package org.opends.server.loggers;

import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.BufferedInputStream;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.SortedSet;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.regex.Pattern;
import org.forgerock.audit.AuditException;
import org.forgerock.audit.AuditService;
import org.forgerock.audit.AuditServiceBuilder;
import org.forgerock.audit.AuditServiceConfiguration;
import org.forgerock.audit.AuditServiceProxy;
import org.forgerock.audit.DependencyProvider;
import org.forgerock.audit.events.EventTopicsMetaDataBuilder;
import org.forgerock.audit.events.handlers.FileBasedEventHandlerConfiguration;
import org.forgerock.audit.filter.FilterPolicy;
import org.forgerock.audit.handlers.csv.CsvAuditEventHandler;
import org.forgerock.audit.handlers.csv.CsvAuditEventHandlerConfiguration;
import org.forgerock.audit.handlers.json.JsonAuditEventHandler;
import org.forgerock.audit.handlers.json.JsonAuditEventHandlerConfiguration;
import org.forgerock.audit.json.AuditJsonConfig;
import org.forgerock.i18n.slf4j.LocalizedLogger;
import org.forgerock.json.JsonValue;
import org.forgerock.json.resource.PatchOperation;
import org.forgerock.json.resource.RequestHandler;
import org.forgerock.opendj.config.ConfigurationFramework;
import org.forgerock.opendj.config.server.ConfigException;
import org.forgerock.opendj.ldap.DN;
import org.forgerock.opendj.server.config.server.CsvFileAccessLogPublisherCfg;
import org.forgerock.opendj.server.config.server.CsvFileHTTPAccessLogPublisherCfg;
import org.forgerock.opendj.server.config.server.ExternalAccessLogPublisherCfg;
import org.forgerock.opendj.server.config.server.ExternalHTTPAccessLogPublisherCfg;
import org.forgerock.opendj.server.config.server.FileCountLogRetentionPolicyCfg;
import org.forgerock.opendj.server.config.server.FixedTimeLogRotationPolicyCfg;
import org.forgerock.opendj.server.config.server.FreeDiskSpaceLogRetentionPolicyCfg;
import org.forgerock.opendj.server.config.server.JsonFileAccessLogPublisherCfg;
import org.forgerock.opendj.server.config.server.JsonFileHTTPAccessLogPublisherCfg;
import org.forgerock.opendj.server.config.server.LogPublisherCfg;
import org.forgerock.opendj.server.config.server.LogRetentionPolicyCfg;
import org.forgerock.opendj.server.config.server.LogRotationPolicyCfg;
import org.forgerock.opendj.server.config.server.SizeLimitLogRetentionPolicyCfg;
import org.forgerock.opendj.server.config.server.SizeLimitLogRotationPolicyCfg;
import org.forgerock.opendj.server.config.server.TimeLimitLogRotationPolicyCfg;
import org.opends.messages.LoggerMessages;
import org.opends.server.core.ServerContext;
import org.opends.server.util.ServerConstants;
import org.opends.server.util.StaticUtils;

/* JADX WARN: Classes with same name are omitted:
  input_file:embedded-opendj/opendj.zip:opendj/lib/opendj.jar:org/opends/server/loggers/CommonAudit.class
 */
/* loaded from: input_file:embedded-opendj/opendj.zip:opendj/lib/org.openidentityplatform.opendj.opendj-server-legacy.jar:org/opends/server/loggers/CommonAudit.class */
public class CommonAudit {
    public static final String DEFAULT_TRANSACTION_ID = "0";
    private static final LocalizedLogger logger = LocalizedLogger.getLoggerForThisClass();
    private static final String AUDIT_SERVICE_JSON_CONFIGURATION_FILE = "audit-config.json";
    private final ServerContext serverContext;
    private final Map<String, AuditServiceProxy> auditServiceCache = new ConcurrentHashMap(10);
    private final Map<String, PublisherConfig> httpAccessPublishers = new ConcurrentHashMap(5);
    private final Map<String, PublisherConfig> accessPublishers = new ConcurrentHashMap(5);
    private final AtomicBoolean trustTransactionIds = new AtomicBoolean(false);
    private final ConfigurationFramework configurationFramework = ConfigurationFramework.getInstance();
    private final DependencyProvider dependencyProvider = new CommonAuditDependencyProvider();
    private final AuditServiceProxy httpAccessAuditService = createAuditServiceWithoutHandlers();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:embedded-opendj/opendj.zip:opendj/lib/opendj.jar:org/opends/server/loggers/CommonAudit$AuditServiceSetup.class
     */
    /* loaded from: input_file:embedded-opendj/opendj.zip:opendj/lib/org.openidentityplatform.opendj.opendj-server-legacy.jar:org/opends/server/loggers/CommonAudit$AuditServiceSetup.class */
    public static abstract class AuditServiceSetup {
        private final AuditServiceProxy existingAuditServiceProxy;
        private final List<String> names;

        AuditServiceSetup() {
            this.names = new ArrayList();
            this.existingAuditServiceProxy = null;
        }

        AuditServiceSetup(AuditServiceProxy auditServiceProxy) {
            this.names = new ArrayList();
            this.existingAuditServiceProxy = auditServiceProxy;
        }

        abstract void addHandlers(AuditServiceBuilder auditServiceBuilder) throws ConfigException;

        void registerHandlerName(String str) {
            this.names.add(str);
        }

        List<String> getHandlerNames() {
            return this.names;
        }

        boolean mustCreateAuditServiceProxy() {
            return this.existingAuditServiceProxy == null;
        }

