package no.nav.common.abac.cef;

import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import no.nav.common.abac.cef.CefAbacResponseMapper;
import no.nav.common.abac.cef.CefEvent;
import no.nav.common.abac.constants.NavAttributter;
import no.nav.common.abac.domain.request.XacmlRequest;
import no.nav.common.abac.domain.response.Advice;
import no.nav.common.abac.domain.response.AttributeAssignment;
import no.nav.common.abac.domain.response.Decision;
import no.nav.common.abac.domain.response.Response;
import no.nav.common.abac.domain.response.XacmlResponse;

/* loaded from: input_file:no/nav/common/abac/cef/CefAbacEvent.class */
public class CefAbacEvent {
    public static List<CefEvent> createCefEvents(XacmlRequest xacmlRequest, XacmlResponse xacmlResponse, CefAbacEventContext cefAbacEventContext, Supplier<Long> supplier) {
        return (List) cefAbacEventContext.mapper.getMapper().apply(new CefAbacResponseMapper.Parameters(xacmlRequest, xacmlResponse)).stream().map(result -> {
            Response response = result.getResponse();
            CefEvent.Builder builder = CefEvent.builder();
            Map<String, String> customCefAttributes = result.getCustomCefAttributes();
            Objects.requireNonNull(builder);
            customCefAttributes.forEach(builder::addAttribute);
            addFromContext(builder, cefAbacEventContext, supplier);
            addDecisionAttribute(response, builder);
            addDenyAttributes(response, builder);
            return builder.build();
        }).collect(Collectors.toList());
    }

    private static void addFromContext(CefEvent.Builder builder, CefAbacEventContext cefAbacEventContext, Supplier<Long> supplier) {
        builder.cefVersion("0").applicationName(cefAbacEventContext.applicationName).logName("Sporingslogg").logFormatVersion("1.0").eventType("audit:access").description("ABAC Sporingslogg").addAttribute("end", supplier.get().toString()).addAttribute("suid", cefAbacEventContext.subjectId).addAttribute("sproc", cefAbacEventContext.callId).addAttribute("dproc", cefAbacEventContext.consumerId).addAttribute("requestMethod", cefAbacEventContext.requestMethod).addAttribute("request", cefAbacEventContext.requestPath);
    }

    private static void addDecisionAttribute(Response response, CefEvent.Builder builder) {
        builder.severity(Decision.Permit.equals(response.getDecision()) ? CefEvent.Severity.INFO : CefEvent.Severity.WARN).addAttribute("flexString1", response.getDecision().name()).addAttribute("flexString1Label", "Decision");
    }

    private static void addDenyAttributes(Response response, CefEvent.Builder builder) {
        if (Decision.Permit.equals(response.getDecision())) {
            return;
        }
        Advice advice = response.getAssociatedAdvice().get(0);
        getAttributeFromAdvice(NavAttributter.ADVICEOROBLIGATION_CAUSE, advice).ifPresent(attributeAssignment -> {
            builder.addAttribute("cs3", attributeAssignment.getValue());
            builder.addAttribute("cs3Label", "deny_cause");
        });
        getAttributeFromAdvice(NavAttributter.ADVICEOROBLIGATION_DENY_POLICY, advice).ifPresent(attributeAssignment2 -> {
            builder.addAttribute("flexString2", attributeAssignment2.getValue());
            builder.addAttribute("flexString2Label", "deny_policy");
        });
        getAttributeFromAdvice(NavAttributter.ADVICEOROBLIGATION_DENY_RULE, advice).ifPresent(attributeAssignment3 -> {
            builder.addAttribute("cs5", attributeAssignment3.getValue());
            builder.addAttribute("cs5Label", "deny_rule");
        });
    }

    private static Optional<AttributeAssignment> getAttributeFromAdvice(String str, Advice advice) {
        return advice.getAttributeAssignment().stream().filter(attributeAssignment -> {
            return str.equals(attributeAssignment.getAttributeId());
        }).findFirst();
    }
}
