package com.evolveum.midpoint.authentication.impl.handler;

import com.evolveum.midpoint.audit.api.AuditEventRecord;
import com.evolveum.midpoint.audit.api.AuditEventStage;
import com.evolveum.midpoint.audit.api.AuditEventType;
import com.evolveum.midpoint.audit.api.AuditService;
import com.evolveum.midpoint.authentication.api.config.MidpointAuthentication;
import com.evolveum.midpoint.authentication.api.util.AuthUtil;
import com.evolveum.midpoint.authentication.impl.util.AuthSequenceUtil;
import com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal;
import com.evolveum.midpoint.prism.PrismContext;
import com.evolveum.midpoint.prism.PrismObject;
import com.evolveum.midpoint.repo.common.SystemObjectCache;
import com.evolveum.midpoint.schema.constants.SchemaConstants;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.schema.result.OperationResultStatus;
import com.evolveum.midpoint.security.api.SecurityUtil;
import com.evolveum.midpoint.task.api.Task;
import com.evolveum.midpoint.task.api.TaskManager;
import com.evolveum.midpoint.util.exception.SchemaException;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SystemConfigurationType;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;

/* loaded from: input_file:BOOT-INF/lib/authentication-impl-4.7.5-SNAPSHOT.jar:com/evolveum/midpoint/authentication/impl/handler/AuditedLogoutHandler.class */
public class AuditedLogoutHandler extends SimpleUrlLogoutSuccessHandler {
    private static final Trace LOGGER = TraceManager.getTrace((Class<?>) AuditedLogoutHandler.class);
    private static final String OP_AUDIT_EVENT = AuditedLogoutHandler.class.getName() + ".auditEvent";

    @Autowired
    private TaskManager taskManager;

    @Autowired
    private AuditService auditService;

    @Autowired
    private SystemObjectCache systemObjectCache;

    @Autowired
    private PrismContext prismContext;
    boolean useDefaultUrl = false;

    private boolean useDefaultUrl() {
        return this.useDefaultUrl;
    }

    @Override // org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
    public void setDefaultTargetUrl(String str) {
        super.setDefaultTargetUrl(str);
        this.useDefaultUrl = true;
    }

    @Override // org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler, org.springframework.security.web.authentication.logout.LogoutSuccessHandler
    public void onLogoutSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
        String targetUrl = getTargetUrl(authentication);
        if (httpServletResponse.isCommitted()) {
            LOGGER.debug("Response has already been committed. Unable to redirect to " + targetUrl);
        } else {
            getRedirectStrategy().sendRedirect(httpServletRequest, httpServletResponse, targetUrl);
        }
        auditEvent(httpServletRequest, authentication);
    }

    protected String getTargetUrl(Authentication authentication) {
        String str;
        if (useDefaultUrl()) {
            str = getDefaultTargetUrl();
        } else {
            str = "/";
            if (authentication instanceof MidpointAuthentication) {
                MidpointAuthentication midpointAuthentication = (MidpointAuthentication) authentication;
                if (midpointAuthentication.getAuthenticationChannel() != null) {
                    str = midpointAuthentication.getAuthenticationChannel().getPathAfterLogout();
                }
            }
        }
        return str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void auditEvent(HttpServletRequest httpServletRequest, Authentication authentication) {
        OperationResult operationResult = new OperationResult(OP_AUDIT_EVENT);
        GuiProfiledPrincipal principalUser = AuthUtil.getPrincipalUser(authentication);
        PrismObject<? extends FocusType> asPrismObject = principalUser != null ? principalUser.getFocus().asPrismObject() : null;
        String str = SchemaConstants.CHANNEL_USER_URI;
        String requestedSessionId = httpServletRequest.getRequestedSessionId();
        if ((authentication instanceof MidpointAuthentication) && ((MidpointAuthentication) authentication).getAuthenticationChannel() != null) {
            str = ((MidpointAuthentication) authentication).getAuthenticationChannel().getChannelId();
            if (((MidpointAuthentication) authentication).getSessionId() != null) {
                requestedSessionId = ((MidpointAuthentication) authentication).getSessionId();
            }
        }
        SystemConfigurationType systemConfigurationType = null;
        try {
            systemConfigurationType = this.systemObjectCache.getSystemConfiguration(operationResult).asObjectable();
        } catch (SchemaException e) {
            LOGGER.error("Couldn't get system configuration from cache", (Throwable) e);
        }
        if (SecurityUtil.isAuditedLoginAndLogout(systemConfigurationType, str)) {
            Task createTaskInstance = this.taskManager.createTaskInstance();
            createTaskInstance.setOwner(asPrismObject);
            createTaskInstance.setChannel(str);
            AuditEventRecord auditEventRecord = new AuditEventRecord(AuditEventType.TERMINATE_SESSION, AuditEventStage.REQUEST);
            auditEventRecord.setInitiator(asPrismObject);
            auditEventRecord.setParameter(AuthSequenceUtil.getName(asPrismObject));
            auditEventRecord.setChannel(str);
            auditEventRecord.setTimestamp(Long.valueOf(System.currentTimeMillis()));
            auditEventRecord.setOutcome(OperationResultStatus.SUCCESS);
            auditEventRecord.setHostIdentifier(httpServletRequest.getLocalName());
            auditEventRecord.setRemoteHostAddress(httpServletRequest.getLocalAddr());
            auditEventRecord.setNodeIdentifier(this.taskManager.getNodeId());
            auditEventRecord.setSessionIdentifier(requestedSessionId);
            this.auditService.audit(auditEventRecord, createTaskInstance, operationResult);
        }
    }
}
