package org.jasig.cas.client.session;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import net.sf.json.util.JSONUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.xml.serializer.SerializerConstants;
import org.jasig.cas.client.util.CommonUtils;
import org.jasig.cas.client.util.XmlUtils;
import org.springframework.security.cas.ServiceProperties;

/* loaded from: input_file:WEB-INF/lib/cas-client-core-3.2.1.jar:org/jasig/cas/client/session/SingleSignOutHandler.class */
public final class SingleSignOutHandler {
    private final Log log = LogFactory.getLog(getClass());
    private SessionMappingStorage sessionMappingStorage = new HashMapBackedSessionMappingStorage();
    private String artifactParameterName = ServiceProperties.DEFAULT_CAS_ARTIFACT_PARAMETER;
    private String logoutParameterName = "logoutRequest";

    public void setSessionMappingStorage(SessionMappingStorage sessionMappingStorage) {
        this.sessionMappingStorage = sessionMappingStorage;
    }

    public SessionMappingStorage getSessionMappingStorage() {
        return this.sessionMappingStorage;
    }

    public void setArtifactParameterName(String str) {
        this.artifactParameterName = str;
    }

    public void setLogoutParameterName(String str) {
        this.logoutParameterName = str;
    }

    public void init() {
        CommonUtils.assertNotNull(this.artifactParameterName, "artifactParameterName cannot be null.");
        CommonUtils.assertNotNull(this.logoutParameterName, "logoutParameterName cannot be null.");
        CommonUtils.assertNotNull(this.sessionMappingStorage, "sessionMappingStorage cannote be null.");
    }

    public boolean isTokenRequest(HttpServletRequest httpServletRequest) {
        return CommonUtils.isNotBlank(CommonUtils.safeGetParameter(httpServletRequest, this.artifactParameterName));
    }

    public boolean isLogoutRequest(HttpServletRequest httpServletRequest) {
        return "POST".equals(httpServletRequest.getMethod()) && !isMultipartRequest(httpServletRequest) && CommonUtils.isNotBlank(CommonUtils.safeGetParameter(httpServletRequest, this.logoutParameterName));
    }

    public void recordSession(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(true);
        String safeGetParameter = CommonUtils.safeGetParameter(httpServletRequest, this.artifactParameterName);
        if (this.log.isDebugEnabled()) {
            this.log.debug("Recording session for token " + safeGetParameter);
        }
        try {
            this.sessionMappingStorage.removeBySessionById(session.getId());
        } catch (Exception e) {
        }
        this.sessionMappingStorage.addSessionById(safeGetParameter, session);
    }

    public void destroySession(HttpServletRequest httpServletRequest) {
        HttpSession removeSessionByMappingId;
        String safeGetParameter = CommonUtils.safeGetParameter(httpServletRequest, this.logoutParameterName);
        if (this.log.isTraceEnabled()) {
            this.log.trace("Logout request:\n" + safeGetParameter);
        }
        this.log.warn("CASSRC-CLIENT LogoutMessage " + safeGetParameter);
        String textForElement = XmlUtils.getTextForElement(safeGetParameter.replaceAll(SerializerConstants.ENTITY_QUOT, JSONUtils.DOUBLE_QUOTE).replaceAll("&#39;", JSONUtils.SINGLE_QUOTE).replaceAll("&#96;", "`").replaceAll(SerializerConstants.ENTITY_LT, "<").replaceAll(SerializerConstants.ENTITY_GT, ">"), "SessionIndex");
        if (!CommonUtils.isNotBlank(textForElement) || (removeSessionByMappingId = this.sessionMappingStorage.removeSessionByMappingId(textForElement)) == null) {
            return;
        }
        String id = removeSessionByMappingId.getId();
        if (this.log.isDebugEnabled()) {
            this.log.debug("Invalidating session [" + id + "] for token [" + textForElement + "]");
        }
        try {
            removeSessionByMappingId.invalidate();
        } catch (IllegalStateException e) {
            this.log.debug("Error invalidating session.", e);
        }
    }

    private boolean isMultipartRequest(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getContentType() != null && httpServletRequest.getContentType().toLowerCase().startsWith("multipart");
    }
}
