package io.confluent.security.audit.kafka;

import com.fasterxml.jackson.databind.node.BooleanNode;
import com.fasterxml.jackson.databind.node.JsonNodeFactory;
import com.fasterxml.jackson.databind.node.ObjectNode;
import com.fasterxml.jackson.databind.node.ShortNode;
import com.fasterxml.jackson.databind.node.TextNode;
import com.google.protobuf.InvalidProtocolBufferException;
import com.google.protobuf.Struct;
import com.google.protobuf.util.JsonFormat;
import io.confluent.protobuf.events.auditlog.v2.AuditLog;
import io.confluent.protobuf.events.auditlog.v2.Result;
import io.confluent.protobuf.events.auditlog.v2.TypedCloudResourceRef;
import io.confluent.security.audit.AuditLogUtils;
import io.confluent.security.authorizer.ResourcePattern;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.kafka.common.message.CreatePartitionsRequestData;
import org.apache.kafka.common.message.CreatePartitionsRequestDataJsonConverter;
import org.apache.kafka.common.message.CreatePartitionsResponseData;
import org.apache.kafka.common.message.CreatePartitionsResponseDataJsonConverter;
import org.apache.kafka.common.protocol.Errors;
import org.apache.kafka.common.resource.PatternType;
import org.apache.kafka.server.audit.KafkaRequestEvent;
import org.hibernate.validator.internal.metadata.core.ConstraintHelper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/confluent/security/audit/kafka/CreatePartitionsRequestAuditExtractor.class */
public class CreatePartitionsRequestAuditExtractor {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) CreatePartitionsRequestAuditExtractor.class);

    public static List<AuditLog> extract(KafkaRequestEvent kafkaRequestEvent, AuditExtractorOptions auditExtractorOptions) throws Exception {
        ArrayList arrayList = new ArrayList();
        CreatePartitionsRequestData read = CreatePartitionsRequestDataJsonConverter.read(kafkaRequestEvent.requestPayload(), (short) kafkaRequestEvent.requestContext().requestVersion());
        CreatePartitionsResponseData read2 = CreatePartitionsResponseDataJsonConverter.read(kafkaRequestEvent.responsePayload(), (short) kafkaRequestEvent.requestContext().requestVersion());
        boolean validateOnly = read.validateOnly();
        Iterator<E> it = read.topics().iterator();
        while (it.hasNext()) {
            CreatePartitionsRequestData.CreatePartitionsTopic createPartitionsTopic = (CreatePartitionsRequestData.CreatePartitionsTopic) it.next();
            String name = createPartitionsTopic.name();
            CreatePartitionsResponseData.CreatePartitionsTopicResult creatableTopicResult = creatableTopicResult(read2, name);
            arrayList.add(AuditLogUtils.auditLog(kafkaRequestEvent, auditExtractorOptions, AuditLogUtils.hasAuthorizationFailure(creatableTopicResult.errorCode()), validateOnly, requestData(createPartitionsTopic, kafkaRequestEvent, validateOnly), status(creatableTopicResult), resultData(creatableTopicResult), typedCloudResourceRefList(kafkaRequestEvent, name), AuditLogUtils.requestResourceCrn(auditExtractorOptions.crnAuthority(), kafkaRequestEvent, new ResourcePattern("Topic", name, PatternType.LITERAL))));
        }
        return arrayList;
    }

    private static CreatePartitionsResponseData.CreatePartitionsTopicResult creatableTopicResult(CreatePartitionsResponseData createPartitionsResponseData, String str) {
        for (CreatePartitionsResponseData.CreatePartitionsTopicResult createPartitionsTopicResult : createPartitionsResponseData.results()) {
            if (str.equals(createPartitionsTopicResult.name())) {
                return createPartitionsTopicResult;
            }
        }
        throw new IllegalStateException("Missing creatableTopicResult result for topicName " + str);
    }

    private static List<TypedCloudResourceRef> typedCloudResourceRefList(KafkaRequestEvent kafkaRequestEvent, String str) {
        List<TypedCloudResourceRef> typedCloudResourceRefList = AuditLogUtils.typedCloudResourceRefList(kafkaRequestEvent);
        typedCloudResourceRefList.add(TypedCloudResourceRef.newBuilder().setType(TypedCloudResourceRef.ResourceType.TOPIC).setResourceId(str).build());
        return typedCloudResourceRefList;
    }

    private static Struct requestData(CreatePartitionsRequestData.CreatePartitionsTopic createPartitionsTopic, KafkaRequestEvent kafkaRequestEvent, boolean z) throws Exception {
        Struct.Builder newBuilder = Struct.newBuilder();
        ObjectNode objectNode = (ObjectNode) CreatePartitionsRequestDataJsonConverter.CreatePartitionsTopicJsonConverter.write(createPartitionsTopic, (short) kafkaRequestEvent.requestContext().requestVersion(), true);
        objectNode.set("validateOnly", BooleanNode.valueOf(z));
        JsonFormat.parser().merge(objectNode.toString(), newBuilder);
        return newBuilder.build();
    }

    private static Result.Status status(CreatePartitionsResponseData.CreatePartitionsTopicResult createPartitionsTopicResult) {
        return createPartitionsTopicResult.errorCode() == Errors.NONE.code() ? Result.Status.SUCCESS : Result.Status.FAILURE;
    }

    private static Struct resultData(CreatePartitionsResponseData.CreatePartitionsTopicResult createPartitionsTopicResult) throws InvalidProtocolBufferException {
        Struct.Builder newBuilder = Struct.newBuilder();
        ObjectNode objectNode = new ObjectNode(JsonNodeFactory.instance);
        objectNode.set(ConstraintHelper.MESSAGE, new TextNode(createPartitionsTopicResult.errorMessage()));
        objectNode.set("errorCode", new ShortNode(createPartitionsTopicResult.errorCode()));
        objectNode.set("errorType", new TextNode(Errors.forCode(createPartitionsTopicResult.errorCode()).name()));
        JsonFormat.parser().merge(objectNode.toString(), newBuilder);
        return newBuilder.build();
    }
}
