package org.apache.solr.security;

import com.fasterxml.jackson.annotation.JsonIgnore;
import java.lang.invoke.MethodHandles;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import org.apache.solr.common.SolrException;
import org.apache.solr.common.cloud.ZkStateReader;
import org.apache.solr.security.AuthorizationContext;
import org.apache.solr.servlet.ServletUtils;
import org.apache.solr.servlet.SolrRequestParsers;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.MDC;

/* loaded from: input_file:org/apache/solr/security/AuditEvent.class */
public class AuditEvent {
    private String baseUrl;
    private String nodeName;
    private String message;
    private Level level;
    private Date date;
    private String username;
    private String session;
    private String clientIp;
    private List<String> collections;
    private Map<String, Object> context;
    private Map<String, String> headers;
    private Map<String, List<String>> solrParams;
    private String solrHost;
    private int solrPort;
    private String solrIp;
    private String resource;
    private String httpMethod;
    private String httpQueryString;
    private EventType eventType;
    private AuthorizationResponse autResponse;
    private RequestType requestType;
    private double qTime;
    private int status;
    private Throwable exception;
    private static final Logger log = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
    private static final List<String> ADMIN_PATH_REGEXES = Arrays.asList("^/admin/.*", "^/api/(c|collections)$", "^/api/(c|collections)/[^/]+/config$", "^/api/(c|collections)/[^/]+/schema$", "^/api/(c|collections)/[^/]+/shards.*", "^/api/cores.*$", "^/api/node.*$", "^/api/cluster.*$");
    private static final List<String> STREAMING_PATH_REGEXES = Collections.singletonList(".*/stream.*");
    private static final List<String> INDEXING_PATH_REGEXES = Collections.singletonList(".*/update.*");
    private static final List<String> SEARCH_PATH_REGEXES = Arrays.asList(".*/select.*", ".*/query.*");
    private static final List<Pattern> ADMIN_PATH_PATTERNS = (List) ADMIN_PATH_REGEXES.stream().map(Pattern::compile).collect(Collectors.toList());
    private static final List<Pattern> STREAMING_PATH_PATTERNS = (List) STREAMING_PATH_REGEXES.stream().map(Pattern::compile).collect(Collectors.toList());
    private static final List<Pattern> INDEXING_PATH_PATTERNS = (List) INDEXING_PATH_REGEXES.stream().map(Pattern::compile).collect(Collectors.toList());
    private static final List<Pattern> SEARCH_PATH_PATTERNS = (List) SEARCH_PATH_REGEXES.stream().map(Pattern::compile).collect(Collectors.toList());

    /* loaded from: input_file:org/apache/solr/security/AuditEvent$EventType.class */
    public enum EventType {
        AUTHENTICATED("Authenticated", "User successfully authenticated", Level.INFO, -1),
        REJECTED("Rejected", "Authentication request rejected", Level.WARN, 401),
        ANONYMOUS("Anonymous", "Request proceeds with unknown user", Level.INFO, -1),
        ANONYMOUS_REJECTED("AnonymousRejected", "Request from unknown user rejected", Level.WARN, 401),
        AUTHORIZED("Authorized", "Authorization succeeded", Level.INFO, -1),
        UNAUTHORIZED("Unauthorized", "Authorization failed", Level.WARN, 403),
        COMPLETED("Completed", "Request completed", Level.INFO, 200),
        ERROR("Error", "Request was not executed due to an error", Level.ERROR, 500);

        public final String message;
        public final String explanation;
        public final Level level;
        public final int status;

        EventType(String str, String str2, Level level, int i) {
            this.message = str;
            this.explanation = str2;
            this.level = level;
            this.status = i;
        }
    }

    /* loaded from: input_file:org/apache/solr/security/AuditEvent$Level.class */
    public enum Level {
        INFO,
        WARN,
        ERROR
    }

