package org.gluu.casa.plugins.duo;

import com.duosecurity.client.Http;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.util.Map;
import org.gluu.casa.core.pojo.User;
import org.gluu.casa.misc.Utils;
import org.gluu.casa.plugins.duo.model.DuoCredential;
import org.gluu.casa.plugins.duo.model.DuoResponse;
import org.gluu.casa.plugins.duo.model.PersonDuo;
import org.gluu.casa.plugins.duo.model.Response;
import org.gluu.casa.service.IPersistenceService;
import org.json.JSONArray;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/gluu/casa/plugins/duo/DuoService.class */
public class DuoService {
    public static Map<String, String> properties;
    public static final String UserAgentString = "Duo API Java/0.3.0";
    private static ObjectMapper mapper;
    private static DuoService SINGLE_INSTANCE = null;
    public static String ACR = "duo";
    private Logger logger = LoggerFactory.getLogger(getClass());
    private IPersistenceService persistenceService = (IPersistenceService) Utils.managedBean(IPersistenceService.class);

    private DuoService() {
        reloadConfiguration();
        mapper = new ObjectMapper();
    }

    public static DuoService getInstance() {
        if (SINGLE_INSTANCE == null) {
            synchronized (DuoService.class) {
                SINGLE_INSTANCE = new DuoService();
            }
        }
        return SINGLE_INSTANCE;
    }

    public void reloadConfiguration() {
        ObjectMapper objectMapper = new ObjectMapper();
        properties = this.persistenceService.getCustScriptConfigProperties(ACR);
        if (properties == null) {
            this.logger.warn("Config. properties for custom script '{}' could not be read. Features related to {} will not be accessible", ACR, ACR.toUpperCase());
            return;
        }
        try {
            String str = properties.get("duo_creds_file");
            if (Utils.isNotEmpty(str)) {
                String str2 = new String(Files.readAllBytes(Paths.get(str, new String[0])), StandardCharsets.UTF_8);
                properties.put("ikey", objectMapper.readTree(str2).get("ikey").textValue());
                properties.put("skey", objectMapper.readTree(str2).get("skey").textValue());
                properties.put("akey", objectMapper.readTree(str2).get("akey").textValue());
                properties.put("admin_api_ikey", objectMapper.readTree(str2).get("admin_api_ikey").textValue());
                properties.put("admin_api_skey", objectMapper.readTree(str2).get("admin_api_skey").textValue());
            } else {
                this.logger.error("Property 'duo_creds_file' not found");
            }
            this.logger.info("Duo settings found were: {}", objectMapper.writeValueAsString(properties));
        } catch (Exception e) {
            this.logger.error(e.getMessage(), e);
        }
    }

    public String getScriptPropertyValue(String str) {
        return properties.get(str);
    }

    public int getDeviceTotal(User user) {
        return getDuoCredentials(user) == null ? 0 : 1;
    }

    public DuoCredential getDuoCredentials(User user) {
        String userId;
        DuoCredential duoCredential = null;
        try {
            PersonDuo personDuo = (PersonDuo) this.persistenceService.get(PersonDuo.class, this.persistenceService.getPersonDn(user.getId()));
            if (personDuo != null) {
                String duoDevices = personDuo.getDuoDevices();
                duoCredential = Utils.isEmpty(duoDevices) ? null : (DuoCredential) mapper.readValue(duoDevices, new TypeReference<DuoCredential>() { // from class: org.gluu.casa.plugins.duo.DuoService.1
                });
                if (duoCredential == null && (userId = getInstance().getUserId(user.getUserName())) != null) {
                    try {
                        if (getInstance().writeToPersistence(userId, user.getId())) {
                            duoCredential = new DuoCredential();
                            duoCredential.setDuoUserId(userId);
                            duoCredential.setNickName("DUO credential");
                            duoCredential.setAddedOn(System.currentTimeMillis());
                        }
                    } catch (JsonProcessingException e) {
                        this.logger.error("Failed to initialize " + e.getMessage());
                    }
                }
            }
        } catch (Exception e2) {
            this.logger.error(e2.getMessage(), e2);
        }
        return duoCredential;
    }

    public boolean writeToPersistence(String str, String str2) throws JsonProcessingException {
        DuoCredential duoCredential = new DuoCredential();
        duoCredential.setNickName("DUO credentials");
        duoCredential.setAddedOn(System.currentTimeMillis());
        duoCredential.setDuoUserId(str);
        String writeValueAsString = mapper.writeValueAsString(duoCredential);
        PersonDuo personDuo = (PersonDuo) this.persistenceService.get(PersonDuo.class, this.persistenceService.getPersonDn(str2));
        personDuo.setDuoDevices(writeValueAsString);
        return this.persistenceService.modify(personDuo);
    }

    public boolean removeFromPersistence(String str) throws JsonProcessingException {
        PersonDuo personDuo = (PersonDuo) this.persistenceService.get(PersonDuo.class, this.persistenceService.getPersonDn(str));
        personDuo.setDuoDevices(null);
        return this.persistenceService.modify(personDuo);
    }

    public String getUserId(String str) {
        try {
            Http http = new Http("GET", getScriptPropertyValue("duo_host"), "/admin/v1/users");
            http.addParam("username", str);
            http.signRequest(getScriptPropertyValue("admin_api_ikey"), getScriptPropertyValue("admin_api_skey"));
            JSONArray jSONArray = ((JSONObject) http.executeJSONRequest()).getJSONArray("response");
            if (jSONArray.length() != 1) {
                return null;
            }
            JSONObject jSONObject = jSONArray.getJSONObject(0);
            this.logger.info("Fetched user: " + jSONObject.get("user_id"));
            return jSONObject.get("user_id").toString();
        } catch (Exception e) {
            this.logger.error(e.toString());
            return null;
        }
    }

    public boolean deleteDUOCredential(String str) throws Exception {
        String userId = getUserId(str);
        this.logger.info("duoUserId" + userId);
        try {
            Http http = new Http("DELETE", getScriptPropertyValue("duo_host"), "/admin/v1/users/" + userId);
            http.signRequest(getScriptPropertyValue("admin_api_ikey"), getScriptPropertyValue("admin_api_skey"));
            String executeRequestRaw = http.executeRequestRaw();
            String textValue = mapper.readTree(executeRequestRaw).get("stat").textValue();
            this.logger.info("delete result + stat -" + executeRequestRaw + ":" + textValue);
            return "OK".equals(textValue);
        } catch (Exception e) {
            this.logger.error("error in the delete request" + e.getMessage());
            return false;
        }
    }

    public Response getUser(String str) {
        try {
            Http http = new Http("GET", getScriptPropertyValue("duo_host"), "/admin/v1/users");
            http.addParam("username", str);
            http.signRequest(getScriptPropertyValue("admin_api_ikey"), getScriptPropertyValue("admin_api_skey"));
            DuoResponse duoResponse = (DuoResponse) mapper.readValue(((JSONObject) http.executeJSONRequest()).toString(), DuoResponse.class);
            if (duoResponse == null || !"OK".equals(duoResponse.getStat()) || duoResponse.getResponse().size() != 1) {
                return null;
            }
            this.logger.info(duoResponse.toString());
            return duoResponse.getResponse().get(0);
        } catch (Exception e) {
            this.logger.error(e.toString());
            return null;
        }
    }
}
