package edu.internet2.middleware.grouper.app.scim2Provisioning;

import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.node.ArrayNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
import edu.internet2.middleware.grouper.app.externalSystem.WsBearerTokenExternalSystem;
import edu.internet2.middleware.grouper.cfg.GrouperConfig;
import edu.internet2.middleware.grouper.ddl.DdlUtilsChangeDatabase;
import edu.internet2.middleware.grouper.ddl.DdlVersionBean;
import edu.internet2.middleware.grouper.ddl.GrouperDdlUtils;
import edu.internet2.middleware.grouper.ddl.GrouperMockDdl;
import edu.internet2.middleware.grouper.ext.org.apache.ddlutils.model.Database;
import edu.internet2.middleware.grouper.hibernate.HibernateSession;
import edu.internet2.middleware.grouper.internal.util.GrouperUuid;
import edu.internet2.middleware.grouper.j2ee.MockServiceHandler;
import edu.internet2.middleware.grouper.j2ee.MockServiceRequest;
import edu.internet2.middleware.grouper.j2ee.MockServiceResponse;
import edu.internet2.middleware.grouper.j2ee.MockServiceServlet;
import edu.internet2.middleware.grouper.util.GrouperUtil;
import edu.internet2.middleware.grouperClient.jdbc.GcDbAccess;
import io.netty.handler.codec.http.HttpHeaders;
import java.sql.Timestamp;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.text.StringEscapeUtils;
import org.apache.http.client.methods.HttpDelete;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPatch;
import org.apache.http.client.methods.HttpPost;

/* loaded from: input_file:WEB-INF/lib/grouper-4.10.0.jar:edu/internet2/middleware/grouper/app/scim2Provisioning/AwsScim2MockServiceHandler.class */
public class AwsScim2MockServiceHandler extends MockServiceHandler {
    private static final Set<String> doNotLogHeaders = GrouperUtil.toSet("authorization");
    private static boolean mockTablesThere = false;

    @Override // edu.internet2.middleware.grouper.j2ee.MockServiceHandler
    public Set<String> doNotLogHeaders() {
        return doNotLogHeaders;
    }

    public static void ensureScimMockTables() {
        try {
            new GcDbAccess().sql("select count(*) from mock_scim_user").select(Integer.TYPE);
            new GcDbAccess().sql("select count(*) from mock_scim_group").select(Integer.TYPE);
            new GcDbAccess().sql("select count(*) from mock_scim_membership").select(Integer.TYPE);
        } catch (Exception e) {
            GrouperDdlUtils.changeDatabase(GrouperMockDdl.V1.getObjectName(), new DdlUtilsChangeDatabase() { // from class: edu.internet2.middleware.grouper.app.scim2Provisioning.AwsScim2MockServiceHandler.1
                @Override // edu.internet2.middleware.grouper.ddl.DdlUtilsChangeDatabase
                public void changeDatabase(DdlVersionBean ddlVersionBean) {
                    Database database = ddlVersionBean.getDatabase();
                    GrouperScim2User.createTableScimUser(ddlVersionBean, database);
                    GrouperScim2Group.createTableScimGroup(ddlVersionBean, database);
                    GrouperScim2Membership.createTableScimMembership(ddlVersionBean, database);
                }
            });
        }
    }

    public static void dropScimMockTables() {
        MockServiceServlet.dropMockTable("mock_scim_membership");
        MockServiceServlet.dropMockTable("mock_scim_group");
        MockServiceServlet.dropMockTable("mock_scim_user");
    }

