package com.ibm.ws.security.audit.source;

import com.ibm.websphere.event.Topic;
import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.websphere.security.audit.AuditConstants;
import com.ibm.websphere.security.audit.AuditEvent;
import com.ibm.websphere.security.audit.InvalidConfigurationException;
import com.ibm.ws.collector.manager.buffer.BufferManagerImpl;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.logging.data.GenericData;
import com.ibm.ws.logging.utils.SequenceNumber;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.audit.event.AuditMgmtEvent;
import com.ibm.ws.security.audit.source.utils.AuditUtils;
import com.ibm.wsspi.collector.manager.BufferManager;
import com.ibm.wsspi.collector.manager.Source;
import com.ibm.wsspi.kernel.service.location.VariableRegistry;
import com.ibm.wsspi.kernel.service.utils.AtomicServiceReference;
import com.ibm.wsspi.security.audit.AuditService;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import org.osgi.framework.ServiceReference;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Modified;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.osgi.service.component.annotations.ReferencePolicyOption;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@Component(service = {AuditService.class, Source.class}, configurationPid = {"com.ibm.ws.security.audit.event"}, configurationPolicy = ConfigurationPolicy.OPTIONAL, property = {"service.vendor=IBM"}, immediate = true)
@TraceOptions
/* loaded from: input_file:com/ibm/ws/security/audit/source/AuditServiceImpl.class */
public class AuditServiceImpl implements AuditService, Source {
    private static final String VAR_DEFAULTHOSTNAME = "${defaultHostName}";
    private static final String VAR_WLPSERVERNAME = "${wlp.server.name}";
    private static final String VAR_WLPUSERDIR = "${wlp.user.dir}";
    private static final String ENV_VAR_CONTAINERHOST = "${env.CONTAINER_HOST}";
    private static final String ENV_VAR_CONTAINERNAME = "${env.CONTAINER_NAME}";
    private static final String AUDIT_SERVER_ID_PREFIX = "websphere: ";
    private static final String AUDIT_SERVER_ID_SEPARATOR = ":";
    private static final String INCORRECT_AUDIT_EVENT_CONFIGURATION = "INCORRECT_AUDIT_EVENT_CONFIGURATION";
    private static final String INCORRECT_AUDIT_OUTCOME_CONFIGURATION = "INCORRECT_AUDIT_OUTCOME_CONFIGURATION";
    public static final String KEY_RUNNABLE = "JMXWork";
    private BufferManager bufferMgr;
    private BufferManager saved_bufferMgr;
    private volatile BufferManagerImpl auditLogConduit;
    static final long serialVersionUID = -4557755890382698511L;
    public static final Topic TOPIC_QUEUED_WORK = new Topic("com/ibm/ws/jmx/QUEUED_AUDIT_WORK");
    public static final String TOPIC_QUEUED_WORK_NAME = TOPIC_QUEUED_WORK.getName();
    private static Object syncObject = new Object();
    private static Object syncSeqNum = new Object();
    private static final String VARIABLE_REGISTRY_SERVICE = "variableRegistryService";
    private static final AtomicServiceReference<VariableRegistry> variableRegistryServiceRef = new AtomicServiceReference<>(VARIABLE_REGISTRY_SERVICE);
    private static final TraceComponent tc = Tr.register(AuditServiceImpl.class, "audit", "com.ibm.ws.security.audit.source.internal.resources.AuditMessages");
    private int eventSequenceNumber = 0;
    private final SequenceNumber sequenceNumber = new SequenceNumber();
    private final ConcurrentHashMap<String, List<Map<String, Object>>> handlerEventsMap = new ConcurrentHashMap<>();
    private String eventName = null;
    private boolean isCustomEvent = false;
    private String[] auditData = null;
    private String[] outcome = null;
    private Map<String, Object> thisConfiguration = null;
    List<AuditEvent> list = new ArrayList();
    private List<AuditEvent> savedEvent = Collections.synchronizedList(this.list);
    private int savedEventIndex = 0;
    private final boolean savedEventEmitted = false;
    private String serverID = null;
    private boolean auditServiceStarted = false;
    private boolean emitted1 = false;
    private final boolean emitted2 = false;
    private boolean emitMsgOnce = true;

