package tv.hd3g.authkit.mod.service;

import java.time.Duration;
import java.util.Arrays;
import java.util.Collection;
import java.util.Date;
import java.util.List;
import java.util.Optional;
import java.util.Set;
import java.util.UUID;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import tv.hd3g.authkit.mod.ControllerInterceptor;
import tv.hd3g.authkit.mod.LogSanitizer;
import tv.hd3g.authkit.mod.entity.Audit;
import tv.hd3g.authkit.mod.repository.AuditRepository;
import tv.hd3g.authkit.mod.service.AuditReportService;

@Transactional(readOnly = false)
@Service
/* loaded from: input_file:tv/hd3g/authkit/mod/service/AuditReportServiceImpl.class */
public class AuditReportServiceImpl implements AuditReportService {
    private static Logger log = LogManager.getLogger();
    public static final String EVENTNAME_REPORT = "Report";
    public static final String EVENTNAME_LOGIN = "Login";
    public static final String EVENTNAME_REJECT_LOGIN = "RejectLogin";
    public static final String EVENTNAME_SIMPLE_EVENT = "SimpleEvent";
    public static final String EVENTNAME_USE_SECURITY = "UseSecurity";
    public static final String EVENTNAME_CHANGE_SECURITY = "ChangeSecurity";
    public static final String EVENTNAME_ERROR = "Error";
    public static final String EVENTNAME_FORBIDDEN_REQUEST = "ForbiddenRequest";
    public static final String EVENTNAME_UNAUTHORIZED_REQUEST = "UnauthorizedRequest";

    @Autowired
    private AuditRepository auditRepository;

    @Value("${authkit.audit.appname:authkit}")
    private String appname;

    public static String getOriginalRemoteAddr(HttpServletRequest httpServletRequest) {
        return (String) Optional.ofNullable(httpServletRequest.getHeader("X-Forwarded-For")).map(str -> {
            return ((String) Arrays.stream(str.split(",")).findFirst().get()).trim();
        }).orElse(httpServletRequest.getRemoteAddr());
    }

    private static String getFullURLQuery(HttpServletRequest httpServletRequest) {
        return LogSanitizer.sanitize(httpServletRequest.getContextPath() + httpServletRequest.getPathInfo() + ((String) Optional.ofNullable(httpServletRequest.getQueryString()).map(str -> {
            return "?" + str;
        }).orElse("")));
    }

    private Audit prepareAudit(HttpServletRequest httpServletRequest, String str) {
        return new Audit(this.appname, UUID.randomUUID().toString(), getOriginalRemoteAddr(httpServletRequest), Integer.valueOf(httpServletRequest.getRemotePort()), httpServletRequest.getLocalAddr(), Integer.valueOf(httpServletRequest.getLocalPort()), str, httpServletRequest.getScheme(), httpServletRequest.getMethod(), getFullURLQuery(httpServletRequest), (String) Optional.ofNullable(httpServletRequest.getContentType()).orElse("null/null"), httpServletRequest.getContentLengthLong());
    }

    @Override // tv.hd3g.authkit.mod.service.AuditReportService
    public String interceptUnauthorizedRequest(HttpServletRequest httpServletRequest) {
        log.warn("Unauthorized from {} in {}", getOriginalRemoteAddr(httpServletRequest), getFullURLQuery(httpServletRequest));
        return ((Audit) this.auditRepository.save(prepareAudit(httpServletRequest, EVENTNAME_UNAUTHORIZED_REQUEST))).getEventref();
    }

    @Override // tv.hd3g.authkit.mod.service.AuditReportService
    public String interceptForbiddenRequest(HttpServletRequest httpServletRequest) {
        String orElse = ControllerInterceptor.getRequestUserUUID(httpServletRequest).orElse(null);
        log.warn("Forbidden from {} in {} by {}", getOriginalRemoteAddr(httpServletRequest), getFullURLQuery(httpServletRequest), orElse);
        Audit prepareAudit = prepareAudit(httpServletRequest, EVENTNAME_FORBIDDEN_REQUEST);
        prepareAudit.setUseruuid(orElse);
        return ((Audit) this.auditRepository.save(prepareAudit)).getEventref();
    }

    private static void setAuditNames(Audit audit, List<String> list) {
        audit.setContext((String) list.stream().collect(Collectors.joining(", ")));
    }

