package org.wso2.carbon.identity.data.publisher.oauth.listener;

import com.google.gson.Gson;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.oauth.event.AbstractOAuthEventInterceptor;
import org.wso2.carbon.identity.oauth.event.OAuthEventInterceptor;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.authz.OAuthAuthzReqMessageContext;
import org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2AuthorizeRespDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2IntrospectionResponseDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationRequestDTO;
import org.wso2.carbon.identity.oauth2.model.AccessTokenDO;
import org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext;
import org.wso2.carbon.identity.oauth2.validators.OAuth2TokenValidationMessageContext;
import org.wso2.carbon.user.core.util.UserCoreUtil;

/* loaded from: input_file:org/wso2/carbon/identity/data/publisher/oauth/listener/OAuthTokenIssuanceLogPublisher.class */
public class OAuthTokenIssuanceLogPublisher extends AbstractOAuthEventInterceptor implements OAuthEventInterceptor {
    private static final String PROP_CLIENT_ID = "client_id";
    private static final String PROP_GRANT_TYPE = "grant_type";
    private static final String PROP_SCOPE = "scope";
    private static final String PROP_USER = "user";
    private static final String PROP_ERROR = "error";
    private static final String PROP_ERROR_DESCRIPTION = "error_description";
    private static final String PROP_ISSUED_TIME = "issued_time";
    private static final String PROP_TIME_TAKEN_IN_MILLIS = "time_taken_in_millis";
    private static final String PROP_EXPIRES_IN_SECONDS = "expires_in_seconds";
    private static final String PROP_SUCCESS = "success";
    private static final String LOG_INFO_TYPE_TOKEN = "OAUTH TOKEN";
    private static final String NOT_AVAILABLE = "N/A";
    private static final String TRANSACTION_LOG_FORMAT = "Type: %s | Info: %s";
    private static final String LOG_INFO_TYPE_INTROSPECTION = "OAUTH INTROSPECTION";
    private static final String PROP_TYPE = "type";
    private static final String TYPE_OAUTH = "oauth";
    private static final String TYPE_INTROSPECTION = "introspection";
    private static final String PROP_LOG_TOKEN = "Log.Token";
    private static final String PROP_TOKEN = "token";
    private static boolean isTokenLoggable;
    private static final Log TRANSACTION_LOG = LogFactory.getLog("TRANSACTION_LOGGER");
    private static final Log LOG = LogFactory.getLog(OAuthTokenIssuanceLogPublisher.class);
    private static ThreadLocal<Long> startTime = new ThreadLocal<>();

    public OAuthTokenIssuanceLogPublisher() {
        super.init(this.initConfig);
        String property = this.properties.getProperty(PROP_LOG_TOKEN);
        isTokenLoggable = StringUtils.isNotEmpty(property) && Boolean.parseBoolean(property);
    }

    public void onPreTokenIssue(OAuth2AccessTokenReqDTO oAuth2AccessTokenReqDTO, OAuthTokenReqMessageContext oAuthTokenReqMessageContext, Map<String, Object> map) throws IdentityOAuth2Exception {
        startTime.remove();
        startTime.set(Long.valueOf(System.currentTimeMillis()));
    }

    public void onPreTokenIssue(OAuthAuthzReqMessageContext oAuthAuthzReqMessageContext, Map<String, Object> map) throws IdentityOAuth2Exception {
        startTime.remove();
        startTime.set(Long.valueOf(System.currentTimeMillis()));
    }

    public void onPostTokenIssue(OAuth2AccessTokenReqDTO oAuth2AccessTokenReqDTO, OAuth2AccessTokenRespDTO oAuth2AccessTokenRespDTO, OAuthTokenReqMessageContext oAuthTokenReqMessageContext, Map<String, Object> map) throws IdentityOAuth2Exception {
        try {
            try {
                logTransactionInfo(getJsonInfoForPostTokenIssue(oAuth2AccessTokenReqDTO, oAuth2AccessTokenRespDTO, oAuthTokenReqMessageContext, map), LOG_INFO_TYPE_TOKEN);
                startTime.remove();
            } catch (Throwable th) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Error occurred while logging token information.", th);
                }
                startTime.remove();
            }
        } catch (Throwable th2) {
            startTime.remove();
            throw th2;
        }
    }

