package net.n2oapp.security.admin.sso.keycloak;

import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import net.n2oapp.platform.i18n.UserException;
import net.n2oapp.security.admin.api.model.Role;
import net.n2oapp.security.admin.api.model.SsoUser;
import net.n2oapp.security.admin.api.provider.SsoUserRoleProvider;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.quartz.JobKey;
import org.quartz.SchedulerException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.scheduling.quartz.SchedulerFactoryBean;
import org.springframework.util.CollectionUtils;
import org.springframework.web.client.HttpClientErrorException;

/* loaded from: input_file:net/n2oapp/security/admin/sso/keycloak/KeycloakSsoUserRoleProvider.class */
public class KeycloakSsoUserRoleProvider implements SsoUserRoleProvider {
    public static final String EXT_SYS = "KEYCLOAK";
    private AdminSsoKeycloakProperties properties;

    @Autowired
    private KeycloakRestRoleService roleService;

    @Autowired
    private KeycloakRestUserService userService;

    @Autowired
    private SchedulerFactoryBean schedulerFactoryBean;

    @Autowired
    private ObjectMapper objectMapper;

    public KeycloakSsoUserRoleProvider(AdminSsoKeycloakProperties adminSsoKeycloakProperties) {
        this.properties = adminSsoKeycloakProperties;
    }

    public boolean isSupports(String str) {
        return str == null || EXT_SYS.equalsIgnoreCase(str);
    }

    public SsoUser createUser(SsoUser ssoUser) {
        UserRepresentation map = map(ssoUser);
        if (!CollectionUtils.isEmpty(ssoUser.getRequiredActions())) {
            map.setRequiredActions(ssoUser.getRequiredActions());
        }
        try {
            String createUser = this.userService.createUser(map);
            ssoUser.setExtUid(createUser);
            ssoUser.setExtSys(EXT_SYS);
            if (ssoUser.getRoles() != null) {
                this.userService.addUserRoles(createUser, (List) ssoUser.getRoles().stream().map(this::map).collect(Collectors.toList()));
            }
        } catch (HttpClientErrorException e) {
            throwUserException(e);
        }
        return ssoUser;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public void updateUser(SsoUser ssoUser) {
        try {
            this.userService.updateUser(map(ssoUser));
            List arrayList = new ArrayList();
            if (ssoUser.getRoles() == null || ssoUser.getRoles().isEmpty()) {
                arrayList = this.userService.getActualUserRoles(ssoUser.getExtUid());
            } else {
                Set set = (Set) ssoUser.getRoles().stream().map((v0) -> {
                    return v0.getCode();
                }).collect(Collectors.toSet());
                List<RoleRepresentation> actualUserRoles = this.userService.getActualUserRoles(ssoUser.getExtUid());
                if (actualUserRoles != null) {
                    arrayList = (List) actualUserRoles.stream().filter(roleRepresentation -> {
                        return !set.contains(roleRepresentation.getName());
                    }).collect(Collectors.toList());
                }
                Set hashSet = actualUserRoles == null ? new HashSet() : (Set) actualUserRoles.stream().map((v0) -> {
                    return v0.getName();
                }).collect(Collectors.toSet());
                this.userService.addUserRoles(ssoUser.getExtUid(), (List) ssoUser.getRoles().stream().filter(role -> {
                    return !hashSet.contains(role.getCode());
                }).map(this::map).collect(Collectors.toList()));
            }
            this.userService.deleteUserRoles(ssoUser.getExtUid(), arrayList);
            if (ssoUser.getPassword() != null) {
                this.userService.changePassword(ssoUser.getExtUid(), ssoUser.getPassword());
            }
        } catch (HttpClientErrorException e) {
            throwUserException(e);
        }
    }

    public void deleteUser(SsoUser ssoUser) {
        try {
            this.userService.deleteUser(ssoUser.getExtUid());
        } catch (HttpClientErrorException e) {
            throwUserException(e);
        }
    }