    /* loaded from: input_file:org/apache/solr/security/AuditEvent$RequestType.class */
    public enum RequestType {
        ADMIN,
        SEARCH,
        UPDATE,
        STREAMING,
        UNKNOWN;

        static RequestType convertType(AuthorizationContext.RequestType requestType) {
            switch (requestType) {
                case ADMIN:
                    return ADMIN;
                case READ:
                    return SEARCH;
                case WRITE:
                    return UPDATE;
                default:
                    return UNKNOWN;
            }
        }
    }

    public AuditEvent(EventType eventType) {
        this.solrParams = new HashMap();
        this.qTime = -1.0d;
        this.status = -1;
        this.date = new Date();
        this.eventType = eventType;
        this.status = eventType.status;
        this.level = eventType.level;
        this.message = eventType.message;
    }

    public AuditEvent(EventType eventType, HttpServletRequest httpServletRequest) {
        this(eventType, (Throwable) null, httpServletRequest);
    }

    protected AuditEvent() {
        this.solrParams = new HashMap();
        this.qTime = -1.0d;
        this.status = -1;
    }

    public AuditEvent(EventType eventType, Throwable th, HttpServletRequest httpServletRequest) {
        this(eventType);
        this.solrHost = httpServletRequest.getLocalName();
        this.solrPort = httpServletRequest.getLocalPort();
        this.solrIp = httpServletRequest.getLocalAddr();
        this.clientIp = httpServletRequest.getRemoteAddr();
        this.httpMethod = httpServletRequest.getMethod();
        this.httpQueryString = httpServletRequest.getQueryString();
        this.headers = getHeadersFromRequest(httpServletRequest);
        this.baseUrl = httpServletRequest.getRequestURL().toString();
        this.nodeName = MDC.get(ZkStateReader.NODE_NAME_PROP);
        SolrRequestParsers.parseQueryString(this.httpQueryString).forEach(entry -> {
            this.solrParams.put((String) entry.getKey(), Arrays.asList((String[]) entry.getValue()));
        });
        setResource(ServletUtils.getPathAfterContext(httpServletRequest));
        setRequestType(findRequestType());
        if (th != null) {
            setException(th);
        }
        if (httpServletRequest.getUserPrincipal() != null) {
            this.username = httpServletRequest.getUserPrincipal().getName();
        } else if (eventType.equals(EventType.AUTHENTICATED)) {
            this.eventType = EventType.ANONYMOUS;
            this.message = EventType.ANONYMOUS.message;
            this.level = EventType.ANONYMOUS.level;
            log.debug("Audit event type changed from AUTHENTICATED to ANONYMOUS since no Principal found on request");
        }
    }

    public AuditEvent(EventType eventType, HttpServletRequest httpServletRequest, AuthorizationContext authorizationContext) {
        this(eventType, httpServletRequest);
        this.collections = (List) authorizationContext.getCollectionRequests().stream().map(collectionRequest -> {
            return collectionRequest.collectionName;
        }).collect(Collectors.toList());
        setResource(authorizationContext.getResource());
        this.requestType = RequestType.convertType(authorizationContext.getRequestType());
        if (authorizationContext.getParams() != null) {
            authorizationContext.getParams().forEach(entry -> {
                this.solrParams.put((String) entry.getKey(), Arrays.asList((String[]) entry.getValue()));
            });
        }
    }

    public AuditEvent(EventType eventType, HttpServletRequest httpServletRequest, AuthorizationContext authorizationContext, double d, Throwable th) {
        this(eventType, httpServletRequest, authorizationContext);
        setQTime(d);
        setException(th);
    }

    private HashMap<String, String> getHeadersFromRequest(HttpServletRequest httpServletRequest) {
        HashMap<String, String> hashMap = new HashMap<>();
        Enumeration<String> headerNames = httpServletRequest.getHeaderNames();
        while (headerNames != null && headerNames.hasMoreElements()) {
            String nextElement = headerNames.nextElement();
            hashMap.put(nextElement, httpServletRequest.getHeader(nextElement));
        }
        return hashMap;
    }

    public String getMessage() {
        return this.message;
    }

    public Level getLevel() {
        return this.level;
    }

    public Date getDate() {
        return this.date;
    }

    public String getUsername() {
        return this.username;
    }

    public String getSession() {
        return this.session;
    }

    public String getClientIp() {
        return this.clientIp;
    }

    public Map<String, Object> getContext() {
        return this.context;
    }

    public List<String> getCollections() {
        return this.collections;
    }

    public String getResource() {
        return this.resource;
    }

    public String getHttpMethod() {
        return this.httpMethod;
    }

    public String getHttpQueryString() {
        return this.httpQueryString;
    }

    public EventType getEventType() {
        return this.eventType;
    }

    public String getSolrHost() {
        return this.solrHost;
    }

    public String getSolrIp() {
        return this.solrIp;
    }

    public int getSolrPort() {
        return this.solrPort;
    }

    public Map<String, String> getHeaders() {
        return this.headers;
    }

    public Map<String, List<String>> getSolrParams() {
        return this.solrParams;
    }

