package org.wildfly.extension.undertow.security;

import io.undertow.security.api.NotificationReceiver;
import io.undertow.security.api.SecurityNotification;
import io.undertow.security.idm.Account;
import io.undertow.servlet.handlers.ServletRequestContext;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashMap;
import javax.servlet.http.HttpServletRequest;
import org.jboss.security.audit.AuditEvent;
import org.jboss.security.audit.AuditManager;

/* loaded from: input_file:org/wildfly/extension/undertow/security/AuditNotificationReceiver.class */
public class AuditNotificationReceiver implements NotificationReceiver {
    private final AuditManager auditManager;

    public AuditNotificationReceiver(AuditManager auditManager) {
        this.auditManager = auditManager;
    }

    public void handleNotification(SecurityNotification securityNotification) {
        SecurityNotification.EventType eventType = securityNotification.getEventType();
        if (eventType == SecurityNotification.EventType.AUTHENTICATED || eventType == SecurityNotification.EventType.FAILED_AUTHENTICATION) {
            AuditEvent auditEvent = new AuditEvent(eventType == SecurityNotification.EventType.AUTHENTICATED ? "Success" : "Failure");
            HashMap hashMap = new HashMap();
            Account account = securityNotification.getAccount();
            if (account != null) {
                hashMap.put("principal", account.getPrincipal().getName());
            }
            hashMap.put("message", securityNotification.getMessage());
            ServletRequestContext servletRequestContext = (ServletRequestContext) securityNotification.getExchange().getAttachment(ServletRequestContext.ATTACHMENT_KEY);
            if (servletRequestContext != null) {
                HttpServletRequest servletRequest = servletRequestContext.getServletRequest();
                if (servletRequest instanceof HttpServletRequest) {
                    hashMap.put("request", deriveUsefulInfo(servletRequest));
                }
            }
            hashMap.put("Source", getClass().getCanonicalName());
            auditEvent.setContextMap(hashMap);
            this.auditManager.audit(auditEvent);
        }
    }

    private static String deriveUsefulInfo(HttpServletRequest httpServletRequest) {
        StringBuilder sb = new StringBuilder();
        sb.append("[").append(httpServletRequest.getContextPath());
        sb.append(":cookies=").append(Arrays.toString(httpServletRequest.getCookies())).append(":headers=");
        Enumeration headerNames = httpServletRequest.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String str = (String) headerNames.nextElement();
            sb.append(str).append("=");
            if (!str.contains("authorization")) {
                sb.append(httpServletRequest.getHeader(str)).append(",");
            }
        }
        sb.append("]");
        sb.append("[parameters=");
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str2 = (String) parameterNames.nextElement();
            String[] parameterValues = str2.equals("j_password") ? new String[]{"***"} : httpServletRequest.getParameterValues(str2);
            int length = parameterValues != null ? parameterValues.length : 0;
            for (int i = 0; i < length; i++) {
                sb.append(parameterValues[i]).append("::");
            }
            sb.append(",");
        }
        sb.append("][attributes=");
        Enumeration attributeNames = httpServletRequest.getAttributeNames();
        while (attributeNames.hasMoreElements()) {
            String str3 = (String) attributeNames.nextElement();
            sb.append(str3).append("=");
            sb.append(httpServletRequest.getAttribute(str3)).append(",");
        }
        sb.append("]");
        return sb.toString();
    }
}
