package org.geoserver.security.filter;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.SortedSet;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.geoserver.security.GeoServerSecurityFilterChain;
import org.geoserver.security.RequestFilterChain;
import org.geoserver.security.config.LogoutFilterConfig;
import org.geoserver.security.config.SecurityNamedServiceConfig;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;
import org.springframework.util.StringUtils;

/* loaded from: input_file:WEB-INF/lib/gs-main-2.18.7-georchestra.jar:org/geoserver/security/filter/GeoServerLogoutFilter.class */
public class GeoServerLogoutFilter extends GeoServerSecurityFilter {
    public static final String URL_AFTER_LOGOUT = "/web/";
    public static final String LOGOUT_REDIRECT_ATTR = "_logout_redirect";
    private String redirectUrl;
    SecurityContextLogoutHandler logoutHandler;
    SimpleUrlLogoutSuccessHandler logoutSuccessHandler;
    String[] pathInfos;

    @Override // org.geoserver.security.impl.AbstractGeoServerSecurityService, org.geoserver.security.GeoServerSecurityService
    public void initializeFromConfig(SecurityNamedServiceConfig securityNamedServiceConfig) throws IOException {
        super.initializeFromConfig(securityNamedServiceConfig);
        this.logoutHandler = new SecurityContextLogoutHandler();
        this.redirectUrl = ((LogoutFilterConfig) securityNamedServiceConfig).getRedirectURL();
        this.logoutSuccessHandler = new SimpleUrlLogoutSuccessHandler();
        if (StringUtils.hasLength(this.redirectUrl)) {
            this.logoutSuccessHandler.setDefaultTargetUrl(this.redirectUrl);
        }
        this.pathInfos = (((LogoutFilterConfig) securityNamedServiceConfig).getFormLogoutChain() != null ? ((LogoutFilterConfig) securityNamedServiceConfig).getFormLogoutChain() : GeoServerSecurityFilterChain.FORM_LOGOUT_CHAIN).split(",");
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        boolean z = false;
        String[] strArr = this.pathInfos;
        int length = strArr.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            if (getRequestPath(httpServletRequest).startsWith(strArr[i])) {
                z = true;
                break;
            }
            i++;
        }
        if (z) {
            doLogout(httpServletRequest, httpServletResponse, new String[0]);
        }
    }

    public void doLogout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String... strArr) throws IOException, ServletException {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null) {
            Iterator<LogoutHandler> it2 = calculateActiveLogoutHandlers(strArr).iterator();
            while (it2.hasNext()) {
                it2.next().logout(httpServletRequest, httpServletResponse, authentication);
            }
            ((LogoutHandler) this.securityManager.getRememberMeService()).logout(httpServletRequest, httpServletResponse, authentication);
            this.logoutHandler.logout(httpServletRequest, httpServletResponse, authentication);
        }
        String str = (String) httpServletRequest.getAttribute(LOGOUT_REDIRECT_ATTR);
        if (!StringUtils.hasLength(str)) {
            this.logoutSuccessHandler.onLogoutSuccess(httpServletRequest, httpServletResponse, authentication);
            return;
        }
        SimpleUrlLogoutSuccessHandler simpleUrlLogoutSuccessHandler = new SimpleUrlLogoutSuccessHandler();
        simpleUrlLogoutSuccessHandler.setDefaultTargetUrl(str);
        simpleUrlLogoutSuccessHandler.onLogoutSuccess(httpServletRequest, httpServletResponse, authentication);
    }

    List<LogoutHandler> calculateActiveLogoutHandlers(String... strArr) throws IOException {
        ArrayList arrayList = new ArrayList();
        SortedSet<String> listFilters = getSecurityManager().listFilters(LogoutHandler.class);
        listFilters.removeAll(Arrays.asList(strArr));
        HashSet hashSet = new HashSet();
        Iterator<RequestFilterChain> it2 = getSecurityManager().getSecurityConfig().getFilterChain().getRequestChains().iterator();
        while (it2.hasNext()) {
            for (String str : it2.next().getFilterNames()) {
                if (listFilters.contains(str)) {
                    hashSet.add(str);
                }
            }
        }
        Iterator it3 = hashSet.iterator();
        while (it3.hasNext()) {
            arrayList.add((LogoutHandler) getSecurityManager().loadFilter((String) it3.next()));
        }
        return arrayList;
    }
}
