package org.gluu.oxtrust.ws.rs.scim2;

import java.net.URI;
import java.net.URISyntaxException;
import java.util.Collections;
import java.util.List;
import javax.annotation.PostConstruct;
import javax.inject.Inject;
import javax.inject.Named;
import javax.management.InvalidAttributeValueException;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;
import org.gluu.oxtrust.model.exception.SCIMException;
import org.gluu.oxtrust.model.scim.ScimCustomPerson;
import org.gluu.oxtrust.model.scim2.BaseScimResource;
import org.gluu.oxtrust.model.scim2.ErrorScimType;
import org.gluu.oxtrust.model.scim2.SearchRequest;
import org.gluu.oxtrust.model.scim2.patch.PatchOperation;
import org.gluu.oxtrust.model.scim2.patch.PatchOperationType;
import org.gluu.oxtrust.model.scim2.patch.PatchRequest;
import org.gluu.oxtrust.model.scim2.user.UserResource;
import org.gluu.oxtrust.model.scim2.util.DateUtil;
import org.gluu.oxtrust.model.scim2.util.ScimResourceUtil;
import org.gluu.oxtrust.service.filter.ProtectedApi;
import org.gluu.oxtrust.service.scim2.Scim2PatchService;
import org.gluu.oxtrust.service.scim2.Scim2UserService;
import org.gluu.oxtrust.service.scim2.interceptor.RefAdjusted;
import org.gluu.persist.exception.operation.DuplicateEntryException;
import org.gluu.persist.model.PagedResult;
import org.gluu.persist.model.SortOrder;

@Path("/scim/v2/Users")
@Named
/* loaded from: input_file:org/gluu/oxtrust/ws/rs/scim2/UserWebService.class */
public class UserWebService extends BaseScimWebService implements IUserWebService {

    @Inject
    private Scim2UserService scim2UserService;

    @Inject
    private Scim2PatchService scim2PatchService;
    private String userResourceType;

    private void checkUidExistence(String str) throws DuplicateEntryException {
        if (this.personService.getPersonByUid(str, new String[0]) != null) {
            throw new DuplicateEntryException("Duplicate UID value: " + str);
        }
    }

    private void checkUidExistence(String str, String str2) throws DuplicateEntryException {
        List list = null;
        try {
            list = this.personService.findPersonsByUids(Collections.singletonList(str), new String[]{"inum"});
        } catch (Exception e) {
            this.log.error(e.getMessage(), e);
        }
        if (list != null && list.stream().filter(gluuCustomPerson -> {
            return !gluuCustomPerson.getInum().equals(str2);
        }).findAny().isPresent()) {
            throw new DuplicateEntryException("Duplicate UID value: " + str);
        }
    }

    private Response doSearch(String str, Integer num, Integer num2, String str2, String str3, String str4, String str5, String str6) {
        Response errorResponse;
        SearchRequest searchRequest;
        Response prepareSearchRequest;
        try {
            searchRequest = new SearchRequest();
            prepareSearchRequest = prepareSearchRequest(searchRequest.getSchemas(), str, str2, str3, num, num2, str4, str5, searchRequest);
        } catch (SCIMException e) {
            this.log.error(e.getMessage(), e);
            errorResponse = getErrorResponse(Response.Status.BAD_REQUEST, ErrorScimType.INVALID_FILTER, e.getMessage());
        } catch (Exception e2) {
            this.log.error("Failure at searchUsers method", e2);
            errorResponse = getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Unexpected error: " + e2.getMessage());
        }
        if (prepareSearchRequest != null) {
            return prepareSearchRequest;
        }
        Response applySearchCheck = this.externalConstraintsService.applySearchCheck(searchRequest, this.httpHeaders, this.uriInfo, str6, this.userResourceType);
        if (applySearchCheck != null) {
            return applySearchCheck;
        }
        PagedResult<BaseScimResource> searchUsers = this.scim2UserService.searchUsers(searchRequest.getFilter(), translateSortByAttribute(UserResource.class, searchRequest.getSortBy()), SortOrder.getByValue(searchRequest.getSortOrder()), searchRequest.getStartIndex().intValue(), searchRequest.getCount().intValue(), this.endpointUrl, getMaxCount());
        errorResponse = Response.ok(getListResponseSerialized(searchUsers.getTotalEntriesCount(), searchRequest.getStartIndex().intValue(), searchUsers.getEntries(), searchRequest.getAttributesStr(), searchRequest.getExcludedAttributesStr(), searchRequest.getCount().intValue() == 0)).location(new URI(this.endpointUrl)).build();
        return errorResponse;
    }

