package at.gv.egovernment.moa.id.protocols.pvp2x;

import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.IAction;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager;
import at.gv.egiz.eaaf.core.api.idp.slo.ISLOInformationContainer;
import at.gv.egiz.eaaf.core.api.idp.slo.SLOInformationInterface;
import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger;
import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
import at.gv.egiz.eaaf.core.exceptions.EAAFException;
import at.gv.egiz.eaaf.core.exceptions.SLOException;
import at.gv.egiz.eaaf.modules.pvp2.idp.impl.PVPSProfilePendingRequest;
import at.gv.egiz.eaaf.modules.pvp2.impl.message.PVPSProfileRequest;
import at.gv.egiz.eaaf.modules.pvp2.impl.message.PVPSProfileResponse;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.data.SLOInformationContainer;
import at.gv.egovernment.moa.id.moduls.SSOManager;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.SingleLogOutBuilder;
import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.URLEncoder;
import java.io.UnsupportedEncodingException;
import java.util.Random;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.SerializationUtils;
import org.opensaml.saml2.core.LogoutRequest;
import org.opensaml.saml2.core.LogoutResponse;
import org.opensaml.saml2.metadata.SingleLogoutService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

@Service("pvpSingleLogOutService")
/* loaded from: input_file:at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.class */
public class SingleLogOutAction implements IAction {

    @Autowired
    private SSOManager ssomanager;

    @Autowired
    private IAuthenticationManager authManager;

    @Autowired
    private IAuthenticationSessionStoreage authenticationSessionStorage;

    @Autowired
    private ITransactionStorage transactionStorage;

    @Autowired
    private SingleLogOutBuilder sloBuilder;

    @Autowired
    private IRevisionLogger revisionsLogger;

