package com.supwisdom.infras.security.configure.jwt;

import java.io.IOException;
import java.net.URLEncoder;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.config.Elements;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.Assert;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:BOOT-INF/lib/infras-security-0.1.2-SNAPSHOT.jar:com/supwisdom/infras/security/configure/jwt/JWTCasLogoutFilter.class */
public class JWTCasLogoutFilter extends GenericFilterBean {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) JWTCasLogoutFilter.class);
    private RequestMatcher logoutRequestMatcher;
    private String logoutUrl;
    private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();

    public JWTCasLogoutFilter(String str) {
        this.logoutUrl = "/cas/logout";
        this.logoutUrl = str;
        setFilterProcessesUrl("/jwt/cas/logout");
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        String parameter;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (!requiresLogout(httpServletRequest, httpServletResponse) || ((parameter = httpServletRequest.getParameter(Elements.LOGOUT)) != null && !parameter.isEmpty())) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        SecurityContextHolder.getContext().setAuthentication(null);
        SecurityContextHolder.clearContext();
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null) {
            logger.debug("Invalidating session: " + session.getId());
            session.invalidate();
        }
        logger.debug("requestUrl is {}", httpServletRequest.getRequestURL().toString());
        logger.debug("requestUri is {}", httpServletRequest.getRequestURI());
        String servletPath = httpServletRequest.getServletPath();
        logger.debug("servletPath is {}", servletPath);
        String queryString = httpServletRequest.getQueryString();
        logger.debug("queryString is {}", queryString);
        String str = this.logoutUrl + "?target_uri=" + URLEncoder.encode(servletPath + "?logout=logout&" + queryString, "UTF-8");
        logger.debug("redirectUrl is {}", str);
        this.redirectStrategy.sendRedirect(httpServletRequest, httpServletResponse, str);
    }

    protected boolean requiresLogout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return this.logoutRequestMatcher.matches(httpServletRequest);
    }

    public void setLogoutRequestMatcher(RequestMatcher requestMatcher) {
        Assert.notNull(requestMatcher, "logoutRequestMatcher cannot be null");
        this.logoutRequestMatcher = requestMatcher;
    }

    public void setFilterProcessesUrl(String str) {
        this.logoutRequestMatcher = new AntPathRequestMatcher(str);
    }
}
