package org.gluu.oxtrust.service.scim2;

import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.stream.Collectors;
import javax.annotation.PostConstruct;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import javax.management.InvalidAttributeValueException;
import javax.ws.rs.Path;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;
import org.gluu.config.oxtrust.AppConfiguration;
import org.gluu.model.GluuStatus;
import org.gluu.oxtrust.model.GluuBoolean;
import org.gluu.oxtrust.model.GluuGroup;
import org.gluu.oxtrust.model.scim.ScimCustomPerson;
import org.gluu.oxtrust.model.scim2.BaseScimResource;
import org.gluu.oxtrust.model.scim2.Meta;
import org.gluu.oxtrust.model.scim2.extensions.Extension;
import org.gluu.oxtrust.model.scim2.extensions.ExtensionField;
import org.gluu.oxtrust.model.scim2.user.Address;
import org.gluu.oxtrust.model.scim2.user.Email;
import org.gluu.oxtrust.model.scim2.user.Entitlement;
import org.gluu.oxtrust.model.scim2.user.Group;
import org.gluu.oxtrust.model.scim2.user.InstantMessagingAddress;
import org.gluu.oxtrust.model.scim2.user.Name;
import org.gluu.oxtrust.model.scim2.user.PhoneNumber;
import org.gluu.oxtrust.model.scim2.user.Photo;
import org.gluu.oxtrust.model.scim2.user.Role;
import org.gluu.oxtrust.model.scim2.user.UserResource;
import org.gluu.oxtrust.model.scim2.user.X509Certificate;
import org.gluu.oxtrust.model.scim2.util.DateUtil;
import org.gluu.oxtrust.model.scim2.util.IntrospectUtil;
import org.gluu.oxtrust.model.scim2.util.ScimResourceUtil;
import org.gluu.oxtrust.service.IGroupService;
import org.gluu.oxtrust.service.IPersonService;
import org.gluu.oxtrust.service.antlr.scimFilter.ScimFilterParserService;
import org.gluu.oxtrust.service.external.ExternalScimService;
import org.gluu.oxtrust.util.ServiceUtil;
import org.gluu.oxtrust.ws.rs.scim2.GroupWebService;
import org.gluu.persist.PersistenceEntryManager;
import org.gluu.persist.model.PagedResult;
import org.gluu.persist.model.SortOrder;
import org.gluu.search.filter.Filter;
import org.slf4j.Logger;

@ApplicationScoped
/* loaded from: input_file:org/gluu/oxtrust/service/scim2/Scim2UserService.class */
public class Scim2UserService implements Serializable {
    private static final long serialVersionUID = -5948992380577056420L;

    @Inject
    private Logger log;

    @Inject
    private IPersonService personService;

    @Inject
    private UserPersistenceHelper userPersistenceHelper;

    @Inject
    private IGroupService groupService;

    @Inject
    private ExternalScimService externalScimService;

    @Inject
    private ServiceUtil serviceUtil;

    @Inject
    private ExtensionService extService;

    @Inject
    private ScimFilterParserService scimFilterParserService;

    @Inject
    private PersistenceEntryManager ldapEntryManager;

    @Inject
    AppConfiguration appConfiguration;
    private boolean ldapBackend;
    private String groupEndpointUrl;

    private String[] getComplexMultivaluedAsArray(List list) {
        String[] strArr = new String[0];
        if (list != null) {
            try {
                if (list.size() > 0) {
                    ObjectMapper objectMapper = ServiceUtil.getObjectMapper();
                    ArrayList arrayList = new ArrayList();
                    Iterator it = list.iterator();
                    while (it.hasNext()) {
                        arrayList.add(objectMapper.writeValueAsString(it.next()));
                    }
                    strArr = (String[]) arrayList.toArray(new String[0]);
                }
            } catch (Exception e) {
                this.log.error(e.getMessage(), e);
            }
        }
        return strArr;
    }

