package org.cloudfoundry.identity.uaa.audit.event;

import com.fasterxml.jackson.core.type.TypeReference;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Map;
import org.cloudfoundry.identity.uaa.audit.AuditEvent;
import org.cloudfoundry.identity.uaa.audit.AuditEventType;
import org.cloudfoundry.identity.uaa.audit.UaaAuditService;
import org.cloudfoundry.identity.uaa.oauth.UaaOauth2Authentication;
import org.cloudfoundry.identity.uaa.oauth.jwt.JwtHelper;
import org.cloudfoundry.identity.uaa.oauth.token.ClaimConstants;
import org.cloudfoundry.identity.uaa.util.JsonUtils;
import org.cloudfoundry.identity.uaa.util.UaaTokenUtils;
import org.cloudfoundry.identity.uaa.zone.IdentityZone;
import org.cloudfoundry.identity.uaa.zone.IdentityZoneHolder;
import org.springframework.context.ApplicationEvent;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
import org.springframework.util.StringUtils;

/* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-server-4.5.9.jar:org/cloudfoundry/identity/uaa/audit/event/AbstractUaaEvent.class */
public abstract class AbstractUaaEvent extends ApplicationEvent {
    private static final long serialVersionUID = -7639844193401892160L;
    private final transient IdentityZone identityZone;
    private Authentication authentication;

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractUaaEvent(Object obj) {
        super(obj);
        this.identityZone = IdentityZoneHolder.get();
        if (obj instanceof Authentication) {
            this.authentication = (Authentication) obj;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractUaaEvent(Object obj, Authentication authentication) {
        super(obj);
        this.identityZone = IdentityZoneHolder.get();
        this.authentication = authentication;
    }

    public void process(UaaAuditService uaaAuditService) {
        uaaAuditService.log(getAuditEvent(), getAuditEvent().getIdentityZoneId());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AuditEvent createAuditRecord(String str, AuditEventType auditEventType, String str2) {
        return new AuditEvent(auditEventType, str, str2, null, System.currentTimeMillis(), this.identityZone.getId());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AuditEvent createAuditRecord(String str, AuditEventType auditEventType, String str2, String str3) {
        return new AuditEvent(auditEventType, str, str2, str3, System.currentTimeMillis(), this.identityZone.getId());
    }

    public Authentication getAuthentication() {
        return this.authentication;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getOrigin(Principal principal) {
        if (!(principal instanceof Authentication)) {
            if (principal == null) {
                return null;
            }
            return principal.getName();
        }
        Authentication authentication = (Authentication) principal;
        StringBuilder sb = new StringBuilder();
        if (authentication instanceof OAuth2Authentication) {
            OAuth2Authentication oAuth2Authentication = (OAuth2Authentication) authentication;
            sb.append("client=").append(oAuth2Authentication.getOAuth2Request().getClientId());
            if (!oAuth2Authentication.isClientOnly()) {
                sb.append(", ").append("user=").append(oAuth2Authentication.getName());
            }
        } else {
            sb.append("caller=").append(authentication.getName());
        }
        if (authentication.getDetails() != null) {
            sb.append(", details=(");
            try {
                Map map = (Map) JsonUtils.readValue((String) authentication.getDetails(), new TypeReference<Map<String, Object>>() { // from class: org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent.1
                });
                if (map.containsKey("remoteAddress")) {
                    sb.append("remoteAddress=").append(map.get("remoteAddress")).append(", ");
                }
                sb.append("type=").append(authentication.getDetails().getClass().getSimpleName());
            } catch (Exception e) {
                sb.append(authentication.getDetails());
            }
            appendTokenDetails(authentication, sb);
            sb.append(")");
        }
        return sb.toString();
    }

    protected void appendTokenDetails(Authentication authentication, StringBuilder sb) {
        String str = null;
        if (authentication instanceof UaaOauth2Authentication) {
            str = ((UaaOauth2Authentication) authentication).getTokenValue();
        } else if (authentication.getDetails() instanceof OAuth2AuthenticationDetails) {
            str = ((OAuth2AuthenticationDetails) this.authentication.getDetails()).getTokenValue();
        }
        if (StringUtils.hasText(str)) {
            if (!UaaTokenUtils.isJwtToken(str)) {
                sb.append(", opaque-token=present");
                return;
            }
            try {
                Map map = (Map) JsonUtils.readValue(JwtHelper.decode(str).getClaims(), new TypeReference<Map<String, Object>>() { // from class: org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent.2
                });
                sb.append(", sub=").append(map.get("sub").toString()).append(", ").append("iss=").append(map.get(ClaimConstants.ISS).toString());
            } catch (Exception e) {
                sb.append(", <token extraction failed>");
            }
        }
    }

    public abstract AuditEvent getAuditEvent();

    /* JADX INFO: Access modifiers changed from: protected */
    public static Authentication getContextAuthentication() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            authentication = new Authentication() { // from class: org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent.3
                private static final long serialVersionUID = 1748694836774597624L;
                ArrayList<GrantedAuthority> authorities = new ArrayList<>();

                @Override // org.springframework.security.core.Authentication
                public Collection<? extends GrantedAuthority> getAuthorities() {
                    return this.authorities;
                }

                @Override // org.springframework.security.core.Authentication
                public Object getCredentials() {
                    return null;
                }

                @Override // org.springframework.security.core.Authentication
                public Object getDetails() {
                    return null;
                }

                @Override // org.springframework.security.core.Authentication
                public Object getPrincipal() {
                    return "null";
                }

                @Override // org.springframework.security.core.Authentication
                public boolean isAuthenticated() {
                    return false;
                }

                @Override // org.springframework.security.core.Authentication
                public void setAuthenticated(boolean z) throws IllegalArgumentException {
                }

                @Override // java.security.Principal
                public String getName() {
                    return "null";
                }
            };
        }
        return authentication;
    }

    public IdentityZone getIdentityZone() {
        return this.identityZone;
    }
}
