package com.sun.identity.cli;

import com.google.common.collect.ImmutableMap;
import com.iplanet.am.util.SystemProperties;
import com.iplanet.dpro.session.SessionID;
import com.iplanet.services.naming.WebtopNaming;
import com.iplanet.sso.SSOToken;
import com.sun.identity.log.LogRecord;
import com.sun.identity.log.messageid.LogMessageID;
import com.sun.identity.log.messageid.LogMessageProvider;
import com.sun.identity.log.messageid.MessageProviderFactory;
import com.sun.identity.security.AdminTokenAction;
import com.sun.identity.shared.debug.Debug;
import java.io.IOException;
import java.net.URISyntaxException;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import java.util.logging.Level;
import org.forgerock.audit.events.AccessAuditEventBuilder;
import org.forgerock.audit.events.AuthenticationAuditEventBuilder;
import org.forgerock.guice.core.InjectorHolder;
import org.forgerock.http.Client;
import org.forgerock.http.HttpApplicationException;
import org.forgerock.http.header.AcceptApiVersionHeader;
import org.forgerock.http.protocol.Request;
import org.forgerock.http.protocol.Response;
import org.forgerock.http.routing.Version;
import org.forgerock.json.JsonValue;
import org.forgerock.openam.audit.AMAccessAuditEventBuilder;
import org.forgerock.openam.audit.AMAuthenticationAuditEventBuilder;
import org.forgerock.openam.audit.AuditConstants;
import org.forgerock.openam.utils.Time;
import org.forgerock.util.Function;
import org.forgerock.util.promise.NeverThrowsException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/sun/identity/cli/LogWriter.class */
public class LogWriter {
    private static final String LOG_MSG_XML = "CLI";
    public static final int LOG_ACCESS = 0;
    public static final int LOG_ERROR = 1;
    private static final Debug DEBUG = Debug.getInstance("amCLI");
    private static final List<String> IGNORED_LOG_FIELDS = Arrays.asList("error message", "realm", "user id");
    private static final Map<String, String> NORMALIZED_FIELD_NAMES = new ImmutableMap.Builder().put("name of realm", "realm").put("realm where entity resides", "realm").put("realm where circle of trust resides", "realm").build();
    private static final Client client = (Client) InjectorHolder.getInstance(Client.class);
    private static Function<Response, Void, NeverThrowsException> WARN_OF_FAILURES_FUNCTION = new Function<Response, Void, NeverThrowsException>() { // from class: com.sun.identity.cli.LogWriter.1
        private final Logger logger = LoggerFactory.getLogger("amAudit");

        public Void apply(Response response) throws NeverThrowsException {
            String str;
            if (!response.getStatus().isSuccessful()) {
                try {
                    str = response.getEntity().getString();
                } catch (IOException e) {
                    str = "--unknown--";
                }
                this.logger.warn("Could not log audit via REST API: Status: {}, Response: {}", response.getStatus(), str);
            }
            response.close();
            return null;
        }
    };

    private LogWriter() {
    }

    public static void log(CommandManager commandManager, int i, Level level, String str, String[] strArr, SSOToken sSOToken) throws CLIException {
        com.sun.identity.log.Logger logger;
        LogRecord createLogRecord;
        if (commandManager.isLogOff()) {
            return;
        }
        String logName = commandManager.getLogName();
        switch (i) {
            case 1:
                logger = (com.sun.identity.log.Logger) com.sun.identity.log.Logger.getLogger(logName + ".error");
                break;
            default:
                logger = com.sun.identity.log.Logger.getLogger(logName + ".access");
                break;
        }
        try {
            LogMessageProvider provider = MessageProviderFactory.getProvider(LOG_MSG_XML);
            SSOToken sSOToken2 = (SSOToken) AccessController.doPrivileged((PrivilegedAction) AdminTokenAction.getInstance());
            if (sSOToken == null) {
                sSOToken = sSOToken2;
            }
            if (logger.isLoggable(level) && (createLogRecord = provider.createLogRecord(str, strArr, sSOToken)) != null) {
                logger.log(createLogRecord, sSOToken2);
            }
            logToAuditService(i, str, strArr, sSOToken, provider, sSOToken2);
        } catch (Exception e) {
            throw new CLIException(e, 25);
        }
    }