        AuditServiceProxy getExistingAuditServiceProxy() {
            return this.existingAuditServiceProxy;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:embedded-opendj/opendj.zip:opendj/lib/opendj.jar:org/opends/server/loggers/CommonAudit$AuditType.class
     */
    /* loaded from: input_file:embedded-opendj/opendj.zip:opendj/lib/org.openidentityplatform.opendj.opendj-server-legacy.jar:org/opends/server/loggers/CommonAudit$AuditType.class */
    public enum AuditType {
        CSV,
        JSON,
        EXTERNAL
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:embedded-opendj/opendj.zip:opendj/lib/opendj.jar:org/opends/server/loggers/CommonAudit$CsvConfigData.class
     */
    /* loaded from: input_file:embedded-opendj/opendj.zip:opendj/lib/org.openidentityplatform.opendj.opendj-server-legacy.jar:org/opends/server/loggers/CommonAudit$CsvConfigData.class */
    public static class CsvConfigData extends HandlerConfigData {
        private final String eolSymbols;
        private final String delimiterChar;
        private final String quoteChar;
        private final boolean asynchronous;
        private final boolean autoFlush;
        private final boolean tamperEvident;
        private final long signatureTimeInterval;
        private final String keystoreFile;
        private final String keystorePinFile;

        CsvConfigData(String str, String str2, String str3, String str4, boolean z, boolean z2, boolean z3, long j, String str5, String str6, SortedSet<String> sortedSet, SortedSet<String> sortedSet2) {
            super(str, sortedSet, sortedSet2);
            this.quoteChar = str2;
            this.delimiterChar = str3;
            this.eolSymbols = str4;
            this.asynchronous = z;
            this.autoFlush = z2;
            this.tamperEvident = z3;
            this.signatureTimeInterval = j;
            this.keystoreFile = str5;
            this.keystorePinFile = str6;
        }

        String getEndOfLineSymbols() {
            return this.eolSymbols;
        }

        char getDelimiterChar() throws ConfigException {
            String replaceAll = this.delimiterChar.replaceAll(Pattern.quote("\\"), JsonProperty.USE_DEFAULT_NAME);
            if (replaceAll.length() != 1) {
                throw new ConfigException(LoggerMessages.ERR_COMMON_AUDIT_CSV_HANDLER_DELIMITER_CHAR.get(JsonProperty.USE_DEFAULT_NAME, replaceAll));
            }
            return replaceAll.charAt(0);
        }

        public char getQuoteChar() throws ConfigException {
            String replaceAll = this.quoteChar.replaceAll(Pattern.quote("\\"), JsonProperty.USE_DEFAULT_NAME);
            if (replaceAll.length() != 1) {
                throw new ConfigException(LoggerMessages.ERR_COMMON_AUDIT_CSV_HANDLER_QUOTE_CHAR.get(JsonProperty.USE_DEFAULT_NAME, replaceAll));
            }
            return replaceAll.charAt(0);
        }

        boolean isAsynchronous() {
            return this.asynchronous;
        }

        boolean isAutoFlush() {
            return this.autoFlush;
        }

        boolean isTamperEvident() {
            return this.tamperEvident;
        }

        long getSignatureTimeInterval() {
            return this.signatureTimeInterval;
        }

        String getKeystoreFile() {
            return this.keystoreFile;
        }

        String getKeystorePinFile() {
            return this.keystorePinFile;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:embedded-opendj/opendj.zip:opendj/lib/opendj.jar:org/opends/server/loggers/CommonAudit$ExternalConfigData.class
     */
    /* loaded from: input_file:embedded-opendj/opendj.zip:opendj/lib/org.openidentityplatform.opendj.opendj-server-legacy.jar:org/opends/server/loggers/CommonAudit$ExternalConfigData.class */
    public static class ExternalConfigData {
        private final String configurationFile;

        ExternalConfigData(String str) {
            this.configurationFile = str;
        }

        String getConfigurationFile() {
            return this.configurationFile;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:embedded-opendj/opendj.zip:opendj/lib/opendj.jar:org/opends/server/loggers/CommonAudit$HandlerConfigData.class
     */
    /* loaded from: input_file:embedded-opendj/opendj.zip:opendj/lib/org.openidentityplatform.opendj.opendj-server-legacy.jar:org/opends/server/loggers/CommonAudit$HandlerConfigData.class */
    public static abstract class HandlerConfigData {
        private final String logDirectory;
        private final SortedSet<String> rotationPolicies;
        private final SortedSet<String> retentionPolicies;

        HandlerConfigData(String str, SortedSet<String> sortedSet, SortedSet<String> sortedSet2) {
            this.logDirectory = str;
            this.rotationPolicies = sortedSet;
            this.retentionPolicies = sortedSet2;
        }

        String getLogDirectory() {
            return this.logDirectory;
        }

        SortedSet<String> getRotationPolicies() {
            return this.rotationPolicies;
        }

