package org.graylog2.auditlog.jersey;

import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.base.Strings;
import com.google.common.io.ByteStreams;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import javax.annotation.Nullable;
import javax.annotation.Priority;
import javax.inject.Inject;
import javax.inject.Named;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.container.ContainerResponseContext;
import javax.ws.rs.container.ContainerResponseFilter;
import javax.ws.rs.container.ResourceInfo;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import javax.ws.rs.ext.Provider;
import org.glassfish.grizzly.http.server.Response;
import org.glassfish.jersey.server.ExtendedUriInfo;
import org.graylog2.auditlog.Actions;
import org.graylog2.auditlog.AuditLogger;
import org.graylog2.inputs.codecs.GelfChunkAggregator;
import org.graylog2.rest.RestTools;
import org.jboss.netty.handler.ipfilter.IpSubnet;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Provider
@Priority(GelfChunkAggregator.VALIDITY_PERIOD)
/* loaded from: input_file:org/graylog2/auditlog/jersey/AuditLogFilter.class */
public class AuditLogFilter implements ContainerRequestFilter, ContainerResponseFilter {
    private static final Logger LOG = LoggerFactory.getLogger(AuditLogFilter.class);
    private final ResourceInfo resourceInfo;
    private final ExtendedUriInfo extendedUriInfo;
    private final Response response;
    private final AuditLogger auditLogger;
    private final Set<IpSubnet> trustedProxies;
    private final ObjectMapper objectMapper;
    private byte[] bufferedRequestEntitiy = null;

    /* renamed from: org.graylog2.auditlog.jersey.AuditLogFilter$3, reason: invalid class name */
    /* loaded from: input_file:org/graylog2/auditlog/jersey/AuditLogFilter$3.class */
    static /* synthetic */ class AnonymousClass3 {
        static final /* synthetic */ int[] $SwitchMap$javax$ws$rs$core$Response$Status$Family = new int[Response.Status.Family.values().length];

        static {
            try {
                $SwitchMap$javax$ws$rs$core$Response$Status$Family[Response.Status.Family.CLIENT_ERROR.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$javax$ws$rs$core$Response$Status$Family[Response.Status.Family.SERVER_ERROR.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    @Inject
    public AuditLogFilter(@Context ResourceInfo resourceInfo, @Context ExtendedUriInfo extendedUriInfo, @Context org.glassfish.grizzly.http.server.Response response, AuditLogger auditLogger, @Named("trusted_proxies") Set<IpSubnet> set, ObjectMapper objectMapper) {
        this.resourceInfo = (ResourceInfo) Objects.requireNonNull(resourceInfo);
        this.extendedUriInfo = (ExtendedUriInfo) Objects.requireNonNull(extendedUriInfo);
        this.response = (org.glassfish.grizzly.http.server.Response) Objects.requireNonNull(response);
        this.auditLogger = (AuditLogger) Objects.requireNonNull(auditLogger);
        this.trustedProxies = (Set) Objects.requireNonNull(set);
        this.objectMapper = (ObjectMapper) Objects.requireNonNull(objectMapper);
    }

    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        Optional.ofNullable(this.resourceInfo.getResourceMethod()).filter(method -> {
            return MediaType.APPLICATION_JSON_TYPE.equals(containerRequestContext.getMediaType());
        }).map(method2 -> {
            return (AuditLog) method2.getAnnotation(AuditLog.class);
        }).ifPresent(auditLog -> {
            if (containerRequestContext.hasEntity() && auditLog.captureRequestEntity()) {
                this.bufferedRequestEntitiy = bufferRequestEntity(containerRequestContext);
            }
        });
    }