    @Override // tv.hd3g.authkit.mod.service.AuditReportService
    public String onImportantError(HttpServletRequest httpServletRequest, List<String> list, Exception exc) {
        String orElse = ControllerInterceptor.getRequestUserUUID(httpServletRequest).orElse(null);
        log.error("Error from {} in {} by {} [{}]", getOriginalRemoteAddr(httpServletRequest), getFullURLQuery(httpServletRequest), orElse, list, exc);
        Audit prepareAudit = prepareAudit(httpServletRequest, EVENTNAME_ERROR);
        prepareAudit.setUseruuid(orElse);
        String stackTrace = ExceptionUtils.getStackTrace(exc);
        if (stackTrace.length() > 255) {
            prepareAudit.setTriggeredexception(stackTrace.substring(0, 252) + "...");
        } else {
            prepareAudit.setTriggeredexception(stackTrace);
        }
        setAuditNames(prepareAudit, list);
        return ((Audit) this.auditRepository.save(prepareAudit)).getEventref();
    }

    @Override // tv.hd3g.authkit.mod.service.AuditReportService
    public String onChangeSecurity(HttpServletRequest httpServletRequest, List<String> list) {
        String orElse = ControllerInterceptor.getRequestUserUUID(httpServletRequest).orElse(null);
        log.info("Change security from {} in {} by {} [{}]", getOriginalRemoteAddr(httpServletRequest), getFullURLQuery(httpServletRequest), orElse, list);
        Audit prepareAudit = prepareAudit(httpServletRequest, EVENTNAME_CHANGE_SECURITY);
        prepareAudit.setUseruuid(orElse);
        setAuditNames(prepareAudit, list);
        return ((Audit) this.auditRepository.save(prepareAudit)).getEventref();
    }

    @Override // tv.hd3g.authkit.mod.service.AuditReportService
    public String onUseSecurity(HttpServletRequest httpServletRequest, List<String> list) {
        String orElse = ControllerInterceptor.getRequestUserUUID(httpServletRequest).orElse(null);
        log.info("Use security from {} in {} by {} [{}]", getOriginalRemoteAddr(httpServletRequest), getFullURLQuery(httpServletRequest), orElse, list);
        Audit prepareAudit = prepareAudit(httpServletRequest, EVENTNAME_USE_SECURITY);
        prepareAudit.setUseruuid(orElse);
        setAuditNames(prepareAudit, list);
        return ((Audit) this.auditRepository.save(prepareAudit)).getEventref();
    }

    @Override // tv.hd3g.authkit.mod.service.AuditReportService
    public String onSimpleEvent(HttpServletRequest httpServletRequest, List<String> list) {
        String orElse = ControllerInterceptor.getRequestUserUUID(httpServletRequest).orElse(null);
        log.info("Simple event from {} in {} by {} [{}]", getOriginalRemoteAddr(httpServletRequest), getFullURLQuery(httpServletRequest), orElse, list);
        Audit prepareAudit = prepareAudit(httpServletRequest, EVENTNAME_SIMPLE_EVENT);
        prepareAudit.setUseruuid(orElse);
        setAuditNames(prepareAudit, list);
        return ((Audit) this.auditRepository.save(prepareAudit)).getEventref();
    }

    @Override // tv.hd3g.authkit.mod.service.AuditReportService
    public String onRejectLogin(HttpServletRequest httpServletRequest, AuditReportService.RejectLoginCause rejectLoginCause, String str, String str2) {
        String orElse = ControllerInterceptor.getRequestUserUUID(httpServletRequest).orElse(null);
        log.info("Rejeted login from {} in {} by {}/{} {}", getOriginalRemoteAddr(httpServletRequest), getFullURLQuery(httpServletRequest), orElse, str, str2);
        Audit prepareAudit = prepareAudit(httpServletRequest, EVENTNAME_REJECT_LOGIN);
        prepareAudit.setUseruuid(orElse);
        prepareAudit.setContext(rejectLoginCause.toString() + ": " + str2 + " (realm: " + str + ")");
        return ((Audit) this.auditRepository.save(prepareAudit)).getEventref();
    }