    @Override // edu.internet2.middleware.grouper.j2ee.MockServiceHandler
    public void handleRequest(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        if (!mockTablesThere) {
            ensureScimMockTables();
        }
        mockTablesThere = true;
        if (GrouperUtil.length(mockServiceRequest.getPostMockNamePaths()) == 0) {
            throw new RuntimeException("Pass in a path!");
        }
        List list = GrouperUtil.toList(mockServiceRequest.getPostMockNamePaths());
        GrouperUtil.assertion(list.size() >= 1, "Must start with v2/");
        GrouperUtil.assertion(StringUtils.equals((String) list.get(0), "v2"), "");
        List subList = list.subList(1, list.size());
        mockServiceRequest.setPostMockNamePaths((String[]) subList.toArray(new String[subList.size()]));
        if (StringUtils.equals(HttpGet.METHOD_NAME, mockServiceRequest.getHttpServletRequest().getMethod())) {
            if ("ServiceProviderConfig".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 1 == mockServiceRequest.getPostMockNamePaths().length) {
                getServiceProviderConfig(mockServiceRequest, mockServiceResponse);
                return;
            }
            if ("Users".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 1 == mockServiceRequest.getPostMockNamePaths().length) {
                getUsers(mockServiceRequest, mockServiceResponse);
                return;
            }
            if ("Users".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 2 == mockServiceRequest.getPostMockNamePaths().length) {
                getUser(mockServiceRequest, mockServiceResponse);
                return;
            }
            if ("Groups".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 1 == mockServiceRequest.getPostMockNamePaths().length) {
                getGroups(mockServiceRequest, mockServiceResponse);
                return;
            } else if ("Groups".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 2 == mockServiceRequest.getPostMockNamePaths().length) {
                getGroup(mockServiceRequest, mockServiceResponse);
                return;
            }
        }
        if (StringUtils.equals(HttpDelete.METHOD_NAME, mockServiceRequest.getHttpServletRequest().getMethod())) {
            if ("Users".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 2 == mockServiceRequest.getPostMockNamePaths().length) {
                deleteUser(mockServiceRequest, mockServiceResponse);
                return;
            } else if ("Groups".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 2 == mockServiceRequest.getPostMockNamePaths().length) {
                deleteGroup(mockServiceRequest, mockServiceResponse);
                return;
            }
        }
        if (StringUtils.equals(HttpPatch.METHOD_NAME, mockServiceRequest.getHttpServletRequest().getMethod())) {
            if ("Users".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 2 == mockServiceRequest.getPostMockNamePaths().length) {
                patchUser(mockServiceRequest, mockServiceResponse);
                return;
            } else if ("Groups".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 2 == mockServiceRequest.getPostMockNamePaths().length) {
                patchGroup(mockServiceRequest, mockServiceResponse);
                return;
            }
        }
        if (StringUtils.equals(HttpPost.METHOD_NAME, mockServiceRequest.getHttpServletRequest().getMethod())) {
            if ("Users".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 1 == mockServiceRequest.getPostMockNamePaths().length) {
                postUsers(mockServiceRequest, mockServiceResponse);
                return;
            } else if ("Groups".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 1 == mockServiceRequest.getPostMockNamePaths().length) {
                postGroups(mockServiceRequest, mockServiceResponse);
                return;
            }
        }
        throw new RuntimeException("Not expecting request: '" + mockServiceRequest.getHttpServletRequest().getMethod() + "', '" + mockServiceRequest.getPostMockNamePath() + "'");
    }

    public boolean checkAuthorization(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        if (!StringUtils.isBlank(WsBearerTokenExternalSystem.authenticateMockUser(mockServiceRequest.getHttpServletRequest()))) {
            return true;
        }
        mockServiceRequest.getDebugMap().put("authnError", "Cant find client id!  WS bearer token external system not configured or invalid secret!");
        mockServiceResponse.setResponseCode(401);
        return false;
    }

