package com.alfaariss.oa.profile.saml2.profile.sso.protocol;

import com.alfaariss.oa.OAException;
import com.alfaariss.oa.UserEvent;
import com.alfaariss.oa.api.persistence.PersistenceException;
import com.alfaariss.oa.api.tgt.ITGT;
import com.alfaariss.oa.api.tgt.TGTEventError;
import com.alfaariss.oa.api.tgt.TGTListenerException;
import com.alfaariss.oa.engine.core.tgt.factory.ITGTAliasStore;
import com.alfaariss.oa.engine.core.tgt.factory.ITGTFactory;
import com.alfaariss.oa.util.saml2.NameIDFormatter;
import com.alfaariss.oa.util.saml2.SAML2IssueInstantWindow;
import com.alfaariss.oa.util.saml2.StatusException;
import com.alfaariss.oa.util.saml2.protocol.AbstractSAML2Protocol;
import com.alfaariss.oa.util.saml2.protocol.IASynchronousProtocol;
import java.io.UnsupportedEncodingException;
import java.security.SecureRandom;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.opensaml.common.SAMLObject;
import org.opensaml.common.SignableSAMLObject;
import org.opensaml.common.binding.SAMLMessageContext;
import org.opensaml.saml2.core.Issuer;
import org.opensaml.saml2.core.LogoutResponse;
import org.opensaml.saml2.core.Status;

/* loaded from: input_file:com/alfaariss/oa/profile/saml2/profile/sso/protocol/SingleLogoutProtocol.class */
public class SingleLogoutProtocol extends AbstractSAML2Protocol implements IASynchronousProtocol<ITGT> {
    private Log _logger;
    private NameIDFormatter _nameIDFormatter;
    private ITGTFactory _tgtfactory;
    private ITGTAliasStore _aliasStore;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.alfaariss.oa.profile.saml2.profile.sso.protocol.SingleLogoutProtocol$1, reason: invalid class name */
    /* loaded from: input_file:com/alfaariss/oa/profile/saml2/profile/sso/protocol/SingleLogoutProtocol$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$alfaariss$oa$UserEvent = new int[UserEvent.values().length];

        static {
            try {
                $SwitchMap$com$alfaariss$oa$UserEvent[UserEvent.USER_LOGOUT_PARTIALLY.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$UserEvent[UserEvent.USER_LOGOUT_IN_PROGRESS.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$UserEvent[UserEvent.USER_LOGOUT_FAILED.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    public SingleLogoutProtocol(SecureRandom secureRandom, String str, ITGTFactory iTGTFactory, NameIDFormatter nameIDFormatter, SAML2IssueInstantWindow sAML2IssueInstantWindow, ITGTAliasStore iTGTAliasStore) {
        super(secureRandom, str, sAML2IssueInstantWindow);
        this._logger = LogFactory.getLog(SingleLogoutProtocol.class);
        this._tgtfactory = iTGTFactory;
        this._nameIDFormatter = nameIDFormatter;
        this._aliasStore = iTGTAliasStore;
    }

    /* JADX WARN: Code restructure failed: missing block: B:100:0x0483, code lost:
    
        if (r8.isExpired() != false) goto L110;
     */
    /* JADX WARN: Code restructure failed: missing block: B:102:0x0499, code lost:
    
        if (r6._nameIDFormatter.verify(r20, r19, r0, r8.getId()) != false) goto L107;
     */
    /* JADX WARN: Code restructure failed: missing block: B:103:0x049c, code lost:
    
        r0 = new java.lang.StringBuffer("Invalid alias value '");
        r0.append(r19);
        r0.append("' for NameFormat '");
        r0.append(r20);
        r0.append("',  requestor '");
        r0.append(r0);
        r0.append("' and TGT with ID: ");
        r0.append(r8.getId());
        r6._logger.debug(r0.toString());
     */
    /* JADX WARN: Code restructure failed: missing block: B:104:0x04ff, code lost:
    
        throw new com.alfaariss.oa.util.saml2.StatusException(r0, com.alfaariss.oa.RequestorEvent.REQUEST_INVALID, "urn:oasis:names:tc:SAML:2.0:status:Requester");
     */
    /* JADX WARN: Code restructure failed: missing block: B:106:0x050f, code lost:
    
        if (r6._aliasStore.isAlias("session_index", r0, r25) == false) goto L110;
     */
    /* JADX WARN: Code restructure failed: missing block: B:107:0x0512, code lost:
    
        r6._aliasStore.removeAlias("session_index", r0, r25);
     */
    /* JADX WARN: Code restructure failed: missing block: B:109:0x0522, code lost:
    
        return r8;
     */
    /* JADX WARN: Code restructure failed: missing block: B:96:0x044e, code lost:
    
        if (r8 != null) goto L101;
     */
    /* JADX WARN: Code restructure failed: missing block: B:97:0x0451, code lost:
    
        r6._logger.debug("No TGT found for session indexes: " + r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:98:0x047c, code lost:
    
