package org.springframework.security.web.server.authentication.logout;

import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.config.Elements;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.ReactiveSecurityContextHolder;
import org.springframework.security.web.server.WebFilterExchange;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers;
import org.springframework.util.Assert;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.WebFilter;
import org.springframework.web.server.WebFilterChain;
import reactor.core.publisher.Mono;

/* loaded from: input_file:WEB-INF/lib/spring-security-web-5.0.0.RELEASE.jar:org/springframework/security/web/server/authentication/logout/LogoutWebFilter.class */
public class LogoutWebFilter implements WebFilter {
    private AnonymousAuthenticationToken anonymousAuthenticationToken = new AnonymousAuthenticationToken("key", Elements.ANONYMOUS, AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS"));
    private ServerLogoutHandler logoutHandler = new SecurityContextServerLogoutHandler();
    private ServerLogoutSuccessHandler logoutSuccessHandler = new RedirectServerLogoutSuccessHandler();
    private ServerWebExchangeMatcher requiresLogout = ServerWebExchangeMatchers.pathMatchers(HttpMethod.POST, "/logout");

    @Override // org.springframework.web.server.WebFilter
    public Mono<Void> filter(ServerWebExchange serverWebExchange, WebFilterChain webFilterChain) {
        return this.requiresLogout.matches(serverWebExchange).filter(matchResult -> {
            return matchResult.isMatch();
        }).switchIfEmpty(webFilterChain.filter(serverWebExchange).then(Mono.empty())).map(matchResult2 -> {
            return serverWebExchange;
        }).flatMap(this::flatMapAuthentication).flatMap(authentication -> {
            return logout(new WebFilterExchange(serverWebExchange, webFilterChain), authentication);
        });
    }

    private Mono<Authentication> flatMapAuthentication(ServerWebExchange serverWebExchange) {
        return serverWebExchange.getPrincipal().cast(Authentication.class).defaultIfEmpty(this.anonymousAuthenticationToken);
    }

    private Mono<Void> logout(WebFilterExchange webFilterExchange, Authentication authentication) {
        return this.logoutHandler.logout(webFilterExchange, authentication).then(this.logoutSuccessHandler.onLogoutSuccess(webFilterExchange, authentication)).subscriberContext(ReactiveSecurityContextHolder.clearContext());
    }

    public void setLogoutSuccessHandler(ServerLogoutSuccessHandler serverLogoutSuccessHandler) {
        Assert.notNull(serverLogoutSuccessHandler, "logoutSuccessHandler cannot be null");
        this.logoutSuccessHandler = serverLogoutSuccessHandler;
    }

    public void setLogoutHandler(ServerLogoutHandler serverLogoutHandler) {
        Assert.notNull(serverLogoutHandler, "logoutHandler must not be null");
        this.logoutHandler = serverLogoutHandler;
    }

    public void setRequiresLogoutMatcher(ServerWebExchangeMatcher serverWebExchangeMatcher) {
        Assert.notNull(serverWebExchangeMatcher, "requiresLogoutMatcher must not be null");
        this.requiresLogout = serverWebExchangeMatcher;
    }
}
