package org.wso2.carbon.identity.data.publisher.authentication.audit;

import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.slf4j.MDC;
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.identity.application.authentication.framework.config.model.ExternalIdPConfig;
import org.wso2.carbon.identity.application.authentication.framework.config.model.SequenceConfig;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.context.SessionContext;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationResult;
import org.wso2.carbon.identity.data.publisher.authentication.audit.model.AuthenticationAuditData;
import org.wso2.carbon.identity.event.IdentityEventConstants;
import org.wso2.carbon.identity.event.IdentityEventException;
import org.wso2.carbon.identity.event.event.Event;
import org.wso2.carbon.identity.event.handler.AbstractEventHandler;

/* loaded from: input_file:org/wso2/carbon/identity/data/publisher/authentication/audit/AuthenticationAuditLoggingHandler.class */
public class AuthenticationAuditLoggingHandler extends AbstractEventHandler {
    private static final Log AUDIT_LOG = CarbonConstants.AUDIT_LOG;
    private static final Log LOG = LogFactory.getLog(AuthenticationAuditLoggingHandler.class);
    public static final String USER_AGENT_QUERY_KEY = "User-Agent";
    public static final String USER_AGENT_KEY = "User Agent";
    public static final String REMOTE_ADDRESS_QUERY_KEY = "remoteAddress";
    public static final String REMOTE_ADDRESS_KEY = "RemoteAddress";
    public static final String USER_STORE_DOMAIN_KEY = "UserStoreDomain";

    public String getName() {
        return AuthenticationAuditLoggerConstants.AUTHENTICATION_AUDIT_LOGGER;
    }

    public void handleEvent(Event event) throws IdentityEventException {
        boolean isAuthenticationAuditLoggingEnabled = isAuthenticationAuditLoggingEnabled(event);
        boolean isAuditLoggerUserNameEnabled = isAuditLoggerUserNameEnabled(event);
        if (isAuthenticationAuditLoggingEnabled) {
            if (IdentityEventConstants.EventName.AUTHENTICATION_STEP_SUCCESS.name().equals(event.getEventName())) {
                doPublishAuthenticationStepSuccess(AuthenticationAuditLoggerUtils.createAuthenticationAudiDataObject(event, AuthenticationAuditLoggerConstants.AUDIT_AUTHENTICATION_STEP, isAuditLoggerUserNameEnabled));
                return;
            }
            if (IdentityEventConstants.EventName.AUTHENTICATION_STEP_FAILURE.name().equals(event.getEventName())) {
                doPublishAuthenticationStepFailure(AuthenticationAuditLoggerUtils.createAuthenticationAudiDataObject(event, AuthenticationAuditLoggerConstants.AUDIT_AUTHENTICATION_STEP, isAuditLoggerUserNameEnabled));
                return;
            }
            if (IdentityEventConstants.EventName.AUTHENTICATION_SUCCESS.name().equals(event.getEventName())) {
                doPublishAuthenticationSuccess(AuthenticationAuditLoggerUtils.createAuthenticationAudiDataObject(event, AuthenticationAuditLoggerConstants.AUDIT_AUTHENTICATION, isAuditLoggerUserNameEnabled));
                return;
            }
            if (IdentityEventConstants.EventName.AUTHENTICATION_FAILURE.name().equals(event.getEventName())) {
                doPublishAuthenticationFailure(AuthenticationAuditLoggerUtils.createAuthenticationAudiDataObject(event, AuthenticationAuditLoggerConstants.AUDIT_AUTHENTICATION, isAuditLoggerUserNameEnabled));
            } else if (IdentityEventConstants.EventName.SESSION_TERMINATE.name().equals(event.getEventName())) {
                publishSessionTermination(event);
            } else {
                LOG.error("Event " + event.getEventName() + " cannot be handled");
            }
        }
    }