    @Reference(name = VARIABLE_REGISTRY_SERVICE, service = VariableRegistry.class, policy = ReferencePolicy.DYNAMIC, policyOption = ReferencePolicyOption.GREEDY)
    protected void setVariableRegistryService(ServiceReference<VariableRegistry> serviceReference) {
        variableRegistryServiceRef.setReference(serviceReference);
    }

    protected void unsetVariableRegistryService(ServiceReference<VariableRegistry> serviceReference) {
        variableRegistryServiceRef.unsetReference(serviceReference);
    }

    @Activate
    protected void activate(ComponentContext componentContext, Map<String, Object> map) {
        Tr.info(tc, "AUDIT_SERVICE_STARTING", new Object[0]);
        this.thisConfiguration = map;
        variableRegistryServiceRef.activate(componentContext);
        if (map != null && !map.isEmpty()) {
            for (Map.Entry<String, Object> entry : map.entrySet()) {
                String key = entry.getKey();
                Object value = entry.getValue();
                if (key.equals("eventName")) {
                    setEventName(value);
                } else if (key.equals("CUSTOM")) {
                    setIsCustomEvent(value);
                } else if (key.equals("auditData")) {
                    setAuditData(value);
                } else if (key.equals("outcome")) {
                    setOutcome(value);
                }
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "configuration: " + map.toString(), new Object[0]);
        }
    }

    public void auditStarted(String str) {
        if (isAuditRequired("SECURITY_AUDIT_MGMT", "success")) {
            sendEvent(new AuditMgmtEvent(this.thisConfiguration, "AuditService", "start"));
        }
        this.auditServiceStarted = true;
        this.saved_bufferMgr = this.bufferMgr;
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "auditStarted, bufferMgr = " + this.bufferMgr + " saved_bufferMgr = " + this.saved_bufferMgr, new Object[0]);
        }
        this.auditServiceStarted = true;
        Tr.info(tc, "AUDIT_SERVICE_READY", new Object[0]);
    }

    public void auditStopped(String str) {
        if (isAuditRequired("SECURITY_AUDIT_MGMT", "success")) {
            sendEvent(new AuditMgmtEvent(this.thisConfiguration, "AuditService", "stop"));
            this.emitted1 = false;
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "auditStopped, emitted1 = false, saved_bufferMgr = null", new Object[0]);
            }
            this.saved_bufferMgr = null;
        }
    }

    @Deactivate
    protected void deactivate(ComponentContext componentContext, int i) {
        Tr.info(tc, "AUDIT_SERVICE_STOPPED", new Object[0]);
        this.handlerEventsMap.clear();
        variableRegistryServiceRef.deactivate(componentContext);
    }

    @Modified
    protected void modified(Map<String, Object> map) {
    }

    public void registerEvents(String str, List<Map<String, Object>> list) throws InvalidConfigurationException {
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "size of configuredEvents: " + list.size(), new Object[0]);
        }
        if (!validateEventsAndOutcomes(str, list)) {
            throw new InvalidConfigurationException();
        }
        if (!this.handlerEventsMap.containsKey(str)) {
            this.handlerEventsMap.put(str, list);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "handlerEventsMap: " + this.handlerEventsMap.toString(), new Object[0]);
        }
        auditStarted("AuditService");
        if (this.handlerEventsMap.isEmpty() || this.handlerEventsMap.containsKey("AuditFileHandler")) {
            sendEvent(new AuditMgmtEvent(this.thisConfiguration, "AuditHandler:AuditFileHandler", "start"));
        }
    }

