package org.apereo.cas.logging;

import java.io.Serializable;
import java.net.URI;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Comparator;
import java.util.Iterator;
import java.util.Objects;
import java.util.concurrent.BlockingQueue;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.stream.Collectors;
import lombok.Generated;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.core.Filter;
import org.apache.logging.log4j.core.Layout;
import org.apache.logging.log4j.core.LogEvent;
import org.apache.logging.log4j.core.appender.AbstractAppender;
import org.apache.logging.log4j.core.config.Property;
import org.apache.logging.log4j.core.config.plugins.Plugin;
import org.apache.logging.log4j.core.config.plugins.PluginAttribute;
import org.apache.logging.log4j.core.config.plugins.PluginElement;
import org.apache.logging.log4j.core.config.plugins.PluginFactory;
import org.apache.logging.log4j.core.layout.PatternLayout;
import org.apereo.cas.aws.ChainingAWSCredentialsProvider;
import org.apereo.cas.util.LoggingUtils;
import org.apereo.cas.util.function.FunctionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.cloudwatchlogs.CloudWatchLogsClient;
import software.amazon.awssdk.services.cloudwatchlogs.CloudWatchLogsClientBuilder;
import software.amazon.awssdk.services.cloudwatchlogs.model.CreateLogGroupRequest;
import software.amazon.awssdk.services.cloudwatchlogs.model.CreateLogStreamRequest;
import software.amazon.awssdk.services.cloudwatchlogs.model.DataAlreadyAcceptedException;
import software.amazon.awssdk.services.cloudwatchlogs.model.DescribeLogGroupsRequest;
import software.amazon.awssdk.services.cloudwatchlogs.model.DescribeLogGroupsResponse;
import software.amazon.awssdk.services.cloudwatchlogs.model.DescribeLogStreamsRequest;
import software.amazon.awssdk.services.cloudwatchlogs.model.DescribeLogStreamsResponse;
import software.amazon.awssdk.services.cloudwatchlogs.model.InputLogEvent;
import software.amazon.awssdk.services.cloudwatchlogs.model.InvalidSequenceTokenException;
import software.amazon.awssdk.services.cloudwatchlogs.model.LogStream;
import software.amazon.awssdk.services.cloudwatchlogs.model.PutLogEventsRequest;

@Plugin(name = "CloudWatchAppender", category = "Core", elementType = "appender", printObject = true)
/* loaded from: input_file:org/apereo/cas/logging/CloudWatchAppender.class */
public class CloudWatchAppender extends AbstractAppender implements Serializable {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(CloudWatchAppender.class);
    private static final long serialVersionUID = 1044758913028847477L;
    private static final int AWS_DRAIN_LIMIT = 256;
    private static final int AWS_LOG_STREAM_MAX_QUEUE_DEPTH = 10000;
    private static final int SHUTDOWN_TIMEOUT_MILLIS = 10000;
    private static final int AWS_LOG_STREAM_FLUSH_PERIOD_IN_SECONDS = 5;
    private final BlockingQueue<InputLogEvent> queue;
    private final Object monitor;
    private volatile boolean shutdown;
    private int flushPeriodMillis;
    private Thread deliveryThread;
    private String sequenceTokenCache;
    private long lastReportedTimestamp;
    private String logGroupName;
    private String logStreamName;
    private CloudWatchLogsClient awsLogsClient;
    private volatile boolean queueFull;
    private boolean createLogGroupIfNeeded;
    private boolean createLogStreamIfNeeded;

    public CloudWatchAppender(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, Layout<Serializable> layout, Boolean bool, Boolean bool2, Boolean bool3) {
        this(str, str3, str4, str5, layout, bool, bool2, bool3);
        try {
            LOGGER.debug("Connecting to AWS CloudWatch...");
            CloudWatchLogsClientBuilder builder = CloudWatchLogsClient.builder();
            if (StringUtils.isNotBlank(str2)) {
                builder.endpointOverride(new URI(str2));
            }
            builder.region(StringUtils.isBlank(str8) ? Region.AWS_GLOBAL : Region.of(str8));
            builder.credentialsProvider(ChainingAWSCredentialsProvider.getInstance(str6, str7));
            this.awsLogsClient = (CloudWatchLogsClient) builder.build();
        } catch (Exception e) {
            LoggingUtils.error(LOGGER, e);
        }
    }

    public CloudWatchAppender(String str, String str2, String str3, String str4, Layout<Serializable> layout, Boolean bool, Boolean bool2, Boolean bool3, CloudWatchLogsClient cloudWatchLogsClient) {
        this(str, str2, str3, str4, layout, bool, bool2, bool3);
        this.awsLogsClient = cloudWatchLogsClient;
    }

