package com.alfaariss.oa.sso.web.profile.logout;

import com.alfaariss.oa.OAException;
import com.alfaariss.oa.UserEvent;
import com.alfaariss.oa.UserException;
import com.alfaariss.oa.api.IService;
import com.alfaariss.oa.api.attribute.ISessionAttributes;
import com.alfaariss.oa.api.configuration.IConfigurationManager;
import com.alfaariss.oa.api.logging.IAuthority;
import com.alfaariss.oa.api.persistence.PersistenceException;
import com.alfaariss.oa.api.requestor.IRequestor;
import com.alfaariss.oa.api.session.ISession;
import com.alfaariss.oa.api.session.SessionState;
import com.alfaariss.oa.api.sso.ISSOProfile;
import com.alfaariss.oa.api.sso.logout.IASLogout;
import com.alfaariss.oa.api.tgt.ITGT;
import com.alfaariss.oa.api.tgt.ITGTListener;
import com.alfaariss.oa.api.tgt.TGTEventError;
import com.alfaariss.oa.api.user.IUser;
import com.alfaariss.oa.engine.core.Engine;
import com.alfaariss.oa.engine.core.requestor.RequestorPool;
import com.alfaariss.oa.engine.core.requestor.factory.IRequestorPoolFactory;
import com.alfaariss.oa.engine.core.session.factory.ISessionFactory;
import com.alfaariss.oa.engine.core.tgt.factory.ITGTAliasStore;
import com.alfaariss.oa.engine.core.tgt.factory.ITGTFactory;
import com.alfaariss.oa.sso.authentication.web.AuthenticationManager;
import com.alfaariss.oa.sso.authentication.web.IWebAuthenticationMethod;
import com.alfaariss.oa.sso.web.WebSSOServlet;
import com.alfaariss.oa.sso.web.profile.user.UserProfile;
import com.alfaariss.oa.sso.web.profile.web.WebProfile;
import com.alfaariss.oa.util.logging.SystemLogItem;
import com.alfaariss.oa.util.logging.UserEventLogItem;
import com.alfaariss.oa.util.validation.SessionValidator;
import com.alfaariss.oa.util.validation.TGTValidator;
import com.alfaariss.oa.util.web.CookieTool;
import com.alfaariss.oa.util.web.HttpUtils;
import java.io.IOException;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Vector;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Element;

/* loaded from: input_file:com/alfaariss/oa/sso/web/profile/logout/LogoutProfile.class */
public class LogoutProfile implements ISSOProfile, IService, IAuthority {
    public static final String PROFILE_ID = "logout";
    private static final String AUTHORITY_NAME = "LogoutProfile";
    private static final String SESSION_CURRENT_METHOD = "CURRENT_LOGOUT_METHOD";
    private static final String JSP_LOGOUT_STATE = "logoutState";
    private static final String TARGET_LOGOUT_FORCE = "force";
    private static final String TARGET_LOGOUT_STATE = "state";
    private static final String DEFAULT_JSP_LOGOUT = "/ui/sso/logout/logout.jsp";
    private static final String DEFAULT_JSP_CONFIRM = "/ui/sso/logout/confirm.jsp";
    private static final String PROPERTY_LOGOUT_CONFIRMATION = ".confirmation";
    private static Log _logger;
    private static Log _eventLogger;
    private AuthenticationManager _authenticationManager;
    private ITGTFactory<?> _tgtFactory;
    private ISessionFactory<?> _sessionFactory;
    private CookieTool _cookieTool;
    private Map<String, IASLogout> _mapLogoutMethods;
    private String _sMyOrganizationID;
    private String _sJSPUserLogout;
    private ITGTAliasStore _aliasStoreSP;
    private IRequestorPoolFactory _requestorPoolFactory;
    private boolean _bShowConfirmation;
    private String _sJSPConfirmation;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.alfaariss.oa.sso.web.profile.logout.LogoutProfile$1, reason: invalid class name */
    /* loaded from: input_file:com/alfaariss/oa/sso/web/profile/logout/LogoutProfile$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$alfaariss$oa$api$session$SessionState;
        static final /* synthetic */ int[] $SwitchMap$com$alfaariss$oa$UserEvent = new int[UserEvent.values().length];

