package io.vertx.ext.auth.audit.impl;

import io.vertx.core.http.HttpMethod;
import io.vertx.core.http.HttpVersion;
import io.vertx.core.internal.logging.Logger;
import io.vertx.core.internal.logging.LoggerFactory;
import io.vertx.core.json.JsonObject;
import io.vertx.core.net.SocketAddress;
import io.vertx.ext.auth.User;
import io.vertx.ext.auth.audit.Marker;
import io.vertx.ext.auth.audit.SecurityAudit;
import io.vertx.ext.auth.authentication.Credentials;
import io.vertx.ext.auth.authorization.Authorization;
import io.vertx.ext.auth.impl.asn.ASN1;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;

/* loaded from: input_file:io/vertx/ext/auth/audit/impl/SecurityAuditLogger.class */
public final class SecurityAuditLogger implements SecurityAudit {
    private static final String MASK = "********************************";
    private SocketAddress source;
    private SocketAddress destination;
    private String resource;
    private Credentials credentials;
    private User user;
    private Authorization authorization;
    private int status;
    public static final Logger LOGGER = LoggerFactory.getLogger(SecurityAudit.class);
    private static final String FORMAT = System.getProperty("io.vertx.ext.auth.audit.format", "rfc5424");
    private static final Set<String> MASKED = new HashSet();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: io.vertx.ext.auth.audit.impl.SecurityAuditLogger$1, reason: invalid class name */
    /* loaded from: input_file:io/vertx/ext/auth/audit/impl/SecurityAuditLogger$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$io$vertx$core$http$HttpVersion;
        static final /* synthetic */ int[] $SwitchMap$io$vertx$ext$auth$audit$Marker = new int[Marker.values().length];

        static {
            try {
                $SwitchMap$io$vertx$ext$auth$audit$Marker[Marker.AUTHENTICATION.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$io$vertx$ext$auth$audit$Marker[Marker.AUTHORIZATION.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$io$vertx$ext$auth$audit$Marker[Marker.REQUEST.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            $SwitchMap$io$vertx$core$http$HttpVersion = new int[HttpVersion.values().length];
            try {
                $SwitchMap$io$vertx$core$http$HttpVersion[HttpVersion.HTTP_1_0.ordinal()] = 1;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$io$vertx$core$http$HttpVersion[HttpVersion.HTTP_1_1.ordinal()] = 2;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$io$vertx$core$http$HttpVersion[HttpVersion.HTTP_2.ordinal()] = 3;
            } catch (NoSuchFieldError e6) {
            }
        }
    }

    private static String mask(String str) {
        int length = str.length();
        return length > 32 ? "********************************..." : MASK.substring(0, length);
    }

    private static void escapeNLFChars(StringBuilder sb, String str) {
        for (char c : str.toCharArray()) {
            switch (c) {
                case '\b':
                    sb.append("\\b");
                    break;
                case ASN1.ENUMERATED /* 10 */:
                    sb.append("\\n");
                    break;
                case 11:
                    sb.append("\\u000B");
                    break;
                case ASN1.UTF8_STRING /* 12 */:
                    sb.append("\\u000C");
                    break;
                case '\r':
                    sb.append("\\r");
                    break;
                case 133:
                    sb.append("\\u0085");
                    break;
                case 8232:
                    sb.append("\\u2028");
                    break;
                case 8233:
                    sb.append("\\u2029");
                    break;
                default:
                    sb.append(c);
                    break;
            }
        }
    }

    public static boolean isEnabled() {
        return LOGGER.isInfoEnabled();
    }

    @Override // io.vertx.ext.auth.audit.SecurityAudit
    public SecurityAudit source(SocketAddress socketAddress) {
        this.source = socketAddress;
        return this;
    }

    @Override // io.vertx.ext.auth.audit.SecurityAudit
    public SecurityAudit destination(SocketAddress socketAddress) {
        this.destination = socketAddress;
        return this;
    }

    @Override // io.vertx.ext.auth.audit.SecurityAudit
    public SecurityAudit resource(HttpVersion httpVersion, HttpMethod httpMethod, String str) {
        StringBuilder sb = new StringBuilder();
        switch (AnonymousClass1.$SwitchMap$io$vertx$core$http$HttpVersion[httpVersion.ordinal()]) {
            case ASN1.BOOLEAN /* 1 */:
                sb.append("HTTP/1.0");
                break;
            case ASN1.INTEGER /* 2 */:
                sb.append("HTTP/1.1");
                break;
            case ASN1.BIT_STRING /* 3 */:
                sb.append("HTTP/2.0");
                break;
        }
        sb.append(' ');
        sb.append(httpMethod.name());
        sb.append(' ');
        sb.append(str);
        this.resource = sb.toString();
        return this;
    }

    @Override // io.vertx.ext.auth.audit.SecurityAudit
    public SecurityAudit resource(String str) {
        this.resource = str;
        return this;
    }

    @Override // io.vertx.ext.auth.audit.SecurityAudit
    public SecurityAudit credentials(Credentials credentials) {
        this.credentials = credentials;
        return this;
    }

    @Override // io.vertx.ext.auth.audit.SecurityAudit
    public SecurityAudit user(User user) {
        this.user = user;
        return this;
    }

    @Override // io.vertx.ext.auth.audit.SecurityAudit
    public SecurityAudit authorization(Authorization authorization) {
        this.authorization = authorization;
        return this;
    }