    public void getServiceProviderConfig(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        if (checkAuthorization(mockServiceRequest, mockServiceResponse)) {
            ObjectNode jsonJacksonNode = GrouperUtil.jsonJacksonNode();
            ArrayNode jsonJacksonArrayNode = GrouperUtil.jsonJacksonArrayNode();
            jsonJacksonArrayNode.add("urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig");
            jsonJacksonNode.set("schemas", jsonJacksonArrayNode);
            jsonJacksonNode.put("documentationUri", "https://docs.aws.amazon.com/singlesignon/latest/userguide/manage-your-identity-source-idp.html");
            ObjectNode jsonJacksonNode2 = GrouperUtil.jsonJacksonNode();
            jsonJacksonNode2.put("type", "oauthbearertoken");
            jsonJacksonNode2.put("name", "OAuth Bearer Token");
            jsonJacksonNode2.put("description", "Authentication scheme using the OAuth Bearer Token Standard");
            jsonJacksonNode2.put("specUri", "https://www.rfc-editor.org/info/rfc6750");
            jsonJacksonNode2.put("documentationUri", "https://docs.aws.amazon.com/singlesignon/latest/userguide/provision-automatically.html");
            jsonJacksonNode2.put("primary", true);
            ArrayNode jsonJacksonArrayNode2 = GrouperUtil.jsonJacksonArrayNode();
            jsonJacksonArrayNode2.add(jsonJacksonNode2);
            jsonJacksonNode.set("authenticationSchemes", jsonJacksonArrayNode2);
            ObjectNode jsonJacksonNode3 = GrouperUtil.jsonJacksonNode();
            jsonJacksonNode3.put("supported", true);
            jsonJacksonNode.set("patch", jsonJacksonNode3);
            ObjectNode jsonJacksonNode4 = GrouperUtil.jsonJacksonNode();
            jsonJacksonNode4.put("supported", false);
            jsonJacksonNode4.put("maxOperations", 1);
            jsonJacksonNode4.put("maxPayloadSize", 1048576);
            jsonJacksonNode.set("bulk", jsonJacksonNode4);
            ObjectNode jsonJacksonNode5 = GrouperUtil.jsonJacksonNode();
            jsonJacksonNode5.put("supported", true);
            jsonJacksonNode5.put("maxResults", 50);
            jsonJacksonNode.set("filter", jsonJacksonNode5);
            ObjectNode jsonJacksonNode6 = GrouperUtil.jsonJacksonNode();
            jsonJacksonNode6.put("supported", false);
            jsonJacksonNode.set("changePassword", jsonJacksonNode6);
            ObjectNode jsonJacksonNode7 = GrouperUtil.jsonJacksonNode();
            jsonJacksonNode7.put("supported", false);
            jsonJacksonNode.set("sort", jsonJacksonNode7);
            ObjectNode jsonJacksonNode8 = GrouperUtil.jsonJacksonNode();
            jsonJacksonNode8.put("supported", false);
            jsonJacksonNode.set("etag", jsonJacksonNode8);
            mockServiceResponse.setResponseCode(200);
            mockServiceResponse.setContentType(HttpHeaders.Values.APPLICATION_JSON);
            mockServiceResponse.setResponseBody(GrouperUtil.jsonJacksonToString(jsonJacksonNode));
        }
    }

    public void postUsers(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        if (checkAuthorization(mockServiceRequest, mockServiceResponse)) {
            JsonNode jsonJacksonNode = GrouperUtil.jsonJacksonNode(mockServiceRequest.getRequestBody());
            GrouperUtil.assertion(GrouperUtil.length(GrouperUtil.jsonJacksonGetString(jsonJacksonNode, "id")) == 0, "id is forbidden");
            GrouperScim2User fromJson = GrouperScim2User.fromJson(jsonJacksonNode);
            fromJson.setId(GrouperUuid.getUuid());
            HibernateSession.byObjectStatic().save(fromJson);
            ObjectNode json = fromJson.toJson(null);
            mockServiceResponse.setResponseCode(201);
            mockServiceResponse.setContentType(HttpHeaders.Values.APPLICATION_JSON);
            mockServiceResponse.setResponseBody(GrouperUtil.jsonJacksonToString(json));
        }
    }