        static {
            try {
                $SwitchMap$com$alfaariss$oa$UserEvent[UserEvent.USER_LOGOUT_IN_PROGRESS.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$UserEvent[UserEvent.USER_LOGGED_OUT.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            $SwitchMap$com$alfaariss$oa$api$session$SessionState = new int[SessionState.values().length];
            try {
                $SwitchMap$com$alfaariss$oa$api$session$SessionState[SessionState.USER_LOGOUT_IN_PROGRESS.ordinal()] = 1;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$api$session$SessionState[SessionState.USER_LOGOUT_FAILED.ordinal()] = 2;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$api$session$SessionState[SessionState.USER_LOGOUT_PARTIAL.ordinal()] = 3;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$api$session$SessionState[SessionState.USER_LOGOUT_SUCCESS.ordinal()] = 4;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$api$session$SessionState[SessionState.USER_CANCELLED.ordinal()] = 5;
            } catch (NoSuchFieldError e7) {
            }
        }
    }

    public LogoutProfile(AuthenticationManager authenticationManager) {
        _logger = LogFactory.getLog(LogoutProfile.class);
        _eventLogger = LogFactory.getLog("com.alfaariss.oa.EventLogger");
        this._mapLogoutMethods = null;
        this._sJSPUserLogout = null;
        this._authenticationManager = authenticationManager;
        this._bShowConfirmation = false;
        this._sJSPConfirmation = null;
    }

    public void destroy() {
        if (this._mapLogoutMethods != null) {
            this._mapLogoutMethods.clear();
        }
        this._sJSPUserLogout = null;
        this._sJSPConfirmation = null;
        this._bShowConfirmation = false;
    }

    public String getID() {
        return PROFILE_ID;
    }

    public void init(ServletContext servletContext, IConfigurationManager iConfigurationManager, Element element, Element element2) throws OAException {
        Engine engine = Engine.getInstance();
        this._tgtFactory = engine.getTGTFactory();
        this._sessionFactory = engine.getSessionFactory();
        this._aliasStoreSP = this._tgtFactory.getAliasStoreSP();
        this._sMyOrganizationID = engine.getServer().getOrganization().getID();
        this._requestorPoolFactory = engine.getRequestorPoolFactory();
        this._cookieTool = new CookieTool(iConfigurationManager, element);
        Element section = iConfigurationManager.getSection(element, PROFILE_ID);
        if (section == null) {
            _logger.warn("No optional 'logout' section available in configuration, using defaults");
            this._sJSPUserLogout = DEFAULT_JSP_LOGOUT;
            this._bShowConfirmation = false;
            this._sJSPConfirmation = DEFAULT_JSP_CONFIRM;
        } else {
            readConfig(iConfigurationManager, section);
        }
        this._mapLogoutMethods = loadLogoutMethods(this._authenticationManager.getAuthenticationMethods());
        _logger.info("Started Logout Profile: logout");
    }