    private <T> List<T> getAttributeListValue(ScimCustomPerson scimCustomPerson, Class<T> cls, String str) {
        ArrayList arrayList = new ArrayList();
        try {
            ObjectMapper objectMapper = ServiceUtil.getObjectMapper();
            Iterator it = scimCustomPerson.getAttributeList(str).iterator();
            while (it.hasNext()) {
                arrayList.add(objectMapper.readValue((String) it.next(), cls));
            }
        } catch (Exception e) {
            this.log.error(e.getMessage(), e);
        }
        if (arrayList.size() == 0) {
            return null;
        }
        return arrayList;
    }

    private void transferAttributesToPerson(UserResource userResource, ScimCustomPerson scimCustomPerson) {
        this.log.debug("transferAttributesToPerson");
        scimCustomPerson.setAttribute("oxTrustExternalId", userResource.getExternalId());
        scimCustomPerson.setCustomAttribute("oxTrustMetaCreated", userResource.getMeta().getCreated());
        scimCustomPerson.setCustomAttribute("oxTrustMetaLastModified", userResource.getMeta().getLastModified());
        scimCustomPerson.setCustomAttribute("oxTrustMetaLocation", userResource.getMeta().getLocation());
        scimCustomPerson.setUid(userResource.getUserName());
        if (userResource.getName() != null) {
            scimCustomPerson.setAttribute("givenName", userResource.getName().getGivenName());
            scimCustomPerson.setAttribute("sn", userResource.getName().getFamilyName());
            scimCustomPerson.setAttribute("middleName", userResource.getName().getMiddleName());
            scimCustomPerson.setAttribute("oxTrusthonorificPrefix", userResource.getName().getHonorificPrefix());
            scimCustomPerson.setAttribute("oxTrusthonorificSuffix", userResource.getName().getHonorificSuffix());
            scimCustomPerson.setAttribute("oxTrustNameFormatted", userResource.getName().computeFormattedName());
        }
        scimCustomPerson.setAttribute("displayName", userResource.getDisplayName());
        scimCustomPerson.setAttribute("nickname", userResource.getNickName());
        scimCustomPerson.setAttribute("oxTrustProfileURL", userResource.getProfileUrl());
        scimCustomPerson.setAttribute("oxTrustTitle", userResource.getTitle());
        scimCustomPerson.setAttribute("oxTrustUserType", userResource.getUserType());
        scimCustomPerson.setAttribute("preferredLanguage", userResource.getPreferredLanguage());
        scimCustomPerson.setAttribute("locale", userResource.getLocale());
        scimCustomPerson.setAttribute("zoneinfo", userResource.getTimezone());
        Boolean bool = (Boolean) Optional.ofNullable(userResource.getActive()).orElse(false);
        scimCustomPerson.setCustomAttribute("oxTrustActive", bool);
        scimCustomPerson.setAttribute("gluuStatus", bool.booleanValue() ? GluuStatus.ACTIVE.getValue() : GluuStatus.INACTIVE.getValue());
        scimCustomPerson.setUserPassword(userResource.getPassword());
        scimCustomPerson.setAttribute("oxTrustEmail", getComplexMultivaluedAsArray(userResource.getEmails()));
        try {
            scimCustomPerson = this.userPersistenceHelper.syncEmailForward(scimCustomPerson);
        } catch (Exception e) {
            this.log.error("Problem syncing emails forward", e);
        }
        scimCustomPerson.setAttribute("oxTrustPhoneValue", getComplexMultivaluedAsArray(userResource.getPhoneNumbers()));
        scimCustomPerson.setAttribute("oxTrustImsValue", getComplexMultivaluedAsArray(userResource.getIms()));
        scimCustomPerson.setAttribute("oxTrustPhotos", getComplexMultivaluedAsArray(userResource.getPhotos()));
        scimCustomPerson.setAttribute("oxTrustAddresses", getComplexMultivaluedAsArray(userResource.getAddresses()));
        scimCustomPerson.setAttribute("oxTrustEntitlements", getComplexMultivaluedAsArray(userResource.getEntitlements()));
        scimCustomPerson.setAttribute("oxTrustRole", getComplexMultivaluedAsArray(userResource.getRoles()));
        scimCustomPerson.setAttribute("oxTrustx509Certificate", getComplexMultivaluedAsArray(userResource.getX509Certificates()));
        transferExtendedAttributesToPerson(userResource, scimCustomPerson);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void transferExtendedAttributesToPerson(BaseScimResource baseScimResource, ScimCustomPerson scimCustomPerson) {
        try {
            Map customAttributes = baseScimResource.getCustomAttributes();
            for (Extension extension : this.extService.getResourceExtensions(baseScimResource.getClass())) {
                Object obj = customAttributes.get(extension.getUrn());
                if (obj != null) {
                    Map strObjMap = IntrospectUtil.strObjMap(obj);
                    for (String str : strObjMap.keySet()) {
                        Object obj2 = strObjMap.get(str);
                        if (obj2 == null) {
                            this.log.debug("transferExtendedAttributesToPerson. Flushing attribute {}", str);
                            scimCustomPerson.setAttribute(str, (String) null);
                        } else {
                            ExtensionField extensionField = (ExtensionField) extension.getFields().get(str);
                            if (extensionField.isMultiValued()) {
                                scimCustomPerson.setCustomAttribute(str, this.extService.getAttributeValues(extensionField, (Collection) obj2, this.ldapBackend));
                            } else {
                                scimCustomPerson.setCustomAttribute(str, this.extService.getAttributeValue(extensionField, obj2, this.ldapBackend));
                            }
                            this.log.debug("transferExtendedAttributesToPerson. Setting attribute '{}' with values {}", str, scimCustomPerson.getTypedAttribute(str).getDisplayValue());
                        }
                    }
                }
            }
        } catch (Exception e) {
            this.log.error(e.getMessage(), e);
        }
    }

