package de.muenchen.oss.digiwf.cocreation.server.security;

import java.io.IOException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.core.annotation.Order;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.support.WebContentGenerator;

@Component
@Order(1)
/* loaded from: input_file:BOOT-INF/classes/de/muenchen/oss/digiwf/cocreation/server/security/RequestResponseLoggingFilter.class */
public class RequestResponseLoggingFilter implements Filter {
    private static final String NAME_UNAUTHENTICATED_USER = "unauthenticated";
    private static final String TOKEN_USER_NAME = "user_name";
    private static final String REQUEST_LOGGING_MODE_ALL = "all";
    private static final String REQUEST_LOGGING_MODE_CHANGING = "changing";

    @Value("${security.logging.requests:}")
    private String requestLoggingMode;
    private static final Logger log = LoggerFactory.getLogger((Class<?>) RequestResponseLoggingFilter.class);
    private static final List<String> CHANGING_METHODS = Arrays.asList(WebContentGenerator.METHOD_POST, "PUT", "PATCH", "DELETE");

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
        log.debug("Initializing filter: {}", this);
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        if (checkForLogging(httpServletRequest)) {
            log.info("User {} executed {} on URI {}", getUsername(), httpServletRequest.getMethod(), httpServletRequest.getRequestURI());
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    @Override // javax.servlet.Filter
    public void destroy() {
        log.debug("Destructing filter: {}", this);
    }

    private boolean checkForLogging(HttpServletRequest httpServletRequest) {
        return this.requestLoggingMode.equals("all") || (this.requestLoggingMode.equals(REQUEST_LOGGING_MODE_CHANGING) && CHANGING_METHODS.contains(httpServletRequest.getMethod()));
    }

    private static String getUsername() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return authentication instanceof OAuth2Authentication ? (String) ((HashMap) ((OAuth2Authentication) authentication).getUserAuthentication().getDetails()).get("user_name") : NAME_UNAUTHENTICATED_USER;
    }

    public static String getNAME_UNAUTHENTICATED_USER() {
        return NAME_UNAUTHENTICATED_USER;
    }
}