    public void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws OAException {
        try {
            HttpUtils.setDisableCachingHttpHeaders(httpServletRequest, httpServletResponse);
            ISession iSession = (ISession) httpServletRequest.getAttribute("asid");
            if (iSession == null) {
                String parameter = httpServletRequest.getParameter("asid");
                if (parameter == null) {
                    _logger.debug("No session attribute and no session id supplied in request");
                } else {
                    if (!SessionValidator.validateDefaultSessionId(parameter)) {
                        _logger.warn("Invalid session id in request: " + parameter);
                        throw new UserException(UserEvent.REQUEST_INVALID);
                    }
                    iSession = this._sessionFactory.retrieve(parameter);
                }
            }
            String resolveTarget = resolveTarget(httpServletRequest);
            if (resolveTarget != null) {
                if (resolveTarget.equalsIgnoreCase(TARGET_LOGOUT_STATE)) {
                    _logger.debug("Performing 'logout state' request");
                    processLogoutState(httpServletResponse, iSession);
                    return;
                } else if (resolveTarget.equalsIgnoreCase(TARGET_LOGOUT_FORCE)) {
                    _logger.debug("Performing 'forced logout' request sent from IP: " + httpServletRequest.getRemoteAddr());
                    processForceLogout(httpServletRequest, httpServletResponse, iSession);
                    return;
                }
            }
            if (iSession == null) {
                _logger.debug("No valid session found");
                throw new UserException(UserEvent.REQUEST_INVALID);
            }
            _logger.debug("Performing 'logout' request sent from IP: " + httpServletRequest.getRemoteAddr());
            switch (AnonymousClass1.$SwitchMap$com$alfaariss$oa$api$session$SessionState[iSession.getState().ordinal()]) {
                case 1:
                    finishFederativeLogout(httpServletRequest, httpServletResponse, iSession);
                    break;
                case 2:
                case 3:
                    processForceLogout(httpServletRequest, httpServletResponse, iSession);
                    break;
                case 4:
                    processLocalLogout(httpServletRequest, httpServletResponse, iSession, null);
                    break;
                case 5:
                    _logger.debug(new SystemLogItem(iSession.getId(), 0, "Redirect back to Profile"));
                    httpServletResponse.sendRedirect(iSession.getProfileURL());
                    break;
                default:
                    processDefault(httpServletRequest, httpServletResponse, iSession);
                    break;
            }
        } catch (OAException e) {
            throw e;
        } catch (Exception e2) {
            _logger.fatal("Could not perform logout request", e2);
            throw new OAException(1);
        } catch (UserException e3) {
            try {
                if (!httpServletResponse.isCommitted()) {
                    httpServletResponse.sendError(400);
                }
            } catch (IOException e4) {
                _logger.debug("Could not respond", e4);
                throw new OAException(1);
            }
        }
    }

    public String getAuthority() {
        return AUTHORITY_NAME;
    }

    private void processDefault(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ISession iSession) throws OAException, UserException {
        try {
            _logger.debug("Start logout");
            String cookieValue = this._cookieTool.getCookieValue(WebSSOServlet.TGT_COOKIE_NAME, httpServletRequest);
            if (cookieValue == null) {
                _logger.debug("No TGT cookie found");
                throw new UserException(UserEvent.REQUEST_INVALID);
            }
            if (cookieValue != null && !TGTValidator.validateDefaultTGTId(cookieValue)) {
                _logger.debug("Invalid TGT ID in cookie: " + cookieValue);
                throw new UserException(UserEvent.REQUEST_INVALID);
            }
            ITGT retrieve = this._tgtFactory.retrieve(cookieValue);
            if (retrieve != null && !retrieve.isExpired()) {
                if (this._aliasStoreSP != null) {
                    this._aliasStoreSP.removeAll(iSession.getRequestorId(), retrieve.getId());
                }
                retrieve.removeRequestorID(iSession.getRequestorId());
                retrieve.persist();
                iSession.setTGTId(cookieValue);
                IUser user = retrieve.getUser();
                iSession.setUser(user);
                if (!mustShowConfirmation(httpServletRequest, iSession, retrieve)) {
                    IASLogout iASLogout = null;
                    if (this._mapLogoutMethods != null) {
                        Iterator<IASLogout> it = this._mapLogoutMethods.values().iterator();
                        while (true) {
                            if (!it.hasNext()) {
                                break;
                            }
                            IASLogout next = it.next();
                            if (next.canLogout(retrieve)) {
                                iASLogout = next;
                                break;
                            }
                        }
                    }
                    if (iASLogout != null && !this._sMyOrganizationID.equals(user.getOrganization())) {
                        iSession.getAttributes().put(getClass(), SESSION_CURRENT_METHOD, iASLogout.getID());
                        iSession.setState(SessionState.USER_LOGOUT_IN_PROGRESS);
                        _logger.debug("do federative logout");
                        switch (AnonymousClass1.$SwitchMap$com$alfaariss$oa$UserEvent[iASLogout.logout(httpServletRequest, httpServletResponse, retrieve, iSession).ordinal()]) {
                            case 1:
                                break;
                            case 2:
                                iSession.setState(SessionState.USER_LOGOUT_SUCCESS);
                                processLocalLogout(httpServletRequest, httpServletResponse, iSession, retrieve);
                                break;
                            default:
                                processForceLogout(httpServletRequest, httpServletResponse, iSession);
                                break;
                        }
                    } else {
                        processLocalLogout(httpServletRequest, httpServletResponse, iSession, retrieve);
                    }
                } else {
                    processConfirmation(httpServletRequest, httpServletResponse, retrieve, iSession);
                }
            } else {
                iSession.setState(SessionState.USER_LOGOUT_PARTIAL);
                processForceLogout(httpServletRequest, httpServletResponse, iSession);
            }
        } catch (OAException e) {
            throw e;
        } catch (Exception e2) {
            _logger.fatal("Internal error while performing the default process", e2);
            throw new OAException(1);
        } catch (UserException e3) {
            throw e3;
        }
    }

