package com.sun.identity.multiprotocol;

import com.sun.identity.cot.CircleOfTrustManager;
import com.sun.identity.federation.common.FSUtils;
import com.sun.identity.federation.common.IFSConstants;
import com.sun.identity.federation.jaxb.entityconfig.BaseConfigType;
import com.sun.identity.federation.meta.IDFFMetaManager;
import com.sun.identity.federation.services.FSSessionManager;
import com.sun.identity.federation.services.FSSessionPartner;
import com.sun.identity.federation.services.logout.FSLogoutStatus;
import com.sun.identity.federation.services.logout.FSLogoutUtil;
import com.sun.identity.federation.services.logout.FSSingleLogoutHandler;
import com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.List;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/sun/identity/multiprotocol/IDFFSingleLogoutHandler.class */
public class IDFFSingleLogoutHandler implements SingleLogoutHandler {
    @Override // com.sun.identity.multiprotocol.SingleLogoutHandler
    public int doIDPSingleLogout(Set set, String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z, boolean z2, String str2, String str3, String str4, String str5, String str6, String str7, String str8, int i) throws Exception {
        SingleLogoutManager.debug.message("IDFFSingleLogoutHandler.doIDPSLO : start");
        String findIDPMetaAlias = findIDPMetaAlias(str4, str5, str3, str2);
        if (findIDPMetaAlias == null) {
            return 4;
        }
        if (SingleLogoutManager.debug.messageEnabled()) {
            SingleLogoutManager.debug.message("IDFFSingleLogoutHandler: IDFF idp meta alias=" + findIDPMetaAlias + ", userID=" + str + ", session=" + set + ", isSOAInitiated=" + z + ", isIDPInitiated=" + z2 + ", protocol=" + str2 + ", relam=" + str3 + ", idpEntityID=" + str4 + ", spEntityID=" + str5 + ", status=" + i + "\nlogout Request XML=" + str7 + "\nlogout response XML=" + str8);
        }
        IDFFMetaManager iDFFMetaManager = new IDFFMetaManager(null);
        String entityIDByMetaAlias = iDFFMetaManager.getEntityIDByMetaAlias(findIDPMetaAlias);
        if (!FSLogoutUtil.liveConnectionsExist(str, findIDPMetaAlias)) {
            return 4;
        }
        if (z) {
            return handleSOAPInitiatedSingleLogout(set, str, httpServletRequest, httpServletResponse, str3, findIDPMetaAlias, entityIDByMetaAlias, str6, iDFFMetaManager);
        }
        SingleLogoutManager.debug.message("IDFFSingleLogoutHandler.doIDPSLO : HTTP initiated SLO");
        if (!MultiProtocolUtils.usedInProtocol(httpServletRequest, "idff")) {
            return 4;
        }
        String str9 = MultiProtocolUtils.geServerBaseURL(httpServletRequest) + "/liberty-logout?metaAlias=" + findIDPMetaAlias + "&RelayState=" + URLEncoder.encode(str6, "UTF-8");
        if (SingleLogoutManager.debug.messageEnabled()) {
            SingleLogoutManager.debug.message("IDFFSingleLogoutHandler.doIDPSLO : HTTP init, redirect to " + str9);
        }
        httpServletResponse.sendRedirect(str9);
        return 3;
    }

    private int handleSOAPInitiatedSingleLogout(Set set, String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str2, String str3, String str4, String str5, IDFFMetaManager iDFFMetaManager) throws Exception {
        Object next;
        if (set == null || set.isEmpty()) {
            List sessionList = FSSessionManager.getInstance(str3).getSessionList(str);
            if (sessionList == null || sessionList.isEmpty()) {
                return 4;
            }
            next = sessionList.iterator().next();
        } else {
            next = set.iterator().next();
        }
        FSUtils.debug.message("creating FSSingleLogoutHandler");
        HashMap currentProvider = FSLogoutUtil.getCurrentProvider(str, str4, next);
        if (currentProvider == null) {
            return 4;
        }
        FSSessionPartner fSSessionPartner = (FSSessionPartner) currentProvider.get(IFSConstants.PARTNER_SESSION);
        String str6 = (String) currentProvider.get("SessionIndex");
        if (fSSessionPartner == null) {
            return 4;
        }
        ProviderDescriptorType iDPDescriptor = iDFFMetaManager.getIDPDescriptor(str2, str4);
        BaseConfigType iDPDescriptorConfig = iDFFMetaManager.getIDPDescriptorConfig(str2, str4);
        FSSingleLogoutHandler fSSingleLogoutHandler = new FSSingleLogoutHandler();
        fSSingleLogoutHandler.setHostedDescriptor(iDPDescriptor);
        fSSingleLogoutHandler.setHostedDescriptorConfig(iDPDescriptorConfig);
        fSSingleLogoutHandler.setHostedEntityId(str4);
        fSSingleLogoutHandler.setHostedProviderRole("IDP");
        fSSingleLogoutHandler.setMetaAlias(str3);
        fSSingleLogoutHandler.setSingleLogoutProtocol(IFSConstants.LOGOUT_IDP_SOAP_PROFILE);
        fSSingleLogoutHandler.setRelayState(str5);
        fSSingleLogoutHandler.setRealm(str2);
        FSLogoutStatus handleSingleLogout = fSSingleLogoutHandler.handleSingleLogout(httpServletResponse, httpServletRequest, fSSessionPartner, str, str6, false, next);
        if (SingleLogoutManager.debug.messageEnabled()) {
            SingleLogoutManager.debug.message("IDFFSLOHandler.handleSOAPInitiatedSLO: logout status=" + handleSingleLogout.toString());
        }
        return handleSingleLogout.getStatus().equalsIgnoreCase("samlp:Success") ? 0 : 2;
    }

    private String findIDPMetaAlias(String str, String str2, String str3, String str4) {
        Set listCircleOfTrustMember;
        try {
            IDFFMetaManager iDFFMetaManager = new IDFFMetaManager(null);
            List allHostedIdentityProviderIDs = iDFFMetaManager.getAllHostedIdentityProviderIDs(str3);
            if (allHostedIdentityProviderIDs == null || allHostedIdentityProviderIDs.isEmpty()) {
                return null;
            }
            CircleOfTrustManager circleOfTrustManager = new CircleOfTrustManager();
            Set<String> allActiveCirclesOfTrust = circleOfTrustManager.getAllActiveCirclesOfTrust(str3);
            int size = allHostedIdentityProviderIDs.size();
            for (int i = 0; i < size; i++) {
                String str5 = (String) allHostedIdentityProviderIDs.get(i);
                for (String str6 : allActiveCirclesOfTrust) {
                    Set listCircleOfTrustMember2 = circleOfTrustManager.listCircleOfTrustMember(str3, str6, "idff");
                    if (listCircleOfTrustMember2 != null && listCircleOfTrustMember2.contains(str5) && (listCircleOfTrustMember = circleOfTrustManager.listCircleOfTrustMember(str3, str6, str4)) != null && listCircleOfTrustMember.contains(str) && (str2 == null || listCircleOfTrustMember.contains(str2))) {
                        if (SingleLogoutManager.debug.messageEnabled()) {
                            SingleLogoutManager.debug.message("IDFFSingleLogoutHandler.findIDPMetaAlias : found IDP " + str5 + " in COT " + str6);
                        }
                        return iDFFMetaManager.getIDPDescriptorConfig(str3, str5).getMetaAlias();
                    }
                }
            }
            return null;
        } catch (Exception e) {
            SingleLogoutManager.debug.error("IDFFSingleLogoutHandler.findIDPMetaAlias", e);
            return null;
        }
    }
}