    @Nullable
    private byte[] bufferRequestEntity(ContainerRequestContext containerRequestContext) {
        InputStream entityStream = containerRequestContext.getEntityStream();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = null;
        try {
            ByteStreams.copy(entityStream, byteArrayOutputStream);
            bArr = byteArrayOutputStream.toByteArray();
            containerRequestContext.setEntityStream(new ByteArrayInputStream(bArr));
        } catch (IOException e) {
            LOG.debug("Error while buffering request entity", e);
        }
        return bArr;
    }

    public void filter(ContainerRequestContext containerRequestContext, ContainerResponseContext containerResponseContext) throws IOException {
        Optional.ofNullable(this.resourceInfo.getResourceMethod()).map(method -> {
            return (AuditLog) method.getAnnotation(AuditLog.class);
        }).ifPresent(auditLog -> {
            Map<String, Object> readResponseEntity;
            Map<String, Object> readRequestEntity;
            String subject = auditLog.subject();
            String userNameFromRequest = Strings.isNullOrEmpty(subject) ? RestTools.getUserNameFromRequest(containerRequestContext) : subject;
            String action = auditLog.action();
            String actionFromRequestMethod = Strings.isNullOrEmpty(action) ? getActionFromRequestMethod(containerRequestContext.getMethod()) : action;
            String object = auditLog.object();
            String remoteAddrFromRequest = RestTools.getRemoteAddrFromRequest(this.response.getRequest(), this.trustedProxies);
            HashMap hashMap = new HashMap();
            hashMap.put("remote_address", remoteAddrFromRequest);
            if (auditLog.captureRequestContext()) {
                MultivaluedMap pathParameters = this.extendedUriInfo.getPathParameters();
                if (!pathParameters.isEmpty()) {
                    hashMap.put("path_params", pathParameters);
                }
                MultivaluedMap queryParameters = this.extendedUriInfo.getQueryParameters();
                if (!queryParameters.isEmpty()) {
                    hashMap.put("query_params", queryParameters);
                }
            }
            if (this.bufferedRequestEntitiy != null && auditLog.captureRequestEntity() && (readRequestEntity = readRequestEntity(this.bufferedRequestEntitiy)) != null) {
                hashMap.put("request_entity", readRequestEntity);
            }
            if (containerResponseContext.hasEntity() && auditLog.captureResponseEntity() && (readResponseEntity = readResponseEntity(containerResponseContext)) != null) {
                hashMap.put("response_entity", readResponseEntity);
            }
            switch (AnonymousClass3.$SwitchMap$javax$ws$rs$core$Response$Status$Family[containerResponseContext.getStatusInfo().getFamily().ordinal()]) {
                case 1:
                case 2:
                    this.auditLogger.failure(userNameFromRequest, actionFromRequestMethod, object, hashMap);
                    return;
                default:
                    this.auditLogger.success(userNameFromRequest, actionFromRequestMethod, object, hashMap);
                    return;
            }
        });
    }

    @Nullable
    private Map<String, Object> readRequestEntity(byte[] bArr) {
        try {
            return (Map) this.objectMapper.readValue(bArr, new TypeReference<Map<String, Object>>() { // from class: org.graylog2.auditlog.jersey.AuditLogFilter.1
            });
        } catch (IOException e) {
            LOG.debug("Couldn't capture request entity", e);
            return null;
        }
    }

    @Nullable
    private Map<String, Object> readResponseEntity(ContainerResponseContext containerResponseContext) {
        Class entityClass = containerResponseContext.getEntityClass();
        boolean equals = MediaType.APPLICATION_JSON_TYPE.equals(containerResponseContext.getMediaType());
        if (entityClass.equals(Void.class) || entityClass.equals(Void.TYPE) || !equals) {
            return null;
        }
        return (Map) this.objectMapper.convertValue(containerResponseContext.getEntity(), new TypeReference<Map<String, Object>>() { // from class: org.graylog2.auditlog.jersey.AuditLogFilter.2
        });
    }

    private String getActionFromRequestMethod(String str) {
        boolean z = -1;
        switch (str.hashCode()) {
            case 70454:
                if (str.equals("GET")) {
                    z = false;
                    break;
                }
                break;
            case 79599:
                if (str.equals("PUT")) {
                    z = 2;
                    break;
                }
                break;
            case 2461856:
                if (str.equals("POST")) {
                    z = true;
                    break;
                }
                break;
            case 2012838315:
                if (str.equals("DELETE")) {
                    z = 3;
                    break;
                }
                break;
        }
        switch (z) {
            case SERVER_VALUE:
                return Actions.READ;
            case true:
                return Actions.CREATE;
            case true:
                return Actions.UPDATE;
            case true:
                return Actions.DELETE;
            default:
                return "unknown";
        }
    }
}