    private void finishFederativeLogout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ISession iSession) throws OAException, UserException {
        try {
            _logger.debug("finish federative logout");
            String tGTId = iSession.getTGTId();
            if (tGTId == null) {
                _logger.debug("No TGT ID found in session");
                throw new UserException(UserEvent.REQUEST_INVALID);
            }
            ITGT retrieve = this._tgtFactory.retrieve(tGTId);
            if (retrieve != null && !retrieve.isExpired()) {
                String str = (String) iSession.getAttributes().get(getClass(), SESSION_CURRENT_METHOD);
                if (str != null) {
                    IASLogout iASLogout = this._mapLogoutMethods.get(str);
                    if (iASLogout != null) {
                        _logger.debug("proceed federative logout");
                        switch (AnonymousClass1.$SwitchMap$com$alfaariss$oa$UserEvent[iASLogout.logout(httpServletRequest, httpServletResponse, retrieve, iSession).ordinal()]) {
                            case 1:
                                break;
                            case 2:
                                iSession.setState(SessionState.USER_LOGOUT_SUCCESS);
                                processLocalLogout(httpServletRequest, httpServletResponse, iSession, retrieve);
                                break;
                            default:
                                processForceLogout(httpServletRequest, httpServletResponse, iSession);
                                break;
                        }
                    } else {
                        _logger.debug("No method found: " + str);
                        throw new UserException(UserEvent.REQUEST_INVALID);
                    }
                } else {
                    _logger.debug("Required session attribute not available: CURRENT_LOGOUT_METHOD");
                    throw new UserException(UserEvent.REQUEST_INVALID);
                }
            } else {
                _logger.debug("No TGT available with id: " + tGTId);
                iSession.setState(SessionState.USER_LOGOUT_PARTIAL);
                processForceLogout(httpServletRequest, httpServletResponse, iSession);
            }
        } catch (Exception e) {
            _logger.fatal("Internal error while finishing federative logout", e);
            throw new OAException(1);
        } catch (UserException e2) {
            throw e2;
        } catch (OAException e3) {
            throw e3;
        }
    }

