package net.tirasa.connid.bundles.azure.service;

import com.fasterxml.jackson.databind.JsonNode;
import com.microsoft.aad.adal4j.AuthenticationContext;
import com.microsoft.aad.adal4j.AuthenticationResult;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import javax.ws.rs.core.Response;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import net.tirasa.connid.bundles.azure.AzureConnectorConfiguration;
import net.tirasa.connid.bundles.azure.dto.AzureError;
import net.tirasa.connid.bundles.azure.utils.AzureUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.cxf.jaxrs.client.WebClient;
import org.identityconnectors.common.StringUtil;
import org.identityconnectors.common.logging.Log;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;

/* loaded from: input_file:WEB-INF/bundles/net.tirasa.connid.bundles.azure-1.0.1.jar:net/tirasa/connid/bundles/azure/service/AzureService.class */
public class AzureService {
    private static final Log LOG = Log.getLog(AzureService.class);
    private static final String API_VERSION = "1.6";
    private static final String API_VERSION_PARAM = "api-version";
    private static final String ODATA_ERROR_ID = "odata.error";
    private static final String ODATA_NEXTPAGE_ID = "odata.nextLink";
    public static final String SKIP_TOKEN_ID = "$skiptoken=";
    public static final String METADATA_NAME_ID = "Name";
    public static final String METADATA_TYPE_ID = "Type";
    public static final String METADATA_NULLABLE_ID = "Nullable";
    public static final String METADATA_COLLECTION_VALUE = "Collection";
    public static final String USER_METADATA_TYPE_ID_VALUE = "User";
    public static final String GROUP_METADATA_TYPE_ID_VALUE = "Group";
    public static final String ACCEPT_HEADER = "Accept";
    private final String domain;
    private final String authority;
    private final String clientId;
    private final String username;
    private final String password;
    private final String resourceURI;
    private String pagedResultsSkipToken;
    private AuthenticationResult authenticationResult;
    private AzureRestAPI authenticated;

    public AzureService(String str, String str2, String str3, String str4, String str5, String str6) {
        this.authority = str;
        this.clientId = str2;
        this.username = str3;
        this.password = str4;
        this.resourceURI = str5;
        this.domain = str6;
    }

    private void doAuth() {
        LOG.ok("Performing Azure account authentication", new Object[0]);
        ExecutorService executorService = null;
        try {
            try {
                executorService = Executors.newFixedThreadPool(1);
                this.authenticationResult = new AuthenticationContext(this.authority, false, executorService).acquireToken(this.resourceURI, this.clientId, this.username, this.password, null).get();
                if (executorService != null) {
                    executorService.shutdown();
                }
            } catch (InterruptedException | MalformedURLException | ExecutionException e) {
                AzureUtils.handleGeneralError("While performing Azure authentication", e);
                if (executorService != null) {
                    executorService.shutdown();
                }
            }
        } catch (Throwable th) {
            if (executorService != null) {
                executorService.shutdown();
            }
            throw th;
        }
    }

    private void checkAuth() {
        if (!isAuthenticated()) {
            doAuth();
        }
        checkTokenExpiry();
    }

    private boolean isAuthenticated() {
        return this.authenticationResult != null && StringUtil.isNotBlank(this.authenticationResult.getAccessToken());
    }

    private void checkTokenExpiry() {
        if (new Date().after(this.authenticationResult.getExpiresOnDate())) {
            LOG.info("Token expired! Refreshing...", new Object[0]);
            doAuth();
        }
    }

    public AzureRestAPI getAuthenticated() {
        checkAuth();
        if (this.authenticated == null) {
            this.authenticated = new AzureRestAPI(this);
        }
        return this.authenticated;
    }

    public WebClient getWebclient(String str, String str2) {
        checkAuth();
        WebClient query = WebClient.create(this.resourceURI).type("application/json").header("Authorization", "Bearer " + this.authenticationResult.getAccessToken()).path(this.domain).path(str).query(API_VERSION_PARAM, "1.6");
        if (StringUtil.isNotBlank(str2)) {
            query.query(encodeURL(str2), new Object[0]);
        }
        LOG.ok("webClient current URL : {0}", query.getCurrentURI());
        return query;
    }

    public JsonNode doGetFromAzure(WebClient webClient) {
        JsonNode jsonNode = null;
        try {
            Response response = webClient.get();
            jsonNode = AzureUtils.MAPPER.readTree((String) response.readEntity(String.class));
            checkAzureErrors(jsonNode, response);
            JsonNode jsonNode2 = jsonNode.get(ODATA_NEXTPAGE_ID);
            if (jsonNode2 != null && !jsonNode2.isNull()) {
                this.pagedResultsSkipToken = StringUtils.substringAfter(jsonNode2.asText(), SKIP_TOKEN_ID);
            }
            if (jsonNode.has("value") && !jsonNode.get("value").isNull()) {
                jsonNode = jsonNode.get("value");
            }
        } catch (IOException e) {
            LOG.error(e, "While retrieving data from Azure AD service", new Object[0]);
        }
        return jsonNode;
    }

