package org.picketlink.identity.federation.web.handlers.saml2;

import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.xml.bind.JAXBException;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.log4j.Logger;
import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request;
import org.picketlink.identity.federation.api.saml.v2.response.SAML2Response;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.common.IDGenerator;
import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2Handler;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
import org.picketlink.identity.federation.saml.v2.protocol.ObjectFactory;
import org.picketlink.identity.federation.saml.v2.protocol.ResponseType;
import org.picketlink.identity.federation.saml.v2.protocol.StatusCodeType;
import org.picketlink.identity.federation.saml.v2.protocol.StatusResponseType;
import org.picketlink.identity.federation.saml.v2.protocol.StatusType;
import org.picketlink.identity.federation.web.constants.GeneralConstants;
import org.picketlink.identity.federation.web.core.HTTPContext;
import org.picketlink.identity.federation.web.core.IdentityServer;
import org.xml.sax.SAXException;

/* loaded from: input_file:WEB-INF/lib/picketlink-web-1.0.0.GA.jar:org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler.class */
public class SAML2LogOutHandler extends BaseSAML2Handler {
    private static Logger log = Logger.getLogger(SAML2LogOutHandler.class);
    private boolean trace = log.isTraceEnabled();
    private IDPLogOutHandler idp = new IDPLogOutHandler();
    private SPLogOutHandler sp = new SPLogOutHandler();
    private ObjectFactory objectFactory = new ObjectFactory();

    /* loaded from: input_file:WEB-INF/lib/picketlink-web-1.0.0.GA.jar:org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler$IDPLogOutHandler.class */
    private class IDPLogOutHandler {
        private IDPLogOutHandler() {
        }

        public void generateSAMLRequest(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
        }

        public void handleStatusResponseType(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
            StatusResponseType sAML2Object = sAML2HandlerRequest.getSAML2Object();
            HTTPContext hTTPContext = (HTTPContext) sAML2HandlerRequest.getContext();
            HttpSession session = hTTPContext.getRequest().getSession(false);
            String relayState = sAML2HandlerRequest.getRelayState();
            IdentityServer identityServer = (IdentityServer) hTTPContext.getServletContext().getAttribute(GeneralConstants.IDENTITY_SERVER);
            if (identityServer == null) {
                throw new ProcessingException("Identity Server not found");
            }
            String id = session.getId();
            identityServer.stack().deRegisterTransitParticipant(id, sAML2Object.getIssuer().getValue());
            String participant = getParticipant(identityServer, id, relayState);
            if (participant == null || participant.equals(relayState)) {
                try {
                    generateSuccessStatusResponseType(sAML2Object.getInResponseTo(), sAML2HandlerRequest, sAML2HandlerResponse, relayState);
                    session.invalidate();
                    return;
                } catch (Exception e) {
                    throw new ProcessingException(e);
                }
            }
            identityServer.stack().registerTransitParticipant(id, participant);
            sAML2HandlerResponse.setRelayState(relayState);
            sAML2HandlerResponse.setDestination(participant);
            SAML2Request sAML2Request = new SAML2Request();
            try {
                sAML2HandlerResponse.setResultingDocument(sAML2Request.convert(sAML2Request.createLogoutRequest(sAML2HandlerRequest.getIssuer().getValue())));
                sAML2HandlerResponse.setSendRequest(true);
            } catch (Exception e2) {
                throw new ProcessingException(e2);
            }
        }

        public void handleRequestType(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
            HTTPContext hTTPContext = (HTTPContext) sAML2HandlerRequest.getContext();
            HttpSession session = hTTPContext.getRequest().getSession(false);
            String id = session.getId();
            String parameter = hTTPContext.getRequest().getParameter(GeneralConstants.RELAY_STATE);
            LogoutRequestType sAML2Object = sAML2HandlerRequest.getSAML2Object();
            String value = sAML2Object.getIssuer().getValue();
            try {
                SAML2Request sAML2Request = new SAML2Request();
                IdentityServer identityServer = (IdentityServer) hTTPContext.getServletContext().getAttribute(GeneralConstants.IDENTITY_SERVER);
                if (identityServer == null) {
                    throw new ProcessingException("Identity Server not found");
                }
                String str = parameter == null ? value : parameter;
                String participant = getParticipant(identityServer, id, str);
                if (participant == null || participant.equals(str)) {
                    session.invalidate();
                    identityServer.stack().pop(id);
                    generateSuccessStatusResponseType(sAML2Object.getID(), sAML2HandlerRequest, sAML2HandlerResponse, str);
                    sAML2HandlerResponse.setSendRequest(false);
                } else {
                    identityServer.stack().registerTransitParticipant(id, participant);
                    if (parameter == null) {
                    }
                    sAML2HandlerResponse.setRelayState(str);
                    sAML2HandlerResponse.setDestination(participant);
                    LogoutRequestType createLogoutRequest = sAML2Request.createLogoutRequest(sAML2HandlerRequest.getIssuer().getValue());
                    createLogoutRequest.setNotOnOrAfter(XMLTimeUtil.add(createLogoutRequest.getIssueInstant(), ((Long) sAML2HandlerRequest.getOptions().get(GeneralConstants.ASSERTIONS_VALIDITY)).longValue()));
                    createLogoutRequest.setDestination(participant);
                    sAML2HandlerResponse.setResultingDocument(sAML2Request.convert(createLogoutRequest));
                    sAML2HandlerResponse.setSendRequest(true);
                }
            } catch (ParserConfigurationException e) {
                throw new ProcessingException(e);
            } catch (JAXBException e2) {
                throw new ProcessingException(e2);
            } catch (IOException e3) {
                throw new ProcessingException(e3);
            } catch (ConfigurationException e4) {
                throw new ProcessingException(e4);
            } catch (SAXException e5) {
                throw new ProcessingException(e5);
            }
        }