    private void processLocalLogout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ISession iSession, ITGT itgt) throws OAException {
        _logger.debug("Start Logout at local IDP (only TGT Events)");
        try {
            if (iSession == null) {
                _logger.debug("No session available");
                throw new OAException(1);
            }
            String tGTId = iSession.getTGTId();
            if (tGTId == null) {
                tGTId = this._cookieTool.getCookieValue(WebSSOServlet.TGT_COOKIE_NAME, httpServletRequest);
                if (tGTId == null) {
                    _logger.debug("No TGT ID available");
                    throw new UserException(UserEvent.REQUEST_INVALID);
                }
                if (tGTId != null && !TGTValidator.validateDefaultTGTId(tGTId)) {
                    _logger.debug("Invalid TGT ID in cookie: " + tGTId);
                    throw new UserException(UserEvent.REQUEST_INVALID);
                }
                iSession.setTGTId(tGTId);
            }
            LogoutState logoutState = null;
            if (iSession.getState() != SessionState.USER_LOGOUT_IN_PROGRESS) {
                iSession.setState(SessionState.USER_LOGOUT_IN_PROGRESS);
                if (itgt == null) {
                    itgt = this._tgtFactory.retrieve(tGTId);
                    if (itgt == null || itgt.isExpired()) {
                        _logger.debug("TGT already expired: " + tGTId);
                        throw new UserException(UserEvent.REQUEST_INVALID);
                    }
                }
                logoutState = startListeners(itgt, iSession, httpServletRequest);
            } else {
                iSession.persist();
            }
            if (logoutState == null || !logoutState.isFinished()) {
                showLogoutJSP(httpServletRequest, httpServletResponse, SessionState.USER_LOGOUT_IN_PROGRESS, iSession.getId(), null);
            } else {
                processForceLogout(httpServletRequest, httpServletResponse, iSession);
            }
        } catch (UserException e) {
            iSession.setState(SessionState.USER_LOGOUT_FAILED);
            _eventLogger.info(new UserEventLogItem(iSession, httpServletRequest.getRemoteAddr(), UserEvent.INTERNAL_ERROR, this, (String) null));
            processForceLogout(httpServletRequest, httpServletResponse, iSession);
        } catch (OAException e2) {
            throw e2;
        } catch (Exception e3) {
            _logger.fatal("Internal error during logout processing", e3);
            throw new OAException(1);
        }
    }

    private void processForceLogout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ISession iSession) throws OAException {
        ITGT retrieve;
        try {
            _logger.debug("Perform Forced Logout (remove the TGT)");
            SessionState sessionState = SessionState.USER_LOGOUT_FAILED;
            String tGTId = iSession != null ? iSession.getTGTId() : null;
            String cookieValue = this._cookieTool.getCookieValue(WebSSOServlet.TGT_COOKIE_NAME, httpServletRequest);
            if (cookieValue != null) {
                this._cookieTool.removeCookie(WebSSOServlet.TGT_COOKIE_NAME, httpServletRequest, httpServletResponse);
                _logger.debug("TGT cookie removed");
                sessionState = SessionState.USER_LOGOUT_PARTIAL;
            }
            if (tGTId == null) {
                tGTId = cookieValue;
                if (tGTId != null && !TGTValidator.validateDefaultTGTId(tGTId)) {
                    _logger.debug("Not using invalid TGT ID resolved from cookie: " + tGTId);
                    tGTId = null;
                }
            }
            if (tGTId != null && (retrieve = this._tgtFactory.retrieve(tGTId)) != null) {
                if (!retrieve.isExpired()) {
                    retrieve.expire();
                }
                try {
                    if (iSession != null) {
                        retrieve.persistPassingListenerEvent();
                    } else {
                        retrieve.persist();
                        sessionState = SessionState.USER_LOGOUT_PARTIAL;
                    }
                } catch (PersistenceException e) {
                    if (iSession != null) {
                        iSession.setState(SessionState.USER_LOGOUT_FAILED);
                    }
                }
                _logger.debug("TGT removed");
            }
            if (iSession == null) {
                showLogoutJSP(httpServletRequest, httpServletResponse, sessionState, null, null);
            } else {
                if (iSession.getState() == SessionState.USER_LOGOUT_IN_PROGRESS) {
                    iSession.setState(SessionState.USER_LOGOUT_FAILED);
                }
                iSession.setTGTId((String) null);
                iSession.persist();
                if (iSession.getState() != SessionState.USER_LOGOUT_SUCCESS) {
                    Vector vector = new Vector();
                    ISessionAttributes attributes = iSession.getAttributes();
                    if (attributes.contains(LogoutState.class, LogoutState.SESSION_LOGOUT_RESULTS)) {
                        List list = (List) attributes.get(LogoutState.class, LogoutState.SESSION_LOGOUT_RESULTS);
                        for (int i = 0; i < list.size(); i++) {
                            TGTEventError tGTEventError = (TGTEventError) list.get(i);
                            if (tGTEventError.getCode() != UserEvent.USER_LOGGED_OUT) {
                                vector.add(tGTEventError);
                            }
                        }
                    }
                    showLogoutJSP(httpServletRequest, httpServletResponse, iSession.getState(), iSession.getId(), vector);
                } else {
                    String profileURL = iSession.getProfileURL();
                    if (profileURL == null) {
                        _logger.warn("No redirect to profile URL available in session with id: " + iSession.getId());
                        throw new OAException(1);
                    }
                    _logger.debug("Logout finished for TGT with id: " + tGTId);
                    _logger.debug("Redirecting user back to profile URL: " + profileURL);
                    httpServletResponse.sendRedirect(profileURL);
                }
            }
        } catch (OAException e2) {
            throw e2;
        } catch (Exception e3) {
            _logger.fatal("Internal error during forced logout", e3);
            throw new OAException(1);
        }
    }