    public void getUsers(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        List list;
        if (checkAuthorization(mockServiceRequest, mockServiceResponse)) {
            String parameter = mockServiceRequest.getHttpServletRequest().getParameter("filter");
            if (StringUtils.isBlank(parameter)) {
                list = HibernateSession.byHqlStatic().createQuery("from GrouperScim2User").list(GrouperScim2User.class);
            } else {
                Matcher matcher = Pattern.compile("^([^\\s]+)\\s+eq\\s+\"(.+)\"$").matcher(parameter);
                GrouperUtil.assertion(matcher.matches(), "doesnt match regex '" + parameter + "'");
                String group = matcher.group(1);
                String unescapeJson = StringEscapeUtils.unescapeJson(matcher.group(2));
                GrouperUtil.assertion(group.matches("^[a-zA-Z0-9]+$"), "field must be alphanumeric '" + group + "'");
                list = HibernateSession.byHqlStatic().createQuery("from GrouperScim2User where " + group + " = :theValue").setString("theValue", unescapeJson).list(GrouperScim2User.class);
            }
            ObjectNode jsonJacksonNode = GrouperUtil.jsonJacksonNode();
            jsonJacksonNode.put("totalResults", GrouperUtil.length(list));
            jsonJacksonNode.put("itemsPerPage", GrouperUtil.length(list));
            jsonJacksonNode.put("startIndex", 1);
            ArrayNode jsonJacksonArrayNode = GrouperUtil.jsonJacksonArrayNode();
            jsonJacksonArrayNode.add("urn:ietf:params:scim:api:messages:2.0:ListResponse");
            jsonJacksonNode.set("schemas", jsonJacksonArrayNode);
            ArrayNode jsonJacksonArrayNode2 = GrouperUtil.jsonJacksonArrayNode();
            Iterator it = list.iterator();
            while (it.hasNext()) {
                jsonJacksonArrayNode2.add(((GrouperScim2User) it.next()).toJson(null));
            }
            jsonJacksonNode.set("Resources", jsonJacksonArrayNode2);
            mockServiceResponse.setResponseCode(200);
            mockServiceResponse.setContentType(HttpHeaders.Values.APPLICATION_JSON);
            mockServiceResponse.setResponseBody(GrouperUtil.jsonJacksonToString(jsonJacksonNode));
        }
    }

    public void getUser(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        if (checkAuthorization(mockServiceRequest, mockServiceResponse)) {
            GrouperScim2User grouperScim2User = (GrouperScim2User) HibernateSession.byHqlStatic().createQuery("from GrouperScim2User where id = :theValue").setString("theValue", mockServiceRequest.getPostMockNamePaths()[1]).uniqueResult(GrouperScim2User.class);
            if (grouperScim2User == null) {
                mockServiceResponse.setResponseCode(404);
                return;
            }
            ObjectNode json = grouperScim2User.toJson(null);
            mockServiceResponse.setResponseCode(200);
            mockServiceResponse.setContentType(HttpHeaders.Values.APPLICATION_JSON);
            mockServiceResponse.setResponseBody(GrouperUtil.jsonJacksonToString(json));
        }
    }

    public void deleteUser(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        if (checkAuthorization(mockServiceRequest, mockServiceResponse)) {
            String str = mockServiceRequest.getPostMockNamePaths()[1];
            GrouperUtil.assertion(GrouperUtil.length(str) > 0, "id is required");
            mockServiceRequest.getDebugMap().put("membershipsDeleted", Integer.valueOf(HibernateSession.byHqlStatic().createQuery("delete from GrouperScim2Membership where userId = :userId").setString("userId", str).executeUpdateInt()));
            int executeUpdateInt = HibernateSession.byHqlStatic().createQuery("delete from GrouperScim2User where id = :theId").setString("theId", str).executeUpdateInt();
            mockServiceRequest.getDebugMap().put("usersDeleted", Integer.valueOf(executeUpdateInt));
            mockServiceResponse.setContentType(HttpHeaders.Values.APPLICATION_JSON);
            if (executeUpdateInt == 1) {
                mockServiceResponse.setResponseCode(204);
            } else {
                if (executeUpdateInt != 0) {
                    throw new RuntimeException("usersDeleted: " + executeUpdateInt);
                }
                mockServiceResponse.setResponseCode(404);
            }
        }
    }

