package org.apache.jetspeed.serializer;

import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import org.apache.jetspeed.security.GroupManager;
import org.apache.jetspeed.security.JetspeedPrincipal;
import org.apache.jetspeed.security.PasswordCredential;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserManager;
import org.apache.jetspeed.serializer.objects.JSSSOSite;
import org.apache.jetspeed.serializer.objects.JSSSOSiteRemoteUser;
import org.apache.jetspeed.serializer.objects.JSSSOSites;
import org.apache.jetspeed.serializer.objects.JSSnapshot;
import org.apache.jetspeed.sso.SSOException;
import org.apache.jetspeed.sso.SSOManager;
import org.apache.jetspeed.sso.SSOSite;
import org.apache.jetspeed.sso.SSOUser;
import org.apache.jetspeed.sso.impl.SSOUtils;
import org.slf4j.Logger;

/* loaded from: input_file:org/apache/jetspeed/serializer/JetspeedSSOSerializer.class */
public class JetspeedSSOSerializer extends AbstractJetspeedComponentSerializer {
    private SSOManager ssoManager;
    private GroupManager groupManager;
    private UserManager userManager;

    public JetspeedSSOSerializer(SSOManager sSOManager, GroupManager groupManager, UserManager userManager) {
        this.ssoManager = sSOManager;
        this.groupManager = groupManager;
        this.userManager = userManager;
    }

    protected void deleteData(Map map, Logger logger) throws SerializerException {
        if (isSettingSet(map, "process_sso")) {
            logger.info("deleting SSO sites, principals, and security domains");
        }
    }

    protected void processExport(JSSnapshot jSSnapshot, Map map, Logger logger) throws SerializerException {
        if (isSettingSet(map, "process_sso")) {
            logger.info("collecting SSO sites, principals, and security domains");
            exportSSOSites(jSSnapshot, map, logger);
        }
    }

    protected void processImport(JSSnapshot jSSnapshot, Map map, Logger logger) throws SerializerException {
        if (isSettingSet(map, "process_sso")) {
            logger.info("creating SSO sites, principals, and security domains");
            recreateSSOSites(jSSnapshot, map, logger);
        }
    }

    private void deleteSSOSites(Map map, Logger logger) throws SerializerException {
        try {
            Iterator it = new ArrayList(this.ssoManager.getSites("")).iterator();
            while (it.hasNext()) {
                try {
                    this.ssoManager.removeSite((SSOSite) it.next());
                } catch (Exception e) {
                    throw new SerializerException(e);
                }
            }
        } catch (Exception e2) {
            throw new SerializerException(SerializerException.GET_EXISTING_OBJECTS.create(new String[]{"SSOSites", e2.getMessage()}));
        }
    }

    private JSSSOSite createSSOSite(SSOSite sSOSite) throws SSOException {
        JSSSOSite jSSSOSite = new JSSSOSite();
        jSSSOSite.setName(sSOSite.getName());
        jSSSOSite.setSiteURL(sSOSite.getURL());
        jSSSOSite.setAllowUserSet(sSOSite.isAllowUserSet());
        jSSSOSite.setCertificateRequired(sSOSite.isCertificateRequired());
        jSSSOSite.setChallengeResponseAuthentication(sSOSite.isChallengeResponseAuthentication());
        jSSSOSite.setRealm(sSOSite.getRealm());
        jSSSOSite.setFormAuthentication(sSOSite.isFormAuthentication());
        jSSSOSite.setFormUserField(sSOSite.getFormUserField());
        jSSSOSite.setFormPwdField(sSOSite.getFormPwdField());
        for (SSOUser sSOUser : this.ssoManager.getUsersForSite(sSOSite)) {
            PasswordCredential credentials = this.ssoManager.getCredentials(sSOUser);
            if (credentials != null) {
                String name = sSOUser.getName();
                String str = null;
                String str2 = null;
                Collection portalPrincipals = this.ssoManager.getPortalPrincipals(sSOUser);
                if (portalPrincipals != null && !portalPrincipals.isEmpty()) {
                    JetspeedPrincipal jetspeedPrincipal = (JetspeedPrincipal) portalPrincipals.iterator().next();
                    str2 = jetspeedPrincipal.getName();
                    if (jetspeedPrincipal.getType().getName().equals("user")) {
                        str = "user";
                    } else if (jetspeedPrincipal.getType().getName().equals("group")) {
                        str = "group";
                    }
                }
                if (str2 != null && str != null) {
                    String scramble = SSOUtils.scramble(credentials.getPassword());
                    JSSSOSiteRemoteUser jSSSOSiteRemoteUser = new JSSSOSiteRemoteUser();
                    jSSSOSiteRemoteUser.setPrincipalName(str2);
                    jSSSOSiteRemoteUser.setPrincipalType(str);
                    jSSSOSiteRemoteUser.setUserCredential(name, scramble.toCharArray());
                    jSSSOSite.addRemoteUser(jSSSOSiteRemoteUser);
                }
            }
        }
        return jSSSOSite;
    }

