package org.opencastproject.userdirectory;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Comparator;
import java.util.Dictionary;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.ConcurrentHashMap;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils;
import org.opencastproject.security.api.JaxbOrganization;
import org.opencastproject.security.api.JaxbRole;
import org.opencastproject.security.api.JaxbUser;
import org.opencastproject.security.api.Organization;
import org.opencastproject.security.api.Role;
import org.opencastproject.security.api.RoleProvider;
import org.opencastproject.security.api.SecurityConstants;
import org.opencastproject.security.api.SecurityService;
import org.opencastproject.security.api.User;
import org.opencastproject.security.api.UserProvider;
import org.osgi.service.cm.ConfigurationException;
import org.osgi.service.cm.ManagedService;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Component(property = {"service.description=A user and role provider"}, immediate = true, service = {UserProvider.class, RoleProvider.class, ManagedService.class})
/* loaded from: input_file:org/opencastproject/userdirectory/InMemoryUserAndRoleProvider.class */
public class InMemoryUserAndRoleProvider implements UserProvider, RoleProvider, ManagedService {
    private static final Logger logger = LoggerFactory.getLogger(InMemoryUserAndRoleProvider.class);
    public static final String PROVIDER_NAME = "system";
    public static final String DIGEST_USER_NAME = "System User";
    public static final String CAPTURE_AGENT_USER_NAME = "Capture Agent";
    public static final String DIGEST_USER_KEY = "org.opencastproject.security.digest.user";
    public static final String CAPTURE_AGENT_USER_PREFIX = "capture_agent.user.";
    public static final String DIGEST_PASSWORD_KEY = "org.opencastproject.security.digest.pass";
    private static final String DIGEST_PASSWORD_DEFAULT_CONFIGURATION = "CHANGE_ME";
    public static final String CAPTURE_AGENT_ROLES_PREFIX = "capture_agent.roles.";
    private final Map<String, List<User>> inMemoryUsers = new ConcurrentHashMap();
    private Map<String, List<List<String>>> captureAgentUsers = new ConcurrentHashMap();
    protected SecurityService securityService;
    private String digestUsername;
    private String digestUserPass;

    protected void activate(ComponentContext componentContext) {
        this.digestUsername = StringUtils.trimToNull(componentContext.getBundleContext().getProperty(DIGEST_USER_KEY));
        if (this.digestUsername == null) {
            logger.warn("Digest username has not been configured ({})", DIGEST_USER_KEY);
        }
        this.digestUserPass = StringUtils.trimToNull(componentContext.getBundleContext().getProperty(DIGEST_PASSWORD_KEY));
        if (this.digestUserPass == null) {
            logger.warn("Digest password has not been configured ({})", DIGEST_PASSWORD_KEY);
        } else if (DIGEST_PASSWORD_DEFAULT_CONFIGURATION.equals(this.digestUserPass)) {
            logger.warn("\n######################################################\n#                                                    #\n# WARNING: Opencast still uses the default system    #\n#          credentials. Never do this in production. #\n#                                                    #\n#          To change the password, edit the key      #\n#          org.opencastproject.security.digest.pass  #\n#          in custom.properties.                     #\n#                                                    #\n######################################################");
        }
    }

    public void updated(Dictionary<String, ?> dictionary) throws ConfigurationException {
        if (dictionary == null) {
            this.captureAgentUsers.clear();
            this.inMemoryUsers.clear();
            return;
        }
        ConcurrentHashMap concurrentHashMap = new ConcurrentHashMap();
        Enumeration<String> keys = dictionary.keys();
        while (keys.hasMoreElements()) {
            String nextElement = keys.nextElement();
            if (nextElement.startsWith(CAPTURE_AGENT_USER_PREFIX)) {
                String[] split = nextElement.substring(CAPTURE_AGENT_USER_PREFIX.length()).split("\\.");
                if (split.length != 2) {
                    logger.warn("Ignoring invalid capture agent user definition. Should be {}.<organization>.<username>, was {}", CAPTURE_AGENT_USER_PREFIX, nextElement);
                }
                String str = split[0];
                String str2 = split[1];
                String objects = Objects.toString(dictionary.get(nextElement), null);
                if (objects != null) {
                    String[] split2 = StringUtils.split(Objects.toString(dictionary.get(CAPTURE_AGENT_ROLES_PREFIX + str + '.' + str2), ""), ", ");
                    ArrayList arrayList = new ArrayList();
                    arrayList.add(str2);
                    arrayList.add(objects);
                    arrayList.addAll(Arrays.asList(split2));
                    if (!concurrentHashMap.containsKey(str)) {
                        concurrentHashMap.put(str, new ArrayList());
                    }
                    ((List) concurrentHashMap.get(str)).add(arrayList);
                }
            }
        }
        this.captureAgentUsers = concurrentHashMap;
        this.inMemoryUsers.clear();
    }

