package com.sun.identity.federation.services.logout;

import com.iplanet.am.util.AMURLEncDec;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.federation.accountmgmt.FSAccountFedInfoKey;
import com.sun.identity.federation.accountmgmt.FSAccountManager;
import com.sun.identity.federation.accountmgmt.FSAccountMgmtException;
import com.sun.identity.federation.alliance.FSAllianceManagementException;
import com.sun.identity.federation.alliance.FSAllianceManager;
import com.sun.identity.federation.alliance.FSHostedProviderDescriptor;
import com.sun.identity.federation.alliance.FSProviderDescriptor;
import com.sun.identity.federation.common.FSUtils;
import com.sun.identity.federation.common.IFSConstants;
import com.sun.identity.federation.message.FSLogoutNotification;
import com.sun.identity.federation.message.FSLogoutResponse;
import com.sun.identity.federation.services.FSSession;
import com.sun.identity.federation.services.FSSessionManager;
import com.sun.identity.federation.services.FSSessionPartner;
import com.sun.identity.federation.services.util.FSServiceUtils;
import com.sun.identity.federation.services.util.FSSignatureUtil;
import com.sun.identity.idm.AMIdentity;
import com.sun.identity.idm.IdRepoException;
import com.sun.identity.idm.IdUtils;
import com.sun.identity.saml.assertion.NameIdentifier;
import com.sun.identity.saml.common.SAMLResponderException;
import java.io.IOException;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:120955-01/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/federation/services/logout/FSPreLogoutHandler.class */
public class FSPreLogoutHandler {
    protected FSAllianceManager allianceInst;
    protected FSAccountManager accountInst;
    protected static String LOGOUT_DONE_URL = null;
    protected static String COMMON_ERROR_URL = null;
    protected HttpServletResponse response = null;
    protected HttpServletRequest request = null;
    protected String locale = null;
    protected SSOToken ssoToken = null;
    protected AMIdentity amId = null;
    protected FSHostedProviderDescriptor hostedDescriptor = null;
    protected String hostedProviderId = "";
    protected String currentProviderId = "";
    protected boolean isCurrentProviderIDPRole = false;
    protected FSLogoutNotification reqLogout = null;
    protected boolean isWMLAgent = false;
    protected FSProviderDescriptor remoteDescriptor = null;
    protected String remoteProviderID = "";
    protected String remoteEntityID = "";
    protected String hostedEntityID = "";

    public FSPreLogoutHandler() {
        this.allianceInst = null;
        this.accountInst = null;
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSPreLogoutHandler::FSPreLogoutHandler Constructor");
        }
        this.allianceInst = FSServiceUtils.getAllianceInstance();
        try {
            this.accountInst = FSAccountManager.getInstance();
        } catch (FSAccountMgmtException e) {
            FSUtils.debug.error(new StringBuffer().append("FSNameRegistrationHandler ").append(FSUtils.bundle.getString(IFSConstants.FEDERATION_FAILED_ACCOUNT_INSTANCE)).toString());
            this.accountInst = null;
        }
    }

    protected void setLogoutURL() {
        LOGOUT_DONE_URL = this.hostedDescriptor.getLocalConfiguration().getLogoutDonePageURL(this.request);
        COMMON_ERROR_URL = this.hostedDescriptor.getLocalConfiguration().getErrorPageURL(this.request);
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message(new StringBuffer().append("LOGOUT_DONE_URL : ").append(LOGOUT_DONE_URL).toString());
            FSUtils.debug.message(new StringBuffer().append("COMMON_ERROR_URL : ").append(COMMON_ERROR_URL).toString());
        }
    }

    public void setHostedDescriptor(FSHostedProviderDescriptor fSHostedProviderDescriptor) {
        this.hostedDescriptor = fSHostedProviderDescriptor;
        this.hostedProviderId = fSHostedProviderDescriptor.getProviderID();
        this.hostedEntityID = fSHostedProviderDescriptor.getEntityID();
    }

    public void setRemoteDescriptor(FSProviderDescriptor fSProviderDescriptor) {
        this.remoteDescriptor = fSProviderDescriptor;
        this.remoteProviderID = fSProviderDescriptor.getProviderID();
        this.remoteEntityID = fSProviderDescriptor.getEntityID();
    }