    private void exportSSOSites(JSSnapshot jSSnapshot, Map map, Logger logger) throws SerializerException {
        HashMap hashMap = new HashMap();
        try {
            for (SSOSite sSOSite : this.ssoManager.getSites("")) {
                try {
                    if (!hashMap.containsKey(sSOSite.getURL())) {
                        JSSSOSite createSSOSite = createSSOSite(sSOSite);
                        hashMap.put(createSSOSite.getSiteURL(), createSSOSite);
                        jSSnapshot.getSSOSites().add(createSSOSite);
                    }
                } catch (Exception e) {
                    throw new SerializerException(SerializerException.CREATE_SERIALIZED_OBJECT_FAILED.create(new String[]{"SSOSites", e.getMessage()}));
                }
            }
        } catch (Exception e2) {
            throw new SerializerException(SerializerException.GET_EXISTING_OBJECTS.create(new String[]{"SSOSites", e2.getMessage()}));
        }
    }

    private SSOSite recreateSSOSite(JSSSOSite jSSSOSite, SSOSite sSOSite) throws SerializerException, SSOException, SecurityException {
        if (sSOSite != null) {
            this.ssoManager.removeSite(sSOSite);
        }
        SSOSite addSite = this.ssoManager.addSite(this.ssoManager.newSite(jSSSOSite.getName(), jSSSOSite.getSiteURL()));
        addSite.setAllowUserSet(jSSSOSite.isAllowUserSet());
        addSite.setCertificateRequired(jSSSOSite.isCertificateRequired());
        addSite.setChallengeResponseAuthentication(jSSSOSite.isChallengeResponseAuthentication());
        addSite.setRealm(jSSSOSite.getRealm());
        addSite.setFormAuthentication(jSSSOSite.isFormAuthentication());
        addSite.setFormUserField(jSSSOSite.getFormUserField());
        addSite.setFormPwdField(jSSSOSite.getFormPwdField());
        if (jSSSOSite.getRemoteUsers() != null) {
            Iterator it = jSSSOSite.getRemoteUsers().iterator();
            while (it.hasNext()) {
                JSSSOSiteRemoteUser jSSSOSiteRemoteUser = (JSSSOSiteRemoteUser) it.next();
                if (jSSSOSiteRemoteUser.getPassword() != null) {
                    String principalName = jSSSOSiteRemoteUser.getPrincipalName();
                    String principalType = jSSSOSiteRemoteUser.getPrincipalType();
                    User user = null;
                    if (principalType.equals("user")) {
                        user = this.userManager.getUser(principalName);
                    } else if (principalType.equals("group")) {
                        user = this.groupManager.getGroup(principalName);
                    }
                    if (user == null) {
                        throw new IllegalArgumentException("Cannot lookup or create SSO remote user for principal " + principalType + ":" + principalName);
                    }
                    this.ssoManager.addUser(addSite, user, jSSSOSiteRemoteUser.getName(), SSOUtils.unscramble(new String(jSSSOSiteRemoteUser.getPassword())));
                }
            }
        }
        return addSite;
    }

    private void recreateSSOSites(JSSnapshot jSSnapshot, Map map, Logger logger) throws SerializerException {
        logger.debug("recreateSSOSites - processing");
        JSSSOSites sSOSites = jSSnapshot.getSSOSites();
        if (sSOSites == null || sSOSites.size() <= 0) {
            logger.debug("NO SSO SITES?????");
        } else {
            Iterator it = sSOSites.iterator();
            while (it.hasNext()) {
                JSSSOSite jSSSOSite = (JSSSOSite) it.next();
                try {
                    SSOSite siteByUrl = this.ssoManager.getSiteByUrl(jSSSOSite.getSiteURL());
                    if (siteByUrl == null || isSettingSet(map, "overwrite_existing")) {
                        this.ssoManager.updateSite(recreateSSOSite(jSSSOSite, siteByUrl));
                    }
                } catch (Exception e) {
                    throw new SerializerException(SerializerException.CREATE_OBJECT_FAILED.create("SSOSite", e.getLocalizedMessage()));
                }
            }
        }
        logger.debug("recreateSSOSites - done");
    }
}
