package io.jans.configapi.plugin.mgt.rest;

import com.github.fge.jsonpatch.JsonPatchException;
import io.jans.as.common.model.common.User;
import io.jans.as.common.service.common.EncryptionService;
import io.jans.as.model.util.Util;
import io.jans.configapi.core.model.SearchRequest;
import io.jans.configapi.core.rest.BaseResource;
import io.jans.configapi.core.rest.ProtectedApi;
import io.jans.configapi.plugin.mgt.model.user.CustomUser;
import io.jans.configapi.plugin.mgt.model.user.UserPatchRequest;
import io.jans.configapi.plugin.mgt.service.UserService;
import io.jans.configapi.plugin.mgt.util.Constants;
import io.jans.configapi.plugin.mgt.util.MgtUtil;
import io.jans.orm.model.PagedResult;
import io.jans.util.StringHelper;
import io.jans.util.security.StringEncrypter;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
import jakarta.validation.Valid;
import jakarta.validation.constraints.NotNull;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.DELETE;
import jakarta.ws.rs.DefaultValue;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.PATCH;
import jakarta.ws.rs.POST;
import jakarta.ws.rs.PUT;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.PathParam;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.QueryParam;
import jakarta.ws.rs.core.Response;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.util.ArrayList;
import java.util.List;
import org.slf4j.Logger;

@ApplicationScoped
@Produces({"application/json"})
@Path(Constants.CONFIG_USER)
@Consumes({"application/json"})
/* loaded from: input_file:io/jans/configapi/plugin/mgt/rest/UserResource.class */
public class UserResource extends BaseResource {
    private static final String USER = "user";
    private static final String MAIL = "mail";
    private static final String DISPLAY_NAME = "displayName";
    private static final String JANS_STATUS = "jansStatus";
    private static final String GIVEN_NAME = "givenName";
    private static final String USER_PWD = "userPassword";

    @Inject
    Logger logger;

    @Inject
    EncryptionService encryptionService;

    @Inject
    MgtUtil mgtUtil;

    @Inject
    UserService userSrv;

    @GET
    @ProtectedApi(scopes = {"https://jans.io/oauth/config/user.readonly"})
    public Response getUsers(@QueryParam("limit") @DefaultValue("50") int i, @QueryParam("pattern") @DefaultValue("") String str, @QueryParam("startIndex") @DefaultValue("1") int i2, @QueryParam("sortBy") String str2, @QueryParam("sortOrder") String str3) throws StringEncrypter.EncryptionException, IllegalAccessException, InvocationTargetException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("User search param - limit:{}, pattern:{}, startIndex:{}, sortBy:{}, sortOrder:{}", new Object[]{Util.escapeLog(Integer.valueOf(i)), Util.escapeLog(str), Util.escapeLog(Integer.valueOf(i2)), Util.escapeLog(str2), Util.escapeLog(str3)});
        }
        List<CustomUser> doSearch = doSearch(createSearchRequest(this.userSrv.getPeopleBaseDn(), str, str2, str3, Integer.valueOf(i2), Integer.valueOf(i), null, this.userSrv.getUserExclusionAttributesAsString(), this.mgtUtil.getRecordMaxCount()));
        this.logger.debug("CustomUser search result:{}", doSearch);
        return Response.ok(doSearch).build();
    }

    @GET
    @ProtectedApi(scopes = {"https://jans.io/oauth/config/user.readonly"})
    @Path("{inum}")
    public Response getUserByInum(@NotNull @PathParam("inum") String str) throws StringEncrypter.EncryptionException, IllegalAccessException, InvocationTargetException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("User search by inum:{}", Util.escapeLog(str));
        }
        User userBasedOnInum = this.userSrv.getUserBasedOnInum(str);
        checkResourceNotNull(userBasedOnInum, USER);
        this.logger.debug("user:{}", userBasedOnInum);
        User excludeUserAttributes = excludeUserAttributes(userBasedOnInum);
        decryptUserPassword(excludeUserAttributes);
        this.logger.debug("user:{}", excludeUserAttributes);
        CustomUser customUser = getCustomUser(excludeUserAttributes);
        this.logger.debug("customUser:{}", customUser);
        return Response.ok(decryptUserPassword(customUser)).build();
    }

