package org.alfresco.utility.data.auth;

import java.net.http.HttpClient;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.alfresco.utility.TasAisProperties;
import org.alfresco.utility.data.AisToken;
import org.alfresco.utility.model.UserModel;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.junit.Assert;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Service;
import org.springframework.web.util.UriComponentsBuilder;

@Scope("prototype")
@Service
/* loaded from: input_file:org/alfresco/utility/data/auth/DataAIS.class */
public class DataAIS implements InitializingBean {
    private static final Log LOG = LogFactory.getLog(DataAIS.class);
    private static final HashMap<Integer, AisToken> aisTokens = new HashMap<>();
    private static final int TIMEOUT_DELTA_MILLISECONDS = 5000;
    private boolean enabled;

    @Autowired
    private TasAisProperties aisProperties;
    private AISClient aisClient;

    /* loaded from: input_file:org/alfresco/utility/data/auth/DataAIS$Builder.class */
    public class Builder implements UserManageable {
        private Builder() {
        }

        @Override // org.alfresco.utility.data.auth.UserManageable
        public Builder createUser(UserModel userModel) {
            DataAIS.LOG.info(String.format("[AlfrescoIdentityService] Add user %s", userModel.getUsername()));
            DataAIS.this.aisClient.createUser(userModel.getUsername(), userModel.getPassword(), userModel.getFirstName(), userModel.getLastName());
            return this;
        }

        @Override // org.alfresco.utility.data.auth.UserManageable
        public Builder deleteUser(UserModel userModel) {
            DataAIS.LOG.info(String.format("[AlfrescoIdentityService] Delete user %s", userModel.getUsername()));
            String extractUserId = AISClient.extractUserId(findUserByUsername(userModel.getUsername()));
            if (extractUserId != null) {
                removeTokenForUser(generateTokenKey(userModel));
                DataAIS.this.aisClient.deleteUser(extractUserId);
            }
            return this;
        }

        @Override // org.alfresco.utility.data.auth.UserManageable
        public Builder updateUser(UserModel userModel, HashMap<String, String> hashMap) {
            throw new UnsupportedOperationException("Not implemented.");
        }

        @Override // org.alfresco.utility.data.auth.UserManageable
        public Builder assertUserExists(UserModel userModel) {
            DataAIS.LOG.info(String.format("[AlfrescoIdentityService] Assert user %s exists", userModel.getUsername()));
            Assert.assertNotNull(findUserByUsername(userModel.getUsername()));
            return this;
        }

        @Override // org.alfresco.utility.data.auth.UserManageable
        public Builder assertUserDoesNotExist(UserModel userModel) {
            DataAIS.LOG.info(String.format("[AlfrescoIdentityService] Assert user %s does not exists", userModel.getUsername()));
            Assert.assertNull(findUserByUsername(userModel.getUsername()));
            return this;
        }

        public Builder disableUser(UserModel userModel) {
            DataAIS.LOG.info(String.format("[AlfrescoIdentityService] Disable user %s", userModel.getUsername()));
            Map<String, Object> findUserByUsername = findUserByUsername(userModel.getUsername());
            AISClient.setEnabled(findUserByUsername, false);
            DataAIS.this.aisClient.updateUser(findUserByUsername);
            removeTokenForUser(generateTokenKey(userModel));
            return this;
        }

        public Builder enableUser(UserModel userModel) {
            DataAIS.LOG.info(String.format("[AlfrescoIdentityService] Enable user %s", userModel.getUsername()));
            Map<String, Object> findUserByUsername = findUserByUsername(userModel.getUsername());
            AISClient.setEnabled(findUserByUsername, true);
            DataAIS.this.aisClient.updateUser(findUserByUsername);
            return this;
        }

        private Map<String, ?> obtainAccessToken(UserModel userModel) {
            DataAIS.LOG.info(String.format("[AlfrescoIdentityService] Obtain access token for user %s", userModel.getUsername()));
            return DataAIS.this.aisClient.authorizeUser(userModel.getUsername(), userModel.getPassword());
        }