    private CloudWatchAppender(String str, String str2, String str3, String str4, Layout<Serializable> layout, Boolean bool, Boolean bool2, Boolean bool3) {
        super(str, (Filter) null, layout == null ? PatternLayout.createDefaultLayout() : layout, false, Property.EMPTY_ARRAY);
        this.queue = new LinkedBlockingQueue(10000);
        this.monitor = new Object();
        this.lastReportedTimestamp = -1L;
        this.flushPeriodMillis = (str4 != null ? Integer.parseInt(str4) : AWS_LOG_STREAM_FLUSH_PERIOD_IN_SECONDS) * 1000;
        this.logGroupName = str2;
        this.logStreamName = str3;
        if (bool2 == null && bool3 == null) {
            this.createLogGroupIfNeeded = ((Boolean) Objects.requireNonNullElse(bool, Boolean.TRUE)).booleanValue();
            this.createLogStreamIfNeeded = ((Boolean) Objects.requireNonNullElse(bool, Boolean.TRUE)).booleanValue();
        } else {
            this.createLogGroupIfNeeded = ((Boolean) Objects.requireNonNullElse(bool2, Boolean.FALSE)).booleanValue();
            this.createLogStreamIfNeeded = ((Boolean) Objects.requireNonNullElse(bool3, Boolean.FALSE)).booleanValue();
        }
    }

    @PluginFactory
    public static CloudWatchAppender createAppender(@PluginAttribute("name") String str, @PluginAttribute("endpoint") String str2, @PluginAttribute("awsLogStreamName") String str3, @PluginAttribute("awsLogGroupName") String str4, @PluginAttribute("awsLogStreamFlushPeriodInSeconds") String str5, @PluginAttribute("credentialAccessKey") String str6, @PluginAttribute("credentialSecretKey") String str7, @PluginAttribute("awsLogRegionName") String str8, @PluginElement("Layout") Layout<Serializable> layout, @PluginAttribute("createIfNeeded") String str9, @PluginAttribute("createLogGroupIfNeeded") String str10, @PluginAttribute("createLogStreamIfNeeded") String str11) {
        return new CloudWatchAppender(str, str2, str4, str3, str5, (String) StringUtils.defaultIfBlank(str6, System.getProperty("AWS_ACCESS_KEY")), (String) StringUtils.defaultIfBlank(str7, System.getProperty("AWS_SECRET_KEY")), (String) StringUtils.defaultIfBlank(str8, System.getProperty("AWS_REGION_NAME")), layout, StringUtils.isBlank(str9) ? null : Boolean.valueOf(BooleanUtils.toBoolean(str9)), StringUtils.isBlank(str10) ? null : Boolean.valueOf(BooleanUtils.toBoolean(str10)), StringUtils.isBlank(str11) ? null : Boolean.valueOf(BooleanUtils.toBoolean(str11)));
    }

    public void initialize() {
        this.sequenceTokenCache = createLogGroupAndLogStreamIfNeeded();
        super.initialize();
    }

    public void append(LogEvent logEvent) {
        LogEvent prepareLogEvent = LoggingUtils.prepareLogEvent(logEvent);
        if (!this.queue.offer((InputLogEvent) InputLogEvent.builder().message(new String(getLayout().toByteArray(prepareLogEvent), StandardCharsets.UTF_8)).timestamp(Long.valueOf(prepareLogEvent.getTimeMillis())).build()) && !this.queueFull) {
            this.queueFull = true;
        } else if (this.queueFull) {
            this.queueFull = false;
        }
    }

    public void start() {
        super.start();
        this.deliveryThread = new Thread(() -> {
            while (!this.shutdown) {
                try {
                    flush();
                } catch (Exception e) {
                    LoggingUtils.error(LOGGER, e);
                }
                if (!this.shutdown && this.queue.size() < AWS_DRAIN_LIMIT) {
                    try {
                        synchronized (this.monitor) {
                            this.monitor.wait(this.flushPeriodMillis);
                        }
                    } catch (InterruptedException e2) {
                        LoggingUtils.error(LOGGER, e2);
                        Thread.currentThread().interrupt();
                    }
                }
            }
            while (!this.queue.isEmpty()) {
                flush();
            }
        }, "CloudWatchAppenderDeliveryThread");
        if (StringUtils.isBlank(this.sequenceTokenCache)) {
            this.sequenceTokenCache = createLogGroupAndLogStreamIfNeeded();
        }
        this.deliveryThread.start();
    }

    public void stop() {
        super.stop();
        this.shutdown = true;
        if (this.deliveryThread != null) {
            synchronized (this.monitor) {
                this.monitor.notifyAll();
            }
            try {
                this.deliveryThread.join(10000L);
            } catch (InterruptedException e) {
                this.deliveryThread.interrupt();
                LoggingUtils.error(LOGGER, e);
            }
        }
        if (this.queue.isEmpty()) {
            return;
        }
        flush();
    }

