package com.liferay.portal.security.audit.wiring.internal.servlet.filter;

import com.liferay.petra.lang.CentralizedThreadLocal;
import com.liferay.petra.lang.SafeCloseable;
import com.liferay.portal.configuration.metatype.bnd.util.ConfigurableUtil;
import com.liferay.portal.kernel.audit.AuditRequestThreadLocal;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogContext;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.model.Company;
import com.liferay.portal.kernel.model.User;
import com.liferay.portal.kernel.security.auth.CompanyThreadLocal;
import com.liferay.portal.kernel.service.CompanyLocalService;
import com.liferay.portal.kernel.service.UserLocalService;
import com.liferay.portal.kernel.servlet.BaseFilter;
import com.liferay.portal.kernel.servlet.TryFilter;
import com.liferay.portal.kernel.util.HashMapBuilder;
import com.liferay.portal.kernel.util.HashMapDictionary;
import com.liferay.portal.kernel.util.Portal;
import com.liferay.portal.kernel.util.PrefsPropsUtil;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.kernel.uuid.PortalUUID;
import com.liferay.portal.security.audit.wiring.internal.configuration.AuditLogContextConfiguration;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.osgi.framework.BundleContext;
import org.osgi.framework.ServiceRegistration;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Reference;

@Component(configurationPid = {"com.liferay.portal.security.audit.wiring.internal.configuration.AuditLogContextConfiguration"}, enabled = false, property = {"after-filter=Session Max Allowed Filter", "servlet-context-name=", "servlet-filter-name=Audit Filter", "url-pattern=/*", "url-regex-ignore-pattern=^/html/.+\\.(css|gif|html|ico|jpg|js|png)(\\?.*)?$"}, service = {Filter.class})
/* loaded from: input_file:com/liferay/portal/security/audit/wiring/internal/servlet/filter/AuditFilter.class */
public class AuditFilter extends BaseFilter implements TryFilter {
    private static final Log _log = LogFactoryUtil.getLog(AuditFilter.class);
    private AuditLogContext _auditLogContext;
    private AuditLogContextConfiguration _auditLogContextConfiguration;

    @Reference
    private CompanyLocalService _companyLocalService;

    @Reference
    private Portal _portal;

    @Reference
    private PortalUUID _portalUUID;
    private ServiceRegistration<LogContext> _serviceRegistration;

    @Reference
    private UserLocalService _userLocalService;

    /* loaded from: input_file:com/liferay/portal/security/audit/wiring/internal/servlet/filter/AuditFilter$AuditLogContext.class */
    private class AuditLogContext implements LogContext {
        private final ThreadLocal<Map<String, String>> _contexts = new CentralizedThreadLocal(AuditLogContext.class + "._contexts", HashMap::new);

        public AuditLogContext() {
        }

        public Map<String, String> getContext() {
            return this._contexts.get();
        }

        public String getName() {
            return AuditLogContext.class.getSimpleName();
        }

        public void setContext(String str, long j, String str2, String str3, Long l, String str4, String str5) {
            this._contexts.set(HashMapBuilder.put("clientIP", str).put("companyId", String.valueOf(j)).put("serverName", str2).put("userEmailAddress", str3).put("userId", l != null ? String.valueOf(l) : "").put("userLogin", str4).put("virtualHostName", () -> {
                Company fetchCompany;
                return (j < 0 || (fetchCompany = AuditFilter.this._companyLocalService.fetchCompany(j)) == null) ? "" : fetchCompany.getVirtualHostname();
            }).put("xRequestId", str5).build());
        }
    }