    public void setLogoutRequest(FSLogoutNotification fSLogoutNotification) {
        this.reqLogout = fSLogoutNotification;
    }

    public FSLogoutStatus handleSingleLogout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SSOToken sSOToken) {
        this.request = httpServletRequest;
        setLogoutURL();
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("Entered FSPreLogoutHandler::handleSingleLogout");
        }
        if (this.allianceInst == null || this.accountInst == null) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("Failed to get Account & Alliance manager.Cannot proceed");
            }
            returnLocallyAfterLogout(httpServletResponse, false);
            return new FSLogoutStatus("samlp:Success");
        }
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("Successfully got Account & Alliance manager");
        }
        try {
            this.response = httpServletResponse;
            this.ssoToken = sSOToken;
            this.amId = IdUtils.getIdentity(sSOToken);
            String header = httpServletRequest.getHeader("Accept");
            if (header != null && header.indexOf(IFSConstants.WML_HEADER_VALUE) != -1) {
                this.isWMLAgent = true;
            }
            FSSession session = FSSessionManager.getInstance(this.hostedEntityID).getSession(sSOToken);
            String str = null;
            List list = null;
            if (session != null) {
                str = session.getSessionIndex();
                list = session.getSessionPartners();
            }
            if (list != null && list.size() != 0) {
                Iterator it = list.iterator();
                while (it.hasNext()) {
                    FSUtils.debug.message(new StringBuffer().append("PARTER:").append(((FSSessionPartner) it.next()).getPartner()).toString());
                }
            }
            if (!FSLogoutUtil.liveConnectionsExist(IdUtils.getUniversalId(this.amId), this.hostedProviderId)) {
                if (FSUtils.debug.messageEnabled()) {
                    FSUtils.debug.message("No live connections, destroy user session call destroyPrincipalSession");
                }
                FSLogoutUtil.destroyPrincipalSession(IdUtils.getUniversalId(this.amId), this.hostedProviderId, str);
                if (SSOTokenManager.getInstance().isValidToken(sSOToken)) {
                    FSLogoutUtil.destroyLocalSession(sSOToken);
                }
                returnToPostLogout("samlp:Success");
                return new FSLogoutStatus("samlp:Success");
            }
            HashMap currentProvider = FSLogoutUtil.getCurrentProvider(IdUtils.getUniversalId(this.amId), this.hostedProviderId, sSOToken);
            if (currentProvider != null) {
                FSSessionPartner fSSessionPartner = (FSSessionPartner) currentProvider.get(IFSConstants.PARTNER_SESSION);
                str = (String) currentProvider.get(IFSConstants.SESSION_INDEX);
                if (fSSessionPartner != null) {
                    new FSLogoutStatus(IFSConstants.SAML_FAILURE);
                    if (FSUtils.debug.messageEnabled()) {
                        FSUtils.debug.message("creating IDP handler");
                    }
                    FSIDPSingleLogoutHandler fSIDPSingleLogoutHandler = new FSIDPSingleLogoutHandler();
                    fSIDPSingleLogoutHandler.setHostedDescriptor(this.hostedDescriptor);
                    return fSIDPSingleLogoutHandler.handleSingleLogout(httpServletResponse, httpServletRequest, fSSessionPartner, this.amId, str, this.isWMLAgent, sSOToken);
                }
            }
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("No more providers, nothing to broadcast ");
                FSUtils.debug.message("destroy user session call destroyPrincipalSession");
            }
            FSLogoutUtil.destroyPrincipalSession(IdUtils.getUniversalId(this.amId), this.hostedProviderId, str);
            FSLogoutUtil.destroyLocalSession(sSOToken);
            returnToPostLogout("samlp:Success");
            return new FSLogoutStatus("samlp:Success");
        } catch (SSOException e) {
            FSUtils.debug.error("SSOException in liveConnectionsExist So destroy self and exit");
            FSLogoutUtil.destroyPrincipalSession(IdUtils.getUniversalId(this.amId), this.hostedProviderId, null);
            returnToPostLogout("samlp:Success");
            return new FSLogoutStatus("samlp:Success");
        } catch (IdRepoException e2) {
            FSUtils.debug.error("IdRepoException in liveConnectionsExist So destroy self and exit");
            FSLogoutUtil.destroyPrincipalSession(IdUtils.getUniversalId(this.amId), this.hostedProviderId, null);
            returnToPostLogout("samlp:Success");
            return new FSLogoutStatus("samlp:Success");
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:11:0x00a2  */
    /* JADX WARN: Removed duplicated region for block: B:17:0x00c8  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public com.sun.identity.federation.services.logout.FSLogoutStatus processSingleLogoutRequest(javax.servlet.http.HttpServletRequest r13, javax.servlet.http.HttpServletResponse r14, com.iplanet.sso.SSOToken r15) {
        /*
            Method dump skipped, instructions count: 516
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sun.identity.federation.services.logout.FSPreLogoutHandler.processSingleLogoutRequest(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.iplanet.sso.SSOToken):com.sun.identity.federation.services.logout.FSLogoutStatus");
    }