    @POST
    @HeaderParam("Accept")
    @Consumes({"application/scim+json", "application/json"})
    @DefaultValue("application/scim+json")
    @Produces({"application/scim+json; charset=utf-8", "application/json; charset=utf-8"})
    @ProtectedApi(oauthScopes = {"https://gluu.org/scim/users.write"})
    @RefAdjusted
    public Response createUser(UserResource userResource, @QueryParam("attributes") String str, @QueryParam("excludedAttributes") String str2) {
        Response errorResponse;
        ScimCustomPerson preCreateUser;
        Response applyEntityCheck;
        try {
            this.log.debug("Executing web service method. createUser");
            executeDefaultValidation(userResource);
            checkUidExistence(userResource.getUserName());
            assignMetaInformation(userResource);
            ScimResourceUtil.adjustPrimarySubAttributes(userResource);
            preCreateUser = this.scim2UserService.preCreateUser(userResource);
            applyEntityCheck = this.externalConstraintsService.applyEntityCheck(preCreateUser, userResource, this.httpHeaders, this.uriInfo, "POST", this.userResourceType);
        } catch (SCIMException e) {
            this.log.error("Validation check at createUser returned: {}", e.getMessage());
            errorResponse = getErrorResponse(Response.Status.BAD_REQUEST, ErrorScimType.INVALID_VALUE, e.getMessage());
        } catch (DuplicateEntryException e2) {
            this.log.error(e2.getMessage());
            errorResponse = getErrorResponse(Response.Status.CONFLICT, ErrorScimType.UNIQUENESS, e2.getMessage());
        } catch (Exception e3) {
            this.log.error("Failure at createUser method", e3);
            errorResponse = getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Unexpected error: " + e3.getMessage());
        }
        if (applyEntityCheck != null) {
            return applyEntityCheck;
        }
        this.scim2UserService.createUser(preCreateUser, userResource, this.endpointUrl);
        errorResponse = Response.created(new URI(userResource.getMeta().getLocation())).entity(this.resourceSerializer.serialize(userResource, str, str2)).build();
        return errorResponse;
    }

    @Path("{id}")
    @HeaderParam("Accept")
    @GET
    @DefaultValue("application/scim+json")
    @Produces({"application/scim+json; charset=utf-8", "application/json; charset=utf-8"})
    @ProtectedApi(oauthScopes = {"https://gluu.org/scim/users.read"})
    @RefAdjusted
    public Response getUserById(@PathParam("id") String str, @QueryParam("attributes") String str2, @QueryParam("excludedAttributes") String str3) {
        Response errorResponse;
        ScimCustomPerson personByInum;
        try {
            this.log.debug("Executing web service method. getUserById");
            personByInum = this.userPersistenceHelper.getPersonByInum(str);
        } catch (Exception e) {
            this.log.error("Failure at getUserById method", e);
            errorResponse = getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Unexpected error: " + e.getMessage());
        }
        if (personByInum == null) {
            return notFoundResponse(str, this.userResourceType);
        }
        Response applyEntityCheck = this.externalConstraintsService.applyEntityCheck(personByInum, null, this.httpHeaders, this.uriInfo, "GET", this.userResourceType);
        if (applyEntityCheck != null) {
            return applyEntityCheck;
        }
        BaseScimResource buildUserResource = this.scim2UserService.buildUserResource(personByInum, this.endpointUrl);
        errorResponse = Response.ok(new URI(buildUserResource.getMeta().getLocation())).entity(this.resourceSerializer.serialize(buildUserResource, str2, str3)).build();
        return errorResponse;
    }