    @Override // io.vertx.ext.auth.audit.SecurityAudit
    public SecurityAudit status(int i) {
        this.status = i;
        return this;
    }

    @Override // io.vertx.ext.auth.audit.SecurityAudit
    public void audit(Marker marker, boolean z) {
        String str = FORMAT;
        boolean z2 = -1;
        switch (str.hashCode()) {
            case 3271912:
                if (str.equals("json")) {
                    z2 = false;
                    break;
                }
                break;
            case 1109437008:
                if (str.equals("rfc5424")) {
                    z2 = true;
                    break;
                }
                break;
        }
        switch (z2) {
            case ASN1.ANY /* 0 */:
                auditJSON(marker, z);
                return;
            case ASN1.BOOLEAN /* 1 */:
            default:
                auditRFC5424(marker, z);
                return;
        }
    }

    private void auditRFC5424(Marker marker, boolean z) {
        String subject;
        StringBuilder sb = new StringBuilder();
        sb.append('[').append(marker.name());
        sb.append(" epoch=\"").append(System.currentTimeMillis()).append('\"');
        if (this.source != null) {
            if (this.source.isInetSocket()) {
                sb.append(" source=\"").append(this.source.host());
            } else {
                sb.append(" source=\"");
                escapeNLFChars(sb, this.source.path());
            }
            sb.append('\"');
        }
        if (this.destination != null) {
            if (this.destination.isInetSocket()) {
                sb.append(" destination=\"").append(this.destination.host());
            } else {
                sb.append(" destination=\"");
                escapeNLFChars(sb, this.destination.path());
            }
            sb.append('\"');
        }
        if (this.resource != null) {
            sb.append(" resource=\"");
            escapeNLFChars(sb, this.resource);
            sb.append('\"');
        }
        switch (AnonymousClass1.$SwitchMap$io$vertx$ext$auth$audit$Marker[marker.ordinal()]) {
            case ASN1.BOOLEAN /* 1 */:
                if (this.credentials != null) {
                    Iterator it = this.credentials.toJson().iterator();
                    while (it.hasNext()) {
                        Map.Entry entry = (Map.Entry) it.next();
                        String str = (String) entry.getKey();
                        sb.append(' ');
                        escapeNLFChars(sb, str);
                        sb.append('=');
                        Object value = entry.getValue();
                        if (value == null) {
                            sb.append("null");
                        } else {
                            sb.append('\"');
                            if (MASKED.contains(str)) {
                                sb.append(mask(value.toString()));
                            } else {
                                escapeNLFChars(sb, value.toString());
                            }
                            sb.append('\"');
                        }
                    }
                    break;
                }
                break;
            case ASN1.INTEGER /* 2 */:
                if (this.user != null && (subject = this.user.subject()) != null) {
                    sb.append(" subject=\"");
                    escapeNLFChars(sb, subject);
                    sb.append('\"');
                }
                if (this.authorization != null) {
                    sb.append(" authorization=\"");
                    escapeNLFChars(sb, this.authorization.toString());
                    sb.append('\"');
                    break;
                }
                break;
            case ASN1.BIT_STRING /* 3 */:
                sb.append(" status=").append(this.status);
                break;
        }
        sb.append("] ").append(z ? "OK" : "FAIL");
        LOGGER.info(sb.toString());
    }

    private void auditJSON(Marker marker, boolean z) {
        String subject;
        JsonObject jsonObject = new JsonObject();
        jsonObject.put("marker", marker.name());
        jsonObject.put("epoch", Long.valueOf(System.currentTimeMillis()));
        if (this.source != null) {
            if (this.source.isInetSocket()) {
                jsonObject.put("source", this.source.host());
            } else {
                jsonObject.put("source", this.source.path());
            }
        }
        if (this.destination != null) {
            if (this.destination.isInetSocket()) {
                jsonObject.put("destination", this.destination.host());
            } else {
                jsonObject.put("destination", this.destination.path());
            }
        }
        if (this.resource != null) {
            jsonObject.put("resource", this.resource);
        }
        switch (AnonymousClass1.$SwitchMap$io$vertx$ext$auth$audit$Marker[marker.ordinal()]) {
            case ASN1.BOOLEAN /* 1 */:
                if (this.credentials != null) {
                    Iterator it = this.credentials.toJson().iterator();
                    while (it.hasNext()) {
                        Map.Entry entry = (Map.Entry) it.next();
                        String str = (String) entry.getKey();
                        Object value = entry.getValue();
                        if (value != null) {
                            if (MASKED.contains(str)) {
                                jsonObject.put(str, mask(value.toString()));
                            } else {
                                jsonObject.put(str, value.toString());
                            }
                        }
                    }
                    break;
                }
                break;
            case ASN1.INTEGER /* 2 */:
                if (this.user != null && (subject = this.user.subject()) != null) {
                    jsonObject.put("subject", subject);
                }
                if (this.authorization != null) {
                    jsonObject.put("authorization", this.authorization.toString());
                    break;
                }
                break;
            case ASN1.BIT_STRING /* 3 */:
                jsonObject.put("status", Integer.valueOf(this.status));
                break;
        }
        jsonObject.put("result", z ? "OK" : "FAIL");
        LOGGER.info(jsonObject.encode());
    }

    static {
        Collections.addAll(MASKED, "password", "secret", "jwt", "nonce", "cnonce", "assertion", "token", "challenge");
    }
}