    public void transferAttributesToUserResource(ScimCustomPerson scimCustomPerson, UserResource userResource, String str) {
        this.log.debug("transferAttributesToUserResource");
        userResource.setId(scimCustomPerson.getInum());
        userResource.setExternalId(scimCustomPerson.getAttribute("oxTrustExternalId"));
        Meta meta = new Meta();
        meta.setResourceType(ScimResourceUtil.getType(userResource.getClass()));
        meta.setCreated(scimCustomPerson.getAttribute("oxTrustMetaCreated"));
        if (meta.getCreated() == null) {
            Date creationDate = scimCustomPerson.getCreationDate();
            meta.setCreated(creationDate == null ? null : DateUtil.millisToISOString(creationDate.getTime()));
        }
        meta.setLastModified(scimCustomPerson.getAttribute("oxTrustMetaLastModified"));
        if (meta.getLastModified() == null) {
            Date updatedAt = scimCustomPerson.getUpdatedAt();
            meta.setLastModified(updatedAt == null ? null : DateUtil.millisToISOString(updatedAt.getTime()));
        }
        meta.setLocation(scimCustomPerson.getAttribute("oxTrustMetaLocation"));
        if (meta.getLocation() == null) {
            meta.setLocation(str + "/" + scimCustomPerson.getInum());
        }
        userResource.setMeta(meta);
        userResource.setUserName(scimCustomPerson.getUid());
        Name name = new Name();
        name.setGivenName(scimCustomPerson.getGivenName());
        name.setFamilyName(scimCustomPerson.getSurname());
        name.setMiddleName(scimCustomPerson.getAttribute("middleName"));
        name.setHonorificPrefix(scimCustomPerson.getAttribute("oxTrusthonorificPrefix"));
        name.setHonorificSuffix(scimCustomPerson.getAttribute("oxTrusthonorificSuffix"));
        String attribute = scimCustomPerson.getAttribute("oxTrustNameFormatted");
        if (attribute == null) {
            name.computeFormattedName();
        } else {
            name.setFormatted(attribute);
        }
        userResource.setName(name);
        userResource.setDisplayName(scimCustomPerson.getDisplayName());
        userResource.setNickName(scimCustomPerson.getAttribute("nickname"));
        userResource.setProfileUrl(scimCustomPerson.getAttribute("oxTrustProfileURL"));
        userResource.setTitle(scimCustomPerson.getAttribute("oxTrustTitle"));
        userResource.setUserType(scimCustomPerson.getAttribute("oxTrustUserType"));
        userResource.setPreferredLanguage(scimCustomPerson.getPreferredLanguage());
        userResource.setLocale(scimCustomPerson.getAttribute("locale"));
        userResource.setTimezone(scimCustomPerson.getTimezone());
        userResource.setActive(Boolean.valueOf(Boolean.valueOf(scimCustomPerson.getAttribute("oxTrustActive")).booleanValue() || GluuBoolean.getByValue(scimCustomPerson.getAttribute("gluuStatus")).isBooleanValue()));
        userResource.setPassword(scimCustomPerson.getUserPassword());
        userResource.setEmails(getAttributeListValue(scimCustomPerson, Email.class, "oxTrustEmail"));
        if (userResource.getEmails() == null) {
            List list = (List) scimCustomPerson.getAttributeList("mail").stream().map(str2 -> {
                Email email = new Email();
                email.setValue(str2);
                email.setPrimary(false);
                return email;
            }).collect(Collectors.toList());
            userResource.setEmails(list.size() == 0 ? null : list);
        }
        userResource.setPhoneNumbers(getAttributeListValue(scimCustomPerson, PhoneNumber.class, "oxTrustPhoneValue"));