        SortedSet<String> getRetentionPolicies() {
            return this.retentionPolicies;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:embedded-opendj/opendj.zip:opendj/lib/opendj.jar:org/opends/server/loggers/CommonAudit$JsonConfigData.class
     */
    /* loaded from: input_file:embedded-opendj/opendj.zip:opendj/lib/org.openidentityplatform.opendj.opendj-server-legacy.jar:org/opends/server/loggers/CommonAudit$JsonConfigData.class */
    public static class JsonConfigData extends HandlerConfigData {
        JsonConfigData(String str, SortedSet<String> sortedSet, SortedSet<String> sortedSet2) {
            super(str, sortedSet, sortedSet2);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:embedded-opendj/opendj.zip:opendj/lib/opendj.jar:org/opends/server/loggers/CommonAudit$LogType.class
     */
    /* loaded from: input_file:embedded-opendj/opendj.zip:opendj/lib/org.openidentityplatform.opendj.opendj-server-legacy.jar:org/opends/server/loggers/CommonAudit$LogType.class */
    public enum LogType {
        UNCONFIGURED { // from class: org.opends.server.loggers.CommonAudit.LogType.1
            @Override // org.opends.server.loggers.CommonAudit.LogType
            String getCommonAuditTopic(LogPublisherCfg logPublisherCfg) throws ConfigException {
                throw new ConfigException(LoggerMessages.ERR_COMMON_AUDIT_UNSUPPORTED_LOG_PUBLISHER.get(logPublisherCfg.dn()));
            }

            @Override // org.opends.server.loggers.CommonAudit.LogType
            ExternalConfigData getExternalConfig(LogPublisherCfg logPublisherCfg) throws ConfigException {
                throw new ConfigException(LoggerMessages.ERR_COMMON_AUDIT_UNSUPPORTED_LOG_PUBLISHER.get(logPublisherCfg.dn()));
            }

            @Override // org.opends.server.loggers.CommonAudit.LogType
            CsvConfigData getCsvConfig(LogPublisherCfg logPublisherCfg) throws ConfigException {
                throw new ConfigException(LoggerMessages.ERR_COMMON_AUDIT_UNSUPPORTED_LOG_PUBLISHER.get(logPublisherCfg.dn()));
            }

            @Override // org.opends.server.loggers.CommonAudit.LogType
            JsonConfigData getJsonConfig(LogPublisherCfg logPublisherCfg) throws ConfigException {
                throw new ConfigException(LoggerMessages.ERR_COMMON_AUDIT_UNSUPPORTED_LOG_PUBLISHER.get(logPublisherCfg.dn()));
            }

            @Override // org.opends.server.loggers.CommonAudit.LogType
            boolean isHttp() {
                return false;
            }
        },
        HTTPLOG { // from class: org.opends.server.loggers.CommonAudit.LogType.2
            @Override // org.opends.server.loggers.CommonAudit.LogType
            public String getCommonAuditTopic(LogPublisherCfg logPublisherCfg) {
                return "http-access";
            }

            @Override // org.opends.server.loggers.CommonAudit.LogType
            public ExternalConfigData getExternalConfig(LogPublisherCfg logPublisherCfg) throws ConfigException {
                return new ExternalConfigData(((ExternalHTTPAccessLogPublisherCfg) logPublisherCfg).getConfigFile());
            }

            @Override // org.opends.server.loggers.CommonAudit.LogType
            public CsvConfigData getCsvConfig(LogPublisherCfg logPublisherCfg) throws ConfigException {
                CsvFileHTTPAccessLogPublisherCfg csvFileHTTPAccessLogPublisherCfg = (CsvFileHTTPAccessLogPublisherCfg) logPublisherCfg;
                return new CsvConfigData(csvFileHTTPAccessLogPublisherCfg.getLogDirectory(), csvFileHTTPAccessLogPublisherCfg.getCsvQuoteChar(), csvFileHTTPAccessLogPublisherCfg.getCsvDelimiterChar(), csvFileHTTPAccessLogPublisherCfg.getCsvEolSymbols(), csvFileHTTPAccessLogPublisherCfg.isAsynchronous(), csvFileHTTPAccessLogPublisherCfg.isAutoFlush(), csvFileHTTPAccessLogPublisherCfg.isTamperEvident(), csvFileHTTPAccessLogPublisherCfg.getSignatureTimeInterval(), csvFileHTTPAccessLogPublisherCfg.getKeyStoreFile(), csvFileHTTPAccessLogPublisherCfg.getKeyStorePinFile(), csvFileHTTPAccessLogPublisherCfg.getRotationPolicy(), csvFileHTTPAccessLogPublisherCfg.getRetentionPolicy());
            }

            @Override // org.opends.server.loggers.CommonAudit.LogType
            public JsonConfigData getJsonConfig(LogPublisherCfg logPublisherCfg) throws ConfigException {
                JsonFileHTTPAccessLogPublisherCfg jsonFileHTTPAccessLogPublisherCfg = (JsonFileHTTPAccessLogPublisherCfg) logPublisherCfg;
                return new JsonConfigData(jsonFileHTTPAccessLogPublisherCfg.getLogDirectory(), jsonFileHTTPAccessLogPublisherCfg.getRotationPolicy(), jsonFileHTTPAccessLogPublisherCfg.getRetentionPolicy());
            }

            @Override // org.opends.server.loggers.CommonAudit.LogType
            public boolean isHttp() {
                return true;
            }
        },
        ACCESSLOG { // from class: org.opends.server.loggers.CommonAudit.LogType.3
            @Override // org.opends.server.loggers.CommonAudit.LogType
            public String getCommonAuditTopic(LogPublisherCfg logPublisherCfg) {
                return "ldap-access";
            }

            @Override // org.opends.server.loggers.CommonAudit.LogType
            public ExternalConfigData getExternalConfig(LogPublisherCfg logPublisherCfg) throws ConfigException {
                return new ExternalConfigData(((ExternalAccessLogPublisherCfg) logPublisherCfg).getConfigFile());
            }

