package org.alfresco.web.site.servlet;

import com.hazelcast.internal.management.request.WanCheckConsistencyRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.alfresco.web.site.servlet.config.AIMSConfig;
import org.apache.chemistry.opencmis.commons.impl.UrlBuilder;
import org.keycloak.adapters.KeycloakDeploymentBuilder;
import org.keycloak.adapters.servlet.OIDCFilterSessionStore;
import org.keycloak.adapters.spi.KeycloakAccount;
import org.springframework.extensions.surf.UserFactory;
import org.springframework.extensions.surf.mvc.LogoutController;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.AbstractController;

/* loaded from: input_file:WEB-INF/classes/org/alfresco/web/site/servlet/AIMSLogoutController.class */
public class AIMSLogoutController extends AbstractController {
    protected AIMSConfig config;
    protected LogoutController logoutController;

    public void setConfig(AIMSConfig aIMSConfig) {
        this.config = aIMSConfig;
    }

    public void setLogoutController(LogoutController logoutController) {
        this.logoutController = logoutController;
    }

    @Override // org.springframework.web.servlet.mvc.AbstractController
    protected ModelAndView handleRequestInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        OIDCFilterSessionStore.SerializableKeycloakAccount serializableKeycloakAccount;
        if (!this.config.isEnabled()) {
            return null;
        }
        if (httpServletRequest.getParameter(WanCheckConsistencyRequest.SUCCESS) != null) {
            this.logoutController.handleRequestInternal(httpServletRequest, httpServletResponse);
            doRedirect(httpServletResponse, httpServletRequest.getContextPath());
            return null;
        }
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null || ((String) session.getAttribute(UserFactory.SESSION_ATTRIBUTE_KEY_USER_ID)) == null || (serializableKeycloakAccount = (OIDCFilterSessionStore.SerializableKeycloakAccount) session.getAttribute(KeycloakAccount.class.getName())) == null) {
            return null;
        }
        UrlBuilder urlBuilder = new UrlBuilder(KeycloakDeploymentBuilder.build(this.config.getAdapterConfig()).getLogoutUrl().m5939clone().build(new Object[0]).toString());
        urlBuilder.addParameter("id_token_hint", serializableKeycloakAccount.getKeycloakSecurityContext().getIdTokenString());
        urlBuilder.addParameter("post_logout_redirect_uri", httpServletRequest.getRequestURL() + "?success");
        doRedirect(httpServletResponse, urlBuilder.toString());
        return null;
    }

    protected void doRedirect(HttpServletResponse httpServletResponse, String str) {
        httpServletResponse.setStatus(301);
        httpServletResponse.setHeader("Location", str);
        httpServletResponse.setHeader("Cache-Control", "max-age=0");
    }
}
