package org.cloudfoundry.identity.uaa.scim.bootstrap;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.cloudfoundry.identity.uaa.scim.ScimCore;
import org.cloudfoundry.identity.uaa.scim.ScimGroup;
import org.cloudfoundry.identity.uaa.scim.ScimGroupMember;
import org.cloudfoundry.identity.uaa.scim.ScimGroupMembershipManager;
import org.cloudfoundry.identity.uaa.scim.ScimGroupProvisioning;
import org.cloudfoundry.identity.uaa.scim.ScimUser;
import org.cloudfoundry.identity.uaa.scim.ScimUserProvisioning;
import org.cloudfoundry.identity.uaa.scim.exception.MemberAlreadyExistsException;
import org.cloudfoundry.identity.uaa.scim.exception.ScimResourceNotFoundException;
import org.cloudfoundry.identity.uaa.util.MapCollector;
import org.cloudfoundry.identity.uaa.zone.IdentityZone;
import org.cloudfoundry.identity.uaa.zone.IdentityZoneHolder;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.core.env.PropertySource;
import org.springframework.core.io.support.ResourcePropertySource;
import org.springframework.dao.IncorrectResultSizeDataAccessException;
import org.springframework.util.StringUtils;

/* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-server-4.20.0.jar:org/cloudfoundry/identity/uaa/scim/bootstrap/ScimGroupBootstrap.class */
public class ScimGroupBootstrap implements InitializingBean {
    private final ScimGroupProvisioning scimGroupProvisioning;
    private final ScimGroupMembershipManager membershipManager;
    private final ScimUserProvisioning scimUserProvisioning;
    private static final String USER_BY_NAME_FILTER = "username eq \"%s\"";
    private PropertySource messageSource;
    private Map<String, String> defaultUserGroups = Collections.EMPTY_MAP;
    private Map<String, String> nonDefaultUserGroups = Collections.EMPTY_MAP;
    private Map<String, String> configuredGroups = Collections.EMPTY_MAP;
    private final Log logger = LogFactory.getLog(getClass());
    private String messagePropertyNameTemplate = "scope.%s";
    private final MapCollector<String, String, String> collector = new MapCollector<>(str -> {
        return str;
    }, str2 -> {
        return (String) getMessageSource().getProperty(String.format(this.messagePropertyNameTemplate, str2));
    });
    private Map<String, String> groups = new HashMap();
    private Map<String, Set<String>> groupMembers = new HashMap();
    private Map<String, Set<String>> groupAdmins = new HashMap();

    public String getMessagePropertyNameTemplate() {
        return this.messagePropertyNameTemplate;
    }

    public void setMessagePropertyNameTemplate(String str) {
        this.messagePropertyNameTemplate = str;
    }

    public ScimGroupBootstrap(ScimGroupProvisioning scimGroupProvisioning, ScimUserProvisioning scimUserProvisioning, ScimGroupMembershipManager scimGroupMembershipManager) {
        this.scimGroupProvisioning = scimGroupProvisioning;
        this.scimUserProvisioning = scimUserProvisioning;
        this.membershipManager = scimGroupMembershipManager;
    }

    public PropertySource getMessageSource() {
        if (this.messageSource == null) {
            try {
                this.messageSource = new ResourcePropertySource("messages.properties");
            } catch (IOException e) {
                this.messageSource = new PropertySource.StubPropertySource("messages.properties");
            }
        }
        return this.messageSource;
    }

    public void setMessageSource(PropertySource propertySource) {
        this.messageSource = propertySource;
    }

    public void setGroups(Map<String, String> map) {
        if (map == null) {
            map = Collections.EMPTY_MAP;
        }
        map.entrySet().forEach(entry -> {
            if (StringUtils.hasText((String) entry.getValue())) {
                return;
            }
            entry.setValue((String) getMessageSource().getProperty(String.format(this.messagePropertyNameTemplate, entry.getKey())));
        });
        this.configuredGroups = map;
        setCombinedGroups();
    }

    public void setDefaultUserGroups(Set<String> set) {
        if (set == null) {
            set = Collections.EMPTY_SET;
        }
        this.defaultUserGroups = (Map) set.stream().collect(this.collector);
        setCombinedGroups();
    }

    public void setNonDefaultUserGroups(Set<String> set) {
        if (set == null) {
            set = Collections.EMPTY_SET;
        }
        this.nonDefaultUserGroups = (Map) set.stream().collect(this.collector);
        setCombinedGroups();
    }

