package org.forgerock.openam.oauth2;

import com.iplanet.am.util.SystemProperties;
import com.iplanet.sso.SSOToken;
import com.sun.identity.common.configuration.ConfigurationListener;
import com.sun.identity.log.LogRecord;
import com.sun.identity.log.Logger;
import com.sun.identity.log.messageid.LogMessageProvider;
import com.sun.identity.log.messageid.MessageProviderFactory;
import com.sun.identity.security.AdminTokenAction;
import com.sun.identity.shared.debug.Debug;
import java.io.IOException;
import java.security.AccessController;
import java.security.PrivilegedAction;
import javax.inject.Inject;

/* loaded from: input_file:org/forgerock/openam/oauth2/OAuth2AuditLogger.class */
public class OAuth2AuditLogger implements ConfigurationListener {
    private final Debug logger = Debug.getInstance("OAuth2Provider");
    private LogMessageProvider msgProvider;
    private Logger accessLogger;
    private Logger errorLogger;
    private boolean logStatus;

    @Inject
    public OAuth2AuditLogger() {
        init();
        SystemProperties.observe(this, new String[]{"com.iplanet.am.logstatus"});
    }

    private void init() {
        this.logStatus = "ACTIVE".equalsIgnoreCase(SystemProperties.get("com.iplanet.am.logstatus"));
        if (this.logStatus) {
            this.accessLogger = Logger.getLogger("OAuth2Provider.access");
            this.errorLogger = Logger.getLogger("OAuth2Provider.error");
        } else {
            this.accessLogger = null;
            this.errorLogger = null;
        }
    }

    private synchronized LogMessageProvider getLogMessageProvider() throws IOException {
        if (this.msgProvider == null) {
            this.msgProvider = MessageProviderFactory.getProvider("OAuth2Provider");
        }
        return this.msgProvider;
    }

    public boolean isAuditLogEnabled() {
        return this.logStatus;
    }

    public void logErrorMessage(String str, String[] strArr, SSOToken sSOToken) {
        LogRecord createLogRecord;
        try {
            getLogMessageProvider();
        } catch (IOException e) {
            this.logger.error(e.getMessage(), e);
            this.logger.error("disabling logging");
            this.logStatus = false;
        }
        if (this.errorLogger == null || this.msgProvider == null || (createLogRecord = this.msgProvider.createLogRecord(str, strArr, sSOToken)) == null) {
            return;
        }
        this.errorLogger.log(createLogRecord, (SSOToken) AccessController.doPrivileged((PrivilegedAction) AdminTokenAction.getInstance()));
    }

    public void logAccessMessage(String str, String[] strArr, SSOToken sSOToken) {
        LogRecord createLogRecord;
        try {
            getLogMessageProvider();
        } catch (IOException e) {
            this.logger.error(e.getMessage(), e);
            this.logger.error("disabling logging");
            this.logStatus = false;
        }
        if (this.accessLogger == null || this.msgProvider == null || (createLogRecord = this.msgProvider.createLogRecord(str, strArr, sSOToken)) == null) {
            return;
        }
        this.accessLogger.log(createLogRecord, (SSOToken) AccessController.doPrivileged((PrivilegedAction) AdminTokenAction.getInstance()));
    }

    public void notifyChanges() {
        init();
    }
}
