package io.imunity.scim.admin;

import com.fasterxml.jackson.core.JsonProcessingException;
import io.imunity.scim.admin.AdminAuthzService;
import io.imunity.scim.config.SCIMEndpointConfiguration;
import io.imunity.scim.config.SCIMEndpointDescription;
import io.imunity.scim.config.SCIMEndpointPropertiesConfigurationMapper;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
import pl.edu.icm.unity.base.endpoint.EndpointConfiguration;
import pl.edu.icm.unity.base.exceptions.EngineException;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.engine.api.EndpointManagement;

/* loaded from: input_file:io/imunity/scim/admin/AdminController.class */
class AdminController {
    private static final Logger log = Log.getLogger("unity.server.scim", AdminController.class);
    private final SCIMEndpointDescription configuration;
    private final EndpointManagement endpointManagement;
    private final AdminAuthzService adminAuthzService;

    @Component
    /* loaded from: input_file:io/imunity/scim/admin/AdminController$AdminControllerFactory.class */
    static class AdminControllerFactory {
        private final EndpointManagement endpointManagement;
        private final AdminAuthzService.SCIMAdminAuthzServiceFactory adminAuthzServiceFactory;

        @Autowired
        AdminControllerFactory(@Qualifier("insecure") EndpointManagement endpointManagement, AdminAuthzService.SCIMAdminAuthzServiceFactory sCIMAdminAuthzServiceFactory) {
            this.endpointManagement = endpointManagement;
            this.adminAuthzServiceFactory = sCIMAdminAuthzServiceFactory;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public AdminController getService(SCIMEndpointDescription sCIMEndpointDescription) {
            return new AdminController(sCIMEndpointDescription, this.endpointManagement, this.adminAuthzServiceFactory.getService(sCIMEndpointDescription));
        }
    }

    AdminController(SCIMEndpointDescription sCIMEndpointDescription, EndpointManagement endpointManagement, AdminAuthzService adminAuthzService) {
        this.configuration = sCIMEndpointDescription;
        this.endpointManagement = endpointManagement;
        this.adminAuthzService = adminAuthzService;
    }

    public MembershipGroupsConfiguration getExposedGroups() throws EngineException {
        this.adminAuthzService.authorizeReadOrUpdateOfExposedGroups();
        SCIMEndpointConfiguration fromProperties = SCIMEndpointPropertiesConfigurationMapper.fromProperties(this.endpointManagement.getEndpoint(this.configuration.endpointName).getConfiguration().getConfiguration());
        return MembershipGroupsConfiguration.builder().withExcludedMemberhipGroups(fromProperties.excludedMembershipGroups).withMembershipGroups(fromProperties.membershipGroups).build();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void updateExposedGroups(MembershipGroupsConfiguration membershipGroupsConfiguration) throws JsonProcessingException, EngineException {
        this.adminAuthzService.authorizeReadOrUpdateOfExposedGroups();
        EndpointConfiguration configuration = this.endpointManagement.getEndpoint(this.configuration.endpointName).getConfiguration();
        SCIMEndpointConfiguration fromProperties = SCIMEndpointPropertiesConfigurationMapper.fromProperties(configuration.getConfiguration());
        SCIMEndpointConfiguration build = SCIMEndpointConfiguration.builder(fromProperties).withMembershipGroups(membershipGroupsConfiguration.membershipGroups).withExcludedMembershipGroups(membershipGroupsConfiguration.excludedMemberhipGroups).build();
        if (fromProperties.equals(build)) {
            log.debug("Skipping update membership groups configuration for SCIM endpoint {} , the groups remains unchanged", this.configuration.endpointName);
            return;
        }
        EndpointConfiguration endpointConfiguration = new EndpointConfiguration(configuration.getDisplayedName(), configuration.getDescription(), configuration.getAuthenticationOptions(), SCIMEndpointPropertiesConfigurationMapper.toProperties(build), configuration.getRealm(), configuration.getTag());
        log.debug("Update SCIM endpoint {}, set membership groups={}, excludedMembershipGroups={}", this.configuration.endpointName, build.membershipGroups, build.excludedMembershipGroups);
        this.endpointManagement.updateEndpoint(this.configuration.endpointName, endpointConfiguration);
    }
}