    public boolean validateEventsAndOutcomes(String str, List<Map<String, Object>> list) {
        if (list.isEmpty()) {
            if (!tc.isDebugEnabled()) {
                return true;
            }
            Tr.debug(tc, "configuredEvents is empty, returning true as all events are valid", new Object[0]);
            return true;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "configuredEvents: " + list.toString(), new Object[0]);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "size of configuredEvents: " + list.size(), new Object[0]);
        }
        for (Map<String, Object> map : list) {
            if (map.isEmpty()) {
                if (!tc.isDebugEnabled()) {
                    return true;
                }
                Tr.debug(tc, "no events or outcomes specified, all events and outcomes are honoured", new Object[0]);
                return true;
            }
            boolean z = false;
            boolean z2 = false;
            String str2 = null;
            for (Map.Entry<String, Object> entry : map.entrySet()) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "entry: " + entry.toString(), new Object[0]);
                }
                if (entry.getKey().equals("CUSTOM") && entry.getValue().equals(Boolean.TRUE)) {
                    return true;
                }
                if (entry.getKey().equals("eventName")) {
                    z = true;
                    String str3 = (String) entry.getValue();
                    if (!validateEventName((String) entry.getValue())) {
                        String str4 = "";
                        Iterator it = AuditConstants.validEventNamesList.iterator();
                        while (it.hasNext()) {
                            str4 = str4.concat((String) it.next()).concat(" ");
                        }
                        Tr.error(tc, INCORRECT_AUDIT_EVENT_CONFIGURATION, new Object[]{str3, str, str4});
                        return false;
                    }
                } else if (entry.getKey().equals("outcome")) {
                    z2 = true;
                    str2 = (String) entry.getValue();
                    if (!validateOutcomeName((String) entry.getValue())) {
                        String str5 = "";
                        Iterator it2 = AuditConstants.validOutcomesList.iterator();
                        while (it2.hasNext()) {
                            str5 = str5.concat((String) it2.next()).concat(" ");
                        }
                        Tr.error(tc, INCORRECT_AUDIT_OUTCOME_CONFIGURATION, new Object[]{str2, str, str5});
                        return false;
                    }
                } else {
                    continue;
                }
            }
            if (!z && z2) {
                String str6 = "";
                Iterator it3 = AuditConstants.validEventNamesList.iterator();
                while (it3.hasNext()) {
                    str6 = str6.concat((String) it3.next()).concat(" ");
                }
                Tr.error(tc, "INCORRECT_AUDIT_CONFIGURATION_OUTCOME_SPECIFIED_MISSING_EVENTNAME", new Object[]{str2, str, str6});
                return false;
            }
        }
        return true;
    }

    public boolean validateEventName(String str) {
        boolean z = false;
        if (AuditConstants.validEventNamesList.contains(str)) {
            z = true;
        }
        return z;
    }

    public boolean validateOutcomeName(String str) {
        boolean z = false;
        if (AuditConstants.validOutcomesList.contains(str)) {
            z = true;
        }
        return z;
    }

    public void unRegisterEvents(String str) {
        if (this.handlerEventsMap.containsKey(str)) {
            if (this.handlerEventsMap.size() == 1) {
                auditStopped(null);
            }
            this.handlerEventsMap.remove(str);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "handlerEventsMap: " + this.handlerEventsMap.toString(), new Object[0]);
        }
    }

    public boolean isAuditRequired(String str, String str2) {
        Object obj;
        Iterator<Map.Entry<String, List<Map<String, Object>>>> it = this.handlerEventsMap.entrySet().iterator();
        while (it.hasNext()) {
            List<Map<String, Object>> value = it.next().getValue();
            if (value.isEmpty()) {
                if (!tc.isDebugEnabled()) {
                    return true;
                }
                Tr.debug(tc, "handlerEventsList is empty, returning true for isAuditRequired", new Object[0]);
                return true;
            }
            for (Map<String, Object> map : value) {
                if (map.isEmpty()) {
                    if (!tc.isDebugEnabled()) {
                        return true;
                    }
                    Tr.debug(tc, "no events or outcomes specified, all events and outcomes are honoured", new Object[0]);
                    return true;
                }
                if (str.equals(map.get("eventName")) && ((obj = map.get("outcome")) == null || obj.toString().equalsIgnoreCase(str2))) {
                    return true;
                }
            }
        }
        return false;
    }

    private GenericData map2GenericData(GenericData genericData, Map<String, Object> map) {
        for (Map.Entry<String, Object> entry : map.entrySet()) {
            if (entry.getValue() != null) {
                genericData.addPair(entry.getKey(), entry.getValue().toString());
            } else if (entry.getKey().equals("target.appname")) {
                genericData.addPair(entry.getKey(), AuditUtils.getJ2EEComponentName());
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "gdo: " + genericData.toString(), new Object[0]);
        }
        return genericData;
    }

