package com.appiancorp.security.auth.saml;

import com.appian.logging.AppianLogger;
import com.google.common.annotations.VisibleForTesting;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.namespace.QName;
import org.opensaml.saml.common.SAMLObject;
import org.opensaml.saml.common.SAMLRuntimeException;
import org.opensaml.saml.saml2.core.LogoutRequest;
import org.opensaml.saml.saml2.core.LogoutResponse;
import org.springframework.http.HttpStatus;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;

/* loaded from: input_file:com/appiancorp/security/auth/saml/SamlLogoutServlet.class */
public class SamlLogoutServlet extends HttpServlet {
    private static final AppianLogger LOG = AppianLogger.getLogger(SamlLogoutServlet.class);
    private static final long serialVersionUID = 1;
    private transient IdentityProviderManager identityProviderManager;
    private transient SamlLogoutRequestConsumer samlLogoutRequestConsumer;
    private transient SamlLogoutResponseConsumer samlLogoutResponseConsumer;
    private transient SamlSessionTracker samlSessionTracker;

    public SamlLogoutServlet() {
    }

    @VisibleForTesting
    public SamlLogoutServlet(IdentityProviderManager identityProviderManager, SamlLogoutRequestConsumer samlLogoutRequestConsumer, SamlLogoutResponseConsumer samlLogoutResponseConsumer, SamlSessionTracker samlSessionTracker) {
        this.identityProviderManager = identityProviderManager;
        this.samlLogoutRequestConsumer = samlLogoutRequestConsumer;
        this.samlLogoutResponseConsumer = samlLogoutResponseConsumer;
        this.samlSessionTracker = samlSessionTracker;
    }

    public void init() {
        WebApplicationContext requiredWebApplicationContext = WebApplicationContextUtils.getRequiredWebApplicationContext(getServletContext());
        this.identityProviderManager = (IdentityProviderManager) requiredWebApplicationContext.getBean("identityProviderManager", IdentityProviderManager.class);
        this.samlLogoutRequestConsumer = (SamlLogoutRequestConsumer) requiredWebApplicationContext.getBean(SamlLogoutRequestConsumer.class);
        this.samlLogoutResponseConsumer = (SamlLogoutResponseConsumer) requiredWebApplicationContext.getBean(SamlLogoutResponseConsumer.class);
        this.samlSessionTracker = (SamlSessionTracker) requiredWebApplicationContext.getBean(SamlSessionTracker.class);
    }

    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        try {
            SamlMessageContextWrapper extractMessageContext = this.identityProviderManager.extractMessageContext(httpServletRequest);
            processMessageContext(httpServletRequest, httpServletResponse, extractMessageContext, getSamlMessageType(extractMessageContext));
        } catch (Exception e) {
            LOG.error(e, "failed to retrieve SAML Message Context");
            sendError(httpServletResponse);
        }
    }

    private void processMessageContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SamlMessageContextWrapper samlMessageContextWrapper, QName qName) throws IOException, ServletException {
        this.samlSessionTracker.setCurrentIdpEntityIdForRequest(httpServletRequest, samlMessageContextWrapper);
        if (LogoutRequest.DEFAULT_ELEMENT_NAME.equals(qName)) {
            try {
                this.samlLogoutRequestConsumer.consume(httpServletRequest, httpServletResponse, samlMessageContextWrapper);
            } catch (SAMLRuntimeException e) {
                LOG.debug("Saml Logout request was unsuccessful");
            }
        } else if (LogoutResponse.DEFAULT_ELEMENT_NAME.equals(qName)) {
            this.samlLogoutResponseConsumer.consume(httpServletRequest, httpServletResponse, samlMessageContextWrapper);
        } else {
            LOG.debug("Request did not contain a LogoutRequest or LogoutResponse");
            sendError(httpServletResponse);
        }
    }

    private void sendError(HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.sendError(HttpStatus.INTERNAL_SERVER_ERROR.value());
    }

    private QName getSamlMessageType(SamlMessageContextWrapper samlMessageContextWrapper) {
        return ((SAMLObject) samlMessageContextWrapper.getMessage()).getElementQName();
    }
}
