package org.opencastproject.security.aai;

import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.opencastproject.security.aai.api.AttributeMapper;
import org.opencastproject.security.api.GroupProvider;
import org.opencastproject.security.api.JaxbOrganization;
import org.opencastproject.security.api.JaxbRole;
import org.opencastproject.security.api.Organization;
import org.opencastproject.security.api.Role;
import org.opencastproject.security.api.SecurityService;
import org.opencastproject.security.api.User;
import org.opencastproject.security.impl.jpa.JpaOrganization;
import org.opencastproject.security.impl.jpa.JpaRole;
import org.opencastproject.security.impl.jpa.JpaUserReference;
import org.opencastproject.security.shibboleth.ShibbolethLoginHandler;
import org.opencastproject.userdirectory.api.AAIRoleProvider;
import org.opencastproject.userdirectory.api.UserReferenceProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

/* loaded from: input_file:org/opencastproject/security/aai/DynamicLoginHandler.class */
public class DynamicLoginHandler implements ShibbolethLoginHandler, AAIRoleProvider, GroupProvider, InitializingBean {
    private static final Logger logger = LoggerFactory.getLogger(DynamicLoginHandler.class);
    private UserReferenceProvider userReferenceProvider = null;
    private SecurityService securityService = null;
    private AttributeMapper attributeMapper = null;

    public void newUserLogin(String str, HttpServletRequest httpServletRequest) {
        JpaUserReference jpaUserReference = new JpaUserReference(str, extractName(httpServletRequest), extractEmail(httpServletRequest), "shibboleth", new Date(), fromOrganization(this.securityService.getOrganization()), extractRoles(str, httpServletRequest));
        logger.debug("Shibboleth user '{}' logged in for the first time", str);
        this.userReferenceProvider.addUserReference(jpaUserReference, "shibboleth");
    }

    public void existingUserLogin(String str, HttpServletRequest httpServletRequest) {
        JpaUserReference findUserReference = this.userReferenceProvider.findUserReference(str, this.securityService.getOrganization().getId());
        if (findUserReference == null) {
            throw new UsernameNotFoundException("User reference '" + str + "' was not found");
        }
        findUserReference.setName(extractName(httpServletRequest));
        findUserReference.setEmail(extractEmail(httpServletRequest));
        findUserReference.setLastLogin(new Date());
        findUserReference.setRoles(extractRoles(str, httpServletRequest));
        logger.debug("Shibboleth user '{}' logged in", str);
        this.userReferenceProvider.updateUserReference(findUserReference);
    }

    public void setSecurityService(SecurityService securityService) {
        this.securityService = securityService;
    }

    public void setUserReferenceProvider(UserReferenceProvider userReferenceProvider) {
        this.userReferenceProvider = userReferenceProvider;
    }

    private String extractName(HttpServletRequest httpServletRequest) {
        String extractDisplayName = extractDisplayName(httpServletRequest);
        if (StringUtils.isNotBlank(extractDisplayName)) {
            return extractDisplayName;
        }
        return null;
    }

    private String extractEmail(HttpServletRequest httpServletRequest) {
        List<String> mappedAttributes = this.attributeMapper.getMappedAttributes(httpServletRequest, "mail");
        if (mappedAttributes.size() == 0) {
            return null;
        }
        String str = mappedAttributes.get(0);
        return StringUtils.isBlank(str) ? "" : new String(str.getBytes(StandardCharsets.ISO_8859_1), StandardCharsets.UTF_8);
    }

    private String extractDisplayName(HttpServletRequest httpServletRequest) {
        List<String> mappedAttributes = this.attributeMapper.getMappedAttributes(httpServletRequest, "displayName");
        if (mappedAttributes.size() == 0) {
            return null;
        }
        String str = mappedAttributes.get(0);
        return StringUtils.isBlank(str) ? "" : new String(str.getBytes(StandardCharsets.ISO_8859_1), StandardCharsets.UTF_8);
    }

    private Set<JpaRole> extractRoles(String str, HttpServletRequest httpServletRequest) {
        List<String> mappedAttributes = this.attributeMapper.getMappedAttributes(httpServletRequest, "roles");
        JpaOrganization fromOrganization = fromOrganization(this.securityService.getOrganization());
        HashSet hashSet = new HashSet();
        if (mappedAttributes != null) {
            Iterator<String> it = mappedAttributes.iterator();
            while (it.hasNext()) {
                hashSet.add(new JpaRole(it.next(), fromOrganization));
            }
        }
        return hashSet;
    }

    private JpaOrganization fromOrganization(Organization organization) {
        return organization instanceof JpaOrganization ? (JpaOrganization) organization : new JpaOrganization(organization.getId(), organization.getName(), organization.getServers(), organization.getAdminRole(), organization.getAnonymousRole(), organization.getProperties());
    }

    public Iterator<Role> getRoles() {
        JaxbOrganization fromOrganization = JaxbOrganization.fromOrganization(this.securityService.getOrganization());
        HashSet hashSet = new HashSet();
        hashSet.add(new JaxbRole(fromOrganization.getAnonymousRole(), fromOrganization));
        hashSet.addAll(this.securityService.getUser().getRoles());
        return hashSet.iterator();
    }

    public List<Role> getRolesForUser(String str) {
        ArrayList arrayList = new ArrayList();
        User loadUser = this.userReferenceProvider.loadUser(str);
        if (loadUser != null) {
            arrayList.addAll(loadUser.getRoles());
        }
        return arrayList;
    }

    public String getOrganization() {
        return "*";
    }

    public Iterator<Role> findRoles(String str, Role.Target target, int i, int i2) {
        if (str == null) {
            throw new IllegalArgumentException("Query must be set");
        }
        HashSet hashSet = new HashSet();
        Iterator<Role> roles = getRoles();
        while (roles.hasNext()) {
            Role next = roles.next();
            if (like(next.getName(), str) || like(next.getDescription(), str)) {
                hashSet.add(next);
            }
        }
        return offsetLimitCollection(i, i2, hashSet).iterator();
    }

    private <T> HashSet<T> offsetLimitCollection(int i, int i2, HashSet<T> hashSet) {
        HashSet<T> hashSet2 = new HashSet<>();
        int i3 = 0;
        Iterator<T> it = hashSet.iterator();
        while (it.hasNext()) {
            T next = it.next();
            if (i2 != 0 && hashSet2.size() >= i2) {
                break;
            }
            if (i3 >= i) {
                hashSet2.add(next);
            }
            i3++;
        }
        return hashSet2;
    }

    private boolean like(String str, String str2) {
        if (str == null) {
            return false;
        }
        return Pattern.compile(str2.replace("_", ".").replace("%", ".*?"), 34).matcher(str).matches();
    }

    public void afterPropertiesSet() throws Exception {
        this.userReferenceProvider.setRoleProvider(this);
    }

    public AttributeMapper getAttributeMapper() {
        return this.attributeMapper;
    }

    public void setAttributeMapper(AttributeMapper attributeMapper) {
        this.attributeMapper = attributeMapper;
    }

    public List<Role> getRolesForGroup(String str) {
        return null;
    }
}