            @Override // org.opends.server.loggers.CommonAudit.LogType
            public CsvConfigData getCsvConfig(LogPublisherCfg logPublisherCfg) throws ConfigException {
                CsvFileAccessLogPublisherCfg csvFileAccessLogPublisherCfg = (CsvFileAccessLogPublisherCfg) logPublisherCfg;
                return new CsvConfigData(csvFileAccessLogPublisherCfg.getLogDirectory(), csvFileAccessLogPublisherCfg.getCsvQuoteChar(), csvFileAccessLogPublisherCfg.getCsvDelimiterChar(), csvFileAccessLogPublisherCfg.getCsvEolSymbols(), csvFileAccessLogPublisherCfg.isAsynchronous(), csvFileAccessLogPublisherCfg.isAutoFlush(), csvFileAccessLogPublisherCfg.isTamperEvident(), csvFileAccessLogPublisherCfg.getSignatureTimeInterval(), csvFileAccessLogPublisherCfg.getKeyStoreFile(), csvFileAccessLogPublisherCfg.getKeyStorePinFile(), csvFileAccessLogPublisherCfg.getRotationPolicy(), csvFileAccessLogPublisherCfg.getRetentionPolicy());
            }

            @Override // org.opends.server.loggers.CommonAudit.LogType
            public JsonConfigData getJsonConfig(LogPublisherCfg logPublisherCfg) throws ConfigException {
                JsonFileAccessLogPublisherCfg jsonFileAccessLogPublisherCfg = (JsonFileAccessLogPublisherCfg) logPublisherCfg;
                return new JsonConfigData(jsonFileAccessLogPublisherCfg.getLogDirectory(), jsonFileAccessLogPublisherCfg.getRotationPolicy(), jsonFileAccessLogPublisherCfg.getRetentionPolicy());
            }

            @Override // org.opends.server.loggers.CommonAudit.LogType
            public boolean isHttp() {
                return false;
            }
        };

        abstract String getCommonAuditTopic(LogPublisherCfg logPublisherCfg) throws ConfigException;

        abstract ExternalConfigData getExternalConfig(LogPublisherCfg logPublisherCfg) throws ConfigException;

        abstract CsvConfigData getCsvConfig(LogPublisherCfg logPublisherCfg) throws ConfigException;

        abstract JsonConfigData getJsonConfig(LogPublisherCfg logPublisherCfg) throws ConfigException;

        abstract boolean isHttp();
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:embedded-opendj/opendj.zip:opendj/lib/opendj.jar:org/opends/server/loggers/CommonAudit$PublisherConfig.class
     */
    /* loaded from: input_file:embedded-opendj/opendj.zip:opendj/lib/org.openidentityplatform.opendj.opendj-server-legacy.jar:org/opends/server/loggers/CommonAudit$PublisherConfig.class */
    public static class PublisherConfig {
        private final LogPublisherCfg config;
        private final boolean isCommonAudit;
        private LogType logType;
        private AuditType auditType;

        PublisherConfig(ServerContext serverContext, LogPublisherCfg logPublisherCfg) throws ConfigException {
            this.logType = LogType.UNCONFIGURED;
            this.config = logPublisherCfg;
            if (logPublisherCfg instanceof JsonFileAccessLogPublisherCfg) {
                this.auditType = AuditType.JSON;
                this.logType = LogType.ACCESSLOG;
            } else if (logPublisherCfg instanceof JsonFileHTTPAccessLogPublisherCfg) {
                this.auditType = AuditType.JSON;
                this.logType = LogType.HTTPLOG;
            }
            if (logPublisherCfg instanceof CsvFileAccessLogPublisherCfg) {
                this.auditType = AuditType.CSV;
                this.logType = LogType.ACCESSLOG;
            } else if (logPublisherCfg instanceof CsvFileHTTPAccessLogPublisherCfg) {
                this.auditType = AuditType.CSV;
                this.logType = LogType.HTTPLOG;
            }
            if (logPublisherCfg instanceof ExternalAccessLogPublisherCfg) {
                this.auditType = AuditType.EXTERNAL;
                this.logType = LogType.ACCESSLOG;
            } else if (logPublisherCfg instanceof ExternalHTTPAccessLogPublisherCfg) {
                this.auditType = AuditType.EXTERNAL;
                this.logType = LogType.HTTPLOG;
            }
            this.isCommonAudit = this.auditType != null;
        }

        DN getDn() {
            return this.config.dn();
        }

        String getName() {
            return this.config.name();
        }

        String getCommonAuditTopic() throws ConfigException {
            return this.logType.getCommonAuditTopic(this.config);
        }

        CsvConfigData getCsvConfig() throws ConfigException {
            return this.logType.getCsvConfig(this.config);
        }

        JsonConfigData getJsonConfig() throws ConfigException {
            return this.logType.getJsonConfig(this.config);
        }

        ExternalConfigData getExternalConfig() throws ConfigException {
            return this.logType.getExternalConfig(this.config);
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj instanceof PublisherConfig) {
                return this.config.dn().equals(((PublisherConfig) obj).config.dn());
            }
            return false;
        }

        public int hashCode() {
            return this.config.dn().hashCode();
        }
    }

    public CommonAudit(ServerContext serverContext) throws ConfigException {
        this.serverContext = serverContext;
    }

    public boolean shouldTrustTransactionIds() {
        return this.trustTransactionIds.get();
    }

    public void setTrustTransactionIds(boolean z) {
        this.trustTransactionIds.set(z);
    }

    private AuditServiceProxy createAuditServiceWithoutHandlers() throws ConfigException {
        try {
            return buildAuditService(new AuditServiceSetup() { // from class: org.opends.server.loggers.CommonAudit.1
                @Override // org.opends.server.loggers.CommonAudit.AuditServiceSetup
                public void addHandlers(AuditServiceBuilder auditServiceBuilder) {
                }
            });
        } catch (IOException | AuditException | ConfigException e) {
            throw new ConfigException(LoggerMessages.ERR_COMMON_AUDIT_CREATE.get(e), e);
        }
    }