    public void onPostTokenIssue(OAuthAuthzReqMessageContext oAuthAuthzReqMessageContext, AccessTokenDO accessTokenDO, OAuth2AuthorizeRespDTO oAuth2AuthorizeRespDTO, Map<String, Object> map) throws IdentityOAuth2Exception {
        try {
            try {
                long validityPeriod = oAuth2AuthorizeRespDTO.getValidityPeriod();
                long j = 0;
                if (accessTokenDO.getIssuedTime() != null) {
                    j = accessTokenDO.getIssuedTime().getTime();
                }
                String consumerKey = accessTokenDO.getConsumerKey();
                String grantType = accessTokenDO.getGrantType();
                String join = StringUtils.join(accessTokenDO.getScope(), ' ');
                AuthenticatedUser authzUser = accessTokenDO.getAuthzUser();
                String usernameAsSubjectIdentifier = authzUser != null ? authzUser.getUsernameAsSubjectIdentifier(true, true) : NOT_AVAILABLE;
                HashMap hashMap = new HashMap();
                Gson gson = new Gson();
                hashMap.put(PROP_TYPE, TYPE_OAUTH);
                addStringToMap(PROP_CLIENT_ID, consumerKey, hashMap);
                addStringToMap(PROP_GRANT_TYPE, grantType, hashMap);
                addStringToMap(PROP_SCOPE, join, hashMap);
                addStringToMap(PROP_USER, usernameAsSubjectIdentifier, hashMap);
                if (StringUtils.isNotBlank(oAuth2AuthorizeRespDTO.getErrorCode()) || StringUtils.isNotBlank(oAuth2AuthorizeRespDTO.getErrorMsg())) {
                    hashMap.put(PROP_SUCCESS, false);
                    addStringToMap(PROP_ERROR, oAuth2AuthorizeRespDTO.getErrorCode(), hashMap);
                    addStringToMap(PROP_ERROR_DESCRIPTION, oAuth2AuthorizeRespDTO.getErrorMsg(), hashMap);
                } else {
                    hashMap.put(PROP_SUCCESS, true);
                    hashMap.put(PROP_ISSUED_TIME, Long.valueOf(j));
                    hashMap.put(PROP_EXPIRES_IN_SECONDS, Long.valueOf(validityPeriod));
                    hashMap.put(PROP_TIME_TAKEN_IN_MILLIS, Long.valueOf(System.currentTimeMillis() - startTime.get().longValue()));
                }
                logTransactionInfo(gson.toJson(hashMap), LOG_INFO_TYPE_TOKEN);
                startTime.remove();
            } catch (Throwable th) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Error occurred while logging token information.", th);
                }
                startTime.remove();
            }
        } catch (Throwable th2) {
            startTime.remove();
            throw th2;
        }
    }

    public void onPreTokenRenewal(OAuth2AccessTokenReqDTO oAuth2AccessTokenReqDTO, OAuthTokenReqMessageContext oAuthTokenReqMessageContext, Map<String, Object> map) throws IdentityOAuth2Exception {
        startTime.remove();
        startTime.set(Long.valueOf(System.currentTimeMillis()));
    }

    public void onPostTokenRenewal(OAuth2AccessTokenReqDTO oAuth2AccessTokenReqDTO, OAuth2AccessTokenRespDTO oAuth2AccessTokenRespDTO, OAuthTokenReqMessageContext oAuthTokenReqMessageContext, Map<String, Object> map) throws IdentityOAuth2Exception {
        try {
            try {
                logTransactionInfo(getJsonInfoForPostTokenIssue(oAuth2AccessTokenReqDTO, oAuth2AccessTokenRespDTO, oAuthTokenReqMessageContext, map), LOG_INFO_TYPE_TOKEN);
                startTime.remove();
            } catch (Throwable th) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Error occurred while logging token information.", th);
                }
                startTime.remove();
            }
        } catch (Throwable th2) {
            startTime.remove();
            throw th2;
        }
    }

