package com.sun.identity.saml2.profile;

import com.sun.identity.plugin.monitoring.FedMonAgent;
import com.sun.identity.plugin.monitoring.FedMonSAML2Svc;
import com.sun.identity.plugin.monitoring.MonitorManager;
import com.sun.identity.plugin.session.SessionException;
import com.sun.identity.plugin.session.SessionListener;
import com.sun.identity.plugin.session.SessionManager;
import com.sun.identity.saml2.common.NameIDInfoKey;
import com.sun.identity.saml2.common.SAML2Constants;
import com.sun.identity.saml2.common.SAML2Exception;
import com.sun.identity.saml2.common.SAML2Utils;
import com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement;
import com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement;
import com.sun.identity.saml2.logging.LogUtil;
import com.sun.identity.saml2.meta.SAML2MetaException;
import com.sun.identity.saml2.meta.SAML2MetaManager;
import com.sun.identity.saml2.meta.SAML2MetaUtils;
import com.sun.identity.shared.debug.Debug;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.logging.Level;

/* loaded from: input_file:com/sun/identity/saml2/profile/SPSessionListener.class */
public class SPSessionListener implements SessionListener {
    private static SAML2MetaManager sm;
    private static Debug debug = SAML2Utils.debug;
    private static FedMonAgent agent;
    private static FedMonSAML2Svc saml2Svc;
    private String infoKeyString;
    private String sessionID;

    public SPSessionListener(String str, String str2) {
        this.infoKeyString = null;
        this.sessionID = null;
        this.infoKeyString = str;
        this.sessionID = str2;
    }

    @Override // com.sun.identity.plugin.session.SessionListener
    public void sessionInvalidated(Object obj) {
        List<SPFedSession> list;
        HashMap hashMap = new HashMap();
        if (obj == null || this.infoKeyString == null || this.sessionID == null) {
            return;
        }
        try {
            if (this.sessionID.equals(SessionManager.getProvider().getSessionID(obj)) && (list = (List) SPCache.fedSessionListsByNameIDInfoKey.get(this.infoKeyString)) != null) {
                try {
                    for (SPFedSession sPFedSession : list) {
                        if (sPFedSession.spTokenID.equals(this.sessionID)) {
                            hashMap.put(SAML2Constants.ROLE, SAML2Constants.SP_ROLE);
                            String str = sPFedSession.metaAlias;
                            NameIDInfoKey parse = NameIDInfoKey.parse(this.infoKeyString);
                            String entityByMetaAlias = sm.getEntityByMetaAlias(str);
                            String realm = SAML2Utils.getRealm(SAML2MetaUtils.getRealmByMetaAlias(str));
                            SPSSOConfigElement sPSSOConfig = sm.getSPSSOConfig(realm, entityByMetaAlias);
                            if (sPSSOConfig != null) {
                                List<String> list2 = SAML2MetaUtils.getAttributes(sPSSOConfig).get(SAML2Constants.SP_SESSION_SYNC_ENABLED);
                                if (entityByMetaAlias != null && list2 != null && list2.size() != 0) {
                                    if (list2.get(0).equals("true")) {
                                        if (SAML2Utils.debug.messageEnabled()) {
                                            SAML2Utils.debug.message("SPSessionListener.sessionInvalidated: SP Session Synchronization flag is enabled, initiating SLO to IDP");
                                        }
                                        initiateSPSingleLogout(str, realm, SAML2Constants.SOAP, parse, sPFedSession, hashMap);
                                    }
                                }
                            } else if (SAML2Utils.debug.messageEnabled()) {
                                SAML2Utils.debug.message("SPSessionListener.sessionInvalidated: Unable to retrieve the SP config data, spConfig is null");
                            }
                        }
                    }
                } catch (SessionException e) {
                    SAML2Utils.debug.error("IDPSessionListener.sessionInvalidated:", e);
                } catch (SAML2MetaException e2) {
                    SAML2Utils.debug.error("SPSessionListener.sessionInvalidated:", e2);
                } catch (SAML2Exception e3) {
                    SAML2Utils.debug.error("SPSessionListener.sessionInvalidated:", e3);
                }
                synchronized (list) {
                    Iterator it = list.iterator();
                    while (it.hasNext()) {
                        if (((SPFedSession) it.next()).spTokenID.equals(this.sessionID)) {
                            it.remove();
                            if (agent != null && agent.isRunning() && saml2Svc != null) {
                                saml2Svc.setFedSessionCount(SPCache.fedSessionListsByNameIDInfoKey.size());
                            }
                        }
                    }
                    if (list.isEmpty()) {
                        SPCache.fedSessionListsByNameIDInfoKey.remove(this.infoKeyString);
                    }
                }
            }
        } catch (SessionException e4) {
        }
    }

    private static void initiateSPSingleLogout(String str, String str2, String str3, NameIDInfoKey nameIDInfoKey, SPFedSession sPFedSession, Map map) throws SAML2MetaException, SAML2Exception, SessionException {
        IDPSSODescriptorElement iDPSSODescriptor = sm.getIDPSSODescriptor(str2, nameIDInfoKey.getRemoteEntityID());
        if (iDPSSODescriptor == null) {
            LogUtil.error(Level.INFO, LogUtil.IDP_METADATA_ERROR, new String[]{nameIDInfoKey.getRemoteEntityID()}, null);
            throw new SAML2Exception(SAML2Utils.bundle.getString("metaDataError"));
        }
        List singleLogoutService = iDPSSODescriptor.getSingleLogoutService();
        if (LogoutUtil.getSLOServiceLocation(singleLogoutService, SAML2Constants.SOAP) != null) {
            LogoutUtil.doLogout(str, nameIDInfoKey.getRemoteEntityID(), singleLogoutService, null, str3, null, sPFedSession.idpSessionIndex, sPFedSession.info.getNameID(), null, null, map, sm.getIDPSSOConfig(str2, nameIDInfoKey.getRemoteEntityID()));
        } else if (debug.warningEnabled()) {
            debug.warning("SPSessionListener.initiateSPSingleLogout(): Unable to synchronize sessions with IdP \"" + nameIDInfoKey.getRemoteEntityID() + "\" since the IdP does not have SOAP SLO endpoint specified in its metadata, possibly this is a misconfiguration of the hosted SP");
        }
    }

    static {
        sm = null;
        try {
            sm = new SAML2MetaManager();
        } catch (SAML2MetaException e) {
            debug.error("Error retreiving metadata", e);
        }
        agent = MonitorManager.getAgent();
        saml2Svc = MonitorManager.getSAML2Svc();
    }
}