    public void patchUser(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        if (checkAuthorization(mockServiceRequest, mockServiceResponse)) {
            String str = mockServiceRequest.getPostMockNamePaths()[1];
            GrouperUtil.assertion(GrouperUtil.length(str) > 0, "id is required");
            GrouperScim2User grouperScim2User = (GrouperScim2User) HibernateSession.byHqlStatic().createQuery("from GrouperScim2User where id = :theValue").setString("theValue", str).uniqueResult(GrouperScim2User.class);
            if (grouperScim2User == null) {
                mockServiceResponse.setResponseCode(404);
                mockServiceRequest.getDebugMap().put("foundUser", false);
                return;
            }
            mockServiceResponse.setContentType(HttpHeaders.Values.APPLICATION_JSON);
            JsonNode jsonJacksonNode = GrouperUtil.jsonJacksonNode(mockServiceRequest.getRequestBody());
            ArrayNode arrayNode = (ArrayNode) jsonJacksonNode.get("schemas");
            GrouperUtil.assertion(arrayNode.size() == 1, "schema is required");
            GrouperUtil.assertion("urn:ietf:params:scim:api:messages:2.0:PatchOp".equals(arrayNode.get(0).asText()), "schema is required");
            ArrayNode arrayNode2 = (ArrayNode) jsonJacksonNode.get("Operations");
            GrouperUtil.assertion(arrayNode2.size() > 0, "must send operations");
            for (int i = 0; i < arrayNode2.size(); i++) {
                JsonNode jsonNode = arrayNode2.get(i);
                String jsonJacksonGetString = GrouperUtil.jsonJacksonGetString(jsonNode, "op");
                boolean equals = "add".equals(jsonJacksonGetString);
                boolean equals2 = "replace".equals(jsonJacksonGetString);
                boolean equals3 = "remove".equals(jsonJacksonGetString);
                if (!equals && !equals3 && !equals2) {
                    throw new RuntimeException("Invalid op, expecting add, replace, remove, but received: '" + jsonJacksonGetString + "'");
                }
                String jsonJacksonGetString2 = GrouperUtil.jsonJacksonGetString(jsonNode, "path");
                GrouperUtil.assertion(!"id".equals(jsonJacksonGetString2), "cannot patch id");
                if ("urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.costCenter".equals(jsonJacksonGetString2)) {
                    jsonJacksonGetString2 = "costCenter";
                }
                if ("urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.employeeNumber".equals(jsonJacksonGetString2)) {
                    jsonJacksonGetString2 = "employeeNumber";
                }
                if ("name.familyName".equals(jsonJacksonGetString2)) {
                    jsonJacksonGetString2 = "familyName";
                }
                if ("name.formattedName".equals(jsonJacksonGetString2)) {
                    jsonJacksonGetString2 = "formattedName";
                }
                if ("name.givenName".equals(jsonJacksonGetString2)) {
                    jsonJacksonGetString2 = "givenName";
                }
                if ("name.middleName".equals(jsonJacksonGetString2)) {
                    jsonJacksonGetString2 = "middleName";
                }
                if (jsonJacksonGetString2.startsWith("emails")) {
                    JsonNode jsonNode2 = jsonNode.get("value");
                    if (!equals) {
                        grouperScim2User.validateEmail(jsonJacksonGetString2);
                        if (StringUtils.isBlank(grouperScim2User.getEmailValue()) && StringUtils.isBlank(grouperScim2User.getEmailType())) {
                            throw new RuntimeException(jsonJacksonGetString + " email but not there! " + grouperScim2User);
                        }
                        if (equals3) {
                            grouperScim2User.setEmailType(null);
                            grouperScim2User.setEmailValue(null);
                        } else {
                            GrouperUtil.assertion(equals2, "expecting replace");
                            if (jsonNode2.isArray()) {
                                GrouperUtil.assertion(jsonNode2.size() == 1, "expecting size 1 but was " + jsonNode2.size());
                                jsonNode2 = ((ArrayNode) jsonNode2).get(0);
                            }
                            if (jsonNode2.has("type")) {
                                grouperScim2User.setEmailType(GrouperUtil.jsonJacksonGetString(jsonNode2, "type"));
                            }
                            if (jsonNode2.has("value")) {
                                grouperScim2User.setEmailValue(GrouperUtil.jsonJacksonGetString(jsonNode2, "value"));
                            }
                        }
                    } else {
                        if (!StringUtils.isBlank(grouperScim2User.getEmailValue()) || !StringUtils.isBlank(grouperScim2User.getEmailType())) {
                            throw new RuntimeException("Adding email but already exists! " + grouperScim2User);
                        }
                        if (jsonNode2.has("type")) {
                            grouperScim2User.setEmailType(GrouperUtil.jsonJacksonGetString(jsonNode2, "type"));
                        }
                        if (jsonNode2.has("value")) {
                            grouperScim2User.setEmailValue(GrouperUtil.jsonJacksonGetString(jsonNode2, "value"));
                        }
                    }
                } else {
                    Object jsonJacksonGetBoolean = "active".equals(jsonJacksonGetString2) ? GrouperUtil.jsonJacksonGetBoolean(jsonNode, "value") : GrouperUtil.jsonJacksonGetString(jsonNode, "value");
                    Object fieldValue = GrouperUtil.fieldValue(grouperScim2User, jsonJacksonGetString2);
                    if (equals) {
                        GrouperUtil.assertion(GrouperUtil.isBlank(fieldValue), "add op already has value! " + jsonJacksonGetString2 + ", '" + fieldValue + "' " + grouperScim2User);
                        GrouperUtil.assignField(grouperScim2User, jsonJacksonGetString2, jsonJacksonGetBoolean);
                    } else {
                        GrouperUtil.assertion(!GrouperUtil.isBlank(fieldValue), "add op doesnt have value! " + jsonJacksonGetString2 + ", '" + fieldValue + "' " + grouperScim2User);
                        if (equals3) {
                            GrouperUtil.assertion(jsonJacksonGetBoolean == null, "remove op should not have a value! " + jsonJacksonGetString2 + ", '" + jsonJacksonGetBoolean + "' " + grouperScim2User);
                        }
                        GrouperUtil.assignField(grouperScim2User, jsonJacksonGetString2, jsonJacksonGetBoolean);
                    }
                }
            }
            HibernateSession.byObjectStatic().saveOrUpdate(grouperScim2User);
            ObjectNode json = grouperScim2User.toJson(null);
            mockServiceResponse.setResponseCode(200);
            mockServiceResponse.setContentType(HttpHeaders.Values.APPLICATION_JSON);
            mockServiceResponse.setResponseBody(GrouperUtil.jsonJacksonToString(json));
        }
    }