    public FSLogoutStatus processSingleLogoutRequest(FSLogoutNotification fSLogoutNotification) {
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("Entered FSPreLogoutHandler:: processSingleLogoutRequest SOAP Profile");
        }
        this.amId = getUserFromRequest(fSLogoutNotification, this.hostedProviderId);
        if (this.amId == null) {
            FSUtils.debug.error("User does not exist. Invalid request");
            return new FSLogoutStatus(IFSConstants.SAML_FAILURE);
        }
        String str = FSLogoutUtil.getCurrentProviderRole(IdUtils.getUniversalId(this.amId), this.remoteProviderID, this.hostedProviderId) ? "yes" : "no";
        FSSessionManager fSSessionManager = FSSessionManager.getInstance(this.hostedEntityID);
        String sessionIndex = fSLogoutNotification.getSessionIndex();
        FSSession session = fSSessionManager.getSession(fSSessionManager.getSessionList(IdUtils.getUniversalId(this.amId)), sessionIndex);
        FSLogoutUtil.cleanSessionMapPartnerList(IdUtils.getUniversalId(this.amId), this.remoteProviderID, this.hostedProviderId, session);
        FSSessionPartner fSSessionPartner = null;
        if (session != null) {
            List sessionPartners = session.getSessionPartners();
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message(new StringBuffer().append("FSPreLogoutHandler.processSingleLogout :  SOAP Profile : ").append(sessionPartners).toString());
            }
            if (sessionPartners != null && !sessionPartners.isEmpty()) {
                fSSessionPartner = (FSSessionPartner) sessionPartners.iterator().next();
            }
        }
        new FSLogoutStatus(IFSConstants.SAML_FAILURE);
        FSUtils.debug.message("creating FSIDPSingleLogoutHandler");
        FSIDPSingleLogoutHandler fSIDPSingleLogoutHandler = new FSIDPSingleLogoutHandler();
        fSIDPSingleLogoutHandler.setHostedDescriptor(this.hostedDescriptor);
        fSIDPSingleLogoutHandler.setRemoteDescriptor(this.remoteDescriptor);
        return fSIDPSingleLogoutHandler.processSingleLogoutRequest(fSLogoutNotification, fSSessionPartner, this.amId, this.remoteProviderID, sessionIndex, this.isWMLAgent, str);
    }

