package org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application;

import java.util.ArrayList;
import java.util.Collections;
import java.util.Comparator;
import java.util.Iterator;
import java.util.List;
import java.util.Optional;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.wso2.carbon.identity.api.server.application.management.v1.AuthenticationSequence;
import org.wso2.carbon.identity.api.server.application.management.v1.AuthenticationStepModel;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.UpdateFunction;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils;
import org.wso2.carbon.identity.application.common.model.AuthenticationStep;
import org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig;
import org.wso2.carbon.identity.application.common.model.IdentityProvider;
import org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig;
import org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig;
import org.wso2.carbon.identity.application.common.model.RequestPathAuthenticatorConfig;
import org.wso2.carbon.identity.application.common.model.ServiceProvider;
import org.wso2.carbon.identity.application.common.model.script.AuthenticationScriptConfig;

/* loaded from: input_file:WEB-INF/lib/org.wso2.carbon.identity.api.server.application.management.v1-1.2.67.jar:org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/UpdateAuthenticationSequence.class */
public class UpdateAuthenticationSequence implements UpdateFunction<ServiceProvider, AuthenticationSequence> {
    @Override // org.wso2.carbon.identity.api.server.application.management.v1.core.functions.UpdateFunction
    public void apply(ServiceProvider serviceProvider, AuthenticationSequence authenticationSequence) {
        if (authenticationSequence != null) {
            updateRequestPathAuthenticatorConfigs(authenticationSequence, serviceProvider);
            LocalAndOutboundAuthenticationConfig localAndOutboundConfig = getLocalAndOutboundConfig(serviceProvider);
            updateAuthenticationSteps(authenticationSequence, localAndOutboundConfig);
            updateAdaptiveAuthenticationScript(authenticationSequence, localAndOutboundConfig);
        }
    }

    private void updateAuthenticationSteps(AuthenticationSequence authenticationSequence, LocalAndOutboundAuthenticationConfig localAndOutboundAuthenticationConfig) {
        if (isRevertToDefaultSequence(authenticationSequence, localAndOutboundAuthenticationConfig)) {
            localAndOutboundAuthenticationConfig.setAuthenticationType("default");
            localAndOutboundAuthenticationConfig.setAuthenticationSteps(new AuthenticationStep[0]);
        } else if (authenticationSequence.getType() != AuthenticationSequence.TypeEnum.DEFAULT) {
            AuthenticationStep[] authenticationSteps = getAuthenticationSteps(authenticationSequence);
            localAndOutboundAuthenticationConfig.setAuthenticationType("flow");
            localAndOutboundAuthenticationConfig.setAuthenticationSteps(authenticationSteps);
        }
    }

    private void updateAdaptiveAuthenticationScript(AuthenticationSequence authenticationSequence, LocalAndOutboundAuthenticationConfig localAndOutboundAuthenticationConfig) {
        if (isRevertToDefaultSequence(authenticationSequence, localAndOutboundAuthenticationConfig)) {
            localAndOutboundAuthenticationConfig.setAuthenticationScriptConfig((AuthenticationScriptConfig) null);
        } else if (StringUtils.isNotBlank(authenticationSequence.getScript())) {
            AuthenticationScriptConfig authenticationScriptConfig = new AuthenticationScriptConfig();
            authenticationScriptConfig.setContent(authenticationSequence.getScript());
            authenticationScriptConfig.setEnabled(true);
            localAndOutboundAuthenticationConfig.setAuthenticationScriptConfig(authenticationScriptConfig);
        }
    }

    private void updateRequestPathAuthenticatorConfigs(AuthenticationSequence authenticationSequence, ServiceProvider serviceProvider) {
        Optional.ofNullable(authenticationSequence.getRequestPathAuthenticators()).ifPresent(list -> {
            serviceProvider.setRequestPathAuthenticatorConfigs((RequestPathAuthenticatorConfig[]) list.stream().map(this::buildRequestPathConfig).toArray(i -> {
                return new RequestPathAuthenticatorConfig[i];
            }));
        });
    }

