoutRequest) getSamlObject(createMessageWithLogoutRequest, LogoutRequest.class);
            OIOSAML3Service.getAuditService().auditLog(AuditRequestUtil.createBasicAuditBuilder(httpServletRequest, "SLO2", "OutgoingLogoutRequest").withAuthnAttribute("SP_SESSION_ID", session.getId()).withAuthnAttribute("LOGOUT_REQUEST_ID", logoutRequest2.getID()).withAuthnAttribute("LOGOUT_REQUEST_DESTINATION", logoutRequest2.getDestination()));
            try {
                log.debug("LogoutRequest: {}", StringUtil.elementToString(SamlHelper.marshallObject(logoutRequest2)));
            } catch (MarshallingException e4) {
                log.error("Could not marshall LogoutRequest for logging purposes");
            }
            log.info("Outgoing LogoutRequest - ID:'{}' Issuer:'{}' IssueInstant:'{}' SessionIndexes:'{}' Destination:'{}'", new Object[]{logoutRequest2.getID(), getIssuer(logoutRequest2), getIssueInstant(logoutRequest2), getSessionIndexes(logoutRequest2), logoutRequest2.getDestination()});
            sendGet(httpServletResponse, createMessageWithLogoutRequest);
        } catch (InitializationException | ComponentInitializationException | MessageEncodingException e5) {
            throw new InternalException((Exception) e5);
        }
    }

    private String getIssuer(LogoutRequest logoutRequest) {
        return logoutRequest.getIssuer() != null ? logoutRequest.getIssuer().getValue() : "";
    }

    private String getIssueInstant(LogoutRequest logoutRequest) {
        return logoutRequest.getIssueInstant() != null ? logoutRequest.getIssueInstant().toString() : "";
    }

    private String getSessionIndexes(LogoutRequest logoutRequest) {
        return (String) logoutRequest.getSessionIndexes().stream().map(sessionIndex -> {
            return sessionIndex.getSessionIndex();
        }).collect(Collectors.joining(", ", "[", "]"));
    }

    @Override // dk.gov.oio.saml.servlet.SAMLHandler
    public void handlePost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ExternalException, InternalException, IOException {
        handleGet(httpServletRequest, httpServletResponse);
    }
}
