package cn.xuqiudong.sso.client.filter;

import cn.xuqiudong.common.base.tool.Tools;
import cn.xuqiudong.sso.common.util.SsoSessionUtil;
import java.io.IOException;
import java.net.URLEncoder;
import java.util.function.Consumer;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:cn/xuqiudong/sso/client/filter/LogoutFilter.class */
public class LogoutFilter extends BaseClientFilter {
    private Consumer<String> afterLogout;

    public void setAfterLogout(Consumer<String> consumer) {
        this.afterLogout = consumer;
    }

    @Override // cn.xuqiudong.sso.client.filter.BaseClientFilter
    public boolean isAccessAllowed(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String logoutParam = getLogoutParam(httpServletRequest);
        if (!StringUtils.isNotBlank(logoutParam)) {
            if (!this.clientLogoutUrl.equals(Tools.getRequestUrl(httpServletRequest))) {
                return true;
            }
            redirectLogout(httpServletRequest, httpServletResponse);
            return false;
        }
        this.logger.info("sso server回调客户销毁session, accessToken = {}", logoutParam);
        if (this.afterLogout != null) {
            this.afterLogout.accept(logoutParam);
        }
        destroySession(logoutParam);
        redirectLogin(httpServletRequest, httpServletResponse);
        return false;
    }

    @Override // cn.xuqiudong.sso.client.filter.BaseClientFilter
    String getRedirectUrl(HttpServletRequest httpServletRequest) {
        return Tools.getRootUrl(httpServletRequest);
    }

    private void redirectLogout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String str = getServerUrl() + "/logout?appId=" + getAppId() + "&redirectUri=" + URLEncoder.encode(Tools.getRootUrl(httpServletRequest), "utf-8");
        SsoSessionUtil.removeAccessToken(httpServletRequest);
        httpServletResponse.sendRedirect(str);
    }

    private void destroySession(String str) {
        HttpSession removeSessionByMappingId = getSessionMappingStorage().removeSessionByMappingId(str);
        if (removeSessionByMappingId != null) {
            removeSessionByMappingId.invalidate();
        }
    }

    private String getLogoutParam(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getHeader("logoutRequest");
    }
}
