package com.ibm.ws.security.social.tai;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.security.WebTrustAssociationException;
import com.ibm.websphere.security.WebTrustAssociationFailedException;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.openidconnect.clients.common.ConvergedClientConfig;
import com.ibm.ws.security.openidconnect.clients.common.OidcSessionInfo;
import com.ibm.ws.security.openidconnect.clients.common.OidcSessionUtils;
import com.ibm.ws.security.social.Constants;
import com.ibm.ws.security.social.error.SocialLoginException;
import com.ibm.ws.security.social.internal.OidcLoginConfigImpl;
import com.ibm.ws.security.social.internal.utils.SocialTaiRequest;
import com.ibm.wsspi.security.tai.TAIResult;
import com.ibm.wsspi.security.tai.TrustAssociationInterceptor;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.util.Map;
import java.util.Properties;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Modified;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:com/ibm/ws/security/social/tai/SocialLoginSessionInvalidatorTAI.class */
public class SocialLoginSessionInvalidatorTAI implements TrustAssociationInterceptor {
    public static final TraceComponent tc = Tr.register(SocialLoginSessionInvalidatorTAI.class, "SOCIAL", "com.ibm.ws.security.social.resources.SocialMessages");
    TAIWebUtils taiWebUtils = new TAIWebUtils();
    TAIRequestHelper taiRequestHelper = new TAIRequestHelper();
    static final long serialVersionUID = -5947587764376783096L;

    @Activate
    protected void activate(ComponentContext componentContext, Map<String, Object> map) {
    }

    @Modified
    protected void modified(ComponentContext componentContext, Map<String, Object> map) {
    }

    @Deactivate
    protected void deactivate(ComponentContext componentContext) {
    }

    public boolean isTargetInterceptor(HttpServletRequest httpServletRequest) throws WebTrustAssociationException {
        this.taiRequestHelper.requestShouldBeHandledByTAI(httpServletRequest, this.taiRequestHelper.createSocialTaiRequestAndSetRequestAttribute(httpServletRequest));
        logoutIfSessionInvalidated(httpServletRequest);
        return false;
    }

    @FFDCIgnore({SocialLoginException.class})
    private void logoutIfSessionInvalidated(HttpServletRequest httpServletRequest) {
        SocialTaiRequest socialTaiRequest = (SocialTaiRequest) httpServletRequest.getAttribute(Constants.ATTRIBUTE_TAI_REQUEST);
        if (socialTaiRequest == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Request is missing SocialTaiRequest attribute.", new Object[0]);
                return;
            }
            return;
        }
        try {
            ConvergedClientConfig theOnlySocialLoginConfig = socialTaiRequest.getTheOnlySocialLoginConfig();
            if (theOnlySocialLoginConfig == null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Client config for request could not be found. An error must have occurred initializing this request.", new Object[0]);
                }
            } else {
                if (!(theOnlySocialLoginConfig instanceof ConvergedClientConfig)) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Client config not an instance of ConvergedClientConfig.", new Object[0]);
                        return;
                    }
                    return;
                }
                OidcSessionInfo sessionInfo = OidcSessionInfo.getSessionInfo(httpServletRequest, theOnlySocialLoginConfig);
                if (sessionInfo == null) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Session info could not be retrieved from client cookies.", new Object[0]);
                    }
                } else if (theOnlySocialLoginConfig instanceof OidcLoginConfigImpl) {
                    OidcSessionUtils.logoutIfSessionInvalidated(httpServletRequest, sessionInfo, (OidcLoginConfigImpl) theOnlySocialLoginConfig);
                }
            }
        } catch (SocialLoginException e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "A unique social login config wasn't found for this request. Exception was " + e.getMessage(), new Object[0]);
            }
        }
    }

    public TAIResult negotiateValidateandEstablishTrust(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return null;
    }

    public int initialize(Properties properties) throws WebTrustAssociationFailedException {
        return 0;
    }

    public String getVersion() {
        return null;
    }

    public String getType() {
        return null;
    }

    public void cleanup() {
    }
}