    public void changeActivity(SsoUser ssoUser) {
        UserRepresentation map = map(ssoUser);
        map.setEnabled(ssoUser.getIsActive());
        try {
            this.userService.updateUser(map);
        } catch (HttpClientErrorException e) {
            throwUserException(e);
        }
    }

    public Role createRole(Role role) {
        try {
            this.roleService.createRole(map(role));
        } catch (HttpClientErrorException e) {
            throwUserException(e);
        }
        return role;
    }

    public void updateRole(Role role) {
        try {
            this.roleService.updateRole(map(role));
        } catch (HttpClientErrorException e) {
            throwUserException(e);
        }
    }

    public void deleteRole(Role role) {
        try {
            this.roleService.deleteRole(role.getCode());
        } catch (HttpClientErrorException e) {
            throwUserException(e);
        }
    }

    public void resetPassword(SsoUser ssoUser) {
        UserRepresentation map = map(ssoUser);
        if (!CollectionUtils.isEmpty(ssoUser.getRequiredActions())) {
            map.setRequiredActions(ssoUser.getRequiredActions());
        }
        try {
            this.userService.updateUser(map);
        } catch (HttpClientErrorException e) {
            throwUserException(e);
        }
    }

    public void startSynchronization() {
        try {
            this.schedulerFactoryBean.getScheduler().triggerJob(new JobKey("User_Synchronize_Job_Detail"));
        } catch (SchedulerException e) {
            throw new UserException("exception.failedSyncStart", e);
        }
    }

    private void throwUserException(HttpClientErrorException httpClientErrorException) {
        try {
            Map map = (Map) this.objectMapper.readValue(httpClientErrorException.getResponseBodyAsString(), new TypeReference<Map<String, String>>() { // from class: net.n2oapp.security.admin.sso.keycloak.KeycloakSsoUserRoleProvider.1
            });
            throw new UserException("exception." + (map.containsKey("errorMessage") ? (String) map.get("errorMessage") : (String) map.get("error")).toLowerCase().replace(" ", "-"), httpClientErrorException);
        } catch (IOException e) {
            throw new IllegalArgumentException((Throwable) httpClientErrorException);
        }
    }

    private UserRepresentation map(SsoUser ssoUser) {
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setId(ssoUser.getExtUid());
        userRepresentation.setEnabled(ssoUser.getIsActive());
        userRepresentation.setUsername(ssoUser.getUsername() != null ? ssoUser.getUsername() : "");
        userRepresentation.setFirstName(ssoUser.getName() != null ? ssoUser.getName() : "");
        userRepresentation.setLastName(ssoUser.getSurname() != null ? ssoUser.getSurname() : "");
        userRepresentation.setEmail(ssoUser.getEmail() != null ? ssoUser.getEmail() : "");
        userRepresentation.setEmailVerified(this.properties.getEmailVerified());
        if (ssoUser.getPassword() != null) {
            CredentialRepresentation credentialRepresentation = new CredentialRepresentation();
            credentialRepresentation.setTemporary(this.properties.getTemporaryPassword());
            credentialRepresentation.setType("password");
            credentialRepresentation.setValue(ssoUser.getPassword());
            userRepresentation.setCredentials(Arrays.asList(credentialRepresentation));
        }
        return userRepresentation;
    }

    private RoleRepresentation map(Role role) {
        RoleRepresentation roleRepresentation = new RoleRepresentation();
        roleRepresentation.setName(role.getCode());
        roleRepresentation.setComposite(false);
        roleRepresentation.setDescription(role.getDescription());
        return roleRepresentation;
    }

    public void setRoleService(KeycloakRestRoleService keycloakRestRoleService) {
        this.roleService = keycloakRestRoleService;
    }

    public void setUserService(KeycloakRestUserService keycloakRestUserService) {
        this.userService = keycloakRestUserService;
    }
}