    public void postGroups(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        if (checkAuthorization(mockServiceRequest, mockServiceResponse)) {
            JsonNode jsonJacksonNode = GrouperUtil.jsonJacksonNode(mockServiceRequest.getRequestBody());
            GrouperUtil.assertion(GrouperUtil.length(GrouperUtil.jsonJacksonGetString(jsonJacksonNode, "id")) == 0, "id is forbidden");
            GrouperScim2Group fromJson = GrouperScim2Group.fromJson(jsonJacksonNode);
            fromJson.setId(GrouperUuid.getUuid());
            fromJson.setCreated(new Timestamp(System.currentTimeMillis()));
            fromJson.setLastModified(new Timestamp(System.currentTimeMillis()));
            HibernateSession.byObjectStatic().save(fromJson);
            ObjectNode json = fromJson.toJson(null);
            mockServiceResponse.setResponseCode(201);
            mockServiceResponse.setContentType(HttpHeaders.Values.APPLICATION_JSON);
            mockServiceResponse.setResponseBody(GrouperUtil.jsonJacksonToString(json));
        }
    }

    public void deleteGroup(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        if (checkAuthorization(mockServiceRequest, mockServiceResponse)) {
            String str = mockServiceRequest.getPostMockNamePaths()[1];
            GrouperUtil.assertion(GrouperUtil.length(str) > 0, "id is required");
            mockServiceRequest.getDebugMap().put("membershipsDeleted", Integer.valueOf(HibernateSession.byHqlStatic().createQuery("delete from GrouperScim2Membership where groupId = :groupId").setString("groupId", str).executeUpdateInt()));
            int executeUpdateInt = HibernateSession.byHqlStatic().createQuery("delete from GrouperScim2Group where id = :theId").setString("theId", str).executeUpdateInt();
            mockServiceRequest.getDebugMap().put("groupsDeleted", Integer.valueOf(executeUpdateInt));
            mockServiceResponse.setContentType(HttpHeaders.Values.APPLICATION_JSON);
            if (executeUpdateInt == 1) {
                mockServiceResponse.setResponseCode(204);
            } else {
                if (executeUpdateInt != 0) {
                    throw new RuntimeException("groupsDeleted: " + executeUpdateInt);
                }
                mockServiceResponse.setResponseCode(404);
            }
        }
    }