    @POST
    @ProtectedApi(scopes = {"https://jans.io/oauth/config/user.write"})
    public Response createUser(@Valid CustomUser customUser) throws StringEncrypter.EncryptionException, NoSuchMethodException, IllegalAccessException, InvocationTargetException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("User details to be added - customUser:{}", Util.escapeLog(customUser));
        }
        User userAttributes = setUserAttributes(customUser);
        this.logger.debug("Create  user:{}", userAttributes);
        checkMissingAttributes(userAttributes);
        User addUser = this.userSrv.addUser(encryptUserPassword(userAttributes), true);
        this.logger.debug("User created {}", addUser);
        CustomUser customUser2 = getCustomUser(excludeUserAttributes(addUser));
        this.logger.debug("newly created customUser:{}", customUser2);
        return Response.status(Response.Status.CREATED).entity(customUser2).build();
    }

    @PUT
    @ProtectedApi(scopes = {"https://jans.io/oauth/config/user.write"})
    public Response updateUser(@Valid CustomUser customUser) throws StringEncrypter.EncryptionException, NoSuchMethodException, IllegalAccessException, InvocationTargetException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("User details to be updated - customUser:{}", Util.escapeLog(customUser));
        }
        User userAttributes = setUserAttributes(customUser);
        this.logger.debug("Create  user:{}", userAttributes);
        checkMissingAttributes(userAttributes);
        User updateUser = this.userSrv.updateUser(encryptUserPassword(userAttributes));
        this.logger.debug("Updated user:{}", updateUser);
        CustomUser customUser2 = getCustomUser(excludeUserAttributes(updateUser));
        this.logger.debug("updated customUser:{}", customUser2);
        return Response.ok(customUser2).build();
    }

    @PATCH
    @ProtectedApi(scopes = {"https://jans.io/oauth/config/user.write"})
    @Path("{inum}")
    public Response patchUser(@NotNull @PathParam("inum") String str, @NotNull UserPatchRequest userPatchRequest) throws StringEncrypter.EncryptionException, IllegalAccessException, InvocationTargetException, JsonPatchException, IOException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("User:{} to be patched with :{} ", Util.escapeLog(str), Util.escapeLog(userPatchRequest));
        }
        checkResourceNotNull(this.userSrv.getUserBasedOnInum(str), USER);
        User patchUser = this.userSrv.patchUser(str, userPatchRequest);
        this.logger.debug("Patched user:{}", patchUser);
        CustomUser customUser = getCustomUser(excludeUserAttributes(patchUser));
        this.logger.debug("patched customUser:{}", customUser);
        return Response.ok(decryptUserPassword(customUser)).build();
    }

    @DELETE
    @Path("{inum}")
    @ProtectedApi(scopes = {"https://jans.io/oauth/config/user.delete"})
    public Response deleteUser(@NotNull @PathParam("inum") String str) {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("User to be deleted - inum:{} ", Util.escapeLog(str));
        }
        User userBasedOnInum = this.userSrv.getUserBasedOnInum(str);
        checkResourceNotNull(userBasedOnInum, USER);
        this.userSrv.removeUser(userBasedOnInum);
        return Response.noContent().build();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v28, types: [java.util.List] */
    private List<CustomUser> doSearch(SearchRequest searchRequest) throws StringEncrypter.EncryptionException, IllegalAccessException, InvocationTargetException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("User search params - searchReq:{} ", Util.escapeLog(searchRequest));
        }
        PagedResult<User> searchUsers = this.userSrv.searchUsers(searchRequest);
        if (this.logger.isTraceEnabled()) {
            this.logger.debug("PagedResult  - pagedResult:{}", searchUsers);
        }
        ArrayList arrayList = new ArrayList();
        if (searchUsers != null) {
            this.logger.debug("Users fetched  - pagedResult.getEntries():{}", searchUsers.getEntries());
            arrayList = searchUsers.getEntries();
        }
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Users fetched  - users:{}", arrayList);
        }
        List<User> excludeAttributes = this.userSrv.excludeAttributes(arrayList, searchRequest.getExcludedAttributesStr());
        getUsers(excludeAttributes);
        this.logger.debug("Users fetched  - users:{}", excludeAttributes);
        return getCustomUserList(excludeAttributes);
    }

    private User excludeUserAttributes(User user) throws IllegalAccessException, InvocationTargetException {
        return this.userSrv.excludeAttributes(user, this.userSrv.getUserExclusionAttributesAsString());
    }