    @Path("{id}")
    @HeaderParam("Accept")
    @Consumes({"application/scim+json", "application/json"})
    @DefaultValue("application/scim+json")
    @Produces({"application/scim+json; charset=utf-8", "application/json; charset=utf-8"})
    @ProtectedApi(oauthScopes = {"https://gluu.org/scim/users.write"})
    @PUT
    @RefAdjusted
    public Response updateUser(UserResource userResource, @PathParam("id") String str, @QueryParam("attributes") String str2, @QueryParam("excludedAttributes") String str3) {
        Response errorResponse;
        try {
            this.log.debug("Executing web service method. updateUser");
        } catch (SCIMException e) {
            this.log.error("Validation check at updateUser returned: {}", e.getMessage());
            errorResponse = getErrorResponse(Response.Status.BAD_REQUEST, ErrorScimType.INVALID_VALUE, e.getMessage());
        } catch (Exception e2) {
            this.log.error("Failure at updateUser method", e2);
            errorResponse = getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Unexpected error: " + e2.getMessage());
        } catch (InvalidAttributeValueException e3) {
            this.log.error(e3.getMessage());
            errorResponse = getErrorResponse(Response.Status.BAD_REQUEST, ErrorScimType.MUTABILITY, e3.getMessage());
        } catch (DuplicateEntryException e4) {
            this.log.error(e4.getMessage());
            errorResponse = getErrorResponse(Response.Status.CONFLICT, ErrorScimType.UNIQUENESS, e4.getMessage());
        }
        if (userResource.getId() != null && !userResource.getId().equals(str)) {
            throw new SCIMException("Parameter id does not match with id attribute of User");
        }
        ScimCustomPerson personByInum = this.userPersistenceHelper.getPersonByInum(str);
        if (personByInum == null) {
            return notFoundResponse(str, this.userResourceType);
        }
        Response applyEntityCheck = this.externalConstraintsService.applyEntityCheck(personByInum, userResource, this.httpHeaders, this.uriInfo, "PUT", this.userResourceType);
        if (applyEntityCheck != null) {
            return applyEntityCheck;
        }
        executeValidation(userResource, true);
        if (StringUtils.isNotEmpty(userResource.getUserName())) {
            checkUidExistence(userResource.getUserName(), str);
        }
        ScimResourceUtil.adjustPrimarySubAttributes(userResource);
        BaseScimResource updateUser = this.scim2UserService.updateUser(personByInum, userResource, this.endpointUrl);
        errorResponse = Response.ok(new URI(updateUser.getMeta().getLocation())).entity(this.resourceSerializer.serialize(updateUser, str2, str3)).build();
        return errorResponse;
    }

    @Path("{id}")
    @DELETE
    @DefaultValue("application/scim+json")
    @Produces({"application/scim+json; charset=utf-8", "application/json; charset=utf-8"})
    @ProtectedApi(oauthScopes = {"https://gluu.org/scim/users.write"})
    @HeaderParam("Accept")
    public Response deleteUser(@PathParam("id") String str) {
        Response errorResponse;
        ScimCustomPerson personByInum;
        try {
            this.log.debug("Executing web service method. deleteUser");
            personByInum = this.userPersistenceHelper.getPersonByInum(str);
        } catch (Exception e) {
            this.log.error("Failure at deleteUser method", e);
            errorResponse = getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Unexpected error: " + e.getMessage());
        }
        if (personByInum == null) {
            return notFoundResponse(str, this.userResourceType);
        }
        Response applyEntityCheck = this.externalConstraintsService.applyEntityCheck(personByInum, null, this.httpHeaders, this.uriInfo, "DELETE", this.userResourceType);
        if (applyEntityCheck != null) {
            return applyEntityCheck;
        }
        this.scim2UserService.deleteUser(personByInum);
        errorResponse = Response.noContent().build();
        return errorResponse;
    }

    @GET
    @DefaultValue("application/scim+json")
    @Produces({"application/scim+json; charset=utf-8", "application/json; charset=utf-8"})
    @ProtectedApi(oauthScopes = {"https://gluu.org/scim/users.read"})
    @HeaderParam("Accept")
    @RefAdjusted
    public Response searchUsers(@QueryParam("filter") String str, @QueryParam("startIndex") Integer num, @QueryParam("count") Integer num2, @QueryParam("sortBy") String str2, @QueryParam("sortOrder") String str3, @QueryParam("attributes") String str4, @QueryParam("excludedAttributes") String str5) {
        this.log.debug("Executing web service method. searchUsers");
        return doSearch(str, num, num2, str2, str3, str4, str5, "GET");
    }

