package com.ibm.ws.security.audit.event;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.security.audit.AuditEvent;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.audit.utils.AuditConstants;
import com.ibm.ws.security.audit.utils.AuditUtils;
import java.net.URLDecoder;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:com/ibm/ws/security/audit/event/ApplicationPasswordTokenEvent.class */
public class ApplicationPasswordTokenEvent extends AuditEvent {
    private static final TraceComponent tc = Tr.register(ApplicationPasswordTokenEvent.class);
    static final long serialVersionUID = 4929468178943345605L;

    public ApplicationPasswordTokenEvent() {
        set(AuditConstants.EVENT_NAME, AuditConstants.APPLICATION_TOKEN_MANAGEMENT);
        setInitiator((Map) AuditEvent.STD_INITIATOR.clone());
        setObserver((Map) AuditEvent.STD_OBSERVER.clone());
        setTarget((Map) AuditEvent.STD_TARGET.clone());
        set("observer.name", "OidcSecurityService");
    }

    public ApplicationPasswordTokenEvent(Map<String, Object> map) {
        this();
        String str;
        int indexOf;
        try {
            HttpServletRequest httpServletRequest = (HttpServletRequest) map.get("request");
            HttpServletResponse httpServletResponse = (HttpServletResponse) map.get("response");
            if (httpServletRequest != null && httpServletRequest.getRemoteAddr() != null) {
                set("initiator.host.address", httpServletRequest.getRemoteAddr());
            }
            String header = httpServletRequest.getHeader("User-Agent");
            if (header != null) {
                set("initiator.host.agent", header);
            }
            set("target.name", URLDecoder.decode(httpServletRequest.getRequestURI(), "UTF-8"));
            if (httpServletRequest.getQueryString() != null) {
                set("target.params", AuditUtils.hidePassword(URLDecoder.decode(httpServletRequest.getQueryString(), "UTF-8")));
            }
            set("target.typeURI", "service/oidc");
            set("target.host.address", httpServletRequest.getLocalAddr() + ":" + httpServletRequest.getLocalPort());
            if (httpServletRequest.getUserPrincipal() != null && httpServletRequest.getUserPrincipal().getName() != null) {
                set("target.credential.token", httpServletRequest.getUserPrincipal().getName());
            }
            if (((String) map.get("initiatorRole")) != null) {
                set("target.initiatorRole", map.get("initiatorRole"));
            }
            String sessionID = AuditUtils.getSessionID(httpServletRequest);
            if (sessionID != null) {
                set("target.session", sessionID);
            }
            String str2 = (String) map.get("endpoint");
            if (str2 != null) {
                set("target.endpoint", str2);
                if (((String) map.get("appOrTokenId")) != null) {
                    set("target.applicationId", map.get("appOrTokenId"));
                }
            }
            if (((String) map.get("clientId")) != null) {
                set("target.clientId", map.get("clientId"));
            }
            if (((String) map.get("provider")) != null) {
                set("target.provider", map.get("provider"));
            }
            if (httpServletRequest.getQueryString() != null) {
                String queryString = httpServletRequest.getQueryString();
                if (queryString != null && (indexOf = queryString.indexOf("user_id=")) != -1) {
                    String substring = queryString.substring(indexOf, queryString.length());
                    int indexOf2 = substring.indexOf("&");
                    set("target.userId", (indexOf2 == -1 || indexOf2 == 8) ? (indexOf2 == -1 || indexOf2 != 8) ? substring.substring(8, substring.length()) : "" : substring.substring(8, indexOf2));
                }
            } else if (((String) map.get("user")) != null) {
                set("target.userId", map.get("user"));
            } else if (httpServletRequest.getUserPrincipal() != null && httpServletRequest.getUserPrincipal().getName() != null) {
                set("target.userId", httpServletRequest.getUserPrincipal().getName());
            }
            if (httpServletRequest.getQueryString() != null) {
                set("target.params", AuditUtils.hidePassword(URLDecoder.decode(httpServletRequest.getQueryString(), "UTF-8")));
            }
            set("target.method", AuditUtils.getRequestMethod(httpServletRequest));
            if (AuditUtils.getRequestMethod(httpServletRequest) == "POST" && str2 != null && (str = (String) map.get("respBody")) != null && str.indexOf("app_id") != -1) {
                int indexOf3 = str.indexOf("app_id");
                int indexOf4 = str.indexOf("created_at");
                if (indexOf4 != -1) {
                    set("target.applicationId", str.substring(indexOf3 + 9, indexOf4 - 3));
                }
            }
            if (AuditUtils.getRequestMethod(httpServletRequest).equals("DELETE")) {
                set("target.numberRevoked", map.get("numberRevoked"));
            }
            String str3 = (String) map.get("auditOutcome");
            if (str3.equals(AuditConstants.SUCCESS)) {
                setOutcome(AuditConstants.SUCCESS);
                set("reason.reasonCode", Integer.valueOf(httpServletResponse.getStatus()));
                set("reason.reasonType", AuditUtils.getRequestScheme(httpServletRequest));
            } else if (str3.equals(AuditConstants.FAILURE)) {
                setOutcome(AuditConstants.FAILURE);
                set("reason.reasonCode", Integer.valueOf(httpServletResponse.getStatus()));
                String str4 = (String) map.get("detaileError");
                if (str4 != null) {
                    set("reason.reasonType", AuditUtils.getRequestScheme(httpServletRequest).concat(": ").concat(str4));
                } else {
                    set("reason.reasonType", AuditUtils.getRequestScheme(httpServletRequest));
                }
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.audit.event.ApplicationPasswordTokenEvent", "166", this, new Object[]{map});
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Internal error creating ApplicationPasswordTokenEvent", new Object[]{e});
            }
        }
    }
}