    private void checkMissingAttributes(User user) throws NoSuchMethodException, IllegalAccessException, InvocationTargetException {
        String checkMandatoryFields = this.userSrv.checkMandatoryFields(user);
        this.logger.debug("missingAttributes:{}", checkMandatoryFields);
        if (StringHelper.isEmpty(checkMandatoryFields)) {
            return;
        }
        throwMissingAttributeError(checkMandatoryFields);
    }

    private List<User> getUsers(List<User> list) throws StringEncrypter.EncryptionException {
        if (list != null && !list.isEmpty()) {
            for (User user : list) {
                if (StringHelper.isNotEmpty(user.getAttribute(USER_PWD))) {
                    decryptUserPassword(user);
                }
            }
        }
        return list;
    }

    private User encryptUserPassword(User user) throws StringEncrypter.EncryptionException {
        if (StringHelper.isNotEmpty(user.getAttribute(USER_PWD))) {
            user.setAttribute(USER_PWD, this.encryptionService.encrypt(user.getAttribute(USER_PWD)), false);
        }
        return user;
    }

    private User decryptUserPassword(User user) throws StringEncrypter.EncryptionException {
        if (StringHelper.isNotEmpty(user.getAttribute(USER_PWD))) {
            user.setAttribute(USER_PWD, this.encryptionService.decrypt(user.getAttribute(USER_PWD)), false);
        }
        return user;
    }

    private List<CustomUser> getCustomUserList(List<User> list) {
        ArrayList arrayList = new ArrayList();
        if (list == null || list.isEmpty()) {
            return arrayList;
        }
        for (User user : list) {
            CustomUser customUser = new CustomUser();
            setParentAttributes(customUser, user);
            arrayList.add(customUser);
        }
        this.logger.debug("Custom Users - customUserList:{}", arrayList);
        return arrayList;
    }

    private CustomUser getCustomUser(User user) {
        CustomUser customUser = new CustomUser();
        if (user == null) {
            return customUser;
        }
        setParentAttributes(customUser, user);
        this.logger.debug("Custom User - customUser:{}", customUser);
        return customUser;
    }

    public CustomUser setParentAttributes(CustomUser customUser, User user) {
        customUser.setBaseDn(user.getBaseDn());
        customUser.setCreatedAt(user.getCreatedAt());
        customUser.setCustomAttributes(user.getCustomAttributes());
        customUser.setCustomObjectClasses(user.getCustomObjectClasses());
        customUser.setDn(user.getDn());
        customUser.setOxAuthPersistentJwt(user.getOxAuthPersistentJwt());
        customUser.setUpdatedAt(user.getUpdatedAt());
        customUser.setUserId(user.getUserId());
        return setCustomUserAttributes(customUser, user);
    }

    public CustomUser setCustomUserAttributes(CustomUser customUser, User user) {
        customUser.setMail(user.getAttribute(MAIL));
        customUser.setDisplayName(user.getAttribute(DISPLAY_NAME));
        customUser.setJansStatus(user.getAttribute(JANS_STATUS));
        customUser.setGivenName(user.getAttribute(GIVEN_NAME));
        customUser.setUserPassword(user.getAttribute(USER_PWD));
        customUser.removeAttribute(MAIL);
        customUser.removeAttribute(DISPLAY_NAME);
        customUser.removeAttribute(JANS_STATUS);
        customUser.removeAttribute(GIVEN_NAME);
        customUser.removeAttribute(USER_PWD);
        return customUser;
    }

    private User setUserAttributes(CustomUser customUser) {
        User user = new User();
        user.setBaseDn(customUser.getBaseDn());
        user.setCreatedAt(customUser.getCreatedAt());
        user.setCustomAttributes(customUser.getCustomAttributes());
        user.setCustomObjectClasses(customUser.getCustomObjectClasses());
        user.setDn(customUser.getDn());
        user.setOxAuthPersistentJwt(customUser.getOxAuthPersistentJwt());
        user.setUpdatedAt(customUser.getUpdatedAt());
        user.setUserId(customUser.getUserId());
        return setUserCustomAttributes(customUser, user);
    }

    private User setUserCustomAttributes(CustomUser customUser, User user) {
        user.setAttribute(MAIL, customUser.getMail(), false);
        user.setAttribute(DISPLAY_NAME, customUser.getDisplayName(), false);
        user.setAttribute(JANS_STATUS, customUser.getJansStatus(), false);
        user.setAttribute(GIVEN_NAME, customUser.getGivenName(), false);
        user.setAttribute(USER_PWD, customUser.getUserPassword(), false);
        this.logger.debug("Custom User - user:{}", user);
        return user;
    }
}