    private void returnToSource(HttpServletResponse httpServletResponse, String str, String str2) {
        try {
            if (this.allianceInst == null) {
                FSUtils.debug.message("Alliance Manager instance is null");
                httpServletResponse.sendError(500, FSUtils.bundle.getString("unableToReturnToSource"));
                return;
            }
            String sLOServiceReturnURL = this.allianceInst.getProvider(str).getSLOServiceReturnURL();
            if (sLOServiceReturnURL != null && sLOServiceReturnURL.length() >= 1) {
                FSUtils.debug.message(new StringBuffer().append("returnToSource returns URL : ").append(sLOServiceReturnURL).toString());
                httpServletResponse.sendRedirect(buildSignedResponse(sLOServiceReturnURL, str2));
                return;
            }
            FSUtils.debug.message("returnToSource returns sendErroras source provider is unknown");
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(COMMON_ERROR_URL);
            stringBuffer.append(COMMON_ERROR_URL.indexOf(63) < 0 ? '?' : '&');
            stringBuffer.append(IFSConstants.FEDERROR);
            stringBuffer.append('=');
            stringBuffer.append(AMURLEncDec.encode(FSUtils.bundle.getString(IFSConstants.LOGOUT_FAILED)));
            stringBuffer.append('&');
            stringBuffer.append(IFSConstants.FEDREMARK);
            stringBuffer.append('=');
            stringBuffer.append(AMURLEncDec.encode(FSUtils.bundle.getString(IFSConstants.METADATA_ERROR)));
            FSUtils.debug.message(new StringBuffer().append("Redirecting to Error page : ").append(stringBuffer.toString()).toString());
            httpServletResponse.sendRedirect(stringBuffer.toString());
        } catch (FSAllianceManagementException e) {
            try {
                StringBuffer stringBuffer2 = new StringBuffer();
                stringBuffer2.append(COMMON_ERROR_URL);
                stringBuffer2.append(COMMON_ERROR_URL.indexOf(63) < 0 ? '?' : '&');
                stringBuffer2.append(IFSConstants.FEDERROR);
                stringBuffer2.append('=');
                stringBuffer2.append(AMURLEncDec.encode(FSUtils.bundle.getString(IFSConstants.LOGOUT_FAILED)));
                stringBuffer2.append('&');
                stringBuffer2.append(IFSConstants.FEDREMARK);
                stringBuffer2.append('=');
                stringBuffer2.append(AMURLEncDec.encode(FSUtils.bundle.getString(IFSConstants.METADATA_ERROR)));
                FSUtils.debug.error(new StringBuffer().append("Redirecting to Error page : ").append(stringBuffer2.toString()).toString());
                httpServletResponse.sendRedirect(stringBuffer2.toString());
            } catch (IOException e2) {
                FSUtils.debug.error("Redirect/sendError failed. Control halted");
            }
        } catch (IOException e3) {
            FSUtils.debug.error(new StringBuffer().append("Redirect/sendError failed. Control halted").append(e3.getMessage()).toString());
        }
    }

    public String buildSignedResponse(String str, String str2) {
        try {
            FSLogoutResponse fSLogoutResponse = new FSLogoutResponse();
            if (this.amId != null) {
                FSReturnSessionManager fSReturnSessionManager = FSReturnSessionManager.getInstance(this.hostedEntityID);
                HashMap hashMap = new HashMap();
                if (fSReturnSessionManager != null) {
                    hashMap = fSReturnSessionManager.getUserProviderInfo(IdUtils.getUniversalId(this.amId));
                }
                if (hashMap != null) {
                    String str3 = (String) hashMap.get("RelayState");
                    String str4 = (String) hashMap.get(IFSConstants.LOGOUT_STATUS);
                    String str5 = (String) hashMap.get(IFSConstants.RESPONSE_TO);
                    fSReturnSessionManager.removeUserProviderInfo(IdUtils.getUniversalId(this.amId));
                    FSUtils.debug.message(new StringBuffer().append("Deleted ").append(this.amId).append(" from return list").toString());
                    fSLogoutResponse.setResponseTo(str5);
                    fSLogoutResponse.setRelayState(str3);
                    fSLogoutResponse.setProviderId(this.hostedEntityID);
                    fSLogoutResponse.setStatus(str4);
                    fSLogoutResponse.setID(IFSConstants.LOGOUTID);
                } else {
                    fSLogoutResponse.setStatus(str2);
                    fSLogoutResponse.setProviderId(this.hostedDescriptor.getProviderID());
                }
            } else {
                fSLogoutResponse.setStatus(str2);
                fSLogoutResponse.setProviderId(this.hostedDescriptor.getProviderID());
            }
            fSLogoutResponse.setMinorVersion(this.reqLogout.getMinorVersion());
            String uRLEncodedQueryString = fSLogoutResponse.toURLEncodedQueryString();
            if (FSServiceUtils.isSigningOn()) {
                String signingKeyAlias = this.hostedDescriptor.getSigningKeyAlias();
                if (signingKeyAlias == null || signingKeyAlias.equals("")) {
                    if (FSUtils.debug.messageEnabled()) {
                        FSUtils.debug.message("FSBrowserArtifactConsumerHandler:: signSAMLRequest:couldn't obtain this site's cert alias.");
                    }
                    throw new SAMLResponderException(FSUtils.bundle.getString(IFSConstants.NO_CERT_ALIAS));
                }
                uRLEncodedQueryString = FSSignatureUtil.signAndReturnQueryString(uRLEncodedQueryString, signingKeyAlias);
            }
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(str);
            if (str.indexOf(63) == -1) {
                stringBuffer.append('?');
            } else {
                stringBuffer.append('&');
            }
            stringBuffer.append(uRLEncodedQueryString);
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message(new StringBuffer().append("Response to be sent (1) : ").append(stringBuffer.toString()).toString());
            }
            return stringBuffer.toString();
        } catch (Exception e) {
            return null;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:41:0x0214  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void returnToPostLogout(java.lang.String r7) {
        /*
            Method dump skipped, instructions count: 567
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sun.identity.federation.services.logout.FSPreLogoutHandler.returnToPostLogout(java.lang.String):void");
    }

