package io.codemodder.codemods;

import io.codemodder.Codemod;
import io.codemodder.Importance;
import io.codemodder.ReviewGuidance;
import io.codemodder.RuleSarif;
import io.codemodder.plugins.llm.CodeChangingLLMRemediationOutcome;
import io.codemodder.plugins.llm.NoActionLLMRemediationOutcome;
import io.codemodder.plugins.llm.OpenAIService;
import io.codemodder.plugins.llm.SarifToLLMForMultiOutcomeCodemod;
import io.codemodder.plugins.llm.StandardModel;
import io.codemodder.providers.sarif.semgrep.SemgrepScan;
import java.util.List;
import javax.inject.Inject;

@Codemod(id = "pixee:java/log-failed-login", importance = Importance.HIGH, reviewGuidance = ReviewGuidance.MERGE_AFTER_REVIEW)
/* loaded from: input_file:io/codemodder/codemods/LogFailedLoginCodemod.class */
public final class LogFailedLoginCodemod extends SarifToLLMForMultiOutcomeCodemod {
    @Inject
    public LogFailedLoginCodemod(@SemgrepScan(ruleId = "log-failed-login") RuleSarif ruleSarif, OpenAIService openAIService) {
        super(ruleSarif, openAIService, List.of(new NoActionLLMRemediationOutcome("logs_failed_login_with_logger", "The code uses a logger to log a message that indicates a failed login attempt.\nThe message is logged at the INFO or higher level.\n".replace('\n', ' ')), new NoActionLLMRemediationOutcome("logs_failed_login_with_console", "The code sends a message to the console that indicates a failed login attempt.\nThe code may output this message to either System.out or System.err.\n".replace('\n', ' ')), new NoActionLLMRemediationOutcome("throws_exception", "The code throws an exception that indicates a failed login attempt.\nThrowing such an exception is a reasonable alternative to logging the failed login attempt.\nWhen the username for the failed login is in-scope, the exception message includes the username.\n".replace('\n', ' ')), new NoActionLLMRemediationOutcome("no_authentication", "The login validation fails because the request lacks credentials to validate. This is not considered a failed login attempt that requires auditing.\n".replace('\n', ' ')), new CodeChangingLLMRemediationOutcome("add_missing_logging", "None of the other outcomes apply.\nThe code that validates the login credentials does not log a message when the login attempt fails,\nNOR does it throw an exception that reasonably indicates a failed login attempt and includes the username in the exception message.\n".replace('\n', ' '), "Immediately following the login failure, add precisely one statement to log the failed login attempt at the INFO level.\nIf the username for the failed login is in scope, the new log message references the username.\nAdd exactly one such log statement! Exactly one!\nThe new log statement is consistent with the rest of the code with respect to formatting, braces, casing, etc.\nWhen no logger is in scope, the new code emits a log message to the console.\n".replace('\n', ' '))), StandardModel.GPT_4O, StandardModel.GPT_4);
    }

    protected String getThreatPrompt() {
        return "The tool has cited an authentication check that does not include a means for auditing failed login attempt.\n".replace('\n', ' ');
    }
}
