package io.imunity.scim.user;

import io.imunity.scim.config.SCIMEndpointDescription;
import io.imunity.scim.user.UserAuthzService;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.engine.api.AttributesManagement;
import pl.edu.icm.unity.engine.api.EntityManagement;
import pl.edu.icm.unity.engine.api.authn.InvocationContext;
import pl.edu.icm.unity.engine.api.bulk.BulkGroupQueryService;
import pl.edu.icm.unity.engine.api.bulk.EntityInGroupData;
import pl.edu.icm.unity.engine.api.bulk.GroupMembershipData;
import pl.edu.icm.unity.exceptions.EngineException;
import pl.edu.icm.unity.types.basic.AttributeExt;
import pl.edu.icm.unity.types.basic.Entity;
import pl.edu.icm.unity.types.basic.EntityParam;
import pl.edu.icm.unity.types.basic.Group;
import pl.edu.icm.unity.types.basic.GroupContents;
import pl.edu.icm.unity.types.basic.IdentityTaV;

/* loaded from: input_file:io/imunity/scim/user/UserRetrievalService.class */
class UserRetrievalService {
    private static final Logger log = Log.getLogger("unity.server.scim", UserRetrievalService.class);
    public static final String DEFAULT_META_VERSION = "v1";
    private final UserAuthzService authzService;
    private final EntityManagement entityManagement;
    private final BulkGroupQueryService bulkService;
    private final AttributesManagement attrMan;
    private final SCIMEndpointDescription configuration;

    @Component
    /* loaded from: input_file:io/imunity/scim/user/UserRetrievalService$SCIMUserRetrievalServiceFactory.class */
    static class SCIMUserRetrievalServiceFactory {
        private final EntityManagement entityManagement;
        private final BulkGroupQueryService bulkService;
        private final UserAuthzService.SCIMUserAuthzServiceFactory authzManFactory;
        private final AttributesManagement attrMan;

        @Autowired
        SCIMUserRetrievalServiceFactory(@Qualifier("insecure") EntityManagement entityManagement, @Qualifier("insecure") BulkGroupQueryService bulkGroupQueryService, @Qualifier("insecure") AttributesManagement attributesManagement, UserAuthzService.SCIMUserAuthzServiceFactory sCIMUserAuthzServiceFactory) {
            this.entityManagement = entityManagement;
            this.bulkService = bulkGroupQueryService;
            this.authzManFactory = sCIMUserAuthzServiceFactory;
            this.attrMan = attributesManagement;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public UserRetrievalService getService(SCIMEndpointDescription sCIMEndpointDescription) {
            return new UserRetrievalService(this.authzManFactory.getService(sCIMEndpointDescription), this.entityManagement, this.bulkService, this.attrMan, sCIMEndpointDescription);
        }
    }

    UserRetrievalService(UserAuthzService userAuthzService, EntityManagement entityManagement, BulkGroupQueryService bulkGroupQueryService, AttributesManagement attributesManagement, SCIMEndpointDescription sCIMEndpointDescription) {
        this.entityManagement = entityManagement;
        this.configuration = sCIMEndpointDescription;
        this.bulkService = bulkGroupQueryService;
        this.authzService = userAuthzService;
        this.attrMan = attributesManagement;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public User getLoggedUser() throws EngineException {
        return getUser(this.entityManagement.getEntity(new EntityParam(Long.valueOf(InvocationContext.getCurrent().getLoginSession().getEntityId()))));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public User getUser(PersistentId persistentId) throws EngineException {
        return getUser(this.entityManagement.getEntity(new EntityParam(new IdentityTaV("persistent", persistentId.id))));
    }

    private User getUser(Entity entity) throws EngineException {
        Map groups = this.entityManagement.getGroups(new EntityParam(entity.getId()));
        this.authzService.checkReadUser(entity.getId().longValue(), groups.keySet());
        if (!groups.keySet().contains(this.configuration.rootGroup)) {
            log.error("User " + entity.getId() + " is out of range for configured membership groups");
            throw new UserNotFoundException("Invalid user");
        }
        Set set = (Set) groups.keySet().stream().filter(str -> {
            return this.configuration.membershipGroups.stream().anyMatch(str -> {
                return Group.isChildOrSame(str, str);
            });
        }).collect(Collectors.toSet());
        return mapToUser(entity, (Set) getAllMembershipGroups().entrySet().stream().filter(entry -> {
            return set.contains(entry.getKey());
        }).map(entry2 -> {
            return ((GroupContents) entry2.getValue()).getGroup();
        }).collect(Collectors.toSet()), (Map) this.attrMan.getAttributes(new EntityParam(entity.getId()), this.configuration.rootGroup, (String) null).stream().collect(Collectors.toMap(attributeExt -> {
            return attributeExt.getName();
        }, attributeExt2 -> {
            return attributeExt2;
        })));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<User> getUsers() throws EngineException {
        this.authzService.checkReadUsers();
        ArrayList arrayList = new ArrayList();
        GroupMembershipData bulkMembershipData = this.bulkService.getBulkMembershipData("/");
        Map membershipInfo = this.bulkService.getMembershipInfo(bulkMembershipData);
        Map<String, GroupContents> allMembershipGroups = getAllMembershipGroups();
        Map groupUsersAttributes = this.bulkService.getGroupUsersAttributes(this.configuration.rootGroup, bulkMembershipData);
        for (EntityInGroupData entityInGroupData : membershipInfo.values()) {
            if (entityInGroupData.groups.contains(this.configuration.rootGroup)) {
                HashSet hashSet = new HashSet(entityInGroupData.groups);
                hashSet.retainAll(allMembershipGroups.keySet());
                arrayList.add(mapToUser(entityInGroupData.entity, (Set) allMembershipGroups.entrySet().stream().filter(entry -> {
                    return hashSet.contains(entry.getKey());
                }).map(entry2 -> {
                    return ((GroupContents) entry2.getValue()).getGroup();
                }).collect(Collectors.toSet()), (Map) groupUsersAttributes.getOrDefault(entityInGroupData.entity.getId(), Collections.emptyMap())));
            }
        }
        return arrayList;
    }

    private Map<String, GroupContents> getAllMembershipGroups() throws EngineException {
        Map groupAndSubgroups = this.bulkService.getGroupAndSubgroups(this.bulkService.getBulkStructuralData("/"));
        HashMap hashMap = new HashMap();
        for (String str : this.configuration.membershipGroups) {
            for (String str2 : groupAndSubgroups.keySet()) {
                if (Group.isChildOrSame(str2, str)) {
                    hashMap.put(str2, (GroupContents) groupAndSubgroups.get(str2));
                }
            }
        }
        return hashMap;
    }

    private User mapToUser(Entity entity, Set<Group> set, Map<String, AttributeExt> map) {
        return User.builder().withEntityId(entity.getId()).withGroups(set).withIdentities(entity.getIdentities()).withAttributes((List) map.values().stream().collect(Collectors.toList())).build();
    }
}
