package io.jenkins.plugins.opentelemetry.security;

import edu.umd.cs.findbugs.annotations.NonNull;
import hudson.Extension;
import hudson.model.User;
import io.jenkins.plugins.opentelemetry.OpenTelemetrySdkProvider;
import io.jenkins.plugins.opentelemetry.semconv.JenkinsOtelSemanticAttributes;
import io.jenkins.plugins.opentelemetry.semconv.JenkinsSemanticMetrics;
import io.opentelemetry.api.common.Attributes;
import io.opentelemetry.api.common.AttributesBuilder;
import io.opentelemetry.api.metrics.LongCounter;
import io.opentelemetry.api.metrics.Meter;
import io.opentelemetry.context.Context;
import io.opentelemetry.sdk.logs.data.Severity;
import io.opentelemetry.semconv.trace.attributes.SemanticAttributes;
import java.util.Optional;
import javax.annotation.Nonnull;
import javax.inject.Inject;
import jenkins.security.SecurityListener;
import org.acegisecurity.userdetails.UserDetails;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.WebAuthenticationDetails;

@Extension
/* loaded from: input_file:io/jenkins/plugins/opentelemetry/security/AuditingSecurityListener.class */
public class AuditingSecurityListener extends SecurityListener {
    private OpenTelemetrySdkProvider openTelemetrySdkProvider;
    private Meter meter;
    private LongCounter loginSuccessCounter;
    private LongCounter loginFailureCounter;
    private LongCounter loginCounter;

    private void initialise() {
        this.loginSuccessCounter = this.meter.counterBuilder(JenkinsSemanticMetrics.LOGIN_SUCCESS).setDescription("Successful logins").setUnit("1").build();
        this.loginFailureCounter = this.meter.counterBuilder(JenkinsSemanticMetrics.LOGIN_FAILURE).setDescription("Failing logins").setUnit("1").build();
        this.loginCounter = this.meter.counterBuilder(JenkinsSemanticMetrics.LOGIN).setDescription("Logins").setUnit("1").build();
    }

    @Deprecated
    protected void authenticated(@NonNull UserDetails userDetails) {
        super.authenticated(userDetails);
    }

    protected void failedToAuthenticate(@NonNull String str) {
        super.failedToAuthenticate(str);
    }

    protected void loggedIn(@NonNull String str) {
        this.loginCounter.add(1L);
        this.loginSuccessCounter.add(1L);
        String str2 = "Successful login of user '" + str + "'";
        AttributesBuilder builder = Attributes.builder();
        builder.put(SemanticAttributes.ENDUSER_ID, (String) Optional.ofNullable(User.current()).map(user -> {
            return user.getId();
        }).orElse(str)).put(JenkinsOtelSemanticAttributes.EVENT_CATEGORY, JenkinsOtelSemanticAttributes.EventCategoryValues.AUTHENTICATION).put(JenkinsOtelSemanticAttributes.EVENT_ACTION, "user_login").put(JenkinsOtelSemanticAttributes.EVENT_OUTCOME, JenkinsOtelSemanticAttributes.EventOutcomeValues.SUCCESS);
        SecurityContext context = SecurityContextHolder.getContext();
        if (context != null) {
            Object details = context.getAuthentication().getDetails();
            if (details instanceof WebAuthenticationDetails) {
                WebAuthenticationDetails webAuthenticationDetails = (WebAuthenticationDetails) details;
                builder.put(SemanticAttributes.NET_PEER_IP, webAuthenticationDetails.getRemoteAddress());
                str2 = str2 + " from " + webAuthenticationDetails.getRemoteAddress();
            }
        }
        this.openTelemetrySdkProvider.getLogEmitter().logBuilder().setBody(str2).setAttributes(builder.build()).setContext(Context.current()).setSeverity(Severity.INFO).emit();
    }

    protected void userCreated(@NonNull String str) {
        super.userCreated(str);
    }

    protected void failedToLogIn(@NonNull String str) {
        this.loginCounter.add(1L);
        this.loginFailureCounter.add(1L);
        AttributesBuilder builder = Attributes.builder();
        builder.put(SemanticAttributes.ENDUSER_ID, str).put(JenkinsOtelSemanticAttributes.EVENT_CATEGORY, JenkinsOtelSemanticAttributes.EventCategoryValues.AUTHENTICATION).put(JenkinsOtelSemanticAttributes.EVENT_ACTION, "user_login").put(JenkinsOtelSemanticAttributes.EVENT_OUTCOME, JenkinsOtelSemanticAttributes.EventOutcomeValues.FAILURE);
        this.openTelemetrySdkProvider.getLogEmitter().logBuilder().setBody("Failed login of user '" + str + "'").setAttributes(builder.build()).setContext(Context.current()).setSeverity(Severity.INFO).emit();
    }

    protected void loggedOut(@NonNull String str) {
        super.loggedOut(str);
    }

    @Inject
    public void setJenkinsOtelPlugin(@Nonnull OpenTelemetrySdkProvider openTelemetrySdkProvider) {
        this.meter = openTelemetrySdkProvider.getMeter();
        this.openTelemetrySdkProvider = openTelemetrySdkProvider;
        initialise();
    }
}