    public void sendEvent(AuditEvent auditEvent) {
        if (auditEvent == null) {
            emitSavedEvents();
            return;
        }
        if (isAuditRequired((String) auditEvent.getMap().get("eventName"), (String) auditEvent.getMap().get("outcome"))) {
            synchronized (syncSeqNum) {
                if (auditEvent.getTarget().get("target.id") == "null" || auditEvent.getTarget().get("target.id") == null) {
                    auditEvent.set("target.id", getServerID());
                }
                if (auditEvent.getObserver().get("observer.id") == "null" || auditEvent.getObserver().get("observer.id") == null) {
                    auditEvent.set("observer.id", getServerID());
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "sendEvent, bufferMgr = " + this.bufferMgr + " saved_bufferMgr = " + this.saved_bufferMgr, new Object[0]);
                }
                if (this.bufferMgr == null || this.saved_bufferMgr == null) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "sendEvent, savedEventIndex = " + this.savedEventIndex + " saved event: " + auditEvent.toString(), new Object[0]);
                    }
                    this.savedEvent.add(auditEvent);
                    this.savedEventIndex++;
                } else {
                    int i = this.eventSequenceNumber;
                    this.eventSequenceNumber = i + 1;
                    auditEvent.set("eventSequenceNumber", Integer.valueOf(i));
                    GenericData genericData = new GenericData();
                    genericData.setSourceName("com.ibm.ws.audit.source.auditsource");
                    long currentTimeMillis = System.currentTimeMillis();
                    genericData.addPair("ibm_datetime", currentTimeMillis);
                    genericData.addPair("ibm_sequence", this.sequenceNumber.next(currentTimeMillis));
                    genericData.addPair("ibm_threadId", new Integer((int) Thread.currentThread().getId()).intValue());
                    final GenericData map2GenericData = map2GenericData(genericData, auditEvent.getMap());
                    AccessController.doPrivileged(new PrivilegedAction<Void>() { // from class: com.ibm.ws.security.audit.source.AuditServiceImpl.1
                        static final long serialVersionUID = -1675801668238874533L;
                        private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("com.ibm.ws.security.audit.source.AuditServiceImpl$1", AnonymousClass1.class, "audit", "com.ibm.ws.security.audit.source.internal.resources.AuditMessages");

                        /* JADX WARN: Can't rename method to resolve collision */
                        @Override // java.security.PrivilegedAction
                        public Void run() {
                            AuditServiceImpl.this.bufferMgr.add(map2GenericData);
                            return null;
                        }
                    });
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "gdo: " + map2GenericData.toString(), new Object[0]);
                    }
                }
            }
        }
    }

    public void emitSavedEvents() {
        if (tc.isDebugEnabled() && this.bufferMgr == null) {
            Tr.debug(tc, "emitSavedEvents, bufferMgr is null", new Object[0]);
        }
        if (this.bufferMgr != null) {
            Iterator<AuditEvent> it = this.savedEvent.iterator();
            while (it.hasNext()) {
                sendEvent(it.next());
            }
            this.savedEvent.clear();
            this.savedEventIndex = 0;
        }
    }

    public String getSourceName() {
        return "audit";
    }

    public String getLocation() {
        return "server";
    }

    public void setBufferManager(BufferManager bufferManager) {
        this.bufferMgr = bufferManager;
        this.saved_bufferMgr = bufferManager;
    }

    public void unsetBufferManager(BufferManager bufferManager) {
        this.bufferMgr = null;
    }

    public void setEventName(Object obj) {
        this.eventName = (String) obj;
    }

    public String getEventName() {
        return this.eventName;
    }

    public void setIsCustomEvent(Object obj) {
        this.isCustomEvent = ((Boolean) obj).booleanValue();
    }

    public Boolean getIsCustomEvent() {
        return Boolean.valueOf(this.isCustomEvent);
    }

    public void setAuditData(Object obj) {
        this.auditData = ((String) obj).split(", ");
    }

    public String[] getAuditData() {
        return this.auditData;
    }

    public void setOutcome(Object obj) {
        this.outcome = ((String) obj).split(", ");
    }

    public String[] getOutcome() {
        return this.outcome;
    }

    public String getServerID() {
        if (this.serverID == null) {
            String str = (String) AccessController.doPrivileged(new PrivilegedAction<String>() { // from class: com.ibm.ws.security.audit.source.AuditServiceImpl.2
                static final long serialVersionUID = 2227927240783736755L;
                private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("com.ibm.ws.security.audit.source.AuditServiceImpl$2", AnonymousClass2.class, "audit", "com.ibm.ws.security.audit.source.internal.resources.AuditMessages");