    public Object doFilterTry(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        AuditRequestThreadLocal auditThreadLocal = AuditRequestThreadLocal.getAuditThreadLocal();
        auditThreadLocal.setClientHost(httpServletRequest.getRemoteHost());
        String remoteAddr = httpServletRequest.getRemoteAddr();
        auditThreadLocal.setClientIP(remoteAddr);
        auditThreadLocal.setQueryString(httpServletRequest.getQueryString());
        String str = "";
        HttpSession session = httpServletRequest.getSession();
        Long l = (Long) session.getAttribute("USER_ID");
        String str2 = "";
        if (l != null) {
            SafeCloseable withSafeCloseable = CompanyThreadLocal.setWithSafeCloseable(Long.valueOf(this._portal.getCompanyId(httpServletRequest)));
            Throwable th = null;
            try {
                try {
                    User fetchUser = this._userLocalService.fetchUser(l.longValue());
                    if (fetchUser != null) {
                        str = fetchUser.getEmailAddress();
                        auditThreadLocal.setRealUserEmailAddress(str);
                        auditThreadLocal.setRealUserId(l.longValue());
                        str2 = _getUserLogin(fetchUser);
                        auditThreadLocal.setRealUserLogin(str2);
                    }
                    if (withSafeCloseable != null) {
                        if (0 != 0) {
                            try {
                                withSafeCloseable.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            withSafeCloseable.close();
                        }
                    }
                } finally {
                }
            } catch (Throwable th3) {
                if (withSafeCloseable != null) {
                    if (th != null) {
                        try {
                            withSafeCloseable.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        withSafeCloseable.close();
                    }
                }
                throw th3;
            }
        }
        auditThreadLocal.setRequestURL(httpServletRequest.getRequestURL().toString());
        auditThreadLocal.setServerName(httpServletRequest.getServerName());
        auditThreadLocal.setServerPort(httpServletRequest.getServerPort());
        auditThreadLocal.setSessionID(session.getId());
        if (!this._auditLogContextConfiguration.enabled()) {
            return null;
        }
        String str3 = null;
        if (this._auditLogContextConfiguration.useIncomingXRequestId()) {
            str3 = httpServletRequest.getHeader("X-Request-Id");
        }
        if (!_isValidXRequestId(str3)) {
            str3 = this._portalUUID.generate();
        }
        httpServletResponse.setHeader("X-Request-Id", str3);
        this._auditLogContext.setContext(remoteAddr, this._portal.getCompanyId(httpServletRequest), httpServletRequest.getServerName(), str, l, str2, str3);
        return null;
    }

    @Activate
    protected void activate(BundleContext bundleContext, Map<String, Object> map) {
        this._auditLogContext = new AuditLogContext();
        this._serviceRegistration = bundleContext.registerService(LogContext.class, this._auditLogContext, new HashMapDictionary());
        this._auditLogContextConfiguration = (AuditLogContextConfiguration) ConfigurableUtil.createConfigurable(AuditLogContextConfiguration.class, map);
    }

    @Deactivate
    protected void deactivate() {
        if (this._serviceRegistration != null) {
            this._serviceRegistration.unregister();
        }
    }

    protected Log getLog() {
        return _log;
    }

    private String _getUserLogin(User user) {
        String string = PrefsPropsUtil.getString(user.getCompanyId(), "company.security.auth.type", "");
        return string.equals("emailAddress") ? user.getEmailAddress() : string.equals("userId") ? String.valueOf(user.getUserId()) : string.equals("screenName") ? user.getScreenName() : "";
    }

    private boolean _isValidXRequestId(String str) {
        if (Validator.isBlank(str)) {
            if (!_log.isDebugEnabled()) {
                return false;
            }
            _log.debug("Incoming X-Request-Id is empty");
            return false;
        }
        if (str.length() < 20 || str.length() > 200) {
            if (!_log.isDebugEnabled()) {
                return false;
            }
            _log.debug("Incoming X-Request-Id has an invalid length: " + str.length());
            return false;
        }
        for (int i = 0; i < str.length(); i++) {
            if (str.charAt(i) < ' ' || str.charAt(i) > '~') {
                if (!_log.isDebugEnabled()) {
                    return false;
                }
                _log.debug("Incoming X-Request-Id contains invalid characters");
                return false;
            }
        }
        return true;
    }
}