        userResource.setIms(getAttributeListValue(scimCustomPerson, InstantMessagingAddress.class, "oxTrustImsValue"));
        userResource.setPhotos(getAttributeListValue(scimCustomPerson, Photo.class, "oxTrustPhotos"));
        userResource.setAddresses(getAttributeListValue(scimCustomPerson, Address.class, "oxTrustAddresses"));
        List<String> memberOf = scimCustomPerson.getMemberOf();
        if (memberOf != null && memberOf.size() > 0) {
            ArrayList arrayList = new ArrayList();
            for (String str3 : memberOf) {
                try {
                    GluuGroup groupByDn = this.groupService.getGroupByDn(str3);
                    Group group = new Group();
                    group.setValue(groupByDn.getInum());
                    group.setRef(this.groupEndpointUrl + "/" + groupByDn.getInum());
                    group.setDisplay(groupByDn.getDisplayName());
                    group.setType(Group.Type.DIRECT);
                    arrayList.add(group);
                } catch (Exception e) {
                    this.log.warn("transferAttributesToUserResource. Group with dn {} could not be added to User Resource. {}", str3, scimCustomPerson.getUid());
                    this.log.error(e.getMessage(), e);
                }
            }
            if (arrayList.size() > 0) {
                userResource.setGroups(arrayList);
            }
        }
        userResource.setEntitlements(getAttributeListValue(scimCustomPerson, Entitlement.class, "oxTrustEntitlements"));
        userResource.setRoles(getAttributeListValue(scimCustomPerson, Role.class, "oxTrustRole"));
        userResource.setX509Certificates(getAttributeListValue(scimCustomPerson, X509Certificate.class, "oxTrustx509Certificate"));
        userResource.setPairwiseIdentifiers(scimCustomPerson.getOxPPID());
        transferExtendedAttributesToResource(scimCustomPerson, userResource);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void transferExtendedAttributesToResource(ScimCustomPerson scimCustomPerson, BaseScimResource baseScimResource) {
        this.log.debug("transferExtendedAttributesToResource of type {}", ScimResourceUtil.getType(baseScimResource.getClass()));
        for (Extension extension : this.extService.getResourceExtensions(baseScimResource.getClass())) {
            Map fields = extension.getFields();
            HashMap hashMap = new HashMap();
            this.log.debug("transferExtendedAttributesToResource. Revising attributes of extension '{}'", extension.getUrn());
            for (String str : fields.keySet()) {
                String[] attributes = scimCustomPerson.getAttributes(str);
                if (attributes != null) {
                    this.log.debug("transferExtendedAttributesToResource. Copying to resource the value(s) for attribute '{}'", str);
                    ExtensionField extensionField = (ExtensionField) fields.get(str);
                    List<Object> convertValues = this.extService.convertValues(extensionField, attributes, this.ldapBackend);
                    if (convertValues.size() > 0) {
                        hashMap.put(str, extensionField.isMultiValued() ? convertValues : convertValues.get(0));
                    }
                }
            }
            if (hashMap.size() > 0) {
                baseScimResource.addCustomAttributes(extension.getUrn(), hashMap);
            }
        }
        Iterator it = baseScimResource.getCustomAttributes().keySet().iterator();
        while (it.hasNext()) {
            baseScimResource.getSchemas().add((String) it.next());
        }
    }

