package io.jans.as.server.auth;

import com.google.common.collect.Maps;
import io.jans.as.common.model.common.User;
import io.jans.as.common.model.session.SessionId;
import io.jans.as.model.authorize.AuthorizeErrorResponseType;
import io.jans.as.model.configuration.AppConfiguration;
import io.jans.as.server.model.common.ExecutionContext;
import io.jans.as.server.service.CookieService;
import io.jans.as.server.service.ErrorHandlerService;
import io.jans.as.server.service.RequestParameterService;
import io.jans.as.server.service.SessionIdService;
import io.jans.as.server.service.UserService;
import io.jans.as.server.service.external.ExternalCreateUserService;
import io.jans.jsf2.service.FacesService;
import jakarta.annotation.PostConstruct;
import jakarta.enterprise.context.RequestScoped;
import jakarta.faces.context.ExternalContext;
import jakarta.inject.Inject;
import jakarta.inject.Named;
import jakarta.servlet.http.HttpServletRequest;
import java.io.UnsupportedEncodingException;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;

@Named
@RequestScoped
/* loaded from: input_file:io/jans/as/server/auth/CreateUserAction.class */
public class CreateUserAction {
    private static final String FORM_ID = "createForm";
    private static final String CREATE_BUTTON_REF = "createForm:createButton";
    private String scope;
    private String responseType;
    private String clientId;
    private String redirectUri;
    private String state;
    private String responseMode;
    private String nonce;
    private String display;
    private String prompt;
    private Integer maxAge;
    private String uiLocales;
    private String idTokenHint;
    private String loginHint;
    private String acrValues;
    private String amrValues;
    private String request;
    private String requestUri;
    private String codeChallenge;
    private String codeChallengeMethod;
    private String claims;
    private String authReqId;
    private String bindingMessage;
    private String sessionId;
    private String allowedScope;
    private String displayName;
    private String email;
    private String uid;
    private String password;

    @Inject
    private Logger log;

    @Inject
    private ExternalCreateUserService externalCreateUserService;

    @Inject
    private ErrorHandlerService errorHandlerService;

    @Inject
    private ExternalContext externalContext;

    @Inject
    private FacesService facesService;

    @Inject
    private UserService userService;

    @Inject
    private RequestParameterService requestParameterService;

    @Inject
    private CookieService cookieService;

    @Inject
    private SessionIdService sessionIdService;

    @Inject
    private AppConfiguration appConfiguration;

    @PostConstruct
    public void prepare() {
        this.log.trace("Preparing CreateUserAction");
        if (this.externalCreateUserService.externalPrepare(ExecutionContext.of(this.externalContext))) {
            return;
        }
        this.errorHandlerService.handleError("createUser.forbiddenByScript", AuthorizeErrorResponseType.ACCESS_DENIED, "Forbidden by createUser script.");
    }

    public void createUser() {
        try {
            if (BooleanUtils.isTrue(this.appConfiguration.getDisablePromptCreate())) {
                this.log.debug("Skipped user creation. config disablePromptCreate=true");
                return;
            }
            this.log.debug("Creating user ...");
            ExecutionContext of = ExecutionContext.of(this.externalContext);
            User prepareUserObject = prepareUserObject(of);
            if (!this.externalCreateUserService.externalCreate(of)) {
                this.log.debug("createUser is forbidded by create() method of external script.");
                return;
            }
            this.log.debug("User {} is created successfully.", this.userService.addUser(prepareUserObject, true).getUserId());
            String buildAuthorizationUrl = buildAuthorizationUrl();
            this.log.trace("RedirectTo: {}", buildAuthorizationUrl);
            this.facesService.redirectToExternalURL(buildAuthorizationUrl);
        } catch (Exception e) {
            this.log.error(e.getMessage(), e);
        }
    }