    private static void logToAuditService(int i, String str, String[] strArr, SSOToken sSOToken, LogMessageProvider logMessageProvider, SSOToken sSOToken2) throws Exception {
        AMAuthenticationAuditEventBuilder accessEventBuilder;
        String str2;
        String substring = str.substring(str.indexOf(95) + 1);
        LogMessageID logMessageID = (LogMessageID) logMessageProvider.getAllHashMessageIDs().get(str);
        if (logMessageID == null) {
            DEBUG.error("Attempted audit logging for unknown message ID {}", new Object[]{str});
            return;
        }
        List dataColumns = logMessageID.getDataColumns();
        if ("LOGIN".equals(substring) && !str.startsWith("ATTEMPT")) {
            accessEventBuilder = authenticationEventBuilder(i, str, dataColumns, strArr);
            str2 = "authentication";
        } else {
            if ("LOGIN".equals(substring)) {
                return;
            }
            accessEventBuilder = accessEventBuilder(i, str, strArr, substring, dataColumns);
            str2 = "access";
        }
        JsonValue value = accessEventBuilder.transactionId(CommandManager.TRANSACTION_ID.getValue()).timestamp(Time.currentTimeMillis()).userId(sSOToken.getPrincipal().getName()).trackingIdFromSSOToken(sSOToken).component(AuditConstants.Component.SSOADM).toEvent().getValue();
        String sSOTokenID = sSOToken2.getTokenID().toString();
        sendEvent(str2, value, sSOTokenID, WebtopNaming.mapSiteToServer(new SessionID(sSOTokenID)));
    }

    private static void sendEvent(String str, JsonValue jsonValue, String str2, String str3) throws HttpApplicationException, URISyntaxException {
        String str4;
        Request request = new Request();
        request.setMethod("POST");
        if (jsonValue.isDefined("realm")) {
            String asString = jsonValue.get("realm").asString();
            str4 = str3 + "/json/realm-audit" + (asString.endsWith("/") ? asString : asString + "/");
        } else {
            str4 = str3 + "/json/global-audit/";
        }
        request.setUri(str4 + str + "?_action=create");
        request.getHeaders().add(SystemProperties.get("com.iplanet.am.cookie.name"), str2);
        request.getHeaders().add(new AcceptApiVersionHeader(Version.version(1), Version.version(1)));
        request.getEntity().setJson(jsonValue.getObject());
        client.send(request).then(WARN_OF_FAILURES_FUNCTION);
    }

    private static AMAccessAuditEventBuilder accessEventBuilder(int i, String str, String[] strArr, String str2, List<String> list) {
        AMAccessAuditEventBuilder aMAccessAuditEventBuilder = new AMAccessAuditEventBuilder();
        String str3 = null;
        JsonValue json = JsonValue.json(JsonValue.object(new Map.Entry[0]));
        if (strArr != null) {
            for (int i2 = 0; i2 < strArr.length; i2++) {
                String lowerCase = list.get(i2).toLowerCase();
                if (NORMALIZED_FIELD_NAMES.containsKey(lowerCase)) {
                    lowerCase = NORMALIZED_FIELD_NAMES.get(lowerCase);
                }
                if (!IGNORED_LOG_FIELDS.contains(lowerCase)) {
                    json.put(lowerCase, strArr[i2]);
                } else if (lowerCase.equals("realm")) {
                    str3 = strArr[i2];
                }
            }
        }
        aMAccessAuditEventBuilder.request("ssoadm", str2, json);
        if (i == 1) {
            int indexOf = list.indexOf("error message");
            if (indexOf > -1) {
                aMAccessAuditEventBuilder.responseWithDetail(AccessAuditEventBuilder.ResponseStatus.FAILED, (String) null, JsonValue.json(JsonValue.object(new Map.Entry[]{JsonValue.field("message", strArr[indexOf])})));
            } else {
                aMAccessAuditEventBuilder.response(AccessAuditEventBuilder.ResponseStatus.FAILED, (String) null);
            }
            aMAccessAuditEventBuilder.eventName(AuditConstants.EventName.AM_ACCESS_OUTCOME);
        } else if (str.startsWith("SUCCEED")) {
            aMAccessAuditEventBuilder.response(AccessAuditEventBuilder.ResponseStatus.SUCCESSFUL, (String) null);
            aMAccessAuditEventBuilder.eventName(AuditConstants.EventName.AM_ACCESS_OUTCOME);
        } else {
            aMAccessAuditEventBuilder.eventName(AuditConstants.EventName.AM_ACCESS_ATTEMPT);
        }
        if (str3 != null) {
            aMAccessAuditEventBuilder.realm(str3);
        }
        return aMAccessAuditEventBuilder;
    }

    private static AMAuthenticationAuditEventBuilder authenticationEventBuilder(int i, String str, List<String> list, String[] strArr) {
        AMAuthenticationAuditEventBuilder principal = new AMAuthenticationAuditEventBuilder().principal(strArr[list.indexOf("user ID")]);
        if (!str.startsWith("ATTEMPT")) {
            principal.result(i == 1 ? AuthenticationAuditEventBuilder.Status.FAILED : AuthenticationAuditEventBuilder.Status.SUCCESSFUL);
        }
        return principal.eventName(AuditConstants.EventName.AM_LOGIN_COMPLETED);
    }
}