    private AuthenticationStep[] getAuthenticationSteps(AuthenticationSequence authenticationSequence) {
        if (CollectionUtils.isEmpty(authenticationSequence.getSteps())) {
            throw Utils.buildBadRequestError("Authentication steps cannot be empty for user defined authentication type: " + AuthenticationSequence.TypeEnum.USER_DEFINED);
        }
        List list = (List) Optional.of(authenticationSequence.getSteps()).map(list2 -> {
            list2.sort(Comparator.comparingInt((v0) -> {
                return v0.getId();
            }));
            return list2;
        }).orElse(Collections.emptyList());
        int size = list.size();
        if (size != ((AuthenticationStepModel) list.get(size - 1)).getId().intValue()) {
            throw Utils.buildBadRequestError("Step ids need to be consecutive in the authentication sequence steps.");
        }
        int subjectStepId = getSubjectStepId(authenticationSequence.getSubjectStepId(), size);
        int subjectStepId2 = getSubjectStepId(authenticationSequence.getAttributeStepId(), size);
        AuthenticationStep[] authenticationStepArr = new AuthenticationStep[size];
        int i = 1;
        Iterator it = list.iterator();
        while (it.hasNext()) {
            AuthenticationStep buildAuthenticationStep = buildAuthenticationStep((AuthenticationStepModel) it.next());
            buildAuthenticationStep.setStepOrder(i);
            if (subjectStepId == i) {
                buildAuthenticationStep.setSubjectStep(true);
            }
            if (subjectStepId2 == i) {
                buildAuthenticationStep.setAttributeStep(true);
            }
            authenticationStepArr[i - 1] = buildAuthenticationStep;
            i++;
        }
        return authenticationStepArr;
    }

    private AuthenticationStep buildAuthenticationStep(AuthenticationStepModel authenticationStepModel) {
        AuthenticationStep authenticationStep = new AuthenticationStep();
        if (CollectionUtils.isEmpty(authenticationStepModel.getOptions())) {
            throw Utils.buildBadRequestError("Authentication Step options cannot be empty.");
        }
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        authenticationStepModel.getOptions().forEach(authenticator -> {
            if ("LOCAL".equals(authenticator.getIdp())) {
                LocalAuthenticatorConfig localAuthenticatorConfig = new LocalAuthenticatorConfig();
                localAuthenticatorConfig.setEnabled(true);
                localAuthenticatorConfig.setName(authenticator.getAuthenticator());
                arrayList.add(localAuthenticatorConfig);
                return;
            }
            FederatedAuthenticatorConfig federatedAuthenticatorConfig = new FederatedAuthenticatorConfig();
            federatedAuthenticatorConfig.setEnabled(true);
            federatedAuthenticatorConfig.setName(authenticator.getAuthenticator());
            IdentityProvider identityProvider = new IdentityProvider();
            identityProvider.setIdentityProviderName(authenticator.getIdp());
            identityProvider.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[]{federatedAuthenticatorConfig});
            identityProvider.setDefaultAuthenticatorConfig(federatedAuthenticatorConfig);
            arrayList2.add(identityProvider);
        });
        authenticationStep.setLocalAuthenticatorConfigs((LocalAuthenticatorConfig[]) arrayList.toArray(new LocalAuthenticatorConfig[0]));
        authenticationStep.setFederatedIdentityProviders((IdentityProvider[]) arrayList2.toArray(new IdentityProvider[0]));
        return authenticationStep;
    }

    private int getSubjectStepId(Integer num, int i) {
        if (num == null || num.intValue() > i) {
            return 1;
        }
        return num.intValue();
    }

    private RequestPathAuthenticatorConfig buildRequestPathConfig(String str) {
        RequestPathAuthenticatorConfig requestPathAuthenticatorConfig = new RequestPathAuthenticatorConfig();
        requestPathAuthenticatorConfig.setName(str);
        requestPathAuthenticatorConfig.setEnabled(true);
        return requestPathAuthenticatorConfig;
    }

    private LocalAndOutboundAuthenticationConfig getLocalAndOutboundConfig(ServiceProvider serviceProvider) {
        if (serviceProvider.getLocalAndOutBoundAuthenticationConfig() == null) {
            serviceProvider.setLocalAndOutBoundAuthenticationConfig(new LocalAndOutboundAuthenticationConfig());
        }
        return serviceProvider.getLocalAndOutBoundAuthenticationConfig();
    }

    private boolean isRevertToDefaultSequence(AuthenticationSequence authenticationSequence, LocalAndOutboundAuthenticationConfig localAndOutboundAuthenticationConfig) {
        String authenticationType = localAndOutboundAuthenticationConfig.getAuthenticationType();
        return authenticationSequence.getType() == AuthenticationSequence.TypeEnum.DEFAULT && StringUtils.isNotBlank(authenticationType) && !AuthenticationSequence.TypeEnum.DEFAULT.toString().equalsIgnoreCase(authenticationType);
    }
}
