package com.supermap.services.security;

import com.supermap.services.util.ProductTypeUtil;
import io.buji.pac4j.subject.Pac4jPrincipal;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.eclipse.jetty.client.RedirectProtocolHandler;
import org.pac4j.core.context.J2EContext;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.engine.DefaultCallbackLogic;
import org.pac4j.core.exception.HttpAction;
import org.pac4j.core.util.CommonHelper;

/* loaded from: input_file:BOOT-INF/lib/iserver-all-10.0.1-18030-10.0.1-SNAPSHOT.jar:com/supermap/services/security/LoginCallbackLogic.class */
public class LoginCallbackLogic extends DefaultCallbackLogic {
    protected HttpAction redirectToOriginallyRequestedUrl(WebContext webContext, String str) {
        String str2;
        if (a()) {
            StringBuilder sb = new StringBuilder();
            if (webContext instanceof J2EContext) {
                HttpServletRequest request = ((J2EContext) webContext).getRequest();
                sb.append(request.getScheme()).append("://").append(request.getServerName()).append(":").append(request.getServerPort()).append(request.getContextPath());
            }
            KeycloakConfig keycloakConfig = Manager.getInstance().getKeycloakConfig();
            str2 = keycloakConfig.getBaseUri() + "/realms/" + keycloakConfig.getRealm() + "/protocol/openid-connect/logout?redirect_uri=" + sb.toString() + "?code=401";
        } else {
            if (webContext instanceof J2EContext) {
                String contextPath = ((J2EContext) webContext).getRequest().getContextPath();
                if (StringUtils.isNotBlank(contextPath) && "/".equals(str)) {
                    str = contextPath;
                }
            }
            String str3 = (String) webContext.getSessionAttribute(Constant.PAC4J_LOGIN_REFERER);
            str2 = str;
            if (CommonHelper.isNotBlank(str3) && !StringUtils.containsIgnoreCase(str3, Constant.KEYCLOAK_LOGIN_URL_SUFFIX)) {
                str2 = str3;
            }
            if (CommonHelper.isNotBlank(str3)) {
                webContext.setSessionAttribute(Constant.PAC4J_LOGIN_REFERER, (Object) null);
            }
        }
        this.logger.debug("redirectUrl: {}", str2);
        return HttpAction.redirect(RedirectProtocolHandler.NAME, webContext, str2);
    }

    private boolean a() {
        boolean z = false;
        if (ProductTypeUtil.ProductType.iPortal.equals(ProductTypeUtil.getProductType())) {
            Subject subject = SecurityUtils.getSubject();
            Pac4jPrincipal pac4jPrincipal = (Pac4jPrincipal) subject.getPrincipals().oneByType(Pac4jPrincipal.class);
            if (pac4jPrincipal != null && pac4jPrincipal.getProfile() != null && pac4jPrincipal.getProfile().getRoles() != null && pac4jPrincipal.getProfile().getRoles().size() == 0) {
                z = true;
                subject.logout();
            }
        }
        return z;
    }
}
