package info.magnolia.cms.security;

import info.magnolia.audit.AuditLoggingUtil;
import info.magnolia.cms.filters.MgnlFilterChain;
import info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter;
import info.magnolia.cms.security.auth.LogoutResult;
import info.magnolia.cms.security.auth.login.FormLogin;
import info.magnolia.cms.security.auth.login.LoginHandler;
import info.magnolia.context.Context;
import info.magnolia.context.MgnlContext;
import info.magnolia.context.UserContext;
import info.magnolia.util.EscapeUtil;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.Objects;
import java.util.Optional;
import java.util.stream.Stream;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:info/magnolia/cms/security/LogoutFilter.class */
public class LogoutFilter extends OncePerRequestAbstractMgnlFilter {
    private static final Logger log = LoggerFactory.getLogger(LogoutFilter.class);
    public static final String PARAMETER_LOGOUT = "mgnlLogout";
    public static final String ATTRIBUTE_CALLBACK_LOGOUT = "mgnlCallbackLogout";
    private boolean callbackLogoutEnabled = true;
    private Collection<LoginHandler> handlers = new ArrayList();

    public boolean isCallbackLogoutEnabled() {
        return this.callbackLogoutEnabled;
    }

    public void setCallbackLogoutEnabled(boolean z) {
        this.callbackLogoutEnabled = z;
    }

    @Override // info.magnolia.cms.filters.AbstractMgnlFilter
    public void doFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        Context mgnlContext = MgnlContext.getInstance();
        if (httpServletRequest.getParameter(PARAMETER_LOGOUT) != null) {
            Iterator<LoginHandler> it = getHandlers().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                LoginHandler next = it.next();
                LogoutResult logout = next.logout(httpServletRequest, httpServletResponse);
                if (logout.isSuccess()) {
                    if (logout.getStatus() == 2) {
                        String resolveLogoutRedirectLink = StringUtils.isNotBlank(next.getPostLogoutRedirectUrl()) ? httpServletRequest.getContextPath() + next.getPostLogoutRedirectUrl() : resolveLogoutRedirectLink(httpServletRequest);
                        log.debug("Redirecting to URL: {}", resolveLogoutRedirectLink);
                        httpServletResponse.sendRedirect(EscapeUtil.escapeCrlf(resolveLogoutRedirectLink));
                    }
                    resetFilterChain(filterChain);
                }
            }
            HttpSession session = httpServletRequest.getSession(false);
            if (session != null) {
                log.info("Invalidating HttpSession {}", session);
                session.invalidate();
                return;
            }
            return;
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
        if (getClass().equals(LogoutFilter.class) && this.callbackLogoutEnabled && mgnlContext.getAttribute(ATTRIBUTE_CALLBACK_LOGOUT) != null && (MgnlContext.getUser() instanceof MgnlUser)) {
            log.info("Performing logout session expiry post-request handling for MgnlUser");
            Stream<LoginHandler> stream = getHandlers().stream();
            Class<FormLogin> cls = FormLogin.class;
            Objects.requireNonNull(FormLogin.class);
            Optional<LoginHandler> findFirst = stream.filter((v1) -> {
                return r1.isInstance(v1);
            }).findFirst();
            if (!findFirst.isPresent()) {
                log.warn("No FormLogin handler found for logging session expiry post-request");
            } else {
                findFirst.get().logout(httpServletRequest, httpServletResponse);
                resetFilterChain(filterChain);
            }
        }
    }

    @Deprecated
    protected void performLogoutLogic(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain, Context context) {
        if (context instanceof UserContext) {
            AuditLoggingUtil.log((UserContext) context);
            ((UserContext) context).logout();
        }
        if (httpServletRequest.getSession(false) != null) {
            log.info("Invalidating HttpSession {}", httpServletRequest.getSession());
            httpServletRequest.getSession().invalidate();
        }
        if (filterChain instanceof MgnlFilterChain) {
            ((MgnlFilterChain) filterChain).reset();
        }
    }

    protected void resetFilterChain(FilterChain filterChain) {
        if (filterChain instanceof MgnlFilterChain) {
            ((MgnlFilterChain) filterChain).reset();
        }
    }

    protected String resolveLogoutRedirectLink(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getRequestURI();
    }

    public Collection<LoginHandler> getHandlers() {
        return this.handlers;
    }

    public void setHandlers(Collection<LoginHandler> collection) {
        this.handlers = collection;
    }
}
