package org.owasp.csrfguard.action;

import java.security.Principal;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.owasp.csrfguard.CsrfGuard;
import org.owasp.csrfguard.CsrfGuardException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/csrfguard-4.1.3.jar:org/owasp/csrfguard/action/Log.class */
public final class Log extends AbstractAction {
    private static final long serialVersionUID = 8238761463376338707L;
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) Log.class);

    @Override // org.owasp.csrfguard.action.IAction
    public void execute(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, CsrfGuardException csrfGuardException, CsrfGuard csrfGuard) throws CsrfGuardException {
        LOGGER.error(getParameter("Message").replace("%exception%", String.valueOf(csrfGuardException)).replace("%exception_message%", csrfGuardException.getLocalizedMessage()).replace("%remote_ip%", StringUtils.defaultString(httpServletRequest.getRemoteAddr())).replace("%remote_host%", StringUtils.defaultString(httpServletRequest.getRemoteHost())).replace("%remote_port%", String.valueOf(httpServletRequest.getRemotePort())).replace("%local_ip%", StringUtils.defaultString(httpServletRequest.getLocalAddr())).replace("%local_host%", StringUtils.defaultString(httpServletRequest.getLocalName())).replace("%local_port%", String.valueOf(httpServletRequest.getLocalPort())).replace("%request_method%", StringUtils.defaultString(httpServletRequest.getMethod())).replace("%request_uri%", StringUtils.defaultString(httpServletRequest.getRequestURI())).replace("%request_url%", httpServletRequest.getRequestURL().toString()).replace("%user%", getUserName(httpServletRequest)));
    }

    private String getUserName(HttpServletRequest httpServletRequest) {
        Principal userPrincipal;
        String remoteUser = httpServletRequest.getRemoteUser();
        if (StringUtils.isBlank(remoteUser)) {
            remoteUser = (String) httpServletRequest.getAttribute("REMOTE_USER");
        }
        if (StringUtils.isBlank(remoteUser) && (userPrincipal = httpServletRequest.getUserPrincipal()) != null) {
            remoteUser = userPrincipal.getName();
        }
        if (StringUtils.isBlank(remoteUser)) {
            remoteUser = "<anonymous>";
        }
        return remoteUser;
    }
}