    public String getSolrParamAsString(String str) {
        List<String> list = getSolrParams().get(str);
        if (list == null || list.size() <= 0) {
            return null;
        }
        return String.valueOf(list.get(0));
    }

    public AuthorizationResponse getAutResponse() {
        return this.autResponse;
    }

    public String getNodeName() {
        return this.nodeName;
    }

    public RequestType getRequestType() {
        return this.requestType;
    }

    public int getStatus() {
        return this.status;
    }

    public double getQTime() {
        return this.qTime;
    }

    public Throwable getException() {
        return this.exception;
    }

    @JsonIgnore
    @Deprecated
    public StringBuffer getRequestUrl() {
        return new StringBuffer(this.baseUrl);
    }

    public String getUrl() {
        if (this.baseUrl == null) {
            return null;
        }
        return this.baseUrl + (this.httpQueryString != null ? "?" + this.httpQueryString : "");
    }

    public String getBaseUrl() {
        return this.baseUrl;
    }

    public AuditEvent setBaseUrl(String str) {
        this.baseUrl = str;
        return this;
    }

    public AuditEvent setSession(String str) {
        this.session = str;
        return this;
    }

    public AuditEvent setClientIp(String str) {
        this.clientIp = str;
        return this;
    }

    public AuditEvent setContext(Map<String, Object> map) {
        this.context = map;
        return this;
    }

    public AuditEvent setContextEntry(String str, Object obj) {
        this.context.put(str, obj);
        return this;
    }

    public AuditEvent setMessage(String str) {
        this.message = str;
        return this;
    }

    public AuditEvent setLevel(Level level) {
        this.level = level;
        return this;
    }

    public AuditEvent setDate(Date date) {
        this.date = date;
        return this;
    }

    public AuditEvent setUsername(String str) {
        this.username = str;
        return this;
    }

    public AuditEvent setCollections(List<String> list) {
        this.collections = list;
        return this;
    }

    public AuditEvent setResource(String str) {
        this.resource = normalizeResourcePath(str);
        return this;
    }

    public AuditEvent setHttpMethod(String str) {
        this.httpMethod = str;
        return this;
    }

    public AuditEvent setHttpQueryString(String str) {
        this.httpQueryString = str;
        return this;
    }

    public AuditEvent setSolrHost(String str) {
        this.solrHost = str;
        return this;
    }

    public AuditEvent setSolrPort(int i) {
        this.solrPort = i;
        return this;
    }

    public AuditEvent setSolrIp(String str) {
        this.solrIp = str;
        return this;
    }

    public AuditEvent setHeaders(Map<String, String> map) {
        this.headers = map;
        return this;
    }

    public AuditEvent setSolrParams(Map<String, List<String>> map) {
        this.solrParams = map;
        return this;
    }

    public AuditEvent setAutResponse(AuthorizationResponse authorizationResponse) {
        this.autResponse = authorizationResponse;
        return this;
    }

    public AuditEvent setRequestType(RequestType requestType) {
        this.requestType = requestType;
        return this;
    }

    public AuditEvent setQTime(double d) {
        this.qTime = d;
        return this;
    }

    public AuditEvent setStatus(int i) {
        this.status = i;
        return this;
    }

    public AuditEvent setException(Throwable th) {
        this.exception = th;
        if (th != null) {
            this.eventType = EventType.ERROR;
            this.level = EventType.ERROR.level;
            this.message = EventType.ERROR.message;
            if (th instanceof SolrException) {
                this.status = ((SolrException) th).code();
            }
        }
        return this;
    }

    private RequestType findRequestType() {
        return this.resource == null ? RequestType.UNKNOWN : SEARCH_PATH_PATTERNS.stream().anyMatch(pattern -> {
            return pattern.matcher(this.resource).matches();
        }) ? RequestType.SEARCH : INDEXING_PATH_PATTERNS.stream().anyMatch(pattern2 -> {
            return pattern2.matcher(this.resource).matches();
        }) ? RequestType.UPDATE : STREAMING_PATH_PATTERNS.stream().anyMatch(pattern3 -> {
            return pattern3.matcher(this.resource).matches();
        }) ? RequestType.STREAMING : ADMIN_PATH_PATTERNS.stream().anyMatch(pattern4 -> {
            return pattern4.matcher(this.resource).matches();
        }) ? RequestType.ADMIN : RequestType.UNKNOWN;
    }

    protected String normalizeResourcePath(String str) {
        return str == null ? "" : str.replaceFirst("^/____v2", "/api");
    }
}
