package org.apache.syncope.core.logic.saml2;

import java.text.ParseException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.concurrent.ConcurrentHashMap;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.commons.lang3.SerializationUtils;
import org.apache.syncope.common.lib.AnyOperations;
import org.apache.syncope.common.lib.Attr;
import org.apache.syncope.common.lib.request.UserCR;
import org.apache.syncope.common.lib.request.UserUR;
import org.apache.syncope.common.lib.saml2.SAML2LoginResponse;
import org.apache.syncope.common.lib.to.Item;
import org.apache.syncope.common.lib.to.UserTO;
import org.apache.syncope.common.lib.types.AnyTypeKind;
import org.apache.syncope.common.lib.types.SchemaType;
import org.apache.syncope.core.persistence.api.dao.ImplementationDAO;
import org.apache.syncope.core.persistence.api.dao.SAML2SP4UIIdPDAO;
import org.apache.syncope.core.persistence.api.dao.UserDAO;
import org.apache.syncope.core.persistence.api.entity.ExternalResource;
import org.apache.syncope.core.persistence.api.entity.Implementation;
import org.apache.syncope.core.persistence.api.entity.SAML2SP4UIIdP;
import org.apache.syncope.core.provisioning.api.IntAttrName;
import org.apache.syncope.core.provisioning.api.IntAttrNameParser;
import org.apache.syncope.core.provisioning.api.SAML2SP4UIIdPActions;
import org.apache.syncope.core.provisioning.api.UserProvisioningManager;
import org.apache.syncope.core.provisioning.api.data.ItemTransformer;
import org.apache.syncope.core.provisioning.api.data.UserDataBinder;
import org.apache.syncope.core.provisioning.java.pushpull.InboundMatcher;
import org.apache.syncope.core.provisioning.java.utils.MappingUtils;
import org.apache.syncope.core.provisioning.java.utils.TemplateUtils;
import org.apache.syncope.core.spring.implementation.ImplementationManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.transaction.annotation.Propagation;
import org.springframework.transaction.annotation.Transactional;

/* loaded from: input_file:org/apache/syncope/core/logic/saml2/SAML2SP4UIUserManager.class */
public class SAML2SP4UIUserManager {
    private static final Logger LOG = LoggerFactory.getLogger(SAML2SP4UIUserManager.class);
    private static final String SAML2SP_CONTEXT = "SAML 2.0 SP";
    protected final SAML2SP4UIIdPDAO idpDAO;
    protected final InboundMatcher inboundMatcher;
    protected final UserDAO userDAO;
    protected final ImplementationDAO implementationDAO;
    protected final IntAttrNameParser intAttrNameParser;
    protected final TemplateUtils templateUtils;
    protected final UserProvisioningManager provisioningManager;
    protected final UserDataBinder binder;
    protected final Map<String, SAML2SP4UIIdPActions> perContextActions = new ConcurrentHashMap();

    /* renamed from: org.apache.syncope.core.logic.saml2.SAML2SP4UIUserManager$1, reason: invalid class name */
    /* loaded from: input_file:org/apache/syncope/core/logic/saml2/SAML2SP4UIUserManager$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$apache$syncope$common$lib$types$SchemaType = new int[SchemaType.values().length];

        static {
            try {
                $SwitchMap$org$apache$syncope$common$lib$types$SchemaType[SchemaType.PLAIN.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
        }
    }

    public SAML2SP4UIUserManager(SAML2SP4UIIdPDAO sAML2SP4UIIdPDAO, InboundMatcher inboundMatcher, UserDAO userDAO, ImplementationDAO implementationDAO, IntAttrNameParser intAttrNameParser, TemplateUtils templateUtils, UserProvisioningManager userProvisioningManager, UserDataBinder userDataBinder) {
        this.idpDAO = sAML2SP4UIIdPDAO;
        this.inboundMatcher = inboundMatcher;
        this.userDAO = userDAO;
        this.implementationDAO = implementationDAO;
        this.intAttrNameParser = intAttrNameParser;
        this.templateUtils = templateUtils;
        this.provisioningManager = userProvisioningManager;
        this.binder = userDataBinder;
    }