    private void setCombinedGroups() {
        this.groups = new HashMap();
        this.groups.putAll(this.defaultUserGroups);
        this.groups.putAll(this.nonDefaultUserGroups);
        this.configuredGroups.entrySet().stream().filter(entry -> {
            return StringUtils.hasText((String) entry.getValue()) || !this.groups.containsKey(entry.getKey());
        }).forEach(entry2 -> {
        });
        this.groups = (Map) this.groups.entrySet().stream().collect(new MapCollector(entry3 -> {
            return StringUtils.trimWhitespace((String) entry3.getKey());
        }, entry4 -> {
            return StringUtils.trimWhitespace((String) entry4.getValue());
        }));
    }

    public void setGroupMembers(List<String> list) {
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            String[] split = it.next().split("\\|");
            if (split.length >= 2) {
                Set<String> commaDelimitedListToSet = StringUtils.commaDelimitedListToSet(split[1]);
                String str = split[0];
                this.groups.putIfAbsent(str, null);
                if (3 <= split.length && "write".equalsIgnoreCase(split[2])) {
                    this.groupAdmins.put(str, commaDelimitedListToSet);
                } else {
                    this.groupMembers.put(str, commaDelimitedListToSet);
                }
            }
        }
        this.logger.debug("groups: " + this.groups);
        this.logger.debug("admins: " + this.groupAdmins + ", members: " + this.groupMembers);
    }

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        List list = (List) this.groups.keySet().stream().filter(str -> {
            return StringUtils.hasText(str);
        }).map(str2 -> {
            return getOrCreateGroup(str2);
        }).collect(Collectors.toList());
        for (int i = 0; i < list.size(); i++) {
            ScimGroup scimGroup = (ScimGroup) list.get(i);
            String str3 = this.groups.get(scimGroup.getDisplayName());
            if (StringUtils.hasText(str3)) {
                scimGroup.setDescription(str3);
                try {
                    list.set(i, this.scimGroupProvisioning.update(scimGroup.getId(), scimGroup, IdentityZoneHolder.get().getId()));
                } catch (IncorrectResultSizeDataAccessException e) {
                    ScimGroup group = getGroup(scimGroup.getDisplayName());
                    if (group == null || group.getVersion() <= scimGroup.getVersion()) {
                        throw e;
                    }
                    this.logger.debug("Group has already been updated by another instance, ignore error.");
                }
            }
        }
        Iterator it = list.iterator();
        while (it.hasNext()) {
            addMembers((ScimGroup) it.next());
        }
    }

    private void addMembers(ScimGroup scimGroup) {
        String displayName = scimGroup.getDisplayName();
        List<ScimGroupMember> members = getMembers(this.groupMembers.get(displayName));
        members.addAll(getMembers(this.groupAdmins.get(displayName)));
        this.logger.debug("adding members: " + members + " into group: " + displayName);
        for (ScimGroupMember scimGroupMember : members) {
            try {
                this.membershipManager.addMember(scimGroup.getId(), scimGroupMember, IdentityZoneHolder.get().getId());
            } catch (MemberAlreadyExistsException e) {
                this.logger.debug(scimGroupMember.getMemberId() + " already is member of group " + displayName);
            }
        }
    }

    private List<ScimGroupMember> getMembers(Set<String> set) {
        if (set == null || set.isEmpty()) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            ScimCore scimResourceId = getScimResourceId(it.next());
            if (scimResourceId != null) {
                arrayList.add(new ScimGroupMember(scimResourceId.getId(), scimResourceId instanceof ScimGroup ? ScimGroupMember.Type.GROUP : ScimGroupMember.Type.USER));
            }
        }
        return arrayList;
    }

    private ScimCore getScimResourceId(String str) {
        ScimUser user = getUser(str);
        if (user != null) {
            return user;
        }
        this.logger.debug("user " + str + " does not exist, checking in groups...");
        return getGroup(str);
    }

    private ScimUser getUser(String str) {
        List<ScimUser> query = this.scimUserProvisioning.query(String.format(USER_BY_NAME_FILTER, str), IdentityZoneHolder.get().getId());
        if (query == null || query.isEmpty()) {
            return null;
        }
        return query.get(0);
    }

    ScimGroup getGroup(String str) {
        try {
            ScimGroup byName = this.scimGroupProvisioning.getByName(str, IdentityZoneHolder.get().getId());
            byName.setMembers(this.membershipManager.getMembers(byName.getId(), false, IdentityZoneHolder.get().getId()));
            return byName;
        } catch (ScimResourceNotFoundException | IncorrectResultSizeDataAccessException e) {
            this.logger.debug("could not find group with name");
            return null;
        }
    }

    private ScimGroup getOrCreateGroup(String str) {
        this.logger.debug("adding group: " + str);
        String id = IdentityZone.getUaa().getId();
        return this.scimGroupProvisioning.createOrGet(new ScimGroup(null, str, id), id);
    }
}
