package ozone.securitysample.authentication.audit;

import java.security.cert.X509Certificate;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Level;
import org.apache.log4j.Logger;
import org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent;
import org.springframework.security.authentication.event.AuthenticationFailureProviderNotFoundEvent;
import org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent;
import org.springframework.security.core.Authentication;
import ozone.security.authentication.OWFUserDetailsImpl;

/* loaded from: input_file:ozone/securitysample/authentication/audit/SecurityAuditLogger.class */
public class SecurityAuditLogger {
    private static final Logger logAudit = Logger.getLogger(SecurityAuditLogger.class);
    private static final AuthenticationUtils MP_AUTH_UTILS = new AuthenticationUtils();
    protected DateFormat eventDateFormatter = new SimpleDateFormat("MM/dd/yyyy HH:mm:ss Z");
    private static final String LOGIN_ACTION = "LOGIN";
    private static final String LOGOUT_ACTION = "LOGOUT";
    private static final String STATE_SUCCESS = "SUCCESS";
    private static final String STATE_FAILURE = "FAILURE";
    private static final String SUCCESS_LOGIN_STATUS = "LOGIN SUCCESS - ACCESS GRANTED";
    private static final String FAILURE_LOGIN_STATUS = "LOGIN FAILURE - ACCESS DENIED";

    public boolean isInfo() {
        return logAudit.getLevel() == Level.INFO;
    }

    public boolean isDebug() {
        return logAudit.getLevel() == Level.DEBUG;
    }

    public void logSuccessLoginMsg(InteractiveAuthenticationSuccessEvent interactiveAuthenticationSuccessEvent) {
        if (interactiveAuthenticationSuccessEvent == null) {
            return;
        }
        logEventSuccessMsg(interactiveAuthenticationSuccessEvent.getAuthentication(), LOGIN_ACTION);
    }

    public void logSuccessLogoutMsg(Authentication authentication) {
        logEventSuccessMsg(authentication, LOGOUT_ACTION);
    }

    private void logEventSuccessMsg(Authentication authentication, String str) {
        if (authentication == null) {
            return;
        }
        Object principal = authentication.getPrincipal();
        Object credentials = authentication.getCredentials();
        HashMap hashMap = (HashMap) MP_AUTH_UTILS.getDetailsMap(authentication);
        if (principal instanceof OWFUserDetailsImpl) {
            StringBuffer append = new StringBuffer("[USER ").append(str).append("]:").append(getMsgByActionType(STATE_SUCCESS, str)).append(" USER [").append((String) hashMap.get(AuthenticationUtils.MAP_KEY_USERNAME)).append("], ").append("with DISPLAY NAME [").append(((OWFUserDetailsImpl) principal).getDisplayName()).append("], ").append("with AUTHORITIES [").append(((OWFUserDetailsImpl) principal).displayAuthorities()).append("], ").append("with ORGANIZATION [").append(((OWFUserDetailsImpl) principal).getOrganization()).append("], ").append("with EMAIL [").append(((OWFUserDetailsImpl) principal).getEmail()).append("] ").append("with CREDENTIALS [");
            if (credentials instanceof X509Certificate) {
                if (isDebug()) {
                    X509Certificate x509Certificate = (X509Certificate) credentials;
                    append.append("CERTIFICATE ").append(str).append(" >> Signature Algorithm: [").append(x509Certificate.getSigAlgName()).append(", OID = ").append(x509Certificate.getSigAlgOID()).append("]; ");
                    append.append("Subject: [").append(x509Certificate.getSubjectDN()).append("]; ");
                    append.append("Validity: [").append("From: ").append(x509Certificate.getNotBefore()).append(", To: ").append(x509Certificate.getNotAfter()).append("]; ");
                    append.append("Issuer: [").append(x509Certificate.getIssuerDN()).append("]; ");
                } else {
                    append.append("CERTIFICATE ").append(str);
                }
            } else if ((credentials instanceof String) && ((String) credentials).toLowerCase().contains("cas")) {
                if (isDebug()) {
                    append.append("CAS ").append(str).append(" >> ").append(credentials);
                } else {
                    append.append("CAS ").append(str);
                }
            } else if (isDebug()) {
                append.append("SUCCESSFUL ").append(str).append(" >> ").append(credentials);
            } else {
                append.append("SUCCESSFUL ").append(str);
            }
            append.append("]");
            String stringBuffer = append.toString();
            String str2 = (String) hashMap.get(AuthenticationUtils.MAP_KEY_SESSION_ID);
            if (isInfo()) {
                logAuditMsg((String) hashMap.get(AuthenticationUtils.MAP_KEY_IP_ADDRESS), str2, (String) hashMap.get(AuthenticationUtils.MAP_KEY_USERNAME), stringBuffer, 20000);
            } else if (isDebug()) {
                logAuditMsg((String) hashMap.get(AuthenticationUtils.MAP_KEY_IP_ADDRESS), str2, (String) hashMap.get(AuthenticationUtils.MAP_KEY_USERNAME), stringBuffer, 10000);
            }
        }
    }