        private void generateSuccessStatusResponseType(String str, SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse, String str2) throws ConfigurationException, ParserConfigurationException, ProcessingException {
            StatusResponseType createStatusResponseType = SAML2LogOutHandler.this.objectFactory.createStatusResponseType();
            StatusType createStatusType = SAML2LogOutHandler.this.objectFactory.createStatusType();
            StatusCodeType createStatusCodeType = SAML2LogOutHandler.this.objectFactory.createStatusCodeType();
            createStatusCodeType.setValue(JBossSAMLURIConstants.STATUS_RESPONDER.get());
            StatusCodeType createStatusCodeType2 = SAML2LogOutHandler.this.objectFactory.createStatusCodeType();
            createStatusCodeType2.setValue(JBossSAMLURIConstants.STATUS_SUCCESS.get());
            createStatusCodeType.setStatusCode(createStatusCodeType2);
            createStatusType.setStatusCode(createStatusCodeType);
            createStatusResponseType.setStatus(createStatusType);
            createStatusResponseType.setIssueInstant(XMLTimeUtil.getIssueInstant());
            createStatusResponseType.setInResponseTo(str);
            createStatusResponseType.setID(IDGenerator.create("ID_"));
            createStatusResponseType.setIssuer(sAML2HandlerRequest.getIssuer());
            try {
                sAML2HandlerResponse.setResultingDocument(new SAML2Response().convert(createStatusResponseType));
                sAML2HandlerResponse.setDestination(str2);
            } catch (JAXBException e) {
                throw new ProcessingException(e);
            }
        }

        /* JADX WARN: Code restructure failed: missing block: B:11:0x002f, code lost:
        
            return r8;
         */
        /* JADX WARN: Code restructure failed: missing block: B:2:0x000f, code lost:
        
            if (r7 > 0) goto L4;
         */
        /* JADX WARN: Code restructure failed: missing block: B:3:0x0012, code lost:
        
            r8 = r4.stack().pop(r5);
            r7 = r7 - 1;
         */
        /* JADX WARN: Code restructure failed: missing block: B:4:0x0021, code lost:
        
            if (r7 <= 0) goto L10;
         */
        /* JADX WARN: Code restructure failed: missing block: B:6:0x002a, code lost:
        
            if (r8.equals(r6) != false) goto L12;
         */
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        private java.lang.String getParticipant(org.picketlink.identity.federation.web.core.IdentityServer r4, java.lang.String r5, java.lang.String r6) {
            /*
                r3 = this;
                r0 = r4
                org.picketlink.identity.federation.web.core.IdentityServer$STACK r0 = r0.stack()
                r1 = r5
                int r0 = r0.getParticipants(r1)
                r7 = r0
                r0 = r6
                r8 = r0
                r0 = r7
                if (r0 <= 0) goto L2d
            L12:
                r0 = r4
                org.picketlink.identity.federation.web.core.IdentityServer$STACK r0 = r0.stack()
                r1 = r5
                java.lang.String r0 = r0.pop(r1)
                r8 = r0
                int r7 = r7 + (-1)
                r0 = r7
                if (r0 <= 0) goto L2d
                r0 = r8
                r1 = r6
                boolean r0 = r0.equals(r1)
                if (r0 != 0) goto L12
            L2d:
                r0 = r8
                return r0
            */
            throw new UnsupportedOperationException("Method not decompiled: org.picketlink.identity.federation.web.handlers.saml2.SAML2LogOutHandler.IDPLogOutHandler.getParticipant(org.picketlink.identity.federation.web.core.IdentityServer, java.lang.String, java.lang.String):java.lang.String");
        }
    }