    private User prepareUserObject(ExecutionContext executionContext) {
        User user = new User();
        executionContext.setUser(user);
        User user2 = this.userService.getUser(this.uid, new String[0]);
        if (user2 != null) {
            this.log.debug("User with uid {} already exists.", this.uid);
            user = user2;
        }
        user.setAttribute("displayName", this.displayName, false);
        user.setAttribute("mail", this.email, false);
        user.setAttribute("uid", this.uid, false);
        user.setAttribute("userPassword", this.password, false);
        this.log.debug("Prepared user - uid: {}, email: {}, displayName: {}", new Object[]{this.uid, this.email, this.displayName});
        return user;
    }

    private String buildAuthorizationUrl() throws UnsupportedEncodingException {
        String externalBuildPostAuthorizeUrl = this.externalCreateUserService.externalBuildPostAuthorizeUrl(ExecutionContext.of(this.externalContext));
        if (StringUtils.isNotBlank(externalBuildPostAuthorizeUrl)) {
            this.log.debug("Authorization Url is returned from external script, url: {}", externalBuildPostAuthorizeUrl);
            return externalBuildPostAuthorizeUrl;
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) this.externalContext.getRequest();
        Map<String, String> filteredParameters = getFilteredParameters();
        filteredParameters.remove("password");
        filteredParameters.remove("email");
        this.log.debug("client_id {}, response_type {}, scope {}, acr_values {}", new Object[]{this.clientId, this.responseType, this.scope, this.acrValues});
        filteredParameters.putIfAbsent("client_id", this.clientId);
        filteredParameters.putIfAbsent("response_type", this.responseType);
        filteredParameters.putIfAbsent("response_mode", this.responseMode);
        filteredParameters.putIfAbsent("scope", this.scope);
        filteredParameters.putIfAbsent("redirect_uri", this.redirectUri);
        filteredParameters.putIfAbsent("nonce", this.nonce);
        filteredParameters.putIfAbsent("acr_values", this.acrValues);
        filteredParameters.putIfAbsent("state", this.state);
        filteredParameters.putIfAbsent("request", this.request);
        filteredParameters.putIfAbsent("request_uri", this.requestUri);
        filteredParameters.putIfAbsent("display", this.display);
        filteredParameters.putIfAbsent("max_age", this.maxAge != null ? this.maxAge.toString() : null);
        filteredParameters.putIfAbsent("ui_locales", this.uiLocales);
        filteredParameters.putIfAbsent("id_token_hint", this.idTokenHint);
        filteredParameters.putIfAbsent("login_hint", this.loginHint);
        filteredParameters.putIfAbsent("amr_values", this.amrValues);
        filteredParameters.putIfAbsent("code_challenge", this.codeChallenge);
        filteredParameters.putIfAbsent("code_challenge_method", this.codeChallengeMethod);
        filteredParameters.putIfAbsent("claims", this.claims);
        filteredParameters.putIfAbsent("auth_req_id", this.authReqId);
        filteredParameters.putIfAbsent("binding_message", this.bindingMessage);
        filteredParameters.putIfAbsent(CookieService.SESSION_ID_COOKIE_NAME, this.sessionId);
        filteredParameters.putIfAbsent("allowed_scope", this.allowedScope);
        return httpServletRequest.getContextPath() + "/restv1/authorize?" + this.requestParameterService.parametersAsString(filteredParameters);
    }

    public SessionId getSession() {
        return getSession(null);
    }

    public SessionId getSession(String str) {
        if (StringUtils.isBlank(str)) {
            str = this.cookieService.getSessionIdFromCookie();
            if (StringUtils.isBlank(str)) {
                return null;
            }
        }
        SessionId sessionId = this.sessionIdService.getSessionId(str);
        this.log.debug("Found session {}, dbSession: {}", str, sessionId);
        return sessionId;
    }

    private Map<String, String> getFilteredParameters() {
        Map requestParameterMap = this.externalContext.getRequestParameterMap();
        HashMap newHashMap = Maps.newHashMap();
        for (Map.Entry entry : requestParameterMap.entrySet()) {
            String str = (String) entry.getKey();
            if (!str.equals("jakarta.faces.ViewState") && !str.equals(FORM_ID) && !str.contains(CREATE_BUTTON_REF)) {
                if (str.startsWith("createForm:")) {
                    newHashMap.put(StringUtils.removeStart(str, "createForm:"), (String) entry.getValue());
                } else {
                    newHashMap.put(StringUtils.removeStart(str, "createForm:"), (String) entry.getValue());
                }
            }
        }
        return newHashMap;
    }

