package com.appiancorp.security.auth.logging;

import com.appiancorp.security.auth.SpringSecurityContextHelper;
import com.appiancorp.security.auth.rememberme.AppianPersistentTokenBasedRememberMeServices;
import com.appiancorp.security.auth.rememberme.RememberMeCookie;
import com.appiancorp.security.auth.rememberme.RememberMeLogCsvLayout;
import com.appiancorp.security.auth.rememberme.RememberMeToken;
import com.appiancorp.security.auth.rememberme.RememberMeTokenService;
import com.google.common.base.Optional;
import com.google.common.base.Stopwatch;
import com.google.common.collect.Lists;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.List;
import java.util.concurrent.Callable;
import java.util.concurrent.TimeUnit;
import javax.annotation.Nullable;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.springframework.http.HttpStatus;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.web.authentication.rememberme.InvalidCookieException;

/* loaded from: input_file:com/appiancorp/security/auth/logging/AuthenticationFilterLogger.class */
public class AuthenticationFilterLogger {
    static final DateFormat FORMATTER = new SimpleDateFormat("MM/dd/yyyy HH:mm:ss SSS z");
    static final String CLEAR_REMEMBER_ME_COOKIE = "SPRING_SECURITY_REMEMBER_ME_COOKIE=\"\"";
    static final String SPRING_SECURITY_CONTEXT = "SPRING_SECURITY_CONTEXT";
    static final String SET_COOKIE_HEADER = "Set-Cookie";
    static final String UNKNOWN_USER = "unknown";
    static final String REQUEST_EXCEPTION_LOG = "Exception thrown collecting logging info from request.";
    static final String RESPONSE_EXCEPTION_LOG = "Exception thrown collecting logging info from response.";
    private final Logger log4jLogger;
    private final HttpServletRequest request;
    private final HttpServletResponse response;
    private final RememberMeTokenService rememberMeTokenService;
    private final AuthenticationLogEntry logEntry = new AuthenticationLogEntry();
    private Optional<Exception> requestLoggingException = Optional.absent();
    private Optional<Exception> responseLoggingException = Optional.absent();
    private final Stopwatch timer = Stopwatch.createUnstarted();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/appiancorp/security/auth/logging/AuthenticationFilterLogger$AuthenticationLogEntry.class */
    public final class AuthenticationLogEntry {
        private final List<String> logData = Lists.newArrayList(new String[]{"", "", "", "", "", "", "", "", "", ""});

        public AuthenticationLogEntry() {
            this.logData.set(RememberMeLogCsvLayout.RememberMeLogColumn.TIMESTAMP.getColumnIndex(), AuthenticationFilterLogger.FORMATTER.format(new Date()));
        }

        public void setUsername(String str) {
            this.logData.set(RememberMeLogCsvLayout.RememberMeLogColumn.USERNAME.getColumnIndex(), str);
        }

        public void setRememberMeSeries(String str) {
            this.logData.set(RememberMeLogCsvLayout.RememberMeLogColumn.REMEMBER_ME_SERIES.getColumnIndex(), str);
        }

        public void setUrl(String str) {
            this.logData.set(RememberMeLogCsvLayout.RememberMeLogColumn.URL.getColumnIndex(), str);
        }

        public void setAuthenticated(boolean z) {
            this.logData.set(RememberMeLogCsvLayout.RememberMeLogColumn.IS_AUTHENTICATED_USER.getColumnIndex(), Boolean.toString(z));
        }

        public void setSeriesValid(boolean z) {
            this.logData.set(RememberMeLogCsvLayout.RememberMeLogColumn.IS_SERIES_VALID.getColumnIndex(), Boolean.toString(z));
        }

        public void setTokenValid(boolean z) {
            this.logData.set(RememberMeLogCsvLayout.RememberMeLogColumn.IS_TOKEN_VALID.getColumnIndex(), Boolean.toString(z));
        }

        public void setNewTokenIssued(boolean z) {
            this.logData.set(RememberMeLogCsvLayout.RememberMeLogColumn.WAS_NEW_TOKEN_ISSUED.getColumnIndex(), Boolean.toString(z));
        }

        public void setResponseStatusCode(int i, Optional<Exception> optional) {
            String num = Integer.toString(i);
            if (optional.isPresent()) {
                num = HttpStatus.INTERNAL_SERVER_ERROR.toString();
            }
            this.logData.set(RememberMeLogCsvLayout.RememberMeLogColumn.HTTP_RESPONSE_CODE.getColumnIndex(), num);
        }

        public void setRequestDurationMs(long j) {
            this.logData.set(RememberMeLogCsvLayout.RememberMeLogColumn.REQUEST_DURATION.getColumnIndex(), Long.toString(j));
        }

        public List<String> getLogData() {
            return this.logData;
        }
    }

    public AuthenticationFilterLogger(Logger logger, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, RememberMeTokenService rememberMeTokenService) {
        this.log4jLogger = logger;
        this.request = httpServletRequest;
        this.response = httpServletResponse;
        this.rememberMeTokenService = rememberMeTokenService;
    }