    private void flush() {
        int drainTo;
        ArrayList arrayList = new ArrayList(AWS_DRAIN_LIMIT);
        do {
            drainTo = this.queue.drainTo(arrayList, AWS_DRAIN_LIMIT);
            if (arrayList.isEmpty()) {
                return;
            }
            arrayList.sort(Comparator.comparing((v0) -> {
                return v0.timestamp();
            }));
            if (this.lastReportedTimestamp > 0) {
                arrayList = (ArrayList) arrayList.stream().map(inputLogEvent -> {
                    return inputLogEvent.timestamp().longValue() < this.lastReportedTimestamp ? inputLogEvent.copy(builder -> {
                        builder.timestamp(Long.valueOf(this.lastReportedTimestamp));
                    }) : inputLogEvent;
                }).sorted(Comparator.comparing((v0) -> {
                    return v0.timestamp();
                })).collect(Collectors.toCollection(ArrayList::new));
            }
            this.lastReportedTimestamp = ((InputLogEvent) arrayList.get(arrayList.size() - 1)).timestamp().longValue();
            PutLogEventsRequest.Builder logEvents = PutLogEventsRequest.builder().logGroupName(this.logGroupName).logStreamName(this.logStreamName).logEvents(arrayList);
            if (StringUtils.isNotBlank(this.sequenceTokenCache)) {
                logEvents.sequenceToken(this.sequenceTokenCache);
            }
            try {
                this.sequenceTokenCache = this.awsLogsClient.putLogEvents((PutLogEventsRequest) logEvents.build()).nextSequenceToken();
            } catch (InvalidSequenceTokenException e) {
                this.sequenceTokenCache = e.expectedSequenceToken();
            } catch (DataAlreadyAcceptedException e2) {
                this.sequenceTokenCache = e2.expectedSequenceToken();
            } catch (Exception e3) {
                LoggingUtils.error(LOGGER, e3);
            }
            arrayList.clear();
        } while (drainTo >= AWS_DRAIN_LIMIT);
    }

    private String createLogGroupAndLogStreamIfNeeded() {
        if (this.createLogGroupIfNeeded) {
            LOGGER.debug("Attempting to locate the log group [{}]", this.logGroupName);
            DescribeLogGroupsResponse describeLogGroupsResponse = (DescribeLogGroupsResponse) FunctionUtils.doAndHandle(() -> {
                return this.awsLogsClient.describeLogGroups((DescribeLogGroupsRequest) DescribeLogGroupsRequest.builder().logGroupNamePrefix(this.logGroupName).build());
            }, th -> {
                LOGGER.error(th.getMessage(), th);
                return null;
            }).get();
            boolean z = true;
            if (describeLogGroupsResponse != null && describeLogGroupsResponse.hasLogGroups()) {
                z = describeLogGroupsResponse.logGroups().stream().noneMatch(logGroup -> {
                    return logGroup.logGroupName().equals(this.logGroupName);
                });
            }
            if (z) {
                try {
                    LOGGER.debug("Creating log group [{}]", this.logGroupName);
                    this.awsLogsClient.createLogGroup((CreateLogGroupRequest) CreateLogGroupRequest.builder().logGroupName(this.logStreamName).build());
                } catch (Throwable th2) {
                    LOGGER.error(th2.getMessage(), th2);
                }
            }
        }
        String str = "";
        boolean z2 = true;
        LOGGER.debug("Attempting to locate the log stream [{}] for group [{}]", this.logStreamName, this.logGroupName);
        DescribeLogStreamsRequest describeLogStreamsRequest = (DescribeLogStreamsRequest) DescribeLogStreamsRequest.builder().logGroupName(this.logGroupName).logStreamNamePrefix(this.logStreamName).build();
        DescribeLogStreamsResponse describeLogStreamsResponse = (DescribeLogStreamsResponse) FunctionUtils.doAndHandle(() -> {
            return this.awsLogsClient.describeLogStreams(describeLogStreamsRequest);
        }, th3 -> {
            LOGGER.error(th3.getMessage(), th3);
            return null;
        }).get();
        if (describeLogStreamsResponse != null && describeLogStreamsResponse.hasLogStreams()) {
            Iterator it = describeLogStreamsResponse.logStreams().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                LogStream logStream = (LogStream) it.next();
                if (this.logStreamName.equals(logStream.logStreamName())) {
                    z2 = false;
                    str = logStream.uploadSequenceToken();
                    LOGGER.debug("Found log stream [{}] with sequence token [{}]", this.logStreamName, str);
                    break;
                }
            }
        }
        if (z2) {
            if (!this.createLogStreamIfNeeded) {
                throw new RuntimeException("Log stream does not exist, yet `createIfNeeded` is false. This will not work");
            }
            try {
                LOGGER.debug("Creating log stream [{}] for group [{}]", this.logStreamName, this.logGroupName);
                this.awsLogsClient.createLogStream((CreateLogStreamRequest) CreateLogStreamRequest.builder().logGroupName(this.logGroupName).logStreamName(this.logStreamName).build());
            } catch (Throwable th4) {
                LOGGER.error(th4.getMessage(), th4);
            }
        }
        if (StringUtils.isBlank(str)) {
            LOGGER.warn("Unable to determine CloudWatch log sequence token. Log stream [{}] likely does not exist for log group [{}], or cannot be determined.", this.logStreamName, this.logGroupName);
        }
        return str;
    }
}