    private void processLogoutState(HttpServletResponse httpServletResponse, ISession iSession) throws OAException {
        _logger.debug("Logout - Perform State Request");
        try {
            httpServletResponse.setContentType("text/plain");
            if (iSession != null) {
                switch (AnonymousClass1.$SwitchMap$com$alfaariss$oa$api$session$SessionState[iSession.getState().ordinal()]) {
                    case 2:
                    case 3:
                    case 4:
                        _logger.debug("finished");
                        httpServletResponse.sendError(200);
                        break;
                    default:
                        _logger.debug("in progress");
                        httpServletResponse.sendError(503);
                        break;
                }
            } else {
                _logger.debug("no session");
                httpServletResponse.sendError(400);
            }
        } catch (Exception e) {
            _logger.fatal("Internal error during logout state resolving", e);
            throw new OAException(1);
        }
    }

    private void showConfirmJSP(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ISession iSession, List<IRequestor> list, IRequestor iRequestor) throws OAException {
        try {
            httpServletRequest.setAttribute("asid", iSession.getId());
            httpServletRequest.setAttribute(WebProfile.REQUESTORS_ATTRIBUTE_NAME, list);
            httpServletRequest.setAttribute("requestor", iRequestor);
            httpServletRequest.setAttribute(UserProfile.PROFILE_ID, iSession.getUser());
            httpServletRequest.setAttribute("serverInfo", Engine.getInstance().getServer());
            RequestDispatcher requestDispatcher = httpServletRequest.getRequestDispatcher(this._sJSPConfirmation);
            if (requestDispatcher != null) {
                requestDispatcher.forward(httpServletRequest, httpServletResponse);
            } else {
                _logger.fatal("Forward request not supported");
                throw new OAException(1);
            }
        } catch (OAException e) {
            throw e;
        } catch (Exception e2) {
            _logger.fatal("Internal error during jsp forward", e2);
            throw new OAException(1);
        }
    }

    private void showLogoutJSP(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SessionState sessionState, String str, List<TGTEventError> list) throws OAException {
        if (str != null) {
            try {
                httpServletRequest.setAttribute("asid", str);
            } catch (OAException e) {
                throw e;
            } catch (Exception e2) {
                _logger.fatal("Internal error during jsp forward to logout page", e2);
                throw new OAException(1);
            }
        }
        if (sessionState != null) {
            httpServletRequest.setAttribute(JSP_LOGOUT_STATE, sessionState);
        }
        if (list != null) {
            httpServletRequest.setAttribute("details", list);
        }
        httpServletRequest.setAttribute("serverInfo", Engine.getInstance().getServer());
        RequestDispatcher requestDispatcher = httpServletRequest.getRequestDispatcher(this._sJSPUserLogout);
        if (requestDispatcher != null) {
            requestDispatcher.forward(httpServletRequest, httpServletResponse);
        } else {
            _logger.fatal("Forward request not supported");
            throw new OAException(1);
        }
    }