    private String getJsonInfoForPostTokenIssue(OAuth2AccessTokenReqDTO oAuth2AccessTokenReqDTO, OAuth2AccessTokenRespDTO oAuth2AccessTokenRespDTO, OAuthTokenReqMessageContext oAuthTokenReqMessageContext, Map<String, Object> map) {
        String str;
        long accessTokenIssuedTime = oAuthTokenReqMessageContext.getAccessTokenIssuedTime();
        long expiresIn = oAuth2AccessTokenRespDTO.getExpiresIn();
        String clientId = oAuth2AccessTokenReqDTO.getClientId();
        String grantType = oAuth2AccessTokenReqDTO.getGrantType();
        String join = StringUtils.join(oAuth2AccessTokenReqDTO.getScope(), ' ');
        String resourceOwnerUsername = oAuth2AccessTokenReqDTO.getResourceOwnerUsername();
        AuthenticatedUser authorizedUser = oAuthTokenReqMessageContext.getAuthorizedUser();
        if (authorizedUser != null) {
            str = authorizedUser.getUsernameAsSubjectIdentifier(true, true);
        } else if (StringUtils.isNotBlank(resourceOwnerUsername)) {
            String tenantDomain = oAuth2AccessTokenReqDTO.getTenantDomain();
            str = StringUtils.isNotBlank(tenantDomain) ? UserCoreUtil.addTenantDomainToEntry(resourceOwnerUsername, tenantDomain) : resourceOwnerUsername;
        } else {
            str = NOT_AVAILABLE;
        }
        HashMap hashMap = new HashMap();
        Gson gson = new Gson();
        hashMap.put(PROP_TYPE, TYPE_OAUTH);
        addStringToMap(PROP_CLIENT_ID, clientId, hashMap);
        addStringToMap(PROP_GRANT_TYPE, grantType, hashMap);
        addStringToMap(PROP_SCOPE, join, hashMap);
        addStringToMap(PROP_USER, str, hashMap);
        if (oAuth2AccessTokenRespDTO.isError()) {
            addStringToMap(PROP_ERROR, oAuth2AccessTokenRespDTO.getErrorCode(), hashMap);
            addStringToMap(PROP_ERROR_DESCRIPTION, oAuth2AccessTokenRespDTO.getErrorMsg(), hashMap);
            hashMap.put(PROP_SUCCESS, false);
        } else {
            hashMap.put(PROP_ISSUED_TIME, Long.valueOf(accessTokenIssuedTime));
            hashMap.put(PROP_EXPIRES_IN_SECONDS, Long.valueOf(expiresIn));
            hashMap.put(PROP_SUCCESS, true);
            hashMap.put(PROP_TIME_TAKEN_IN_MILLIS, Long.valueOf(System.currentTimeMillis() - startTime.get().longValue()));
        }
        return gson.toJson(hashMap);
    }

    public void onTokenIssueException(Throwable th, Map<String, Object> map) throws IdentityOAuth2Exception {
        try {
            try {
                map.put(PROP_SUCCESS, false);
                map.put(PROP_TYPE, TYPE_OAUTH);
                logTransactionInfo(new Gson().toJson(map), LOG_INFO_TYPE_TOKEN);
                startTime.remove();
            } catch (Throwable th2) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Error occurred while logging token error information.", th2);
                }
                startTime.remove();
            }
        } catch (Throwable th3) {
            startTime.remove();
            throw th3;
        }
    }

    private void addStringToMap(String str, String str2, Map<String, Object> map) {
        if (StringUtils.isNotBlank(str2)) {
            map.put(str, str2);
        }
    }

    private void logTransactionInfo(String str, String str2) {
        TRANSACTION_LOG.info(String.format(TRANSACTION_LOG_FORMAT, str2, str));
    }

    public void onPreTokenValidation(OAuth2TokenValidationRequestDTO oAuth2TokenValidationRequestDTO, Map<String, Object> map) throws IdentityOAuth2Exception {
        startTime.remove();
        startTime.set(Long.valueOf(System.currentTimeMillis()));
    }