    public void startRequestDurationTimer() {
        this.timer.start();
    }

    public void recordRequestData() {
        try {
            gatherRequestUrl();
            gatherRememberMeInfo();
            gatherAuthenticationInfo();
        } catch (Exception e) {
            this.requestLoggingException = Optional.of(e);
        }
    }

    public void recordResponseData(Optional<Exception> optional) {
        try {
            this.logEntry.setRequestDurationMs(this.timer.elapsed(TimeUnit.MILLISECONDS));
            HttpServletResponse httpServletResponse = this.response;
            this.logEntry.setNewTokenIssued(wasNewTokenIssued(httpServletResponse));
            this.logEntry.setResponseStatusCode(httpServletResponse.getStatus(), optional);
        } catch (Exception e) {
            this.responseLoggingException = Optional.of(e);
        }
    }

    public void stopRequestDurationTimer() {
        this.timer.stop();
    }

    public void log() {
        if (this.requestLoggingException.isPresent()) {
            this.log4jLogger.error(Lists.newArrayList(new String[]{REQUEST_EXCEPTION_LOG, ((Exception) this.requestLoggingException.get()).getMessage()}));
        }
        if (this.responseLoggingException.isPresent()) {
            this.log4jLogger.error(Lists.newArrayList(new String[]{RESPONSE_EXCEPTION_LOG, ((Exception) this.responseLoggingException.get()).getMessage()}));
        }
        this.log4jLogger.info(this.logEntry.getLogData());
    }

    private void gatherRequestUrl() {
        StringBuffer requestURL = this.request.getRequestURL();
        String queryString = this.request.getQueryString();
        if (queryString != null) {
            requestURL.append('?').append(queryString);
        }
        this.logEntry.setUrl(requestURL.toString());
    }

    private void gatherRememberMeInfo() {
        Optional<String> valueForSpringRememberMeCookie = getValueForSpringRememberMeCookie(this.request.getCookies());
        if (valueForSpringRememberMeCookie.isPresent()) {
            gatherSeriesAndTokenInfo(validateAndGetCookie((String) valueForSpringRememberMeCookie.get()));
        }
    }

    private void gatherSeriesAndTokenInfo(Optional<RememberMeCookie> optional) {
        if (optional.isPresent()) {
            this.logEntry.setRememberMeSeries(((RememberMeCookie) optional.get()).getSeries());
            gatherValidityOfRememberMeToken((RememberMeCookie) optional.get(), getRememberMeTokenFromServer((RememberMeCookie) optional.get()));
        }
    }

    private void gatherValidityOfRememberMeToken(RememberMeCookie rememberMeCookie, RememberMeToken rememberMeToken) {
        if (rememberMeToken == null) {
            this.logEntry.setSeriesValid(false);
        } else {
            this.logEntry.setSeriesValid(true);
            this.logEntry.setTokenValid(rememberMeCookie.getToken().equals(rememberMeToken.getToken()));
        }
    }

    private Optional<RememberMeCookie> validateAndGetCookie(String str) {
        try {
            return Optional.of(new RememberMeCookie(str));
        } catch (InvalidCookieException e) {
            this.logEntry.setRememberMeSeries("Invalid Remember Me cookie: " + str);
            return Optional.absent();
        }
    }

    private RememberMeToken getRememberMeTokenFromServer(final RememberMeCookie rememberMeCookie) {
        return (RememberMeToken) SpringSecurityContextHelper.runAsAdmin(new Callable<RememberMeToken>() { // from class: com.appiancorp.security.auth.logging.AuthenticationFilterLogger.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.util.concurrent.Callable
            public RememberMeToken call() throws Exception {
                return AuthenticationFilterLogger.this.rememberMeTokenService.getBySeries(rememberMeCookie.getSeries());
            }
        });
    }

    private void gatherAuthenticationInfo() {
        Authentication authentication;
        HttpSession session = this.request.getSession(false);
        SecurityContext securityContext = null;
        if (session != null) {
            securityContext = (SecurityContext) session.getAttribute("SPRING_SECURITY_CONTEXT");
        }
        if (securityContext == null || (authentication = securityContext.getAuthentication()) == null) {
            this.logEntry.setUsername(UNKNOWN_USER);
            this.logEntry.setAuthenticated(false);
        } else {
            this.logEntry.setUsername(authentication.getName());
            this.logEntry.setAuthenticated(authentication.isAuthenticated());
        }
    }

    private Optional<String> getValueForSpringRememberMeCookie(@Nullable Cookie[] cookieArr) {
        Optional<String> absent = Optional.absent();
        if (cookieArr != null) {
            int length = cookieArr.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                Cookie cookie = cookieArr[i];
                if (cookie.getName().equals(AppianPersistentTokenBasedRememberMeServices.REMEMBER_ME_COOKIE_NAME)) {
                    absent = Optional.of(cookie.getValue());
                    break;
                }
                i++;
            }
        }
        return absent;
    }

    private boolean wasNewTokenIssued(HttpServletResponse httpServletResponse) {
        for (String str : httpServletResponse.getHeaders(SET_COOKIE_HEADER)) {
            if (str.startsWith(AppianPersistentTokenBasedRememberMeServices.REMEMBER_ME_COOKIE_NAME)) {
                return !str.startsWith(CLEAR_REMEMBER_ME_COOKIE);
            }
        }
        return false;
    }
}