    @Transactional(readOnly = true)
    public List<String> findMatchingUser(String str, String str2) {
        SAML2SP4UIIdP find = this.idpDAO.find(str2);
        if (find == null) {
            LOG.warn("Invalid IdP: {}", str2);
            return List.of();
        }
        if (!find.getConnObjectKeyItem().isEmpty()) {
            return (List) this.inboundMatcher.matchByConnObjectKeyValue((Item) find.getConnObjectKeyItem().get(), str, AnyTypeKind.USER, false, (ExternalResource) null).stream().filter(pullMatch -> {
                return pullMatch.getAny() != null;
            }).map(pullMatch2 -> {
                return pullMatch2.getAny().getUsername();
            }).collect(Collectors.toList());
        }
        LOG.warn("Unable to determine conn object key item for  IdP: {}", str2);
        return Collections.emptyList();
    }

    protected List<SAML2SP4UIIdPActions> getActions(SAML2SP4UIIdP sAML2SP4UIIdP) {
        ArrayList arrayList = new ArrayList();
        sAML2SP4UIIdP.getActions().forEach(implementation -> {
            try {
                arrayList.add((SAML2SP4UIIdPActions) ImplementationManager.build(implementation, () -> {
                    return this.perContextActions.get(implementation.getKey());
                }, sAML2SP4UIIdPActions -> {
                    this.perContextActions.put(implementation.getKey(), sAML2SP4UIIdPActions);
                }));
            } catch (Exception e) {
                LOG.warn("While building {}", implementation, e);
            }
        });
        return arrayList;
    }

    protected List<Implementation> getTransformers(Item item) {
        Stream stream = item.getTransformers().stream();
        ImplementationDAO implementationDAO = this.implementationDAO;
        Objects.requireNonNull(implementationDAO);
        return (List) stream.map(implementationDAO::find).filter((v0) -> {
            return Objects.nonNull(v0);
        }).collect(Collectors.toList());
    }

    public void fill(String str, SAML2LoginResponse sAML2LoginResponse, UserTO userTO) {
        SAML2SP4UIIdP find = this.idpDAO.find(str);
        if (find == null) {
            LOG.warn("Invalid IdP: {}", str);
        } else {
            find.getItems().forEach(item -> {
                List of = List.of();
                Optional attr = sAML2LoginResponse.getAttr(item.getExtAttrName());
                if (attr.isPresent() && !((Attr) attr.get()).getValues().isEmpty()) {
                    of = ((Attr) attr.get()).getValues();
                    ArrayList arrayList = new ArrayList(of);
                    Iterator it = MappingUtils.getItemTransformers(item, getTransformers(item)).iterator();
                    while (it.hasNext()) {
                        arrayList = ((ItemTransformer) it.next()).beforePull((Item) null, userTO, arrayList);
                    }
                    of.clear();
                    Iterator it2 = arrayList.iterator();
                    while (it2.hasNext()) {
                        of.add(it2.next().toString());
                    }
                }
                IntAttrName intAttrName = null;
                try {
                    intAttrName = this.intAttrNameParser.parse(item.getIntAttrName(), AnyTypeKind.USER);
                } catch (ParseException e) {
                    LOG.error("Invalid intAttrName '{}' specified, ignoring", item.getIntAttrName(), e);
                }
                if (intAttrName == null || intAttrName.getField() == null) {
                    if (intAttrName == null || intAttrName.getSchemaType() == null) {
                        return;
                    }
                    switch (AnonymousClass1.$SwitchMap$org$apache$syncope$common$lib$types$SchemaType[intAttrName.getSchemaType().ordinal()]) {
                        case 1:
                            Optional plainAttr = userTO.getPlainAttr(intAttrName.getSchema().getKey());
                            if (plainAttr.isPresent()) {
                                ((Attr) plainAttr.get()).getValues().clear();
                            } else {
                                plainAttr = Optional.of(new Attr.Builder(intAttrName.getSchema().getKey()).build());
                                userTO.getPlainAttrs().add((Attr) plainAttr.get());
                            }
                            ((Attr) plainAttr.get()).getValues().addAll(of);
                            return;
                        default:
                            LOG.warn("Unsupported: {} {}", intAttrName.getSchemaType(), intAttrName.getSchema().getKey());
                            return;
                    }
                }
                String field = intAttrName.getField();
                boolean z = -1;
                switch (field.hashCode()) {
                    case -265713450:
                        if (field.equals("username")) {
                            z = false;
                            break;
                        }
                        break;
                }
                switch (z) {
                    case false:
                        if (of.isEmpty()) {
                            return;
                        }
                        userTO.setUsername((String) of.get(0));
                        return;
                    default:
                        LOG.warn("Unsupported: {}", intAttrName.getField());
                        return;
                }
            });
        }
    }