    public void onPostTokenValidation(OAuth2TokenValidationRequestDTO oAuth2TokenValidationRequestDTO, OAuth2IntrospectionResponseDTO oAuth2IntrospectionResponseDTO, Map<String, Object> map) throws IdentityOAuth2Exception {
        try {
            try {
                logTransactionInfo(getJsonInfoForPostTokenValidation(oAuth2TokenValidationRequestDTO, oAuth2IntrospectionResponseDTO, map), LOG_INFO_TYPE_INTROSPECTION);
                startTime.remove();
            } catch (Throwable th) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Error occurred while logging token introspection information.", th);
                }
                startTime.remove();
            }
        } catch (Throwable th2) {
            startTime.remove();
            throw th2;
        }
    }

    protected String getJsonInfoForPostTokenValidation(OAuth2TokenValidationRequestDTO oAuth2TokenValidationRequestDTO, OAuth2IntrospectionResponseDTO oAuth2IntrospectionResponseDTO, Map<String, Object> map) {
        Gson gson = new Gson();
        HashMap hashMap = new HashMap();
        if (oAuth2IntrospectionResponseDTO.isActive()) {
            long exp = oAuth2IntrospectionResponseDTO.getExp() - (System.currentTimeMillis() / 1000);
            long iat = oAuth2IntrospectionResponseDTO.getIat();
            String scope = oAuth2IntrospectionResponseDTO.getScope();
            String clientId = oAuth2IntrospectionResponseDTO.getClientId();
            String username = oAuth2IntrospectionResponseDTO.getUsername();
            String grantType = ((AccessTokenDO) ((OAuth2TokenValidationMessageContext) oAuth2IntrospectionResponseDTO.getProperties().get("OAuth2TokenValidationMessageContext")).getProperty("AccessTokenDO")).getGrantType();
            hashMap.put(PROP_SUCCESS, true);
            hashMap.put(PROP_EXPIRES_IN_SECONDS, Long.valueOf(exp));
            hashMap.put(PROP_ISSUED_TIME, Long.valueOf(iat));
            addStringToMap(PROP_SCOPE, scope, hashMap);
            addStringToMap(PROP_CLIENT_ID, clientId, hashMap);
            addStringToMap(PROP_USER, username, hashMap);
            addStringToMap(PROP_GRANT_TYPE, grantType, hashMap);
        } else {
            hashMap.put(PROP_SUCCESS, false);
            addStringToMap(PROP_ERROR, oAuth2IntrospectionResponseDTO.getError(), hashMap);
        }
        if (isTokenLoggable) {
            addStringToMap(PROP_TOKEN, oAuth2TokenValidationRequestDTO.getAccessToken().getIdentifier(), hashMap);
        }
        hashMap.put(PROP_TYPE, TYPE_INTROSPECTION);
        hashMap.put(PROP_TIME_TAKEN_IN_MILLIS, Long.valueOf(System.currentTimeMillis() - startTime.get().longValue()));
        return gson.toJson(hashMap);
    }

    public void onTokenValidationException(OAuth2TokenValidationRequestDTO oAuth2TokenValidationRequestDTO, Map<String, Object> map) throws IdentityOAuth2Exception {
        try {
            try {
                map.put(PROP_TYPE, TYPE_INTROSPECTION);
                map.put(PROP_SUCCESS, false);
                if (isTokenLoggable && oAuth2TokenValidationRequestDTO != null) {
                    addStringToMap(PROP_TOKEN, oAuth2TokenValidationRequestDTO.getAccessToken().getIdentifier(), map);
                }
                if (startTime.get() != null) {
                    map.put(PROP_TIME_TAKEN_IN_MILLIS, Long.valueOf(System.currentTimeMillis() - startTime.get().longValue()));
                }
                logTransactionInfo(new Gson().toJson(map), LOG_INFO_TYPE_INTROSPECTION);
                startTime.remove();
            } catch (Throwable th) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Error occurred while logging token introspection error information.", th);
                }
                startTime.remove();
            }
        } catch (Throwable th2) {
            startTime.remove();
            throw th2;
        }
    }
}