    public RequestHandler getRequestHandler(LogPublisherCfg logPublisherCfg) throws ConfigException {
        return new PublisherConfig(this.serverContext, logPublisherCfg).logType.isHttp() ? this.httpAccessAuditService : this.auditServiceCache.get(getConfigNormalizedName(logPublisherCfg));
    }

    public void addOrUpdatePublisher(LogPublisherCfg logPublisherCfg) throws ConfigException {
        if (logPublisherCfg.isEnabled()) {
            logger.trace(String.format("Setting up common audit for configuration entry: %s", logPublisherCfg.dn()));
            try {
                final PublisherConfig publisherConfig = new PublisherConfig(this.serverContext, logPublisherCfg);
                String configNormalizedName = getConfigNormalizedName(logPublisherCfg);
                if (publisherConfig.logType.isHttp()) {
                    this.httpAccessPublishers.put(configNormalizedName, publisherConfig);
                    buildAuditService(httpAccessAuditServiceSetup());
                } else {
                    this.auditServiceCache.put(configNormalizedName, buildAuditService(new AuditServiceSetup(this.auditServiceCache.get(configNormalizedName)) { // from class: org.opends.server.loggers.CommonAudit.2
                        @Override // org.opends.server.loggers.CommonAudit.AuditServiceSetup
                        public void addHandlers(AuditServiceBuilder auditServiceBuilder) throws ConfigException {
                            registerHandlerName(publisherConfig.getName());
                            CommonAudit.this.addHandlerToBuilder(publisherConfig, auditServiceBuilder);
                        }
                    }));
                    this.accessPublishers.put(configNormalizedName, publisherConfig);
                }
            } catch (Exception e) {
                throw new ConfigException(LoggerMessages.ERR_COMMON_AUDIT_ADD_OR_UPDATE_LOG_PUBLISHER.get(logPublisherCfg.dn(), e), e);
            }
        }
    }

    public void removePublisher(LogPublisherCfg logPublisherCfg) throws ConfigException {
        logger.trace(String.format("Shutting down common audit for configuration entry:", logPublisherCfg.dn()));
        String configNormalizedName = getConfigNormalizedName(logPublisherCfg);
        try {
            if (this.httpAccessPublishers.containsKey(configNormalizedName)) {
                this.httpAccessPublishers.remove(configNormalizedName);
                buildAuditService(httpAccessAuditServiceSetup());
            } else if (this.accessPublishers.containsKey(configNormalizedName)) {
                this.accessPublishers.remove(configNormalizedName);
                AuditServiceProxy remove = this.auditServiceCache.remove(configNormalizedName);
                if (remove != null) {
                    remove.shutdown();
                }
            }
        } catch (Exception e) {
            throw new ConfigException(LoggerMessages.ERR_COMMON_AUDIT_REMOVE_LOG_PUBLISHER.get(logPublisherCfg.dn(), e), e);
        }
    }

    public void shutdown() {
        this.httpAccessAuditService.shutdown();
        Iterator<AuditServiceProxy> it = this.auditServiceCache.values().iterator();
        while (it.hasNext()) {
            it.next().shutdown();
        }
    }

    private AuditServiceSetup httpAccessAuditServiceSetup() {
        return new AuditServiceSetup(this.httpAccessAuditService) { // from class: org.opends.server.loggers.CommonAudit.3
            @Override // org.opends.server.loggers.CommonAudit.AuditServiceSetup
            public void addHandlers(AuditServiceBuilder auditServiceBuilder) throws ConfigException {
                for (PublisherConfig publisherConfig : CommonAudit.this.httpAccessPublishers.values()) {
                    registerHandlerName(publisherConfig.getName());
                    CommonAudit.this.addHandlerToBuilder(publisherConfig, auditServiceBuilder);
                }
            }
        };
    }

    private AuditServiceProxy buildAuditService(AuditServiceSetup auditServiceSetup) throws IOException, AuditException, ConfigException {
        AuditServiceProxy existingAuditServiceProxy;
        InputStream resourceAsStream = getClass().getResourceAsStream(AUDIT_SERVICE_JSON_CONFIGURATION_FILE);
        Throwable th = null;
        try {
            try {
                JsonValue json = AuditJsonConfig.getJson(resourceAsStream);
                if (resourceAsStream != null) {
                    if (0 != 0) {
                        try {
                            resourceAsStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        resourceAsStream.close();
                    }
                }
                AuditServiceBuilder withDependencyProvider = AuditServiceBuilder.newAuditService().withEventTopicsMetaData(EventTopicsMetaDataBuilder.coreTopicSchemas().withCoreTopicSchemaExtensions(json.get(ServerConstants.ERROR_CATEGORY_EXTENSIONS)).withAdditionalTopicSchemas(json.get("additionalTopics")).build()).withDependencyProvider(this.dependencyProvider);
                auditServiceSetup.addHandlers(withDependencyProvider);
                AuditServiceConfiguration auditServiceConfiguration = new AuditServiceConfiguration();
                auditServiceConfiguration.setAvailableAuditEventHandlers(auditServiceSetup.getHandlerNames());
                auditServiceConfiguration.setFilterPolicies(getFilterPoliciesToPreventHttpHeadersLogging());
                withDependencyProvider.withConfiguration(auditServiceConfiguration);
                AuditService build = withDependencyProvider.build();
                if (auditServiceSetup.mustCreateAuditServiceProxy()) {
                    existingAuditServiceProxy = new AuditServiceProxy(build);
                    logger.trace("Starting up new common audit service");
                    existingAuditServiceProxy.startup();
                } else {
                    existingAuditServiceProxy = auditServiceSetup.getExistingAuditServiceProxy();
                    existingAuditServiceProxy.setDelegate(build);
                    logger.trace("Starting up existing updated common audit service");
                }
                return existingAuditServiceProxy;
            } finally {
            }
        } catch (Throwable th3) {
            if (resourceAsStream != null) {
                if (th != null) {
                    try {
                        resourceAsStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    resourceAsStream.close();
                }
            }
            throw th3;
        }
    }