    public void getGroup(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        if (checkAuthorization(mockServiceRequest, mockServiceResponse)) {
            GrouperScim2Group grouperScim2Group = (GrouperScim2Group) HibernateSession.byHqlStatic().createQuery("from GrouperScim2Group where id = :theValue").setString("theValue", mockServiceRequest.getPostMockNamePaths()[1]).uniqueResult(GrouperScim2Group.class);
            if (grouperScim2Group == null) {
                mockServiceResponse.setResponseCode(404);
                return;
            }
            ObjectNode json = grouperScim2Group.toJson(null);
            mockServiceResponse.setResponseCode(200);
            mockServiceResponse.setContentType(HttpHeaders.Values.APPLICATION_JSON);
            mockServiceResponse.setResponseBody(GrouperUtil.jsonJacksonToString(json));
        }
    }

    public void getGroups(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        List list;
        if (checkAuthorization(mockServiceRequest, mockServiceResponse)) {
            String parameter = mockServiceRequest.getHttpServletRequest().getParameter("filter");
            if (StringUtils.isBlank(parameter)) {
                list = HibernateSession.byHqlStatic().createQuery("from GrouperScim2Group").list(GrouperScim2Group.class);
            } else {
                Matcher matcher = Pattern.compile("^([^\\s]+)\\s+eq\\s+\"(.+)\"$").matcher(parameter);
                GrouperUtil.assertion(matcher.matches(), "doesnt match regex '" + parameter + "'");
                String group = matcher.group(1);
                String unescapeJson = StringEscapeUtils.unescapeJson(matcher.group(2));
                GrouperUtil.assertion(group.matches("^[a-zA-Z0-9]+$"), "field must be alphanumeric '" + group + "'");
                list = HibernateSession.byHqlStatic().createQuery("from GrouperScim2Group where " + group + " = :theValue").setString("theValue", unescapeJson).list(GrouperScim2Group.class);
            }
            ObjectNode jsonJacksonNode = GrouperUtil.jsonJacksonNode();
            jsonJacksonNode.put("totalResults", GrouperUtil.length(list));
            jsonJacksonNode.put("itemsPerPage", GrouperUtil.length(list));
            jsonJacksonNode.put("startIndex", 1);
            ArrayNode jsonJacksonArrayNode = GrouperUtil.jsonJacksonArrayNode();
            jsonJacksonArrayNode.add("urn:ietf:params:scim:api:messages:2.0:ListResponse");
            jsonJacksonNode.set("schemas", jsonJacksonArrayNode);
            ArrayNode jsonJacksonArrayNode2 = GrouperUtil.jsonJacksonArrayNode();
            Iterator it = list.iterator();
            while (it.hasNext()) {
                jsonJacksonArrayNode2.add(((GrouperScim2Group) it.next()).toJson(null));
            }
            jsonJacksonNode.set("Resources", jsonJacksonArrayNode2);
            mockServiceResponse.setResponseCode(200);
            mockServiceResponse.setContentType(HttpHeaders.Values.APPLICATION_JSON);
            mockServiceResponse.setResponseBody(GrouperUtil.jsonJacksonToString(jsonJacksonNode));
        }
    }

