package org.forgerock.openam.rest.authz;

import com.iplanet.sso.SSOToken;
import com.sun.identity.shared.debug.Debug;
import java.util.concurrent.ExecutionException;
import org.forgerock.authz.filter.api.AuthorizationResult;
import org.forgerock.authz.filter.crest.api.CrestAuthorizationModule;
import org.forgerock.guice.core.InjectorHolder;
import org.forgerock.json.resource.ActionRequest;
import org.forgerock.json.resource.CreateRequest;
import org.forgerock.json.resource.DeleteRequest;
import org.forgerock.json.resource.PatchRequest;
import org.forgerock.json.resource.QueryRequest;
import org.forgerock.json.resource.ReadRequest;
import org.forgerock.json.resource.ResourceException;
import org.forgerock.json.resource.UpdateRequest;
import org.forgerock.openam.forgerockrest.utils.RestLog;
import org.forgerock.openam.forgerockrest.utils.ServerContextUtils;
import org.forgerock.services.context.Context;
import org.forgerock.util.promise.Promise;

/* loaded from: input_file:org/forgerock/openam/rest/authz/LoggingAuthzModule.class */
public class LoggingAuthzModule implements CrestAuthorizationModule {
    private final String moduleName;
    private final CrestAuthorizationModule module;
    private final RestLog restLog = (RestLog) InjectorHolder.getInstance(RestLog.class);
    private final Debug debug = Debug.getInstance("frRest");

    public LoggingAuthzModule(CrestAuthorizationModule crestAuthorizationModule, String str) {
        this.module = crestAuthorizationModule;
        this.moduleName = str;
    }

    public String getName() {
        return this.moduleName;
    }

    public Promise<AuthorizationResult, ResourceException> authorizeCreate(Context context, CreateRequest createRequest) {
        return log(ServerContextUtils.getMatchedUri(context), ServerContextUtils.getCreateString(createRequest), ServerContextUtils.getTokenFromContext(context, this.debug), this.module.authorizeCreate(context, createRequest), this.moduleName);
    }

    public Promise<AuthorizationResult, ResourceException> authorizeRead(Context context, ReadRequest readRequest) {
        return log(ServerContextUtils.getMatchedUri(context), ServerContextUtils.getReadString(readRequest), ServerContextUtils.getTokenFromContext(context, this.debug), this.module.authorizeRead(context, readRequest), this.moduleName);
    }

    public Promise<AuthorizationResult, ResourceException> authorizeUpdate(Context context, UpdateRequest updateRequest) {
        return log(ServerContextUtils.getMatchedUri(context), ServerContextUtils.getUpdateString(updateRequest), ServerContextUtils.getTokenFromContext(context, this.debug), this.module.authorizeUpdate(context, updateRequest), this.moduleName);
    }

    public Promise<AuthorizationResult, ResourceException> authorizeDelete(Context context, DeleteRequest deleteRequest) {
        return log(ServerContextUtils.getMatchedUri(context), ServerContextUtils.getDeleteString(deleteRequest), ServerContextUtils.getTokenFromContext(context, this.debug), this.module.authorizeDelete(context, deleteRequest), this.moduleName);
    }

    public Promise<AuthorizationResult, ResourceException> authorizePatch(Context context, PatchRequest patchRequest) {
        return log(ServerContextUtils.getMatchedUri(context), ServerContextUtils.getPatchString(patchRequest), ServerContextUtils.getTokenFromContext(context, this.debug), this.module.authorizePatch(context, patchRequest), this.moduleName);
    }

    public Promise<AuthorizationResult, ResourceException> authorizeAction(Context context, ActionRequest actionRequest) {
        return log(ServerContextUtils.getMatchedUri(context), ServerContextUtils.getActionString(actionRequest), ServerContextUtils.getTokenFromContext(context, this.debug), this.module.authorizeAction(context, actionRequest), this.moduleName);
    }

    public Promise<AuthorizationResult, ResourceException> authorizeQuery(Context context, QueryRequest queryRequest) {
        return log(ServerContextUtils.getMatchedUri(context), ServerContextUtils.getQueryString(queryRequest), ServerContextUtils.getTokenFromContext(context, this.debug), this.module.authorizeQuery(context, queryRequest), this.moduleName);
    }

    Promise<AuthorizationResult, ResourceException> log(String str, String str2, SSOToken sSOToken, Promise<AuthorizationResult, ResourceException> promise, String str3) {
        try {
            if (((AuthorizationResult) promise.get()).isAuthorized()) {
                this.restLog.auditAccessGranted(str, str2, str3, sSOToken);
            } else {
                this.restLog.auditAccessDenied(str, str2, str3, sSOToken);
            }
        } catch (InterruptedException e) {
            this.debug.message(e.getMessage());
        } catch (ExecutionException e2) {
            this.debug.message(e2.getMessage());
        }
        return promise;
    }
}