    private Map<String, FilterPolicy> getFilterPoliciesToPreventHttpHeadersLogging() {
        HashMap hashMap = new HashMap();
        FilterPolicy filterPolicy = new FilterPolicy();
        filterPolicy.setExcludeIf(Arrays.asList("/http-access/http/request/headers"));
        hashMap.put(PatchOperation.FIELD_FIELD, filterPolicy);
        return hashMap;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void addHandlerToBuilder(PublisherConfig publisherConfig, AuditServiceBuilder auditServiceBuilder) throws ConfigException {
        switch (publisherConfig.auditType) {
            case CSV:
                addCsvHandler(publisherConfig, auditServiceBuilder);
                return;
            case JSON:
                addJsonHandler(publisherConfig, auditServiceBuilder);
                return;
            case EXTERNAL:
                addExternalHandler(publisherConfig, auditServiceBuilder);
                return;
            default:
                throw new ConfigException(LoggerMessages.ERR_COMMON_AUDIT_UNSUPPORTED_HANDLER_TYPE.get(publisherConfig.getDn()));
        }
    }

    private void addExternalHandler(PublisherConfig publisherConfig, AuditServiceBuilder auditServiceBuilder) throws ConfigException {
        File fileForPath = StaticUtils.getFileForPath(publisherConfig.getExternalConfig().getConfigurationFile());
        try {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(fileForPath));
            Throwable th = null;
            try {
                try {
                    AuditJsonConfig.registerHandlerToService(AuditJsonConfig.getJson(bufferedInputStream), auditServiceBuilder, this.configurationFramework.getClassLoader());
                    if (bufferedInputStream != null) {
                        if (0 != 0) {
                            try {
                                bufferedInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            bufferedInputStream.close();
                        }
                    }
                } finally {
                }
            } catch (Throwable th3) {
                if (bufferedInputStream != null) {
                    if (th != null) {
                        try {
                            bufferedInputStream.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        bufferedInputStream.close();
                    }
                }
                throw th3;
            }
        } catch (IOException e) {
            throw new ConfigException(LoggerMessages.ERR_COMMON_AUDIT_EXTERNAL_HANDLER_JSON_FILE.get(fileForPath, publisherConfig.getDn(), e), e);
        } catch (Exception e2) {
            throw new ConfigException(LoggerMessages.ERR_COMMON_AUDIT_EXTERNAL_HANDLER_CREATION.get(publisherConfig.getDn(), e2), e2);
        }
    }

    private void addCsvHandler(PublisherConfig publisherConfig, AuditServiceBuilder auditServiceBuilder) throws ConfigException {
        try {
            CsvConfigData csvConfig = publisherConfig.getCsvConfig();
            CsvAuditEventHandlerConfiguration csvAuditEventHandlerConfiguration = new CsvAuditEventHandlerConfiguration();
            csvAuditEventHandlerConfiguration.setLogDirectory(StaticUtils.getFileForPath(csvConfig.getLogDirectory()).getAbsolutePath());
            csvAuditEventHandlerConfiguration.setName(publisherConfig.getName());
            csvAuditEventHandlerConfiguration.setTopics(Collections.singleton(publisherConfig.getCommonAuditTopic()));
            addCsvHandlerFormattingConfig(csvConfig, csvAuditEventHandlerConfiguration);
            addCsvHandlerBufferingConfig(csvConfig, csvAuditEventHandlerConfiguration);
            addCsvHandlerSecureConfig(publisherConfig, csvConfig, csvAuditEventHandlerConfiguration);
            addHandlerRotationConfig(publisherConfig, csvConfig, csvAuditEventHandlerConfiguration);
            addHandlerRetentionConfig(publisherConfig, csvConfig, csvAuditEventHandlerConfiguration);
            auditServiceBuilder.withAuditEventHandler(CsvAuditEventHandler.class, csvAuditEventHandlerConfiguration);
        } catch (Exception e) {
            throw new ConfigException(LoggerMessages.ERR_COMMON_AUDIT_FILE_BASED_HANDLER_CREATION.get(publisherConfig.getDn(), e), e);
        }
    }

    private void addCsvHandlerFormattingConfig(CsvConfigData csvConfigData, CsvAuditEventHandlerConfiguration csvAuditEventHandlerConfiguration) throws ConfigException {
        CsvAuditEventHandlerConfiguration.CsvFormatting csvFormatting = new CsvAuditEventHandlerConfiguration.CsvFormatting();
        csvFormatting.setQuoteChar(csvConfigData.getQuoteChar());
        csvFormatting.setDelimiterChar(csvConfigData.getDelimiterChar());
        String endOfLineSymbols = csvConfigData.getEndOfLineSymbols();
        if (endOfLineSymbols != null && !endOfLineSymbols.isEmpty()) {
            csvFormatting.setEndOfLineSymbols(endOfLineSymbols);
        }
        csvAuditEventHandlerConfiguration.setFormatting(csvFormatting);
    }