    public String getScope() {
        return this.scope;
    }

    public void setScope(String str) {
        this.scope = str;
    }

    public String getResponseType() {
        return this.responseType;
    }

    public void setResponseType(String str) {
        this.responseType = str;
    }

    public String getClientId() {
        return this.clientId;
    }

    public void setClientId(String str) {
        this.clientId = str;
    }

    public String getRedirectUri() {
        return this.redirectUri;
    }

    public void setRedirectUri(String str) {
        this.redirectUri = str;
    }

    public String getState() {
        return this.state;
    }

    public void setState(String str) {
        this.state = str;
    }

    public String getResponseMode() {
        return this.responseMode;
    }

    public void setResponseMode(String str) {
        this.responseMode = str;
    }

    public String getNonce() {
        return this.nonce;
    }

    public void setNonce(String str) {
        this.nonce = str;
    }

    public String getDisplay() {
        return this.display;
    }

    public void setDisplay(String str) {
        this.display = str;
    }

    public String getPrompt() {
        return this.prompt;
    }

    public void setPrompt(String str) {
        this.prompt = str;
    }

    public Integer getMaxAge() {
        return this.maxAge;
    }

    public void setMaxAge(Integer num) {
        this.maxAge = num;
    }

    public String getUiLocales() {
        return this.uiLocales;
    }

    public void setUiLocales(String str) {
        this.uiLocales = str;
    }

    public String getIdTokenHint() {
        return this.idTokenHint;
    }

    public void setIdTokenHint(String str) {
        this.idTokenHint = str;
    }

    public String getLoginHint() {
        return this.loginHint;
    }

    public void setLoginHint(String str) {
        this.loginHint = str;
    }

    public String getAcrValues() {
        return this.acrValues;
    }

    public void setAcrValues(String str) {
        this.acrValues = str;
    }

    public String getAmrValues() {
        return this.amrValues;
    }

    public void setAmrValues(String str) {
        this.amrValues = str;
    }

    public String getRequest() {
        return this.request;
    }

    public void setRequest(String str) {
        this.request = str;
    }

    public String getRequestUri() {
        return this.requestUri;
    }

    public void setRequestUri(String str) {
        this.requestUri = str;
    }

    public String getCodeChallenge() {
        return this.codeChallenge;
    }

    public void setCodeChallenge(String str) {
        this.codeChallenge = str;
    }

    public String getCodeChallengeMethod() {
        return this.codeChallengeMethod;
    }

    public void setCodeChallengeMethod(String str) {
        this.codeChallengeMethod = str;
    }

    public String getClaims() {
        return this.claims;
    }

    public void setClaims(String str) {
        this.claims = str;
    }

    public String getAuthReqId() {
        return this.authReqId;
    }

    public void setAuthReqId(String str) {
        this.authReqId = str;
    }

    public String getBindingMessage() {
        return this.bindingMessage;
    }

    public void setBindingMessage(String str) {
        this.bindingMessage = str;
    }

    public String getSessionId() {
        return this.sessionId;
    }

    public void setSessionId(String str) {
        this.sessionId = str;
    }

    public String getAllowedScope() {
        return this.allowedScope;
    }

    public void setAllowedScope(String str) {
        this.allowedScope = str;
    }

    public String getDisplayName() {
        return this.displayName;
    }

    public void setDisplayName(String str) {
        this.displayName = str;
    }

    public String getEmail() {
        return this.email;
    }

    public void setEmail(String str) {
        this.email = str;
    }

    public String getUid() {
        return this.uid;
    }

    public void setUid(String str) {
        this.uid = str;
    }

    public String getPassword() {
        return this.password;
    }

    public void setPassword(String str) {
        this.password = str;
    }
}