    public List<String> extractUsersFromGroupMemberships(JsonNode jsonNode) {
        JsonNode doGetFromAzure;
        ArrayList arrayList = new ArrayList();
        if (jsonNode != null) {
            JsonNode jsonNode2 = jsonNode.has("value") ? jsonNode.get("value") : jsonNode;
            if (jsonNode2 != null && !jsonNode2.isNull() && jsonNode2.isArray()) {
                Iterator<JsonNode> elements = jsonNode2.elements();
                while (elements.hasNext()) {
                    try {
                        String asText = elements.next().get("url").asText();
                        WebClient webclient = getWebclient(asText, null);
                        if (asText.contains(".Group") && (doGetFromAzure = doGetFromAzure(webclient)) != null) {
                            String asText2 = doGetFromAzure.get("objectId").asText();
                            if (StringUtil.isNotBlank(asText2)) {
                                arrayList.add(asText2);
                            }
                        }
                    } catch (Exception e) {
                        LOG.error(e, "While parsing user groups!", new Object[0]);
                    }
                }
            }
        }
        return arrayList;
    }

    private void checkAzureErrors(JsonNode jsonNode, Response response) {
        if (jsonNode.has(ODATA_ERROR_ID)) {
            AzureError.sendError("get object from Azure!", response);
        }
    }

    public static List<Map<String, String>> getMetadata(String str) {
        return getXMLObjectFromAzureAD(str);
    }

    private static List<Map<String, String>> getXMLObjectFromAzureAD(String str) {
        ArrayList arrayList = new ArrayList();
        try {
            HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(WebClient.create(AzureConnectorConfiguration.DEFAULT_RESOURCE_URI).path("$metadata").getCurrentURI().toString()).openConnection();
            httpURLConnection.setRequestProperty("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
            httpURLConnection.setRequestProperty("Accept-Encoding", "gzip, deflate, br");
            httpURLConnection.setRequestMethod("GET");
            Document parse = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(httpURLConnection.getInputStream());
            parse.getDocumentElement().normalize();
            arrayList.addAll(getAttributesFromNodeList(parse, str));
        } catch (IOException | ParserConfigurationException | SAXException e) {
            AzureUtils.handleGeneralError("While getting xml metadata object", e);
        }
        return arrayList;
    }

    private static List<Map<String, String>> getAttributesFromNodeList(Document document, String str) {
        ArrayList arrayList = new ArrayList();
        NodeList elementsByTagName = document.getElementsByTagName("EntityType");
        NodeList elementsByTagName2 = document.getElementsByTagName("ComplexType");
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            NodeList childNodes = elementsByTagName.item(i).getChildNodes();
            String attribute = ((Element) childNodes).getAttribute("Name");
            if (StringUtil.isNotBlank(attribute) && attribute.equals(str)) {
                for (int i2 = 0; i2 < childNodes.getLength(); i2++) {
                    Node item = childNodes.item(i2);
                    if (item.getNodeName().equals("Property")) {
                        Element element = (Element) item;
                        String attribute2 = element.getAttribute("Name");
                        String attribute3 = element.getAttribute(METADATA_TYPE_ID);
                        String attribute4 = element.getAttribute(METADATA_NULLABLE_ID);
                        HashMap hashMap = new HashMap();
                        hashMap.put("Name", attribute2);
                        if (StringUtil.isNotBlank(attribute3)) {
                            hashMap.put(METADATA_TYPE_ID, attribute3.replace("Edm.", ""));
                        }
                        if (StringUtil.isNotBlank(attribute4)) {
                            hashMap.put(METADATA_NULLABLE_ID, attribute4);
                        }
                        arrayList.add(hashMap);
                    }
                }
            }
        }
        for (int i3 = 0; i3 < elementsByTagName2.getLength(); i3++) {
            Element element2 = (Element) elementsByTagName2.item(i3);
            String attribute5 = element2.getAttribute("Name");
            if (StringUtil.isNotBlank(attribute5) && attribute5.equals(str)) {
                String attribute6 = element2.getAttribute(METADATA_TYPE_ID);
                String attribute7 = element2.getAttribute(METADATA_NULLABLE_ID);
                HashMap hashMap2 = new HashMap();
                hashMap2.put("Name", attribute5);
                if (StringUtil.isNotBlank(attribute6)) {
                    hashMap2.put(METADATA_TYPE_ID, attribute6.replace("Edm.", ""));
                }
                if (StringUtil.isNotBlank(attribute7)) {
                    hashMap2.put(METADATA_NULLABLE_ID, attribute7);
                }
                arrayList.add(hashMap2);
            }
        }
        return arrayList;
    }

    private String encodeURL(String str) {
        return str.replace(" ", "%20");
    }

    public String getDomain() {
        return this.domain;
    }

    public String getAuthority() {
        return this.authority;
    }

    public String getClientId() {
        return this.clientId;
    }

    public String getUsername() {
        return this.username;
    }

    public String getPassword() {
        return this.password;
    }

    public String getResourceURI() {
        return this.resourceURI;
    }

    public String getPagedResultsSkipToken() {
        return this.pagedResultsSkipToken;
    }
}