    private void addCsvHandlerBufferingConfig(CsvConfigData csvConfigData, CsvAuditEventHandlerConfiguration csvAuditEventHandlerConfiguration) {
        CsvAuditEventHandlerConfiguration.EventBufferingConfiguration eventBufferingConfiguration = new CsvAuditEventHandlerConfiguration.EventBufferingConfiguration();
        eventBufferingConfiguration.setEnabled(csvConfigData.isAsynchronous());
        eventBufferingConfiguration.setAutoFlush(csvConfigData.isAutoFlush());
        csvAuditEventHandlerConfiguration.setBufferingConfiguration(eventBufferingConfiguration);
    }

    private void addCsvHandlerSecureConfig(PublisherConfig publisherConfig, CsvConfigData csvConfigData, CsvAuditEventHandlerConfiguration csvAuditEventHandlerConfiguration) {
        if (csvConfigData.isTamperEvident()) {
            CsvAuditEventHandlerConfiguration.CsvSecurity csvSecurity = new CsvAuditEventHandlerConfiguration.CsvSecurity();
            csvSecurity.setSignatureInterval(csvConfigData.getSignatureTimeInterval() + ServerConstants.TIME_UNIT_MILLISECONDS_ABBR);
            csvSecurity.setEnabled(true);
            csvSecurity.setFilename(StaticUtils.getFileForPath(csvConfigData.getKeystoreFile()).getPath());
            csvSecurity.setPassword(getSecurePassword(publisherConfig, csvConfigData));
            csvAuditEventHandlerConfiguration.setSecurity(csvSecurity);
        }
    }

    private void addJsonHandler(PublisherConfig publisherConfig, AuditServiceBuilder auditServiceBuilder) throws ConfigException {
        try {
            JsonConfigData jsonConfig = publisherConfig.getJsonConfig();
            JsonAuditEventHandlerConfiguration jsonAuditEventHandlerConfiguration = new JsonAuditEventHandlerConfiguration();
            jsonAuditEventHandlerConfiguration.setLogDirectory(StaticUtils.getFileForPath(jsonConfig.getLogDirectory()).getAbsolutePath());
            jsonAuditEventHandlerConfiguration.setName(publisherConfig.getName());
            jsonAuditEventHandlerConfiguration.setTopics(Collections.singleton(publisherConfig.getCommonAuditTopic()));
            addJsonHandlerBufferingConfig(jsonConfig, jsonAuditEventHandlerConfiguration);
            addHandlerRetentionConfig(publisherConfig, jsonConfig, jsonAuditEventHandlerConfiguration);
            addHandlerRotationConfig(publisherConfig, jsonConfig, jsonAuditEventHandlerConfiguration);
            auditServiceBuilder.withAuditEventHandler(JsonAuditEventHandler.class, jsonAuditEventHandlerConfiguration);
        } catch (Exception e) {
            throw new ConfigException(LoggerMessages.ERR_COMMON_AUDIT_FILE_BASED_HANDLER_CREATION.get(publisherConfig.getDn(), e), e);
        }
    }

    private void addJsonHandlerBufferingConfig(JsonConfigData jsonConfigData, JsonAuditEventHandlerConfiguration jsonAuditEventHandlerConfiguration) {
        new JsonAuditEventHandlerConfiguration.EventBufferingConfiguration();
    }

    private void addHandlerRotationConfig(PublisherConfig publisherConfig, HandlerConfigData handlerConfigData, FileBasedEventHandlerConfiguration fileBasedEventHandlerConfiguration) throws ConfigException {
        SortedSet<String> rotationPolicies = handlerConfigData.getRotationPolicies();
        if (rotationPolicies.isEmpty()) {
            return;
        }
        FileBasedEventHandlerConfiguration.FileRotation fileRotation = new FileBasedEventHandlerConfiguration.FileRotation();
        fileRotation.setRotationEnabled(true);
        Iterator<String> it = rotationPolicies.iterator();
        while (it.hasNext()) {
            LogRotationPolicyCfg logRotationPolicy = this.serverContext.getRootConfig().getLogRotationPolicy(it.next());
            if (logRotationPolicy instanceof FixedTimeLogRotationPolicyCfg) {
                fileRotation.setRotationTimes(convertTimesOfDay(publisherConfig, (FixedTimeLogRotationPolicyCfg) logRotationPolicy));
            } else if (logRotationPolicy instanceof SizeLimitLogRotationPolicyCfg) {
                fileRotation.setMaxFileSize(((SizeLimitLogRotationPolicyCfg) logRotationPolicy).getFileSizeLimit());
            } else {
                if (!(logRotationPolicy instanceof TimeLimitLogRotationPolicyCfg)) {
                    throw new ConfigException(LoggerMessages.ERR_COMMON_AUDIT_UNSUPPORTED_LOG_ROTATION_POLICY.get(publisherConfig.getDn(), logRotationPolicy.dn()));
                }
                fileRotation.setRotationInterval(((TimeLimitLogRotationPolicyCfg) logRotationPolicy).getRotationInterval() + " ms");
            }
        }
        fileRotation.setRotationFileSuffix(".yyyyMMddHHmmss");
        fileBasedEventHandlerConfiguration.setFileRotation(fileRotation);
    }

