package com.supermap.services.security;

import com.supermap.server.host.webapp.handlers.SecurityHandler;
import com.supermap.services.rest.resources.SecurityResource;
import com.supermap.services.util.LogUtil;
import com.supermap.services.util.OperationResourceManager;
import com.supermap.services.util.ResourceManager;
import com.supermap.services.util.log.OperationLogBasicInfo;
import java.net.URLEncoder;
import java.util.Set;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.session.SessionException;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.cal10n.LocLogger;

/* loaded from: input_file:BOOT-INF/lib/iserver-all-10.0.1-18030-10.0.1-SNAPSHOT.jar:com/supermap/services/security/LogoutFilter.class */
public class LogoutFilter extends org.apache.shiro.web.filter.authc.LogoutFilter {
    private static ResourceManager a = new ResourceManager("resource.securityManageResources");
    private static Logger b = LogUtil.getLocLogger(LogoutFilter.class, a);
    protected static final OperationResourceManager operationResource = new OperationResourceManager("com.supermap.services.rest.SecurityResource");
    private static LocLogger c = LogUtil.getOperationLocLogger(LogoutFilter.class, operationResource);

    private static OperationLogBasicInfo a(ServletRequest servletRequest, String str) {
        OperationLogBasicInfo operationLogBasicInfo = new OperationLogBasicInfo();
        operationLogBasicInfo.userName = str;
        operationLogBasicInfo.clientAddress = servletRequest.getRemoteAddr().toString();
        if (servletRequest instanceof HttpServletRequest) {
            operationLogBasicInfo.requestURL = ((HttpServletRequest) servletRequest).getRequestURL().toString();
        }
        return operationLogBasicInfo;
    }

    protected boolean preHandle(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        Subject subject = getSubject(servletRequest, servletResponse);
        boolean z = false;
        boolean z2 = false;
        PrincipalCollection principalCollection = null;
        try {
            principalCollection = subject.getPrincipals();
            if (principalCollection != null) {
                z = principalCollection.asList().size() > 1;
                Set realmNames = principalCollection.getRealmNames();
                z2 = CollectionUtils.isNotEmpty(realmNames) && realmNames.contains("keycloakRealm");
            }
            subject.logout();
            subject.getSession();
        } catch (SessionException e) {
            b.debug(e.getMessage(), e);
        }
        String redirectUrl = getRedirectUrl(servletRequest, servletResponse, subject);
        CasRealm casRealm = ShiroUtil.getCasRealm();
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        if (casRealm != null && casRealm.isEnabled() && z) {
            StringBuilder sb = new StringBuilder();
            String casLoginLogoutPrefix = casRealm.getCasLoginLogoutPrefix();
            if (StringUtils.isBlank(casLoginLogoutPrefix)) {
                casLoginLogoutPrefix = casRealm.getCasServerUrlPrefix();
            }
            if (StringUtils.isNotEmpty(casLoginLogoutPrefix)) {
                sb.append(casLoginLogoutPrefix);
                if (casLoginLogoutPrefix.endsWith("/")) {
                    sb.append("logout");
                } else {
                    sb.append(SecurityHandler.LOGOUTURI);
                }
                sb.append("?service=");
                if (redirectUrl.startsWith("/")) {
                    String contextPath = httpServletRequest.getContextPath();
                    String stringBuffer = httpServletRequest.getRequestURL().toString();
                    sb.append(URLEncoder.encode(StringUtils.substring(stringBuffer, 0, StringUtils.indexOf(stringBuffer, contextPath) + contextPath.length()), "UTF-8"));
                }
                sb.append(redirectUrl);
                redirectUrl = sb.toString();
            }
        }
        if (z2) {
            KeycloakConfig keycloakConfig = Manager.getInstance().getKeycloakConfig();
            StringBuilder sb2 = new StringBuilder();
            sb2.append(httpServletRequest.getScheme()).append("://").append(httpServletRequest.getServerName()).append(":").append(httpServletRequest.getServerPort()).append(httpServletRequest.getContextPath());
            redirectUrl = keycloakConfig.getBaseUri() + "/realms/" + keycloakConfig.getRealm() + "/protocol/openid-connect/logout?redirect_uri=" + sb2.toString();
        }
        if (principalCollection != null) {
            c.info(operationResource.getMessage((OperationResourceManager) SecurityResource.LOGOUTFILTER_USER_LOGOUT_SUCCEED, principalCollection.toString()) + a(servletRequest, principalCollection.toString()));
        }
        issueRedirect(servletRequest, servletResponse, redirectUrl);
        return false;
    }
}
