package org.cloudfoundry.identity.uaa.impl.config;

import java.util.Collection;
import java.util.Collections;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import org.cloudfoundry.identity.uaa.login.Prompt;
import org.cloudfoundry.identity.uaa.saml.SamlKey;
import org.cloudfoundry.identity.uaa.util.JsonUtils;
import org.cloudfoundry.identity.uaa.zone.BrandingInformation;
import org.cloudfoundry.identity.uaa.zone.ClientSecretPolicy;
import org.cloudfoundry.identity.uaa.zone.IdentityZone;
import org.cloudfoundry.identity.uaa.zone.IdentityZoneConfiguration;
import org.cloudfoundry.identity.uaa.zone.IdentityZoneProvisioning;
import org.cloudfoundry.identity.uaa.zone.IdentityZoneValidator;
import org.cloudfoundry.identity.uaa.zone.InvalidIdentityZoneDetailsException;
import org.cloudfoundry.identity.uaa.zone.TokenPolicy;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.StringUtils;

/* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-server-4.20.0.jar:org/cloudfoundry/identity/uaa/impl/config/IdentityZoneConfigurationBootstrap.class */
public class IdentityZoneConfigurationBootstrap implements InitializingBean {
    private ClientSecretPolicy clientSecretPolicy;
    private TokenPolicy tokenPolicy;
    private IdentityZoneProvisioning provisioning;
    private Map<String, Object> selfServiceLinks;
    private boolean mfaEnabled;
    private String mfaProviderName;
    private List<String> logoutRedirectWhitelist;
    private String logoutRedirectParameterName;
    private String logoutDefaultRedirectUrl;
    private List<Prompt> prompts;
    private String defaultIdentityProvider;
    private String samlSpPrivateKey;
    private String samlSpPrivateKeyPassphrase;
    private String samlSpCertificate;
    private Map<String, Map<String, String>> samlKeys;
    private String activeKeyId;
    private boolean accountChooserEnabled;
    private Collection<String> defaultUserGroups;
    private Map<String, Object> branding;
    private boolean selfServiceLinksEnabled = true;
    private String homeRedirect = null;
    private boolean logoutDisableRedirectParameter = true;
    private boolean disableSamlInResponseToCheck = false;
    private boolean idpDiscoveryEnabled = false;
    private IdentityZoneValidator validator = (identityZone, mode) -> {
        return identityZone;
    };

    public void setValidator(IdentityZoneValidator identityZoneValidator) {
        this.validator = identityZoneValidator;
    }

    public IdentityZoneConfigurationBootstrap(IdentityZoneProvisioning identityZoneProvisioning) {
        this.provisioning = identityZoneProvisioning;
    }

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws InvalidIdentityZoneDetailsException {
        IdentityZone retrieve = this.provisioning.retrieve(IdentityZone.getUaa().getId());
        IdentityZoneConfiguration identityZoneConfiguration = new IdentityZoneConfiguration(this.tokenPolicy);
        identityZoneConfiguration.setClientSecretPolicy(this.clientSecretPolicy);
        identityZoneConfiguration.getLinks().getSelfService().setSelfServiceLinksEnabled(this.selfServiceLinksEnabled);
        identityZoneConfiguration.getLinks().setHomeRedirect(this.homeRedirect);
        identityZoneConfiguration.getSamlConfig().setCertificate(this.samlSpCertificate);
        identityZoneConfiguration.getSamlConfig().setPrivateKey(this.samlSpPrivateKey);
        identityZoneConfiguration.getSamlConfig().setPrivateKeyPassword(this.samlSpPrivateKeyPassphrase);
        identityZoneConfiguration.getSamlConfig().setDisableInResponseToCheck(this.disableSamlInResponseToCheck);
        identityZoneConfiguration.setIdpDiscoveryEnabled(this.idpDiscoveryEnabled);
        identityZoneConfiguration.setAccountChooserEnabled(this.accountChooserEnabled);
        identityZoneConfiguration.getMfaConfig().setEnabled(this.mfaEnabled);
        identityZoneConfiguration.getMfaConfig().setProviderName(this.mfaProviderName);
        identityZoneConfiguration.setDefaultIdentityProvider(this.defaultIdentityProvider);
        this.samlKeys = (Map) Optional.ofNullable(this.samlKeys).orElse(Collections.EMPTY_MAP);
        for (Map.Entry<String, Map<String, String>> entry : this.samlKeys.entrySet()) {
            identityZoneConfiguration.getSamlConfig().addKey(entry.getKey(), new SamlKey(entry.getValue().get("key"), entry.getValue().get("passphrase"), entry.getValue().get("certificate")));
        }
        identityZoneConfiguration.getSamlConfig().setActiveKeyId(this.activeKeyId);
        if (this.selfServiceLinks != null) {
            String str = (String) this.selfServiceLinks.get("signup");
            String str2 = (String) this.selfServiceLinks.get("passwd");
            if (StringUtils.hasText(str)) {
                identityZoneConfiguration.getLinks().getSelfService().setSignup(str);
            }
            if (StringUtils.hasText(str2)) {
                identityZoneConfiguration.getLinks().getSelfService().setPasswd(str2);
            }
        }
        if (Objects.nonNull(this.logoutRedirectWhitelist)) {
            identityZoneConfiguration.getLinks().getLogout().setWhitelist(this.logoutRedirectWhitelist);
        }
        if (StringUtils.hasText(this.logoutRedirectParameterName)) {
            identityZoneConfiguration.getLinks().getLogout().setRedirectParameterName(this.logoutRedirectParameterName);
        }
        if (StringUtils.hasText(this.logoutDefaultRedirectUrl)) {
            identityZoneConfiguration.getLinks().getLogout().setRedirectUrl(this.logoutDefaultRedirectUrl);
        }
        identityZoneConfiguration.getLinks().getLogout().setDisableRedirectParameter(this.logoutDisableRedirectParameter);
        if (Objects.nonNull(this.prompts)) {
            identityZoneConfiguration.setPrompts(this.prompts);
        }
        identityZoneConfiguration.setBranding((BrandingInformation) JsonUtils.convertValue(this.branding, BrandingInformation.class));
        if (this.defaultUserGroups != null) {
            identityZoneConfiguration.getUserConfig().setDefaultGroups(new LinkedList(this.defaultUserGroups));
        }
        retrieve.setConfig(identityZoneConfiguration);
        this.provisioning.update(this.validator.validate(retrieve, IdentityZoneValidator.Mode.MODIFY));
    }