    public SLOInformationInterface processRequest(IRequest iRequest, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, IAuthData iAuthData) throws EAAFException {
        Object obj;
        String addURLParameter;
        PVPSProfilePendingRequest pVPSProfilePendingRequest = (PVPSProfilePendingRequest) iRequest;
        if ((pVPSProfilePendingRequest.getRequest() instanceof PVPSProfileRequest) && (pVPSProfilePendingRequest.getRequest().getSamlRequest() instanceof LogoutRequest)) {
            Logger.debug("Process Single LogOut request");
            PVPSProfileRequest request = pVPSProfilePendingRequest.getRequest();
            LogoutRequest samlRequest = request.getSamlRequest();
            String searchSSOSessionWithNameIDandOAID = this.authenticationSessionStorage.searchSSOSessionWithNameIDandOAID(samlRequest.getIssuer().getValue(), samlRequest.getNameID().getValue());
            if (MiscUtil.isEmpty(searchSSOSessionWithNameIDandOAID)) {
                Logger.warn("Can not find active SSO session with nameID " + samlRequest.getNameID().getValue() + " and OA " + samlRequest.getIssuer().getValue());
                Logger.info("Search active SSO session with SSO session cookie");
                String sSOSessionID = this.ssomanager.getSSOSessionID(httpServletRequest);
                if (MiscUtil.isEmpty(sSOSessionID)) {
                    Logger.info("Can not find active Session. Single LogOut not possible!");
                    SingleLogoutService responseSLODescriptor = this.sloBuilder.getResponseSLODescriptor(pVPSProfilePendingRequest);
                    LogoutResponse buildSLOResponseMessage = this.sloBuilder.buildSLOResponseMessage(responseSLODescriptor, pVPSProfilePendingRequest, null);
                    Logger.info("Sending SLO success message to requester ...");
                    this.sloBuilder.sendFrontChannelSLOMessage(responseSLODescriptor, buildSLOResponseMessage, httpServletRequest, httpServletResponse, request.getRelayState(), pVPSProfilePendingRequest);
                    return null;
                }
                try {
                    searchSSOSessionWithNameIDandOAID = this.authenticationSessionStorage.getInternalSSOSessionWithSSOID(sSOSessionID);
                    if (MiscUtil.isEmpty(searchSSOSessionWithNameIDandOAID)) {
                        throw new MOADatabaseException("");
                    }
                } catch (MOADatabaseException e) {
                    Logger.info("Can not find active Session. Single LogOut not possible!");
                    SingleLogoutService responseSLODescriptor2 = this.sloBuilder.getResponseSLODescriptor(pVPSProfilePendingRequest);
                    LogoutResponse buildSLOResponseMessage2 = this.sloBuilder.buildSLOResponseMessage(responseSLODescriptor2, pVPSProfilePendingRequest, null);
                    Logger.info("Sending SLO success message to requester ...");
                    this.sloBuilder.sendFrontChannelSLOMessage(responseSLODescriptor2, buildSLOResponseMessage2, httpServletRequest, httpServletResponse, request.getRelayState(), pVPSProfilePendingRequest);
                    return null;
                }
            }
            pVPSProfilePendingRequest.setInternalSSOSessionIdentifier(searchSSOSessionWithNameIDandOAID);
            ISLOInformationContainer performSingleLogOut = this.authManager.performSingleLogOut(httpServletRequest, httpServletResponse, pVPSProfilePendingRequest, searchSSOSessionWithNameIDandOAID);
            Logger.debug("Starting technical SLO process ... ");
            this.sloBuilder.toTechnicalLogout(performSingleLogOut, httpServletRequest, httpServletResponse, null);
            return null;
        }
        if (!(pVPSProfilePendingRequest.getRequest() instanceof PVPSProfileResponse) || !(pVPSProfilePendingRequest.getRequest().getResponse() instanceof LogoutResponse)) {
            Logger.error("Process SingleLogOutAction but request is NOT of type LogoutRequest or LogoutResponse.");
            throw new MOAIDException("pvp2.13", (Object[]) null);
        }
        Logger.debug("Process Single LogOut response");
        LogoutResponse response = pVPSProfilePendingRequest.getRequest().getResponse();
        try {
            String relayState = pVPSProfilePendingRequest.getRequest().getRelayState();
            if (MiscUtil.isEmpty(relayState)) {
                Logger.warn("SLO Response from " + response.getIssuer().getValue() + " has no SAML2 RelayState.");
                throw new SLOException("pvp2.19", (Object[]) null);
            }
            boolean z = false;
            int i = 0;
            synchronized (this) {
                while (!z) {
                    Logger.debug("Current Thread: " + Thread.currentThread().getId() + " requests TransactionStore");
                    Object raw = this.transactionStorage.getRaw(relayState);
                    if (raw == null) {
                        Logger.trace("No entries found.");
                        throw new MOADatabaseException("No sessioninformation found with this ID");
                    }
                    AssertionStore assertionStore = (AssertionStore) raw;
                    Object deserialize = SerializationUtils.deserialize(assertionStore.getAssertion());
                    if (!(deserialize instanceof SLOInformationContainer)) {
                        Logger.warn("Sessioninformation Cast-Exception by using Artifact=" + relayState);
                        throw new MOADatabaseException("Sessioninformation Cast-Exception");
                    }
                    ISLOInformationContainer iSLOInformationContainer = (ISLOInformationContainer) deserialize;
                    this.sloBuilder.checkStatusCode(iSLOInformationContainer, response);
                    if (iSLOInformationContainer.hasFrontChannelOA()) {
                        try {
                            assertionStore.setAssertion(SerializationUtils.serialize(iSLOInformationContainer));
                            assertionStore.setType(iSLOInformationContainer.getClass().getName());
                            Logger.debug("Current Thread: " + Thread.currentThread().getId() + " puts SLOInformation into TransactionStore");
                            this.transactionStorage.putRaw(assertionStore.getArtifact(), assertionStore);
                            z = true;
                        } catch (EAAFException e2) {
                            i++;
                            Logger.debug("SLOContainter could not stored to database. Wait some time and restart storage process ... ");
                            if (i > 1000) {
                                Logger.warn("Stopping SLO process with an error, because it runs in a loop.", e2);
                                throw new EAAFException("internal.01", (Object[]) null, e2);
                            }
                            try {
                                Thread.sleep(new Random().nextInt(20) * 10);
                            } catch (InterruptedException e3) {
                                Logger.warn("Thread could not stopped. ReStart storage process immediately", e3);
                            }
                        }
                    } else {
                        Logger.debug("Current Thread: " + Thread.currentThread().getId() + " remove SLOInformation from TransactionStore");
                        this.transactionStorage.remove(assertionStore.getArtifact());
                        z = true;
                        PVPSProfilePendingRequest sloRequest = iSLOInformationContainer.getSloRequest();
                        if (sloRequest == null || !(sloRequest instanceof PVPSProfilePendingRequest)) {
                            String str = iRequest.getAuthURL() + "/idpSingleLogout";
                            String nextRandom = at.gv.egiz.eaaf.core.impl.utils.Random.nextRandom();
                            if (iSLOInformationContainer.getSloFailedOAs() == null || iSLOInformationContainer.getSloFailedOAs().size() == 0) {
                                obj = "success";
                                this.revisionsLogger.logEvent(iSLOInformationContainer.getSessionID(), iSLOInformationContainer.getTransactionID(), MOAIDEventConstants.AUTHPROCESS_SLO_ALL_VALID);
                            } else {
                                this.revisionsLogger.logEvent(iSLOInformationContainer.getSessionID(), iSLOInformationContainer.getTransactionID(), MOAIDEventConstants.AUTHPROCESS_SLO_NOT_ALL_VALID);
                                obj = "error";
                            }
                            this.transactionStorage.put(nextRandom, obj, -1);
                            addURLParameter = addURLParameter(str, "status", nextRandom);
                        } else {
                            SingleLogoutService responseSLODescriptor3 = this.sloBuilder.getResponseSLODescriptor(sloRequest);
                            addURLParameter = this.sloBuilder.getFrontChannelSLOMessageURL(responseSLODescriptor3, this.sloBuilder.buildSLOResponseMessage(responseSLODescriptor3, sloRequest, iSLOInformationContainer.getSloFailedOAs()), httpServletRequest, httpServletResponse, sloRequest.getRequest().getRelayState());
                        }
                        String encodeRedirectURL = httpServletResponse.encodeRedirectURL(addURLParameter(iRequest.getAuthURL() + RedirectServlet.SERVICE_ENDPOINT, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(addURLParameter, "UTF-8")));
                        httpServletResponse.setContentType("text/html");
                        httpServletResponse.setStatus(302);
                        httpServletResponse.addHeader("Location", encodeRedirectURL);
                    }
                }
            }
            return null;
        } catch (UnsupportedEncodingException e4) {
            Logger.error("Finale SLO redirct not possible.", e4);
            throw new AuthenticationException("pvp2.13", new Object[0]);
        } catch (EAAFException e5) {
            Logger.error("MOA AssertionDatabase ERROR", e5);
            throw new SLOException("pvp2.19", (Object[]) null);
        }
    }

    public boolean needAuthentication(IRequest iRequest, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return false;
    }

    public String getDefaultActionName() {
        return "SingleLogOut";
    }

    protected static String addURLParameter(String str, String str2, String str3) {
        String str4 = str2 + "=" + str3;
        return str.indexOf("?") < 0 ? str + "?" + str4 : str + "&" + str4;
    }
}