    private boolean isAuditLoggerUserNameEnabled(Event event) throws IdentityEventException {
        boolean z = false;
        if (this.configs.getModuleProperties() != null) {
            String property = this.configs.getModuleProperties().getProperty(AuthenticationAuditLoggerConstants.AUTHENTICATION_AUDIT_LOGGER_USERNAME_ENABLED);
            if (StringUtils.isNotBlank(property) && property.equals("username")) {
                z = true;
            }
        }
        return z;
    }

    protected void doPublishAuthenticationStepSuccess(AuthenticationAuditData authenticationAuditData) {
        AUDIT_LOG.info(String.format("Initiator : %s | Action : %s | Target : %s | Data : { %s } | Result : %s ", authenticationAuditData.getAuthenticatedUser(), "LoginStepSuccess", "ApplicationAuthenticationFramework", addContextualInfo("\"ContextIdentifier\" : \"" + authenticationAuditData.getContextIdentifier() + "\",\"AuthenticatedUser\" : \"" + authenticationAuditData.getAuthenticatedUser() + "\",\"AuthenticatedUserTenantDomain\" : \"" + authenticationAuditData.getTenantDomain() + "\",\"ServiceProviderName\" : \"" + authenticationAuditData.getServiceProvider() + "\",\"RequestType\" : \"" + authenticationAuditData.getInboundProtocol() + "\",\"RelyingParty\" : \"" + authenticationAuditData.getRelyingParty() + "\",\"AuthenticatedIdP\" : \"" + authenticationAuditData.getAuthenticatedIdps() + "\"", authenticationAuditData), "Success"));
    }

    protected void doPublishAuthenticationStepFailure(AuthenticationAuditData authenticationAuditData) {
        AUDIT_LOG.info(String.format("Initiator : %s | Action : %s | Target : %s | Data : { %s } | Result : %s ", authenticationAuditData.getAuthenticatedUser(), "Login", "ApplicationAuthenticationFramework", addContextualInfo("\"ContextIdentifier\" : \"" + authenticationAuditData.getContextIdentifier() + "\",\"ServiceProviderName\" : \"" + authenticationAuditData.getServiceProvider() + "\",\"RequestType\" : \"" + authenticationAuditData.getInboundProtocol() + "\",\"RelyingParty\" : \"" + authenticationAuditData.getRelyingParty() + "\",\"StepNo\" : \"" + authenticationAuditData.getStepNo() + "\"", authenticationAuditData), "Failed"));
    }

    protected void doPublishAuthenticationSuccess(AuthenticationAuditData authenticationAuditData) {
        new AuthenticationResult().setAuthenticated(true);
        AUDIT_LOG.info(String.format("Initiator : %s | Action : %s | Target : %s | Data : { %s } | Result : %s ", authenticationAuditData.getAuthenticatedUser(), "Login", "ApplicationAuthenticationFramework", addContextualInfo("\"ContextIdentifier\" : \"" + authenticationAuditData.getContextIdentifier() + "\",\"AuthenticatedUser\" : \"" + authenticationAuditData.getAuthenticatedUser() + "\",\"AuthenticatedUserTenantDomain\" : \"" + authenticationAuditData.getTenantDomain() + "\",\"ServiceProviderName\" : \"" + authenticationAuditData.getServiceProvider() + "\",\"RequestType\" : \"" + authenticationAuditData.getInboundProtocol() + "\",\"RelyingParty\" : \"" + authenticationAuditData.getRelyingParty() + "\",\"AuthenticatedIdPs\" : \"" + authenticationAuditData.getAuthenticatedIdps() + "\"", authenticationAuditData), "Success"));
    }

    protected void doPublishAuthenticationFailure(AuthenticationAuditData authenticationAuditData) {
        AUDIT_LOG.info(String.format("Initiator : %s | Action : %s | Target : %s | Data : { %s } | Result : %s ", authenticationAuditData.getAuthenticatedUser(), "Login", "ApplicationAuthenticationFramework", addContextualInfo("\"ContextIdentifier\" : \"" + authenticationAuditData.getContextIdentifier() + "\",\"ServiceProviderName\" : \"" + authenticationAuditData.getServiceProvider() + "\",\"RequestType\" : \"" + authenticationAuditData.getInboundProtocol() + "\",\"RelyingParty\" : \"" + authenticationAuditData.getRelyingParty() + "\",\"StepNo\" : \"" + authenticationAuditData.getStepNo() + "\"", authenticationAuditData), "Failed"));
    }

