package org.apache.jackrabbit.oak.exercise.security.authentication.external;

import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.jcr.Credentials;
import javax.jcr.SimpleCredentials;
import javax.security.auth.login.LoginException;
import org.apache.jackrabbit.guava.common.base.Function;
import org.apache.jackrabbit.guava.common.collect.ImmutableMap;
import org.apache.jackrabbit.guava.common.collect.ImmutableSet;
import org.apache.jackrabbit.guava.common.collect.Iterables;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser;
import org.apache.jackrabbit.util.Text;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.component.annotations.Modified;
import org.osgi.service.metatype.annotations.AttributeDefinition;
import org.osgi.service.metatype.annotations.Designate;
import org.osgi.service.metatype.annotations.ObjectClassDefinition;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Designate(ocd = Configuration.class)
@Component(service = {ExternalIdentityProvider.class}, immediate = true, configurationPolicy = ConfigurationPolicy.REQUIRE)
/* loaded from: input_file:org/apache/jackrabbit/oak/exercise/security/authentication/external/CustomExternalIdentityProvider.class */
public class CustomExternalIdentityProvider implements ExternalIdentityProvider {
    private static final Logger log = LoggerFactory.getLogger(CustomExternalIdentityProvider.class);
    private Map<String, Set<String>> userGroupMap = new HashMap();
    private Set<String> groupIds = new HashSet();

    @ObjectClassDefinition(name = "Apache Jackrabbit Oak CustomExternalIdentityProvider (Oak Exercises)")
    /* loaded from: input_file:org/apache/jackrabbit/oak/exercise/security/authentication/external/CustomExternalIdentityProvider$Configuration.class */
    @interface Configuration {
        @AttributeDefinition(name = "External Identities", description = "Define external identities in the format: userid [, groupids], where groupids = groupid [, groupids]", cardinality = Integer.MAX_VALUE)
        String externalidentities() default "testUser,a,b,c";
    }

    @Activate
    public void activate(Map<String, Object> map) {
        Iterator it = ((Set) ConfigurationParameters.of(map).getConfigValue("externalidentities", Collections.emptySet())).iterator();
        while (it.hasNext()) {
            String[] explode = Text.explode((String) it.next(), 44, false);
            String trim = explode[0].trim();
            HashSet hashSet = new HashSet();
            if (explode.length > 1) {
                for (int i = 1; i < explode.length; i++) {
                    this.groupIds.add(explode[i]);
                    hashSet.add(explode[i]);
                }
            }
            this.userGroupMap.put(trim, hashSet);
        }
        log.info("activated IDP: {}", getName());
    }

    @Modified
    public void modified(Map<String, Object> map) {
        activate(map);
        log.info("modified IDP: {}", getName());
    }

    @NotNull
    public String getName() {
        return "CustomExternalIdentityProvider";
    }

    public ExternalIdentity getIdentity(@NotNull ExternalIdentityRef externalIdentityRef) {
        if (!getName().equals(externalIdentityRef.getProviderName())) {
            return null;
        }
        String id = externalIdentityRef.getId();
        ExternalGroup user = getUser(id);
        if (user == null) {
            user = getGroup(id);
        }
        return user;
    }

    public ExternalUser getUser(@NotNull final String str) {
        if (this.userGroupMap.containsKey(str)) {
            return new ExternalUser() { // from class: org.apache.jackrabbit.oak.exercise.security.authentication.external.CustomExternalIdentityProvider.1
                @NotNull
                public ExternalIdentityRef getExternalId() {
                    return new ExternalIdentityRef(str, CustomExternalIdentityProvider.this.getName());
                }

                @NotNull
                public String getId() {
                    return str;
                }

                @NotNull
                public String getPrincipalName() {
                    return "p_" + getExternalId().getString();
                }

                public String getIntermediatePath() {
                    return null;
                }

                @NotNull
                public Iterable<ExternalIdentityRef> getDeclaredGroups() {
                    Set<String> set = CustomExternalIdentityProvider.this.userGroupMap.get(str);
                    return (set == null || set.isEmpty()) ? ImmutableSet.of() : Iterables.transform(set, new Function<String, ExternalIdentityRef>() { // from class: org.apache.jackrabbit.oak.exercise.security.authentication.external.CustomExternalIdentityProvider.1.1
                        @Nullable
                        public ExternalIdentityRef apply(String str2) {
                            return new ExternalIdentityRef(str2, CustomExternalIdentityProvider.this.getName());
                        }
                    });
                }

                @NotNull
                public Map<String, ?> getProperties() {
                    return ImmutableMap.of();
                }
            };
        }
        return null;
    }

    public ExternalUser authenticate(@NotNull Credentials credentials) throws LoginException {
        if (credentials instanceof SimpleCredentials) {
            return getUser(((SimpleCredentials) credentials).getUserID());
        }
        throw new LoginException("unsupported credentials");
    }

    public ExternalGroup getGroup(@NotNull final String str) {
        if (this.groupIds.contains(str)) {
            return new ExternalGroup() { // from class: org.apache.jackrabbit.oak.exercise.security.authentication.external.CustomExternalIdentityProvider.2
                @NotNull
                public Iterable<ExternalIdentityRef> getDeclaredMembers() {
                    HashSet hashSet = new HashSet();
                    for (Map.Entry<String, Set<String>> entry : CustomExternalIdentityProvider.this.userGroupMap.entrySet()) {
                        if (entry.getValue().contains(str)) {
                            hashSet.add(new ExternalIdentityRef(entry.getKey(), CustomExternalIdentityProvider.this.getName()));
                        }
                    }
                    return hashSet;
                }

                @NotNull
                public ExternalIdentityRef getExternalId() {
                    return new ExternalIdentityRef(str, CustomExternalIdentityProvider.this.getName());
                }

                @NotNull
                public String getId() {
                    return str;
                }

                @NotNull
                public String getPrincipalName() {
                    return "p_" + getExternalId().getString();
                }

                public String getIntermediatePath() {
                    return null;
                }

                @NotNull
                public Iterable<ExternalIdentityRef> getDeclaredGroups() {
                    return ImmutableSet.of();
                }

                @NotNull
                public Map<String, ?> getProperties() {
                    return ImmutableMap.of();
                }
            };
        }
        return null;
    }

    @NotNull
    public Iterator<ExternalUser> listUsers() {
        throw new UnsupportedOperationException("listUsers");
    }

    @NotNull
    public Iterator<ExternalGroup> listGroups() {
        throw new UnsupportedOperationException("listGroups");
    }
}