    @Override // tv.hd3g.authkit.mod.service.AuditReportService
    public String onLogin(HttpServletRequest httpServletRequest, Duration duration, Set<String> set) {
        String orElse = ControllerInterceptor.getRequestUserUUID(httpServletRequest).orElse(null);
        log.info("Login from {} in {} by {}, with rights {}, during {}", getOriginalRemoteAddr(httpServletRequest), getFullURLQuery(httpServletRequest), orElse, set, duration);
        Audit prepareAudit = prepareAudit(httpServletRequest, EVENTNAME_LOGIN);
        prepareAudit.setUseruuid(orElse);
        prepareAudit.setContext(" during " + duration + " with tags: " + ((String) set.stream().collect(Collectors.joining(", "))));
        return ((Audit) this.auditRepository.save(prepareAudit)).getEventref();
    }

    @Override // tv.hd3g.authkit.mod.service.AuditReportService
    public String onReport(HttpServletRequest httpServletRequest, String str, String str2, Duration duration) {
        String orElse = ControllerInterceptor.getRequestUserUUID(httpServletRequest).orElse(null);
        Audit prepareAudit = prepareAudit(httpServletRequest, EVENTNAME_REPORT);
        prepareAudit.setUseruuid(orElse);
        prepareAudit.setContext("Make report " + str + " on: " + str2 + " last events, since " + duration);
        return ((Audit) this.auditRepository.save(prepareAudit)).getEventref();
    }

    private static final Date getDateFromTimeAgo(Duration duration) {
        return new Date(System.currentTimeMillis() - duration.toMillis());
    }

    @Override // tv.hd3g.authkit.mod.service.AuditReportService
    public Collection<Audit> reportLastUserActivities(HttpServletRequest httpServletRequest, String str, Duration duration) {
        List<Audit> byUserUUID = this.auditRepository.getByUserUUID(str, getDateFromTimeAgo(duration));
        onReport(httpServletRequest, "ReportLastUserActivities", str, duration);
        return byUserUUID;
    }

    @Override // tv.hd3g.authkit.mod.service.AuditReportService
    public Collection<Audit> reportLastRemoteIPActivity(HttpServletRequest httpServletRequest, String str, Duration duration) {
        List<Audit> byClientsourcehost = this.auditRepository.getByClientsourcehost(str, getDateFromTimeAgo(duration));
        onReport(httpServletRequest, "ReportLastRemoteIPActivity", str, duration);
        return byClientsourcehost;
    }

    @Override // tv.hd3g.authkit.mod.service.AuditReportService
    public Collection<Audit> reportLastEventActivity(HttpServletRequest httpServletRequest, String str, Duration duration) {
        List<Audit> byEventname = this.auditRepository.getByEventname(str, getDateFromTimeAgo(duration));
        onReport(httpServletRequest, "ReportLastEventActivity", str, duration);
        return byEventname;
    }

    @Override // tv.hd3g.authkit.mod.service.AuditReportService
    public Collection<String> reportAllEventNames(HttpServletRequest httpServletRequest) {
        List<String> allEventnames = this.auditRepository.getAllEventnames();
        onReport(httpServletRequest, "ReportAllEventNames", "", Duration.ZERO);
        return allEventnames;
    }

    @Override // tv.hd3g.authkit.mod.service.AuditReportService
    public Collection<String> reportLastClientsourcehosts(HttpServletRequest httpServletRequest, Duration duration) {
        List<String> lastClientsourcehosts = this.auditRepository.getLastClientsourcehosts(getDateFromTimeAgo(duration));
        onReport(httpServletRequest, "ReportLastEventsInetAddress", "", duration);
        return lastClientsourcehosts;
    }
}
