package dk.itst.oiosaml.sp.service;

import dk.itst.oiosaml.common.OIOSAMLConstants;
import dk.itst.oiosaml.common.SAMLUtil;
import dk.itst.oiosaml.error.Layer;
import dk.itst.oiosaml.error.WrappedException;
import dk.itst.oiosaml.logging.Audit;
import dk.itst.oiosaml.logging.Logger;
import dk.itst.oiosaml.logging.LoggerFactory;
import dk.itst.oiosaml.logging.Operation;
import dk.itst.oiosaml.sp.metadata.IdpMetadata;
import dk.itst.oiosaml.sp.model.OIOAssertion;
import dk.itst.oiosaml.sp.model.OIOLogoutRequest;
import dk.itst.oiosaml.sp.model.OIOLogoutResponse;
import dk.itst.oiosaml.sp.util.LogoutRequestValidationException;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
import java.io.UnsupportedEncodingException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.io.IOUtils;
import org.opensaml.saml2.core.LogoutRequest;
import org.opensaml.ws.soap.soap11.Envelope;
import org.opensaml.xml.XMLObject;
import org.opensaml.xml.security.credential.Credential;

/* loaded from: input_file:dk/itst/oiosaml/sp/service/LogoutServiceSOAPHandler.class */
public class LogoutServiceSOAPHandler implements SAMLHandler {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) LogoutServiceSOAPHandler.class);

    private static OIOLogoutRequest extractRequest(HttpServletRequest httpServletRequest) throws IOException {
        LogoutRequest logoutRequest;
        String iOUtils = IOUtils.toString(httpServletRequest.getInputStream(), OIOSAMLConstants.UTF_8);
        Envelope unmarshallElementFromString = SAMLUtil.unmarshallElementFromString(iOUtils);
        if (log.isDebugEnabled()) {
            log.debug("Request..:" + iOUtils);
        }
        if (unmarshallElementFromString == null || !(unmarshallElementFromString instanceof Envelope) || (logoutRequest = (XMLObject) unmarshallElementFromString.getBody().getUnknownXMLObjects().get(0)) == null || !(logoutRequest instanceof LogoutRequest)) {
            throw new RuntimeException("SOAP request did not contain a LogoutRequest on the body");
        }
        return new OIOLogoutRequest(logoutRequest);
    }

    @Override // dk.itst.oiosaml.sp.service.SAMLHandler
    public void handlePost(RequestContext requestContext) throws ServletException, IOException {
        String str = "urn:oasis:names:tc:SAML:2.0:status:Success";
        String str2 = null;
        OIOLogoutRequest extractRequest = extractRequest(requestContext.getRequest());
        Audit.log(Operation.LOGOUT_SOAP, false, extractRequest.getID(), extractRequest.toXML());
        try {
            String relatedSessionId = requestContext.getSessionHandler().getRelatedSessionId(extractRequest.getSessionIndex());
            OIOAssertion assertion = requestContext.getSessionHandler().getAssertion(relatedSessionId);
            String str3 = null;
            if (assertion != null) {
                str3 = assertion.getIssuer();
            }
            if (str3 == null) {
                log.warn("LogoutRequest received over SOAP for unknown user");
                str = "urn:oasis:names:tc:SAML:2.0:status:NoSupportedIDP";
            } else {
                try {
                    IdpMetadata.Metadata metadata = requestContext.getIdpMetadata().getMetadata(str3);
                    extractRequest.validateRequest((String) null, (String) null, metadata.getPublicKeys(), requestContext.getSpMetadata().getSingleLogoutServiceSOAPLocation(), metadata.getEntityID());
                    requestContext.getSessionHandler().logOut(relatedSessionId);
                    Audit.log(Operation.LOGOUT, assertion.getSubjectNameIDValue());
                } catch (LogoutRequestValidationException e) {
                    str2 = e.getMessage();
                    str = "urn:oasis:names:tc:SAML:2.0:status:AuthnFailed";
                }
            }
        } catch (Throwable th) {
            str = "urn:oasis:names:tc:SAML:2.0:status:AuthnFailed";
            str2 = th instanceof WrappedException ? th.getCause().getMessage() : th.getMessage();
            Audit.logError(Operation.LOGOUT_SOAP, false, extractRequest.getID(), th);
        }
        if (log.isDebugEnabled()) {
            log.debug("Logout status: " + str + ", message: " + str2);
        }
        OIOLogoutResponse fromRequest = OIOLogoutResponse.fromRequest(extractRequest, str, str2, requestContext.getSpMetadata().getEntityID(), null);
        returnResponse(requestContext.getResponse(), fromRequest, requestContext.getCredential());
        Audit.log(Operation.LOGOUT_SOAP, true, extractRequest.getID(), fromRequest.toXML());
    }

    @Override // dk.itst.oiosaml.sp.service.SAMLHandler
    public void handleGet(RequestContext requestContext) throws IOException {
        String parameter = requestContext.getRequest().getParameter("wsdl");
        HttpServletResponse response = requestContext.getResponse();
        if (parameter == null) {
            response.sendError(412, "No argument wsdl on get request. Use POST for SOAP requests.");
            return;
        }
        try {
            if (log.isDebugEnabled()) {
                log.debug("Returning wsdl...");
            }
            PrintWriter writer = response.getWriter();
            response.setContentType("text/xml");
            response.setCharacterEncoding(OIOSAMLConstants.UTF_8);
            InputStream resourceAsStream = LogoutServiceSOAPHandler.class.getResourceAsStream("/SAML2LogoutService.wsdl");
            IOUtils.copy(resourceAsStream, writer);
            resourceAsStream.close();
            writer.flush();
        } catch (IOException e) {
            throw new WrappedException(Layer.CLIENT, e);
        }
    }

    private static void returnResponse(HttpServletResponse httpServletResponse, OIOLogoutResponse oIOLogoutResponse, Credential credential) {
        oIOLogoutResponse.sign(credential);
        String soapEnvelope = oIOLogoutResponse.toSoapEnvelope();
        if (log.isDebugEnabled()) {
            log.debug("Response..: " + soapEnvelope);
        }
        try {
            byte[] bytes = soapEnvelope.getBytes(OIOSAMLConstants.UTF_8);
            httpServletResponse.setContentLength(bytes.length);
            httpServletResponse.setCharacterEncoding(OIOSAMLConstants.UTF_8);
            httpServletResponse.setContentType("text/xml");
            httpServletResponse.setStatus(200);
            try {
                httpServletResponse.getOutputStream().write(bytes);
            } catch (IOException e) {
                throw new WrappedException(Layer.CLIENT, e);
            }
        } catch (UnsupportedEncodingException e2) {
            throw new WrappedException(Layer.CLIENT, e2);
        }
    }
}
