package net.n2oapp.framework.security.admin.gateway.adapter;

import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.util.Collections;
import java.util.Map;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.core.userdetails.User;

/* loaded from: input_file:net/n2oapp/framework/security/admin/gateway/adapter/BackChannelLogoutServlet.class */
public class BackChannelLogoutServlet extends HttpServlet {
    private static final String USERNAME = "username";
    private ObjectMapper mapper;
    private SessionRegistry sessionRegistry;
    private final JwtVerifier jwtVerifier;

    public BackChannelLogoutServlet(SessionRegistry sessionRegistry, JwtVerifier jwtVerifier) {
        this.mapper = new ObjectMapper();
        this.sessionRegistry = sessionRegistry;
        this.jwtVerifier = jwtVerifier;
    }

    public BackChannelLogoutServlet(SessionRegistry sessionRegistry, String str) {
        this(sessionRegistry, new JwtVerifier(str));
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        handleLogout(httpServletRequest);
    }

    private void handleLogout(HttpServletRequest httpServletRequest) {
        try {
            Map<String, Object> map = (Map) this.mapper.readValue(this.jwtVerifier.decodeAndVerify(((String[]) httpServletRequest.getParameterMap().get("logout_token"))[0]).getClaims(), new TypeReference<Map<String, Object>>() { // from class: net.n2oapp.framework.security.admin.gateway.adapter.BackChannelLogoutServlet.1
            });
            if (checkClaims(map)) {
                this.sessionRegistry.getAllSessions(new User(map.get(USERNAME).toString(), "N/A", Collections.emptyList()), true).forEach((v0) -> {
                    v0.expireNow();
                });
            }
        } catch (IOException e) {
            throw new IllegalStateException("Cannot read logout token", e);
        }
    }

    private boolean checkClaims(Map<String, Object> map) {
        return (map == null || !"LOGOUT".equals(map.get("event")) || map.get(USERNAME) == null) ? false : true;
    }
}
