package com.atlassian.jira.web.action.user;

import com.atlassian.jira.security.JiraAuthenticationContext;
import com.atlassian.jira.security.login.LoginManager;
import com.atlassian.jira.security.request.RequestMethod;
import com.atlassian.jira.security.request.SupportedMethods;
import com.atlassian.jira.security.xsrf.DoesNotRequireXsrfCheck;
import com.atlassian.jira.security.xsrf.XsrfCheckResult;
import com.atlassian.jira.security.xsrf.XsrfInvocationChecker;
import com.atlassian.jira.web.action.JiraWebActionSupport;
import com.atlassian.jira.web.action.admin.EditApplicationProperties;
import com.atlassian.seraph.service.rememberme.RememberMeService;
import webwork.action.ActionContext;
import webwork.action.ServletActionContext;

/* loaded from: input_file:com/atlassian/jira/web/action/user/Logout.class */
public class Logout extends JiraWebActionSupport {
    private static final String LOGOUT = "logout";
    private static final String CONFIRM = "confirm";
    private static final String ALREADY_LOGGED_OUT = "alreadyloggedout";
    private final LoginManager loginManager;
    private final XsrfInvocationChecker xsrfInvocationChecker;
    private final JiraAuthenticationContext authenticationContext;
    private RememberMeService rememberMeService;

    public Logout(LoginManager loginManager, XsrfInvocationChecker xsrfInvocationChecker, RememberMeService rememberMeService, JiraAuthenticationContext jiraAuthenticationContext) {
        this.loginManager = loginManager;
        this.xsrfInvocationChecker = xsrfInvocationChecker;
        this.authenticationContext = jiraAuthenticationContext;
        this.rememberMeService = rememberMeService;
    }

    @DoesNotRequireXsrfCheck
    @SupportedMethods({RequestMethod.GET, RequestMethod.POST})
    protected String doExecute() throws Exception {
        XsrfCheckResult checkWebRequestInvocation = this.xsrfInvocationChecker.checkWebRequestInvocation(ActionContext.getRequest());
        if (checkWebRequestInvocation.isValid()) {
            this.loginManager.logout(ActionContext.getRequest(), ActionContext.getResponse());
            return LOGOUT;
        }
        if (checkWebRequestInvocation.isOriginAllowed()) {
            return isUserAuthenticated() ? CONFIRM : ALREADY_LOGGED_OUT;
        }
        ServletActionContext.getResponse().sendError(403);
        return "none";
    }

    @DoesNotRequireXsrfCheck
    @SupportedMethods({RequestMethod.GET})
    public String doDefault() throws Exception {
        XsrfCheckResult checkWebRequestInvocation = this.xsrfInvocationChecker.checkWebRequestInvocation(ActionContext.getRequest());
        if (!checkWebRequestInvocation.isValid()) {
            if (checkWebRequestInvocation.isOriginAllowed()) {
                return isUserAuthenticated() ? CONFIRM : ALREADY_LOGGED_OUT;
            }
            ServletActionContext.getResponse().sendError(403);
            return "none";
        }
        String defaultBackedString = getApplicationProperties().getDefaultBackedString("jira.option.logoutconfirm");
        if (EditApplicationProperties.LOGOUT_CONFIRM_ALWAYS.equals(defaultBackedString)) {
            return CONFIRM;
        }
        if (EditApplicationProperties.LOGOUT_CONFIRM_COOKIE.equals(defaultBackedString) && this.rememberMeService.getRememberMeCookieAuthenticatedUsername(ActionContext.getRequest(), ActionContext.getResponse()) != null) {
            return CONFIRM;
        }
        this.loginManager.logout(ActionContext.getRequest(), ActionContext.getResponse());
        return LOGOUT;
    }

    private boolean isUserAuthenticated() {
        return this.authenticationContext.getUser() != null;
    }
}