    protected void doPublishSessionTermination(AuthenticationContext authenticationContext, String str, String str2, String str3) {
        String addRemoteAddressAndAgent = addRemoteAddressAndAgent("\"ContextIdentifier\" : \"" + authenticationContext.getContextIdentifier() + "\",\"LoggedOutUser\" : \"" + str + "\",\"LoggedOutUserTenantDomain\" : \"" + str2 + "\",\"ServiceProviderName\" : \"" + authenticationContext.getServiceProviderName() + "\",\"RequestType\" : \"" + authenticationContext.getRequestType() + "\",\"RelyingParty\" : \"" + authenticationContext.getRelyingParty() + "\",\"AuthenticatedIdPs\" : \"" + str3 + "\"");
        String str4 = null;
        ExternalIdPConfig externalIdP = authenticationContext.getExternalIdP();
        if (externalIdP != null) {
            str4 = externalIdP.getName();
        }
        AUDIT_LOG.info(String.format("Initiator : %s | Action : %s | Target : %s | Data : { %s } | Result : %s ", str, "Logout", str4, addRemoteAddressAndAgent, "Success"));
    }

    protected void publishSessionTermination(Event event) {
        Map eventProperties = event.getEventProperties();
        SessionContext sessionContext = (SessionContext) eventProperties.get("sessionContext");
        AuthenticationContext authenticationContext = (AuthenticationContext) eventProperties.get("context");
        if (authenticationContext == null) {
            return;
        }
        SequenceConfig sequenceConfig = authenticationContext.getSequenceConfig();
        AuthenticatedUser authenticatedUser = null;
        String str = "";
        String str2 = "";
        String str3 = "";
        if (sequenceConfig == null || sequenceConfig.getAuthenticatedUser() == null) {
            Object property = sessionContext.getProperty("AuthenticatedUser");
            if (property != null) {
                authenticatedUser = (AuthenticatedUser) property;
            }
        } else {
            authenticatedUser = sequenceConfig.getAuthenticatedUser();
            str3 = sequenceConfig.getAuthenticatedIdPs();
        }
        if (authenticatedUser != null) {
            str = authenticatedUser.getAuthenticatedSubjectIdentifier();
            str2 = authenticatedUser.getTenantDomain();
        }
        doPublishSessionTermination(authenticationContext, str, str2, str3);
    }

    private boolean isAuthenticationAuditLoggingEnabled(Event event) throws IdentityEventException {
        if (this.configs.getModuleProperties() != null) {
            return Boolean.parseBoolean(this.configs.getModuleProperties().getProperty(AuthenticationAuditLoggerConstants.AUTHENTICATION_AUDIT_LOGGER_ENABLED));
        }
        return false;
    }

    private String addContextualInfo(String str, AuthenticationAuditData authenticationAuditData) {
        return str + ",\"User Agent\" : \"" + MDC.get(USER_AGENT_QUERY_KEY) + "\",\"" + REMOTE_ADDRESS_KEY + "\" : \"" + MDC.get(REMOTE_ADDRESS_QUERY_KEY) + "\",\"" + USER_STORE_DOMAIN_KEY + "\" : \"" + authenticationAuditData.getUserStoreDomain() + "\"";
    }

    private String addRemoteAddressAndAgent(String str) {
        return str + ",\"User Agent\" : \"" + MDC.get(USER_AGENT_QUERY_KEY) + "\",\"" + REMOTE_ADDRESS_KEY + "\" : \"" + MDC.get(REMOTE_ADDRESS_QUERY_KEY) + "\"";
    }
}