    public void setClientSecretPolicy(ClientSecretPolicy clientSecretPolicy) {
        this.clientSecretPolicy = clientSecretPolicy;
    }

    public void setMfaEnabled(boolean z) {
        this.mfaEnabled = z;
    }

    public void setMfaProviderName(String str) {
        this.mfaProviderName = str;
    }

    public String getMfaProviderName() {
        return this.mfaProviderName;
    }

    public boolean isMfaEnabled() {
        return this.mfaEnabled;
    }

    public IdentityZoneConfigurationBootstrap setSamlKeys(Map<String, Map<String, String>> map) {
        this.samlKeys = map;
        return this;
    }

    public IdentityZoneConfigurationBootstrap setActiveKeyId(String str) {
        this.activeKeyId = str;
        return this;
    }

    public void setTokenPolicy(TokenPolicy tokenPolicy) {
        this.tokenPolicy = tokenPolicy;
    }

    public void setSelfServiceLinksEnabled(boolean z) {
        this.selfServiceLinksEnabled = z;
    }

    public void setHomeRedirect(String str) {
        this.homeRedirect = str;
    }

    public String getHomeRedirect() {
        return this.homeRedirect;
    }

    public void setSelfServiceLinks(Map<String, Object> map) {
        this.selfServiceLinks = map;
    }

    public void setLogoutDefaultRedirectUrl(String str) {
        this.logoutDefaultRedirectUrl = str;
    }

    public void setLogoutDisableRedirectParameter(boolean z) {
        this.logoutDisableRedirectParameter = z;
    }

    public void setLogoutRedirectParameterName(String str) {
        this.logoutRedirectParameterName = str;
    }

    public void setLogoutRedirectWhitelist(List<String> list) {
        this.logoutRedirectWhitelist = list;
    }

    public void setPrompts(List<Prompt> list) {
        this.prompts = list;
    }

    public void setDefaultIdentityProvider(String str) {
        this.defaultIdentityProvider = str;
    }

    public void setSamlSpCertificate(String str) {
        this.samlSpCertificate = str;
    }

    public void setSamlSpPrivateKey(String str) {
        this.samlSpPrivateKey = str;
    }

    public void setSamlSpPrivateKeyPassphrase(String str) {
        this.samlSpPrivateKeyPassphrase = str;
    }

    public boolean isIdpDiscoveryEnabled() {
        return this.idpDiscoveryEnabled;
    }

    public void setIdpDiscoveryEnabled(boolean z) {
        this.idpDiscoveryEnabled = z;
    }

    public boolean isAccountChooserEnabled() {
        return this.accountChooserEnabled;
    }

    public void setAccountChooserEnabled(boolean z) {
        this.accountChooserEnabled = z;
    }

    public void setBranding(Map<String, Object> map) {
        this.branding = map;
    }

    public Map<String, Object> getBranding() {
        return this.branding;
    }

    public void setDefaultUserGroups(Collection<String> collection) {
        this.defaultUserGroups = collection;
    }

    public boolean isDisableSamlInResponseToCheck() {
        return this.disableSamlInResponseToCheck;
    }

    public void setDisableSamlInResponseToCheck(boolean z) {
        this.disableSamlInResponseToCheck = z;
    }
}