    /* loaded from: input_file:WEB-INF/lib/picketlink-web-1.0.0.GA.jar:org/picketlink/identity/federation/web/handlers/saml2/SAML2LogOutHandler$SPLogOutHandler.class */
    private class SPLogOutHandler {
        private SPLogOutHandler() {
        }

        public void generateSAMLRequest(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
            SAML2Request sAML2Request = new SAML2Request();
            try {
                sAML2HandlerResponse.setResultingDocument(sAML2Request.convert(sAML2Request.createLogoutRequest(sAML2HandlerRequest.getIssuer().getValue())));
                sAML2HandlerResponse.setSendRequest(true);
            } catch (Exception e) {
                throw new ProcessingException(e);
            }
        }

        public void handleStatusResponseType(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
            StatusResponseType sAML2Object = sAML2HandlerRequest.getSAML2Object();
            HttpSession session = ((HTTPContext) sAML2HandlerRequest.getContext()).getRequest().getSession(false);
            if (sAML2Object.getStatus().getStatusCode().getStatusCode().getValue().equals(JBossSAMLURIConstants.STATUS_SUCCESS.get())) {
                session.invalidate();
            }
        }

        public void handleRequestType(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
            LogoutRequestType sAML2Object = sAML2HandlerRequest.getSAML2Object();
            if (sAML2Object instanceof LogoutRequestType) {
                LogoutRequestType logoutRequestType = sAML2Object;
                HttpServletRequest request = ((HTTPContext) sAML2HandlerRequest.getContext()).getRequest();
                HttpSession session = request.getSession(false);
                String parameter = request.getParameter(GeneralConstants.RELAY_STATE);
                session.invalidate();
                StatusResponseType createStatusResponseType = SAML2LogOutHandler.this.objectFactory.createStatusResponseType();
                StatusType createStatusType = SAML2LogOutHandler.this.objectFactory.createStatusType();
                StatusCodeType createStatusCodeType = SAML2LogOutHandler.this.objectFactory.createStatusCodeType();
                createStatusCodeType.setValue(JBossSAMLURIConstants.STATUS_RESPONDER.get());
                StatusCodeType createStatusCodeType2 = SAML2LogOutHandler.this.objectFactory.createStatusCodeType();
                createStatusCodeType2.setValue(JBossSAMLURIConstants.STATUS_SUCCESS.get());
                createStatusCodeType.setStatusCode(createStatusCodeType2);
                createStatusType.setStatusCode(createStatusCodeType);
                createStatusResponseType.setStatus(createStatusType);
                try {
                    createStatusResponseType.setIssueInstant(XMLTimeUtil.getIssueInstant());
                    createStatusResponseType.setInResponseTo(logoutRequestType.getID());
                    createStatusResponseType.setID(IDGenerator.create("ID_"));
                    createStatusResponseType.setIssuer(sAML2HandlerRequest.getIssuer());
                    try {
                        sAML2HandlerResponse.setResultingDocument(new SAML2Response().convert(createStatusResponseType));
                        sAML2HandlerResponse.setRelayState(parameter);
                        sAML2HandlerResponse.setDestination(logoutRequestType.getIssuer().getValue());
                        sAML2HandlerResponse.setSendRequest(false);
                    } catch (Exception e) {
                        throw new ProcessingException(e);
                    }
                } catch (ConfigurationException e2) {
                    throw new ProcessingException(e2);
                }
            }
        }
    }

    @Override // org.picketlink.identity.federation.web.handlers.saml2.BaseSAML2Handler
    public void generateSAMLRequest(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
        if (sAML2HandlerRequest.getTypeOfRequestToBeGenerated() == null) {
            if (this.trace) {
                log.trace("Request type to be generated=null");
            }
        } else {
            if (SAML2HandlerRequest.GENERATE_REQUEST_TYPE.LOGOUT != sAML2HandlerRequest.getTypeOfRequestToBeGenerated()) {
                return;
            }
            if (getType() == SAML2Handler.HANDLER_TYPE.IDP) {
                this.idp.generateSAMLRequest(sAML2HandlerRequest, sAML2HandlerResponse);
            } else {
                this.sp.generateSAMLRequest(sAML2HandlerRequest, sAML2HandlerResponse);
            }
        }
    }

    public void handleRequestType(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
        if (sAML2HandlerRequest.getSAML2Object() instanceof LogoutRequestType) {
            if (getType() == SAML2Handler.HANDLER_TYPE.IDP) {
                this.idp.handleRequestType(sAML2HandlerRequest, sAML2HandlerResponse);
            } else {
                this.sp.handleRequestType(sAML2HandlerRequest, sAML2HandlerResponse);
            }
        }
    }

    @Override // org.picketlink.identity.federation.web.handlers.saml2.BaseSAML2Handler
    public void handleStatusResponseType(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
        if (!(sAML2HandlerRequest.getSAML2Object() instanceof ResponseType) && (sAML2HandlerRequest.getSAML2Object() instanceof StatusResponseType)) {
            if (getType() == SAML2Handler.HANDLER_TYPE.IDP) {
                this.idp.handleStatusResponseType(sAML2HandlerRequest, sAML2HandlerResponse);
            } else {
                this.sp.handleStatusResponseType(sAML2HandlerRequest, sAML2HandlerResponse);
            }
        }
    }
}
