package org.zowe.apiml.zaas.security.config;

import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.util.Optional;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.zowe.apiml.security.common.handler.FailedAuthenticationHandler;
import org.zowe.apiml.security.common.token.TokenFormatNotValidException;
import org.zowe.apiml.security.common.token.TokenNotProvidedException;
import org.zowe.apiml.security.common.token.TokenNotValidException;
import org.zowe.apiml.zaas.security.service.AuthenticationService;

/* loaded from: input_file:org/zowe/apiml/zaas/security/config/JWTLogoutHandler.class */
public class JWTLogoutHandler implements LogoutHandler {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(JWTLogoutHandler.class);
    private final AuthenticationService authenticationService;
    private final FailedAuthenticationHandler failure;

    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        Optional<String> jwtTokenFromRequest = this.authenticationService.getJwtTokenFromRequest(httpServletRequest);
        try {
            if (jwtTokenFromRequest.isPresent()) {
                invalidateJwtToken(this.failure, httpServletRequest, httpServletResponse, jwtTokenFromRequest.get());
            } else {
                this.failure.onAuthenticationFailure(httpServletRequest, httpServletResponse, new TokenNotProvidedException("The token you are trying to logout is not present in the header"));
            }
        } catch (ServletException e) {
            log.error("The response cannot be written during the logout exception handler: {}", e.getMessage());
        }
    }

    private void invalidateJwtToken(FailedAuthenticationHandler failedAuthenticationHandler, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws ServletException {
        if (Boolean.TRUE.equals(this.authenticationService.isInvalidated(str))) {
            failedAuthenticationHandler.onAuthenticationFailure(httpServletRequest, httpServletResponse, new TokenNotValidException("The token you are trying to logout is not valid"));
            return;
        }
        try {
            this.authenticationService.invalidateJwtToken(str, true);
        } catch (AuthenticationException e) {
            failedAuthenticationHandler.onAuthenticationFailure(httpServletRequest, httpServletResponse, e);
        } catch (Exception e2) {
            failedAuthenticationHandler.onAuthenticationFailure(httpServletRequest, httpServletResponse, new TokenNotValidException("Error while logging out token"));
        } catch (TokenNotValidException e3) {
            failedAuthenticationHandler.onAuthenticationFailure(httpServletRequest, httpServletResponse, new TokenFormatNotValidException(e3.getMessage()));
        }
    }

    @Generated
    public JWTLogoutHandler(AuthenticationService authenticationService, FailedAuthenticationHandler failedAuthenticationHandler) {
        this.authenticationService = authenticationService;
        this.failure = failedAuthenticationHandler;
    }
}