    public void patchGroup(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        if (checkAuthorization(mockServiceRequest, mockServiceResponse)) {
            String str = mockServiceRequest.getPostMockNamePaths()[1];
            GrouperUtil.assertion(GrouperUtil.length(str) > 0, "id is required");
            GrouperScim2Group grouperScim2Group = (GrouperScim2Group) HibernateSession.byHqlStatic().createQuery("from GrouperScim2Group where id = :theValue").setString("theValue", str).uniqueResult(GrouperScim2Group.class);
            if (grouperScim2Group == null) {
                mockServiceResponse.setResponseCode(404);
                mockServiceRequest.getDebugMap().put("foundGroup", false);
                return;
            }
            mockServiceResponse.setContentType(HttpHeaders.Values.APPLICATION_JSON);
            String requestBody = mockServiceRequest.getRequestBody();
            JsonNode jsonJacksonNode = GrouperUtil.jsonJacksonNode(requestBody);
            ArrayNode arrayNode = (ArrayNode) jsonJacksonNode.get("schemas");
            GrouperUtil.assertion(arrayNode.size() == 1, "schema is required");
            GrouperUtil.assertion("urn:ietf:params:scim:api:messages:2.0:PatchOp".equals(arrayNode.get(0).asText()), "schema is required");
            ArrayNode arrayNode2 = (ArrayNode) jsonJacksonNode.get("Operations");
            GrouperUtil.assertion(arrayNode2.size() > 0, "must send operations");
            int i = 0;
            int i2 = 0;
            int i3 = 0;
            for (int i4 = 0; i4 < arrayNode2.size(); i4++) {
                JsonNode jsonNode = arrayNode2.get(i4);
                String jsonJacksonGetString = GrouperUtil.jsonJacksonGetString(jsonNode, "op");
                boolean equals = "add".equals(jsonJacksonGetString);
                boolean equals2 = "replace".equals(jsonJacksonGetString);
                boolean equals3 = "remove".equals(jsonJacksonGetString);
                if (!equals && !equals3 && !equals2) {
                    throw new RuntimeException("Invalid op, expecting add, replace, remove, but received: '" + jsonJacksonGetString + "'");
                }
                String jsonJacksonGetString2 = GrouperUtil.jsonJacksonGetString(jsonNode, "path");
                HashSet<String> hashSet = new HashSet();
                HashSet hashSet2 = new HashSet();
                if (equals3) {
                    String validateMembersPath = grouperScim2Group.validateMembersPath(jsonJacksonGetString2);
                    if (StringUtils.isBlank(validateMembersPath)) {
                        throw new RuntimeException("userId is blank: " + requestBody);
                    }
                    hashSet2.add(validateMembersPath);
                } else {
                    GrouperUtil.assertion(GrouperConfig.LIST.equals(jsonJacksonGetString2), "'members' is only path acceptable, not '" + jsonJacksonGetString2 + "'");
                    JsonNode jsonJacksonGetNode = GrouperUtil.jsonJacksonGetNode(jsonNode, "value");
                    if (!jsonJacksonGetNode.isArray()) {
                        ArrayNode jsonJacksonArrayNode = GrouperUtil.jsonJacksonArrayNode();
                        jsonJacksonArrayNode.add(jsonJacksonGetNode);
                        jsonJacksonGetNode = jsonJacksonArrayNode;
                    }
                    for (int i5 = 0; i5 < jsonJacksonGetNode.size(); i5++) {
                        String jsonJacksonGetString3 = GrouperUtil.jsonJacksonGetString(jsonJacksonGetNode.get(i5), "value");
                        GrouperUtil.assertion(!StringUtils.isBlank(jsonJacksonGetString3), "'members' is only path acceptable, not '" + jsonJacksonGetString2 + "'");
                        hashSet.add(jsonJacksonGetString3);
                    }
                    if (equals2) {
                        hashSet2.addAll(HibernateSession.byHqlStatic().createQuery("select userId from GrouperScim2Membership where groupId = :theGroupId").setString("theGroupId", str).listSet(String.class));
                        HashSet hashSet3 = new HashSet(hashSet);
                        hashSet.removeAll(hashSet2);
                        hashSet2.removeAll(hashSet3);
                        i3++;
                    }
                }
                Iterator it = hashSet2.iterator();
                while (it.hasNext()) {
                    GrouperScim2Membership grouperScim2Membership = (GrouperScim2Membership) HibernateSession.byHqlStatic().createQuery("select membership from GrouperScim2Membership membership where userId = :theUserId and groupId = :theGroupId").setString("theGroupId", str).setString("theUserId", (String) it.next()).uniqueResult(GrouperScim2Membership.class);
                    if (grouperScim2Membership != null) {
                        HibernateSession.byObjectStatic().delete(grouperScim2Membership);
                        i2++;
                    }
                }
                for (String str2 : hashSet) {
                    GrouperScim2Membership grouperScim2Membership2 = new GrouperScim2Membership();
                    grouperScim2Membership2.setId(GrouperUuid.getUuid());
                    grouperScim2Membership2.setUserId(str2);
                    grouperScim2Membership2.setGroupId(str);
                    HibernateSession.byObjectStatic().save(grouperScim2Membership2);
                    i++;
                }
            }
            mockServiceRequest.getDebugMap().put("adds", Integer.valueOf(i));
            mockServiceRequest.getDebugMap().put("removes", Integer.valueOf(i2));
            mockServiceRequest.getDebugMap().put("replaces", Integer.valueOf(i3));
            mockServiceResponse.setResponseCode(204);
            mockServiceResponse.setContentType(HttpHeaders.Values.APPLICATION_JSON);
        }
    }
}