                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedAction
                public String run() {
                    return ((VariableRegistry) AuditServiceImpl.variableRegistryServiceRef.getService()).resolveString(AuditServiceImpl.ENV_VAR_CONTAINERNAME);
                }
            });
            if (ENV_VAR_CONTAINERNAME.equals(str)) {
                str = (String) AccessController.doPrivileged(new PrivilegedAction<String>() { // from class: com.ibm.ws.security.audit.source.AuditServiceImpl.3
                    static final long serialVersionUID = -2623495597264900483L;
                    private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("com.ibm.ws.security.audit.source.AuditServiceImpl$3", AnonymousClass3.class, "audit", "com.ibm.ws.security.audit.source.internal.resources.AuditMessages");

                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedAction
                    public String run() {
                        return ((VariableRegistry) AuditServiceImpl.variableRegistryServiceRef.getService()).resolveString(AuditServiceImpl.VAR_WLPSERVERNAME);
                    }
                });
            }
            if (VAR_WLPSERVERNAME.equals(str)) {
                str = "";
            }
            String str2 = (String) AccessController.doPrivileged(new PrivilegedAction<String>() { // from class: com.ibm.ws.security.audit.source.AuditServiceImpl.4
                static final long serialVersionUID = 1266175293067549381L;
                private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("com.ibm.ws.security.audit.source.AuditServiceImpl$4", AnonymousClass4.class, "audit", "com.ibm.ws.security.audit.source.internal.resources.AuditMessages");

                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedAction
                public String run() {
                    return ((VariableRegistry) AuditServiceImpl.variableRegistryServiceRef.getService()).resolveString(AuditServiceImpl.VAR_WLPUSERDIR);
                }
            });
            if (VAR_WLPUSERDIR.equals(str2)) {
                str2 = "";
            }
            String str3 = (String) AccessController.doPrivileged(new PrivilegedAction<String>() { // from class: com.ibm.ws.security.audit.source.AuditServiceImpl.5
                static final long serialVersionUID = -8691217427522735428L;
                private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("com.ibm.ws.security.audit.source.AuditServiceImpl$5", AnonymousClass5.class, "audit", "com.ibm.ws.security.audit.source.internal.resources.AuditMessages");

                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedAction
                public String run() {
                    return ((VariableRegistry) AuditServiceImpl.variableRegistryServiceRef.getService()).resolveString(AuditServiceImpl.ENV_VAR_CONTAINERHOST);
                }
            });
            if (ENV_VAR_CONTAINERHOST.equals(str3)) {
                str3 = (String) AccessController.doPrivileged(new PrivilegedAction<String>() { // from class: com.ibm.ws.security.audit.source.AuditServiceImpl.6
                    static final long serialVersionUID = 4091797805058126250L;
                    private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("com.ibm.ws.security.audit.source.AuditServiceImpl$6", AnonymousClass6.class, "audit", "com.ibm.ws.security.audit.source.internal.resources.AuditMessages");

                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedAction
                    public String run() {
                        return ((VariableRegistry) AuditServiceImpl.variableRegistryServiceRef.getService()).resolveString(AuditServiceImpl.VAR_DEFAULTHOSTNAME);
                    }
                });
                if (VAR_DEFAULTHOSTNAME.equals(str3) || str3.equals("localhost")) {
                    try {
                        str3 = (String) AccessController.doPrivileged(new PrivilegedExceptionAction<String>() { // from class: com.ibm.ws.security.audit.source.AuditServiceImpl.7
                            static final long serialVersionUID = -4819644461941220785L;
                            private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("com.ibm.ws.security.audit.source.AuditServiceImpl$7", AnonymousClass7.class, "audit", "com.ibm.ws.security.audit.source.internal.resources.AuditMessages");

                            /* JADX WARN: Can't rename method to resolve collision */
                            @Override // java.security.PrivilegedExceptionAction
                            public String run() throws UnknownHostException {
                                return InetAddress.getLocalHost().getCanonicalHostName();
                            }
                        });
                    } catch (PrivilegedActionException e) {
                        FFDCFilter.processException(e, "com.ibm.ws.security.audit.source.AuditServiceImpl", "661", this, new Object[0]);
                        str3 = "";
                    }
                }
            }
            this.serverID = AUDIT_SERVER_ID_PREFIX + str3 + AUDIT_SERVER_ID_SEPARATOR + str2 + AUDIT_SERVER_ID_SEPARATOR + str;
        }
        return this.serverID;
    }
}