    private void writeCommonName(ScimCustomPerson scimCustomPerson) {
        if (StringUtils.isNotEmpty(scimCustomPerson.getGivenName()) && StringUtils.isNotEmpty(scimCustomPerson.getSurname())) {
            scimCustomPerson.setCommonName(scimCustomPerson.getGivenName() + " " + scimCustomPerson.getSurname());
        }
    }

    private void assignComputedAttributesToPerson(ScimCustomPerson scimCustomPerson) {
        String generateInumForNewPerson = this.personService.generateInumForNewPerson();
        String dnForPerson = this.personService.getDnForPerson(generateInumForNewPerson);
        scimCustomPerson.setInum(generateInumForNewPerson);
        scimCustomPerson.setDn(dnForPerson);
        writeCommonName(scimCustomPerson);
    }

    public ScimCustomPerson preCreateUser(UserResource userResource) {
        this.log.info("Preparing to create user {}", userResource.getUserName());
        ScimCustomPerson scimCustomPerson = new ScimCustomPerson();
        transferAttributesToPerson(userResource, scimCustomPerson);
        assignComputedAttributesToPerson(scimCustomPerson);
        return scimCustomPerson;
    }

    public void createUser(ScimCustomPerson scimCustomPerson, UserResource userResource, String str) throws Exception {
        String str2 = str + "/" + scimCustomPerson.getInum();
        scimCustomPerson.setAttribute("oxTrustMetaLocation", str2);
        this.log.info("Persisting user {}", userResource.getUserName());
        this.userPersistenceHelper.addCustomObjectClass(scimCustomPerson);
        if (!this.externalScimService.isEnabled()) {
            this.userPersistenceHelper.addPerson(scimCustomPerson);
            userResource.getMeta().setLocation(str2);
            userResource.setId(scimCustomPerson.getInum());
        } else {
            if (!this.externalScimService.executeScimCreateUserMethods(scimCustomPerson)) {
                throw new WebApplicationException("Failed to execute SCIM script successfully", Response.Status.PRECONDITION_FAILED);
            }
            this.userPersistenceHelper.addPerson(scimCustomPerson);
            transferAttributesToUserResource(scimCustomPerson, userResource, str);
            this.externalScimService.executeScimPostCreateUserMethods(scimCustomPerson);
        }
    }

    public UserResource buildUserResource(ScimCustomPerson scimCustomPerson, String str) {
        if (this.externalScimService.isEnabled() && !this.externalScimService.executeScimGetUserMethods(scimCustomPerson)) {
            throw new WebApplicationException("Failed to execute SCIM script successfully", Response.Status.PRECONDITION_FAILED);
        }
        UserResource userResource = new UserResource();
        transferAttributesToUserResource(scimCustomPerson, userResource, str);
        return userResource;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public UserResource updateUser(ScimCustomPerson scimCustomPerson, UserResource userResource, String str) throws InvalidAttributeValueException {
        UserResource userResource2 = new UserResource();
        transferAttributesToUserResource(scimCustomPerson, userResource2, str);
        userResource2.getMeta().setLastModified(DateUtil.millisToISOString(System.currentTimeMillis()));
        UserResource userResource3 = (UserResource) ScimResourceUtil.transferToResourceReplace(userResource, userResource2, this.extService.getResourceExtensions(userResource.getClass()));
        replacePersonInfo(scimCustomPerson, userResource3, str);
        return userResource3;
    }