        private Map<String, Object> findUserByUsername(String str) {
            List<Map<String, Object>> findUser = DataAIS.this.aisClient.findUser(str);
            if (findUser.size() == 1) {
                return findUser.get(0);
            }
            if (findUser.size() <= 1) {
                return null;
            }
            for (Map<String, Object> map : findUser) {
                if (str.equalsIgnoreCase((String) map.get("username"))) {
                    return map;
                }
            }
            return null;
        }

        public synchronized void addTokenForUser(Integer num, Map<String, ?> map) {
            DataAIS.aisTokens.put(num, new AisToken((String) map.get("access_token"), (String) map.get("refresh_token"), System.currentTimeMillis(), ((Number) map.get("expires_in")).longValue() * 1000));
        }

        public synchronized void removeTokenForUser(Integer num) {
            DataAIS.aisTokens.remove(num);
        }

        public Boolean checkTokenValidity(Integer num) {
            long currentTimeMillis = System.currentTimeMillis();
            if (DataAIS.aisTokens.containsKey(num)) {
                return Boolean.valueOf(currentTimeMillis < DataAIS.aisTokens.get(num).getExpirationTime() - 5000);
            }
            return false;
        }

        public AisToken getAccessToken(UserModel userModel) {
            Integer generateTokenKey = generateTokenKey(userModel);
            if (!checkTokenValidity(generateTokenKey).booleanValue()) {
                addTokenForUser(generateTokenKey, obtainAccessToken(userModel));
            }
            return DataAIS.aisTokens.get(generateTokenKey);
        }

        private Integer generateTokenKey(UserModel userModel) {
            return Integer.valueOf((31 * ((31 * 1) + (userModel.getUsername() == null ? 0 : userModel.getUsername().hashCode()))) + (userModel.getPassword() == null ? 0 : userModel.getPassword().hashCode()));
        }

        @Override // org.alfresco.utility.data.auth.UserManageable
        public /* bridge */ /* synthetic */ UserManageable updateUser(UserModel userModel, HashMap hashMap) throws Exception {
            return updateUser(userModel, (HashMap<String, String>) hashMap);
        }
    }

    public void afterPropertiesSet() {
        String authServerUrl = this.aisProperties.getAuthServerUrl();
        if (authServerUrl != null && !authServerUrl.isEmpty()) {
            this.enabled = true;
        }
        if (this.enabled) {
            String realm = this.aisProperties.getRealm();
            String resource = this.aisProperties.getResource();
            String adminUsername = this.aisProperties.getAdminUsername();
            String adminPassword = this.aisProperties.getAdminPassword();
            Assert.assertTrue("AIS realm can not be empty", (realm == null || realm.isEmpty()) ? false : true);
            Assert.assertTrue("AIS resource can not be empty", (resource == null || resource.isEmpty()) ? false : true);
            Assert.assertTrue("AIS adminUsername can not be empty", (adminUsername == null || adminUsername.isEmpty()) ? false : true);
            Assert.assertTrue("AIS adminPassword can not be empty", (adminPassword == null || adminPassword.isEmpty()) ? false : true);
            LOG.info(String.format("[AlfrescoIdentityService] Building AIS clients. Url= %s ", authServerUrl));
            this.aisClient = new AISClient(resource, adminUsername, adminPassword, UriComponentsBuilder.fromUri(UriComponentsBuilder.fromUriString(authServerUrl).pathSegment(new String[]{"realms", realm}).build().toUri()).pathSegment(new String[]{"protocol", "openid-connect", "token"}).build().toUri(), UriComponentsBuilder.fromUriString(authServerUrl).pathSegment(new String[]{"admin", "realms", realm, "users"}).build().toUri(), HttpClient.newHttpClient());
        }
    }

    public boolean isEnabled() {
        return this.enabled;
    }

    public Builder perform() {
        Assert.assertTrue("[AlfrescoIdentityService] AlfrescoIdentityService support is disabled.", isEnabled());
        return new Builder();
    }
}