        throw new com.alfaariss.oa.util.saml2.StatusException(r0, com.alfaariss.oa.RequestorEvent.REQUEST_INVALID, "urn:oasis:names:tc:SAML:2.0:status:Requester");
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public com.alfaariss.oa.api.tgt.ITGT processRequest(org.opensaml.common.binding.SAMLMessageContext<org.opensaml.common.SignableSAMLObject, org.opensaml.common.SignableSAMLObject, org.opensaml.common.SAMLObject> r7) throws com.alfaariss.oa.OAException, com.alfaariss.oa.util.saml2.StatusException {
        /*
            Method dump skipped, instructions count: 1392
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.alfaariss.oa.profile.saml2.profile.sso.protocol.SingleLogoutProtocol.processRequest(org.opensaml.common.binding.SAMLMessageContext):com.alfaariss.oa.api.tgt.ITGT");
    }

    public void processResponse(ITGT itgt, String str, SAMLMessageContext<SignableSAMLObject, SignableSAMLObject, SAMLObject> sAMLMessageContext) throws OAException {
        processResponse(itgt, str, sAMLMessageContext, false);
    }

    public void processResponse(ITGT itgt, String str, SAMLMessageContext<SignableSAMLObject, SignableSAMLObject, SAMLObject> sAMLMessageContext, boolean z) throws OAException {
        Status constructStatusCode;
        try {
            LogoutResponse createResponse = createResponse(sAMLMessageContext);
            createResponse.setInResponseTo(str);
            String str2 = null;
            if (itgt != null) {
                if (z) {
                    str2 = "urn:oasis:names:tc:SAML:2.0:status:PartialLogout";
                } else {
                    try {
                        if (!itgt.isExpired()) {
                            itgt.expire();
                        }
                    } catch (TGTListenerException e) {
                        constructStatusCode = getLogoutStatus(e.getErrors());
                    }
                }
                itgt.persist();
            }
            constructStatusCode = constructStatusCode("urn:oasis:names:tc:SAML:2.0:status:Success", str2);
            createResponse.setStatus(constructStatusCode);
            sAMLMessageContext.setOutboundSAMLMessage(createResponse);
        } catch (PersistenceException e2) {
            this._logger.error("Could not expire TGT", e2);
            throw new OAException(1);
        }
    }

    public void buildErrorResponse(SAMLMessageContext<SignableSAMLObject, SignableSAMLObject, SAMLObject> sAMLMessageContext, String str, String str2, String str3) throws OAException {
        LogoutResponse createResponse = createResponse(sAMLMessageContext);
        createResponse.setStatus(constructStatusCode(str, str2));
        if (str3 != null) {
            createResponse.setInResponseTo(str3);
        }
        sAMLMessageContext.setOutboundSAMLMessage(createResponse);
    }

    private LogoutResponse createResponse(SAMLMessageContext<SignableSAMLObject, SignableSAMLObject, SAMLObject> sAMLMessageContext) throws OAException {
        LogoutResponse buildObject = this._builderFactory.getBuilder(LogoutResponse.DEFAULT_ELEMENT_NAME).buildObject();
        try {
            super.populateResponse(buildObject, (String) null);
            Issuer buildObject2 = this._builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME).buildObject();
            buildObject2.setFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:entity");
            buildObject2.setValue(sAMLMessageContext.getLocalEntityId());
            buildObject.setIssuer(buildObject2);
            sAMLMessageContext.setOutboundSAMLMessageId(buildObject.getID());
            return buildObject;
        } catch (UnsupportedEncodingException e) {
            this._logger.error("Could not create response, unsupported encoding", e);
            throw new OAException(1);
        }
    }

    private Status getLogoutStatus(List<TGTEventError> list) {
        Status constructStatusCode = constructStatusCode("urn:oasis:names:tc:SAML:2.0:status:Responder", null);
        Iterator<TGTEventError> it = list.iterator();
        while (it.hasNext()) {
            switch (AnonymousClass1.$SwitchMap$com$alfaariss$oa$UserEvent[it.next().getCode().ordinal()]) {
                case 1:
                    constructStatusCode = constructStatusCode("urn:oasis:names:tc:SAML:2.0:status:Success", "urn:oasis:names:tc:SAML:2.0:status:PartialLogout");
                case 2:
                case 3:
                default:
                    return constructStatusCode("urn:oasis:names:tc:SAML:2.0:status:Responder", null);
            }
        }
        return constructStatusCode;
    }

    public /* bridge */ /* synthetic */ void processResponse(Object obj, String str, SAMLMessageContext sAMLMessageContext) throws OAException {
        processResponse((ITGT) obj, str, (SAMLMessageContext<SignableSAMLObject, SignableSAMLObject, SAMLObject>) sAMLMessageContext);
    }

    /* renamed from: processRequest, reason: collision with other method in class */
    public /* bridge */ /* synthetic */ Object m6processRequest(SAMLMessageContext sAMLMessageContext) throws OAException, StatusException {
        return processRequest((SAMLMessageContext<SignableSAMLObject, SignableSAMLObject, SAMLObject>) sAMLMessageContext);
    }
}