    public void replacePersonInfo(ScimCustomPerson scimCustomPerson, UserResource userResource, String str) {
        transferAttributesToPerson(userResource, scimCustomPerson);
        writeCommonName(scimCustomPerson);
        this.log.debug("replacePersonInfo. Updating person info in LDAP");
        this.userPersistenceHelper.addCustomObjectClass(scimCustomPerson);
        if (!this.externalScimService.isEnabled()) {
            this.userPersistenceHelper.updatePerson(scimCustomPerson);
        } else {
            if (!this.externalScimService.executeScimUpdateUserMethods(scimCustomPerson)) {
                throw new WebApplicationException("Failed to execute SCIM script successfully", Response.Status.PRECONDITION_FAILED);
            }
            this.userPersistenceHelper.updatePerson(scimCustomPerson);
            transferAttributesToUserResource(scimCustomPerson, userResource, str);
            this.externalScimService.executeScimPostUpdateUserMethods(scimCustomPerson);
        }
    }

    public void deleteUser(ScimCustomPerson scimCustomPerson) throws Exception {
        if (scimCustomPerson.getMemberOf() != null && scimCustomPerson.getMemberOf().size() > 0) {
            this.log.info("Removing user {} from groups", scimCustomPerson.getUid());
            this.userPersistenceHelper.removeUserFromGroups(scimCustomPerson);
        }
        this.log.info("Removing user entry {}", scimCustomPerson.getDn());
        if (this.externalScimService.isEnabled() && !this.externalScimService.executeScimDeleteUserMethods(scimCustomPerson)) {
            throw new WebApplicationException("Failed to execute SCIM script successfully", Response.Status.PRECONDITION_FAILED);
        }
        this.userPersistenceHelper.removePerson(scimCustomPerson);
        if (this.externalScimService.isEnabled()) {
            this.externalScimService.executeScimPostDeleteUserMethods(scimCustomPerson);
        }
    }

    public PagedResult<BaseScimResource> searchUsers(String str, String str2, SortOrder sortOrder, int i, int i2, String str3, int i3) throws Exception {
        Filter createFilter = this.scimFilterParserService.createFilter(str, Filter.createPresenceFilter("inum"), UserResource.class);
        this.log.info("Executing search for users using: ldapfilter '{}', sortBy '{}', sortOrder '{}', startIndex '{}', count '{}'", new Object[]{createFilter.toString(), str2, sortOrder.getValue(), Integer.valueOf(i), Integer.valueOf(i2)});
        PagedResult<ScimCustomPerson> findPagedEntries = this.ldapEntryManager.findPagedEntries(this.personService.getDnForPerson((String) null), ScimCustomPerson.class, createFilter, (String[]) null, str2, sortOrder, i - 1, i2, i3);
        ArrayList arrayList = new ArrayList();
        if (this.externalScimService.isEnabled() && !this.externalScimService.executeScimPostSearchUsersMethods(findPagedEntries)) {
            throw new WebApplicationException("Failed to execute SCIM script successfully", Response.Status.PRECONDITION_FAILED);
        }
        for (ScimCustomPerson scimCustomPerson : findPagedEntries.getEntries()) {
            UserResource userResource = new UserResource();
            transferAttributesToUserResource(scimCustomPerson, userResource, str3);
            arrayList.add(userResource);
        }
        this.log.info("Found {} matching entries - returning {}", Integer.valueOf(findPagedEntries.getTotalEntriesCount()), Integer.valueOf(findPagedEntries.getEntries().size()));
        PagedResult<BaseScimResource> pagedResult = new PagedResult<>();
        pagedResult.setEntries(arrayList);
        pagedResult.setTotalEntriesCount(findPagedEntries.getTotalEntriesCount());
        return pagedResult;
    }

    public void removePPIDsBranch(String str) {
        try {
            this.ldapEntryManager.removeRecursively(String.format("ou=pairwiseIdentifiers,%s", str));
        } catch (Exception e) {
            this.log.error(e.getMessage(), e);
        }
    }

    @PostConstruct
    private void init() {
        this.ldapBackend = this.scimFilterParserService.isLdapBackend();
        this.groupEndpointUrl = this.appConfiguration.getBaseEndpoint() + GroupWebService.class.getAnnotation(Path.class).value();
    }
}