    public void returnLocallyAfterLogout(HttpServletResponse httpServletResponse, boolean z) {
        try {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message(new StringBuffer().append("Entered  returnLocallyAfterLogout with isSuccess set to ").append(z).toString());
            }
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(LOGOUT_DONE_URL);
            stringBuffer.append(LOGOUT_DONE_URL.indexOf(63) < 0 ? '?' : '&');
            stringBuffer.append(IFSConstants.LOGOUT_STATUS);
            stringBuffer.append('=');
            if (z) {
                stringBuffer.append(IFSConstants.LOGOUT_SUCCESS);
            } else {
                stringBuffer.append(IFSConstants.LOGOUT_FAILURE);
            }
            httpServletResponse.sendRedirect(stringBuffer.toString());
        } catch (IOException e) {
            FSUtils.debug.message(new StringBuffer().append("IOException in  returnLocallyAfterLogout ").append(e.getMessage()).toString());
        }
    }

    private AMIdentity getUserFromRequest(FSLogoutNotification fSLogoutNotification, String str) {
        fSLogoutNotification.getProviderId();
        try {
            String associatedOrgDN = this.allianceInst.getHostedProvider(this.hostedProviderId).getLocalConfiguration().getAssociatedOrgDN();
            FSUtils.debug.message(new StringBuffer().append("OrgDN : ").append(associatedOrgDN).toString());
            try {
                NameIdentifier nameIdentifier = fSLogoutNotification.getNameIdentifier();
                String trim = nameIdentifier.getName().trim();
                String nameQualifier = nameIdentifier.getNameQualifier();
                if (nameQualifier == null || nameQualifier.length() == 0) {
                    nameQualifier = this.hostedProviderId;
                }
                AMIdentity aMIdentity = this.accountInst.getAMIdentity(new FSAccountFedInfoKey(nameQualifier, trim), associatedOrgDN);
                if (aMIdentity == null) {
                    aMIdentity = this.accountInst.getAMIdentity(new FSAccountFedInfoKey(fSLogoutNotification.getProviderId(), trim), associatedOrgDN);
                    if (aMIdentity == null) {
                        if (!FSUtils.debug.messageEnabled()) {
                            return null;
                        }
                        FSUtils.debug.message("UserDn is null");
                        return null;
                    }
                }
                if (FSUtils.debug.messageEnabled()) {
                    FSUtils.debug.message(new StringBuffer().append("user id is ").append(aMIdentity).toString());
                }
                return aMIdentity;
            } catch (FSAccountMgmtException e) {
                FSUtils.debug.error("FSAccountMgmtException when retrieving user ");
                FSUtils.debug.error(e.getMessage());
                return null;
            }
        } catch (FSAllianceManagementException e2) {
            FSUtils.debug.error("FSAllianceManagementException when retrieving user  Hosted provider invalid ");
            FSUtils.debug.error(e2.getMessage());
            return null;
        }
    }
}