    @Transactional(propagation = Propagation.REQUIRES_NEW)
    public String create(SAML2SP4UIIdP sAML2SP4UIIdP, SAML2LoginResponse sAML2LoginResponse, String str) {
        UserCR userCR = new UserCR();
        userCR.setStorePassword(false);
        if (sAML2SP4UIIdP.getUserTemplate() != null) {
            this.templateUtils.apply(userCR, sAML2SP4UIIdP.getUserTemplate().get());
        }
        UserTO userTO = new UserTO();
        fill(sAML2SP4UIIdP.getKey(), sAML2LoginResponse, userTO);
        Optional ofNullable = Optional.ofNullable(userTO.getUsername());
        Objects.requireNonNull(userCR);
        ofNullable.ifPresent(userCR::setUsername);
        userCR.getPlainAttrs().addAll(userTO.getPlainAttrs());
        if (userCR.getRealm() == null) {
            userCR.setRealm("/");
        }
        if (userCR.getUsername() == null) {
            userCR.setUsername(str);
        }
        List<SAML2SP4UIIdPActions> actions = getActions(sAML2SP4UIIdP);
        Iterator<SAML2SP4UIIdPActions> it = actions.iterator();
        while (it.hasNext()) {
            userCR = it.next().beforeCreate(userCR, sAML2LoginResponse);
        }
        UserTO userTO2 = this.binder.getUserTO((String) this.provisioningManager.create(userCR, false, userCR.getUsername(), SAML2SP_CONTEXT).getKey());
        Iterator<SAML2SP4UIIdPActions> it2 = actions.iterator();
        while (it2.hasNext()) {
            userTO2 = it2.next().afterCreate(userTO2, sAML2LoginResponse);
        }
        return userTO2.getUsername();
    }

    @Transactional(propagation = Propagation.REQUIRES_NEW)
    public String update(String str, SAML2SP4UIIdP sAML2SP4UIIdP, SAML2LoginResponse sAML2LoginResponse) {
        UserTO userTO = this.binder.getUserTO(this.userDAO.findKey(str));
        UserTO clone = SerializationUtils.clone(userTO);
        fill(sAML2SP4UIIdP.getKey(), sAML2LoginResponse, userTO);
        UserUR diff = AnyOperations.diff(userTO, clone, true);
        List<SAML2SP4UIIdPActions> actions = getActions(sAML2SP4UIIdP);
        Iterator<SAML2SP4UIIdPActions> it = actions.iterator();
        while (it.hasNext()) {
            diff = it.next().beforeUpdate(diff, sAML2LoginResponse);
        }
        UserTO userTO2 = this.binder.getUserTO(((UserUR) this.provisioningManager.update(diff, false, userTO.getUsername(), SAML2SP_CONTEXT).getLeft()).getKey());
        Iterator<SAML2SP4UIIdPActions> it2 = actions.iterator();
        while (it2.hasNext()) {
            userTO2 = it2.next().afterUpdate(userTO2, sAML2LoginResponse);
        }
        return userTO2.getUsername();
    }
}