    public String getName() {
        return PROVIDER_NAME;
    }

    private List<User> getOrganizationUsers() {
        Organization organization = this.securityService.getOrganization();
        List<User> list = this.inMemoryUsers.get(organization.getId());
        return list == null ? createSystemUsers(organization) : list;
    }

    private synchronized List<User> createSystemUsers(Organization organization) {
        List<User> list = this.inMemoryUsers.get(organization.getId());
        if (list != null) {
            logger.trace("Organization users have already been initialized. Aborting.");
            return list;
        }
        ArrayList arrayList = new ArrayList();
        JaxbOrganization fromOrganization = JaxbOrganization.fromOrganization(organization);
        if (this.digestUsername != null && this.digestUserPass != null) {
            HashSet hashSet = new HashSet();
            for (String str : SecurityConstants.GLOBAL_SYSTEM_ROLES) {
                hashSet.add(new JaxbRole(str, fromOrganization));
            }
            arrayList.add(new JaxbUser(this.digestUsername, this.digestUserPass, DIGEST_USER_NAME, (String) null, getName(), fromOrganization, hashSet));
            logger.info("Added system digest user '{}' for organization '{}'", this.digestUsername, organization.getId());
        }
        for (List<String> list2 : this.captureAgentUsers.getOrDefault(organization.getId(), new ArrayList())) {
            String str2 = list2.get(0);
            String str3 = list2.get(1);
            HashSet hashSet2 = new HashSet();
            hashSet2.add(new JaxbRole(organization.getAnonymousRole(), fromOrganization));
            Arrays.stream(SecurityConstants.GLOBAL_CAPTURE_AGENT_ROLES).forEach(str4 -> {
                hashSet2.add(new JaxbRole(str4, fromOrganization));
            });
            list2.stream().skip(2L).forEach(str5 -> {
                hashSet2.add(new JaxbRole(str5, fromOrganization));
            });
            logger.info("Creating the capture agent digest user '{}'", str2);
            arrayList.add(new JaxbUser(str2, str3, CAPTURE_AGENT_USER_NAME, (String) null, getName(), fromOrganization, hashSet2));
        }
        this.inMemoryUsers.put(organization.getId(), arrayList);
        return arrayList;
    }

    public Iterator<User> getUsers() {
        return getOrganizationUsers().iterator();
    }

    public User loadUser(String str) {
        return getOrganizationUsers().stream().filter(user -> {
            return user.getUsername().equals(str);
        }).findFirst().orElse(null);
    }

    public String toString() {
        return getClass().getName();
    }

    public String getOrganization() {
        return "*";
    }

    public List<Role> getRolesForUser(String str) {
        return (List) getOrganizationUsers().stream().filter(user -> {
            return user.getUsername().equals(str);
        }).flatMap(user2 -> {
            return user2.getRoles().stream();
        }).collect(Collectors.toList());
    }

    public Iterator<User> findUsers(String str, int i, int i2) {
        if (str == null) {
            throw new IllegalArgumentException("Query must be set");
        }
        return getOrganizationUsers().stream().filter(user -> {
            return like(user.getUsername(), str);
        }).sorted(Comparator.comparing((v0) -> {
            return v0.getUsername();
        })).skip(i).limit(i2 <= 0 ? Long.MAX_VALUE : i2).iterator();
    }

    public Iterator<Role> findRoles(String str, Role.Target target, int i, int i2) {
        if (str == null) {
            throw new IllegalArgumentException("Query must be set");
        }
        return getOrganizationUsers().stream().flatMap(user -> {
            return user.getRoles().stream();
        }).filter(role -> {
            return (like(role.getName(), str) || like(role.getDescription(), str)) && !(target == Role.Target.ACL && "ROLE_SUDO".equals(role.getName()));
        }).sorted(Comparator.comparing((v0) -> {
            return v0.getName();
        })).skip(i).limit(i2 <= 0 ? Long.MAX_VALUE : i2).iterator();
    }

    private boolean like(String str, String str2) {
        if (str == null) {
            return false;
        }
        return Pattern.compile(str2.replace("_", ".").replace("%", ".*?"), 34).matcher(str).matches();
    }

    public long countUsers() {
        return getOrganizationUsers().size();
    }

    public void invalidate(String str) {
    }

    @Reference(name = "securityService")
    void setSecurityService(SecurityService securityService) {
        this.securityService = securityService;
    }
}