    private boolean mustShowConfirmation(HttpServletRequest httpServletRequest, ISession iSession, ITGT itgt) throws OAException {
        if (this._sJSPConfirmation == null || httpServletRequest.getParameter("confirm") != null || itgt.getRequestorIDs().size() < 1) {
            return false;
        }
        String requestorId = iSession.getRequestorId();
        IRequestor requestor = this._requestorPoolFactory.getRequestor(requestorId);
        if (requestor != null) {
            String str = (String) requestor.getProperty("logout.confirmation");
            if (str == null) {
                _logger.debug("No (optional) requestor specific logout confirmation property found for requestor with ID: " + requestorId);
            } else {
                if (str.equalsIgnoreCase("TRUE")) {
                    return true;
                }
                if (str.equalsIgnoreCase("FALSE")) {
                    return false;
                }
                StringBuffer stringBuffer = new StringBuffer("Invalid property '");
                stringBuffer.append(PROFILE_ID);
                stringBuffer.append(PROPERTY_LOGOUT_CONFIRMATION);
                stringBuffer.append("' found for requestor '");
                stringBuffer.append(requestorId);
                stringBuffer.append("': ");
                stringBuffer.append(str);
                _logger.debug(stringBuffer.toString());
            }
            RequestorPool requestorPool = this._requestorPoolFactory.getRequestorPool(requestorId);
            if (requestorPool != null) {
                String str2 = (String) requestorPool.getProperty("logout.confirmation");
                if (str2 == null) {
                    _logger.debug("No (optional) requestorpool specific logout confirmation property found for requestorpool with ID: " + requestorPool.getID());
                } else {
                    if (str2.equalsIgnoreCase("TRUE")) {
                        return true;
                    }
                    if (str2.equalsIgnoreCase("FALSE")) {
                        return false;
                    }
                    StringBuffer stringBuffer2 = new StringBuffer("Invalid property '");
                    stringBuffer2.append(PROFILE_ID);
                    stringBuffer2.append(PROPERTY_LOGOUT_CONFIRMATION);
                    stringBuffer2.append("' found for requestorpool '");
                    stringBuffer2.append(requestorPool.getID());
                    stringBuffer2.append("': ");
                    stringBuffer2.append(str2);
                    _logger.debug(stringBuffer2.toString());
                }
            }
        }
        return this._bShowConfirmation;
    }

    private void processConfirmation(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ITGT itgt, ISession iSession) throws OAException {
        Vector vector = new Vector();
        List requestorIDs = itgt.getRequestorIDs();
        for (int size = requestorIDs.size() - 1; size >= 0; size--) {
            IRequestor requestor = this._requestorPoolFactory.getRequestor((String) requestorIDs.get(size));
            if (requestor != null && !vector.contains(requestor)) {
                vector.add(requestor);
            }
        }
        iSession.persist();
        showConfirmJSP(httpServletRequest, httpServletResponse, iSession, vector, this._requestorPoolFactory.getRequestor(iSession.getRequestorId()));
    }

    private LogoutState startListeners(ITGT itgt, ISession iSession, HttpServletRequest httpServletRequest) throws OAException {
        Vector<Thread> vector = new Vector();
        LogoutState logoutState = new LogoutState(this._sessionFactory, iSession.getId());
        int i = 0;
        for (ITGTListener iTGTListener : this._tgtFactory.getListeners()) {
            i++;
            StringBuffer stringBuffer = new StringBuffer(iSession.getId());
            stringBuffer.append("_");
            stringBuffer.append(i);
            Thread thread = new Thread(new LogoutRunnable(iTGTListener, itgt, logoutState, stringBuffer.toString()));
            StringBuffer stringBuffer2 = new StringBuffer("Logout (");
            stringBuffer2.append(stringBuffer.toString());
            stringBuffer2.append(") - ");
            stringBuffer2.append(thread.getName());
            thread.setName(stringBuffer2.toString());
            vector.add(thread);
        }
        iSession.persist();
        _eventLogger.info(new UserEventLogItem(iSession, httpServletRequest.getRemoteAddr(), UserEvent.USER_LOGOUT_IN_PROGRESS, this, (String) null));
        for (Thread thread2 : vector) {
            thread2.start();
            _logger.debug("Started: " + thread2.getName());
        }
        _logger.debug("Logout threads started");
        return logoutState;
    }

