package org.apereo.cas.web.flow.logout;

import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.principal.ServiceFactory;
import org.apereo.cas.authentication.principal.WebApplicationService;
import org.apereo.cas.configuration.model.core.logout.LogoutProperties;
import org.apereo.cas.logout.LogoutRequest;
import org.apereo.cas.logout.LogoutRequestStatus;
import org.apereo.cas.services.RegisteredService;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.web.flow.CasWebflowConstants;
import org.apereo.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:WEB-INF/lib/cas-server-support-actions-5.3.12.jar:org/apereo/cas/web/flow/logout/LogoutAction.class */
public class LogoutAction extends AbstractLogoutAction {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) LogoutAction.class);
    private final ServiceFactory<WebApplicationService> webApplicationServiceFactory;
    private final ServicesManager servicesManager;
    private final LogoutProperties logoutProperties;

    @Override // org.apereo.cas.web.flow.logout.AbstractLogoutAction
    protected Event doInternalExecute(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, RequestContext requestContext) {
        boolean z = false;
        List<LogoutRequest> logoutRequests = WebUtils.getLogoutRequests(requestContext);
        if (logoutRequests != null) {
            z = logoutRequests.stream().anyMatch(logoutRequest -> {
                return logoutRequest.getStatus() == LogoutRequestStatus.NOT_ATTEMPTED;
            });
        }
        String str = (String) StringUtils.defaultIfEmpty(this.logoutProperties.getRedirectParameter(), "service");
        LOGGER.debug("Using parameter name [{}] to detect destination service, if any", str);
        String parameter = httpServletRequest.getParameter(str);
        LOGGER.debug("Located target service [{}] for redirection after logout", str);
        if (this.logoutProperties.isFollowServiceRedirects() && StringUtils.isNotBlank(parameter)) {
            RegisteredService findServiceBy = this.servicesManager.findServiceBy(this.webApplicationServiceFactory.createService(parameter));
            if (findServiceBy == null || !findServiceBy.getAccessStrategy().isServiceAccessAllowed()) {
                LOGGER.warn("Cannot redirect to [{}] given the service is unauthorized to use CAS. Ensure the service is registered with CAS and is enabled to allowed access", parameter);
            } else {
                LOGGER.debug("Redirecting to service [{}]", parameter);
                WebUtils.putLogoutRedirectUrl(requestContext, parameter);
            }
        } else {
            LOGGER.debug("No target service is located for redirection after logout, or CAS is not allowed to follow redirects after logout");
        }
        if (z) {
            LOGGER.debug("Proceeding forward with front-channel single logout");
            return new Event(this, CasWebflowConstants.TRANSITION_ID_FRONT);
        }
        LOGGER.debug("Moving forward to finish the logout process");
        return new Event(this, CasWebflowConstants.TRANSITION_ID_FINISH);
    }

    @Generated
    public LogoutAction(ServiceFactory<WebApplicationService> serviceFactory, ServicesManager servicesManager, LogoutProperties logoutProperties) {
        this.webApplicationServiceFactory = serviceFactory;
        this.servicesManager = servicesManager;
        this.logoutProperties = logoutProperties;
    }
}