    public void logFailureLoginMsg(AbstractAuthenticationFailureEvent abstractAuthenticationFailureEvent) {
        logEventFailureMsg(abstractAuthenticationFailureEvent, LOGIN_ACTION);
    }

    private void logEventFailureMsg(AbstractAuthenticationFailureEvent abstractAuthenticationFailureEvent, String str) {
        Authentication authentication;
        String str2;
        if (abstractAuthenticationFailureEvent == null || (authentication = (Authentication) abstractAuthenticationFailureEvent.getSource()) == null) {
            return;
        }
        Object principal = authentication.getPrincipal();
        Object credentials = authentication.getCredentials();
        String message = abstractAuthenticationFailureEvent.getException().getMessage();
        HashMap hashMap = (HashMap) MP_AUTH_UTILS.getDetailsMap(authentication);
        if (abstractAuthenticationFailureEvent instanceof AuthenticationFailureProviderNotFoundEvent) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("Login for ").append(principal instanceof String ? "'" + principal + "' " : "a user with principal '" + principal + "' ").append("attempted with authenticated credentials [");
            if (credentials instanceof X509Certificate) {
                if (isDebug()) {
                    X509Certificate x509Certificate = (X509Certificate) credentials;
                    stringBuffer.append("CERTIFICATE ").append(str).append(" >> Signature Algorithm: [").append(x509Certificate.getSigAlgName()).append(", OID = ").append(x509Certificate.getSigAlgOID()).append("]; ");
                    stringBuffer.append("Subject: [").append(x509Certificate.getSubjectDN()).append("]; ");
                    stringBuffer.append("Validity: [").append("From: ").append(x509Certificate.getNotBefore()).append(", To: ").append(x509Certificate.getNotAfter()).append("]; ");
                    stringBuffer.append("Issuer: [").append(x509Certificate.getIssuerDN()).append("]; ");
                } else {
                    stringBuffer.append("CERTIFICATE ").append(str);
                }
            } else if ((credentials instanceof String) && ((String) credentials).toLowerCase().contains("cas")) {
                if (isDebug()) {
                    stringBuffer.append("CAS ").append(str).append(" >> ").append(credentials);
                } else {
                    stringBuffer.append("CAS ").append(str);
                }
            } else if (isDebug()) {
                stringBuffer.append("FAILURE ").append(str).append(" >> ").append(credentials);
            } else {
                stringBuffer.append("FAILURE ").append(str);
            }
            stringBuffer.append("]; However, the Provider was not found. Access is DENIED.");
            if (isDebug()) {
                stringBuffer.append(str).append(" Exception Message: [").append(message).append("]");
            }
            str2 = stringBuffer.toString();
        } else {
            str2 = "Authentication Failure Message : " + message;
        }
        String stringBuffer2 = new StringBuffer("[USER ").append(str).append("]:").append(getMsgByActionType(STATE_FAILURE, str)).append(" with FAILURE MSG [").append(str2).append("]").toString();
        String str3 = (String) hashMap.get(AuthenticationUtils.MAP_KEY_SESSION_ID);
        if (isInfo()) {
            logAuditMsg((String) hashMap.get(AuthenticationUtils.MAP_KEY_IP_ADDRESS), str3, (String) hashMap.get(AuthenticationUtils.MAP_KEY_USERNAME), stringBuffer2, 20000);
        } else if (isDebug()) {
            logAuditMsg((String) hashMap.get(AuthenticationUtils.MAP_KEY_IP_ADDRESS), str3, (String) hashMap.get(AuthenticationUtils.MAP_KEY_USERNAME), stringBuffer2, 10000);
        }
    }

    private String getMsgByActionType(String str, String str2) {
        return (LOGIN_ACTION.equals(str2) && STATE_SUCCESS.equals(str)) ? SUCCESS_LOGIN_STATUS : (LOGIN_ACTION.equals(str2) && STATE_FAILURE.equals(str)) ? FAILURE_LOGIN_STATUS : str2;
    }

    public void logAuditMsg(String str, String str2, String str3, String str4, int i) {
        StringBuffer stringBuffer = new StringBuffer();
        boolean z = false;
        stringBuffer.append("[").append(this.eventDateFormatter.format(new Date())).append("] ");
        if (StringUtils.isNotBlank(str)) {
            stringBuffer.append("IP: ").append(str);
            z = true;
        }
        if (StringUtils.isNotBlank(str2)) {
            stringBuffer.append(z ? " " : "").append("SessionID: ").append(str2);
            z = true;
        }
        if (StringUtils.isNotBlank(str3)) {
            stringBuffer.append(z ? " " : "").append("User: ").append(str3);
            z = true;
        }
        stringBuffer.append(z ? " " : "").append(str4);
        String stringBuffer2 = stringBuffer.toString();
        switch (i) {
            case 10000:
                logAudit.debug(stringBuffer2);
                return;
            case 20000:
                logAudit.info(stringBuffer2);
                return;
            case 30000:
                logAudit.warn(stringBuffer2);
                return;
            case 40000:
                logAudit.error(stringBuffer2);
                return;
            case 50000:
                logAudit.fatal(stringBuffer2);
                return;
            default:
                return;
        }
    }

    public Logger getLogAudit() {
        return logAudit;
    }
}