    private String resolveTarget(HttpServletRequest httpServletRequest) {
        int length;
        String requestURI = httpServletRequest.getRequestURI();
        if (!requestURI.endsWith("/")) {
            requestURI = requestURI + "/";
        }
        String lowerCase = requestURI.toLowerCase();
        int indexOf = lowerCase.indexOf("logout/");
        if (indexOf <= -1 || lowerCase.length() <= (length = indexOf + PROFILE_ID.length() + "/".length())) {
            return null;
        }
        String substring = lowerCase.substring(length, lowerCase.length() - 1);
        if (substring.length() > 0) {
            return substring;
        }
        return null;
    }

    private Map<String, IASLogout> loadLogoutMethods(Map<String, IWebAuthenticationMethod> map) throws OAException {
        HashMap hashMap = new HashMap();
        try {
            Iterator<IWebAuthenticationMethod> it = map.values().iterator();
            while (it.hasNext()) {
                IASLogout iASLogout = (IWebAuthenticationMethod) it.next();
                if (iASLogout.isEnabled() && (iASLogout instanceof IASLogout)) {
                    IASLogout iASLogout2 = iASLogout;
                    if (hashMap.containsKey(iASLogout2.getID())) {
                        _logger.info("Authentication method has not a unique id: " + iASLogout2.getID());
                    } else {
                        _logger.info("Found asynchronous logout method: " + iASLogout2.getID());
                        hashMap.put(iASLogout2.getID(), iASLogout2);
                    }
                }
            }
            return hashMap;
        } catch (Exception e) {
            _logger.fatal("Could not load asynchronous logout methods", e);
            throw new OAException(1);
        }
    }

    private void readConfig(IConfigurationManager iConfigurationManager, Element element) throws OAException {
        Element section = iConfigurationManager.getSection(element, "jsp");
        if (section == null) {
            _logger.warn("No optional 'jsp' parameter found in 'logout' section in configuration; using default");
            this._sJSPUserLogout = DEFAULT_JSP_LOGOUT;
        } else {
            this._sJSPUserLogout = iConfigurationManager.getParam(section, "path");
            if (this._sJSPUserLogout == null) {
                _logger.error("No 'path' parameter found in 'jsp' section in configuration");
                throw new OAException(17);
            }
        }
        _logger.info("Using logout jsp location: " + this._sJSPUserLogout);
        this._bShowConfirmation = false;
        this._sJSPConfirmation = DEFAULT_JSP_CONFIRM;
        Element section2 = iConfigurationManager.getSection(element, "confirmation");
        if (section2 == null) {
            _logger.warn("No optional 'confirmation' section found within 'logout' section in configuration; using defaults");
        } else {
            Element section3 = iConfigurationManager.getSection(section2, "jsp");
            if (section3 == null) {
                _logger.warn("No optional 'jsp' parameter found in 'confirmation' section in logout confirmation configuration; using default");
                this._sJSPConfirmation = DEFAULT_JSP_CONFIRM;
            } else {
                this._sJSPConfirmation = iConfigurationManager.getParam(section3, "path");
                if (this._sJSPConfirmation == null) {
                    _logger.error("No 'path' parameter found in 'jsp' section in logout confirmation configuration");
                    throw new OAException(17);
                }
            }
            String param = iConfigurationManager.getParam(section2, "show");
            if (param == null) {
                _logger.warn("No optional 'show' parameter found in 'confirmation' section in logout confirmation configuration; using default");
            } else if (param.equalsIgnoreCase("TRUE")) {
                this._bShowConfirmation = true;
            } else if (!param.equalsIgnoreCase("FALSE")) {
                _logger.error("Unknown value in 'show' configuration item: " + param);
                throw new OAException(17);
            }
        }
        _logger.info("Using logout confirmation jsp location: " + this._sJSPConfirmation);
        _logger.info("Default show logout confirmation: " + (this._bShowConfirmation ? "enabled" : "disabled"));
    }
}