    private void addHandlerRetentionConfig(PublisherConfig publisherConfig, HandlerConfigData handlerConfigData, FileBasedEventHandlerConfiguration fileBasedEventHandlerConfiguration) throws ConfigException {
        SortedSet<String> retentionPolicies = handlerConfigData.getRetentionPolicies();
        if (retentionPolicies.isEmpty()) {
            return;
        }
        FileBasedEventHandlerConfiguration.FileRetention fileRetention = new FileBasedEventHandlerConfiguration.FileRetention();
        Iterator<String> it = retentionPolicies.iterator();
        while (it.hasNext()) {
            LogRetentionPolicyCfg logRetentionPolicy = this.serverContext.getRootConfig().getLogRetentionPolicy(it.next());
            if (logRetentionPolicy instanceof FileCountLogRetentionPolicyCfg) {
                fileRetention.setMaxNumberOfHistoryFiles(((FileCountLogRetentionPolicyCfg) logRetentionPolicy).getNumberOfFiles());
            } else if (logRetentionPolicy instanceof FreeDiskSpaceLogRetentionPolicyCfg) {
                fileRetention.setMinFreeSpaceRequired(((FreeDiskSpaceLogRetentionPolicyCfg) logRetentionPolicy).getFreeDiskSpace());
            } else {
                if (!(logRetentionPolicy instanceof SizeLimitLogRetentionPolicyCfg)) {
                    throw new ConfigException(LoggerMessages.ERR_COMMON_AUDIT_UNSUPPORTED_LOG_RETENTION_POLICY.get(publisherConfig.getDn(), logRetentionPolicy.dn()));
                }
                fileRetention.setMaxDiskSpaceToUse(((SizeLimitLogRetentionPolicyCfg) logRetentionPolicy).getDiskSpaceUsed());
            }
        }
        fileBasedEventHandlerConfiguration.setFileRetention(fileRetention);
    }

    private List<String> convertTimesOfDay(PublisherConfig publisherConfig, FixedTimeLogRotationPolicyCfg fixedTimeLogRotationPolicyCfg) throws ConfigException {
        SortedSet<String> timeOfDay = fixedTimeLogRotationPolicyCfg.getTimeOfDay();
        ArrayList arrayList = new ArrayList();
        for (String str : timeOfDay) {
            try {
                arrayList.add(((Integer.valueOf(str.substring(0, 2)).intValue() * 60) + Integer.valueOf(str.substring(2, 4)).intValue()) + " minutes");
            } catch (IndexOutOfBoundsException | NumberFormatException e) {
                throw new ConfigException(LoggerMessages.ERR_COMMON_AUDIT_INVALID_TIME_OF_DAY.get(publisherConfig.getDn(), str, StaticUtils.stackTraceToSingleLineString(e)));
            }
        }
        return arrayList;
    }

    private String getSecurePassword(PublisherConfig publisherConfig, CsvConfigData csvConfigData) {
        File fileForPath = StaticUtils.getFileForPath(csvConfigData.getKeystorePinFile());
        if (!fileForPath.exists()) {
            logger.warn(LoggerMessages.ERR_COMMON_AUDIT_KEYSTORE_PIN_FILE_MISSING.get(publisherConfig.getDn(), fileForPath));
            return JsonProperty.USE_DEFAULT_NAME;
        }
        try {
            BufferedReader bufferedReader = new BufferedReader(new FileReader(fileForPath));
            Throwable th = null;
            try {
                try {
                    String readLine = bufferedReader.readLine();
                    if (readLine != null) {
                        if (bufferedReader != null) {
                            if (0 != 0) {
                                try {
                                    bufferedReader.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                bufferedReader.close();
                            }
                        }
                        return readLine;
                    }
                    logger.warn(LoggerMessages.ERR_COMMON_AUDIT_KEYSTORE_PIN_FILE_CONTAINS_EMPTY_PIN.get(publisherConfig.getDn(), fileForPath));
                    if (bufferedReader != null) {
                        if (0 != 0) {
                            try {
                                bufferedReader.close();
                            } catch (Throwable th3) {
                                th.addSuppressed(th3);
                            }
                        } else {
                            bufferedReader.close();
                        }
                    }
                    return JsonProperty.USE_DEFAULT_NAME;
                } finally {
                }
            } finally {
            }
        } catch (IOException e) {
            logger.warn(LoggerMessages.ERR_COMMON_AUDIT_ERROR_READING_KEYSTORE_PIN_FILE.get(publisherConfig.getDn(), fileForPath, StaticUtils.stackTraceToSingleLineString(e)), e);
            return JsonProperty.USE_DEFAULT_NAME;
        }
        logger.warn(LoggerMessages.ERR_COMMON_AUDIT_ERROR_READING_KEYSTORE_PIN_FILE.get(publisherConfig.getDn(), fileForPath, StaticUtils.stackTraceToSingleLineString(e)), e);
        return JsonProperty.USE_DEFAULT_NAME;
    }

    public boolean isCommonAuditConfig(LogPublisherCfg logPublisherCfg) throws ConfigException {
        return new PublisherConfig(this.serverContext, logPublisherCfg).isCommonAudit;
    }

    public boolean isExistingCommonAuditConfig(LogPublisherCfg logPublisherCfg) throws ConfigException {
        String configNormalizedName = getConfigNormalizedName(logPublisherCfg);
        return this.accessPublishers.containsKey(configNormalizedName) || this.httpAccessPublishers.containsKey(configNormalizedName);
    }

    public boolean isHttpAccessLogEnabled() {
        return !this.httpAccessPublishers.isEmpty();
    }

    private String getConfigNormalizedName(LogPublisherCfg logPublisherCfg) {
        return logPublisherCfg.dn().toNormalizedUrlSafeString();
    }

    public RequestHandler getAuditServiceForHttpAccessLog() {
        return this.httpAccessAuditService;
    }
}