    @Path(BaseScimWebService.SEARCH_SUFFIX)
    @POST
    @HeaderParam("Accept")
    @Consumes({"application/scim+json", "application/json"})
    @DefaultValue("application/scim+json")
    @Produces({"application/scim+json; charset=utf-8", "application/json; charset=utf-8"})
    @ProtectedApi(oauthScopes = {"https://gluu.org/scim/users.read"})
    @RefAdjusted
    public Response searchUsersPost(SearchRequest searchRequest) {
        this.log.debug("Executing web service method. searchUsersPost");
        Response doSearch = doSearch(searchRequest.getFilter(), searchRequest.getStartIndex(), searchRequest.getCount(), searchRequest.getSortBy(), searchRequest.getSortOrder(), searchRequest.getAttributesStr(), searchRequest.getExcludedAttributesStr(), "POST");
        URI uri = null;
        try {
            uri = new URI(this.endpointUrl + "/" + BaseScimWebService.SEARCH_SUFFIX);
        } catch (URISyntaxException e) {
            this.log.error(e.getMessage(), e);
        }
        return Response.fromResponse(doSearch).location(uri).build();
    }

    @Path("{id}")
    @PATCH
    @HeaderParam("Accept")
    @Consumes({"application/scim+json", "application/json"})
    @DefaultValue("application/scim+json")
    @Produces({"application/scim+json; charset=utf-8", "application/json; charset=utf-8"})
    @ProtectedApi(oauthScopes = {"https://gluu.org/scim/users.write"})
    @RefAdjusted
    public Response patchUser(PatchRequest patchRequest, @PathParam("id") String str, @QueryParam("attributes") String str2, @QueryParam("excludedAttributes") String str3) {
        Response errorResponse;
        Response inspectPatchRequest;
        try {
            this.log.debug("Executing web service method. patchUser");
            inspectPatchRequest = inspectPatchRequest(patchRequest, UserResource.class);
        } catch (InvalidAttributeValueException e) {
            this.log.error(e.getMessage(), e);
            errorResponse = getErrorResponse(Response.Status.BAD_REQUEST, ErrorScimType.MUTABILITY, e.getMessage());
        } catch (Exception e2) {
            this.log.error("Failure at patchUser method", e2);
            errorResponse = getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Unexpected error: " + e2.getMessage());
        } catch (SCIMException e3) {
            errorResponse = getErrorResponse(Response.Status.BAD_REQUEST, ErrorScimType.INVALID_SYNTAX, e3.getMessage());
        }
        if (inspectPatchRequest != null) {
            return inspectPatchRequest;
        }
        ScimCustomPerson personByInum = this.userPersistenceHelper.getPersonByInum(str);
        if (personByInum == null) {
            return notFoundResponse(str, this.userResourceType);
        }
        Response applyEntityCheck = this.externalConstraintsService.applyEntityCheck(personByInum, patchRequest, this.httpHeaders, this.uriInfo, "PATCH", this.userResourceType);
        if (applyEntityCheck != null) {
            return applyEntityCheck;
        }
        UserResource userResource = new UserResource();
        this.scim2UserService.transferAttributesToUserResource(personByInum, userResource, this.endpointUrl);
        for (PatchOperation patchOperation : patchRequest.getOperations()) {
            if (patchOperation.getType().equals(PatchOperationType.REMOVE) && patchOperation.getPath().equals("pairwiseIdentifiers")) {
                personByInum.setOxPPID((List) null);
                userResource.setPairwiseIdentifiers((List) null);
                this.scim2UserService.removePPIDsBranch(personByInum.getDn());
            } else {
                userResource = this.scim2PatchService.applyPatchOperation(userResource, patchOperation);
            }
        }
        this.log.debug("patchUser. Revising final resource representation still passes validations");
        executeDefaultValidation(userResource);
        ScimResourceUtil.adjustPrimarySubAttributes(userResource);
        userResource.getMeta().setLastModified(DateUtil.millisToISOString(System.currentTimeMillis()));
        this.scim2UserService.replacePersonInfo(personByInum, userResource, this.endpointUrl);
        errorResponse = Response.ok(new URI(userResource.getMeta().getLocation())).entity(this.resourceSerializer.serialize(userResource, str2, str3)).build();
        return errorResponse;
    }

    @PostConstruct
    public void setup() {
        init(UserWebService.class);
        this.userResourceType = ScimResourceUtil.getType(UserResource.class);
    }
}
