package org.apereo.cas.okta;

import com.okta.sdk.client.Client;
import com.okta.sdk.resource.user.CreateUserRequest;
import com.okta.sdk.resource.user.User;
import com.okta.sdk.resource.user.UserNextLogin;
import com.okta.sdk.resource.user.UserProfile;
import java.util.List;
import java.util.Objects;
import java.util.function.Consumer;
import lombok.Generated;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.principal.Principal;
import org.apereo.cas.authentication.principal.PrincipalProvisioner;
import org.apereo.cas.configuration.model.support.okta.OktaPrincipalProvisioningProperties;
import org.apereo.cas.util.CollectionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apereo/cas/okta/OktaPrincipalProvisioner.class */
public class OktaPrincipalProvisioner implements PrincipalProvisioner {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(OktaPrincipalProvisioner.class);
    private final Client oktaClient;
    private final OktaPrincipalProvisioningProperties properties;

    public boolean provision(Principal principal, Credential credential) {
        return provision(credential, principal);
    }

    protected boolean provision(Credential credential, Principal principal) {
        LOGGER.debug("Searching to find [{}]", principal.getId());
        User user = this.oktaClient.getUser(principal.getId());
        return (user == null || user.getProfile().isEmpty()) ? createUser(principal, credential) : updateUser(user, principal);
    }

    protected boolean updateUser(User user, Principal principal) {
        user.setProfile(mapPrincipalToUserProfile(user.getProfile(), principal, null));
        User partialUpdateUser = this.oktaClient.partialUpdateUser(user, user.getId(), true);
        LOGGER.debug("Updated Okta user [{}]", partialUpdateUser);
        return partialUpdateUser != null;
    }

    protected boolean createUser(Principal principal, Credential credential) {
        CreateUserRequest instantiate = this.oktaClient.instantiate(CreateUserRequest.class);
        UserProfile userProfile = (UserProfile) this.oktaClient.instantiate(UserProfile.class);
        userProfile.setLogin(principal.getId());
        instantiate.setProfile(mapPrincipalToUserProfile(userProfile, principal, credential));
        User createUser = this.oktaClient.createUser(instantiate, true, true, UserNextLogin.SDK_UNKNOWN);
        LOGGER.debug("Created Okta user [{}]", createUser);
        return createUser != null;
    }

    protected UserProfile mapPrincipalToUserProfile(UserProfile userProfile, Principal principal, Credential credential) {
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "department", userProfile::setDepartment);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "city", userProfile::setCity);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "costCenter", userProfile::setCostCenter);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "countryCode", userProfile::setCountryCode);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "displayName", userProfile::setDisplayName);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "division", userProfile::setDivision);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "email", userProfile::setEmail);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "employeeNumber", userProfile::setEmployeeNumber);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "honorificPrefix", userProfile::setHonorificPrefix);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "honorificSuffix", userProfile::setHonorificSuffix);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "lastName", userProfile::setLastName);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "locale", userProfile::setLocale);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "manager", userProfile::setManager);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "managerId", userProfile::setManagerId);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "middleName", userProfile::setMiddleName);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "mobilePhone", userProfile::setMobilePhone);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "nickName", userProfile::setNickName);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "firstName", userProfile::setFirstName);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "organization", userProfile::setOrganization);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "postalAddress", userProfile::setPostalAddress);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "preferredLanguage", userProfile::setPreferredLanguage);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "primaryPhone", userProfile::setPrimaryPhone);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "secondEmail", userProfile::setSecondEmail);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "state", userProfile::setState);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "streetAddress", userProfile::setStreetAddress);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "timezone", userProfile::setTimezone);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "title", userProfile::setTitle);
        Objects.requireNonNull(userProfile);
        updateUserProfileWithAttribute(userProfile, principal, "zipCode", userProfile::setZipCode);
        return userProfile;
    }

    protected void updateUserProfileWithAttribute(UserProfile userProfile, Principal principal, String str, Consumer<String> consumer) {
        String str2 = (String) this.properties.getAttributeMappings().getOrDefault(str, str);
        if (principal.getAttributes().containsKey(str2)) {
            List list = (List) principal.getAttributes().get(str2);
            LOGGER.trace("Setting Okta user profile attribute [{}] to [{}]", str2, list);
            CollectionUtils.firstElement(list).ifPresent(obj -> {
                consumer.accept(obj.toString());
            });
        }
    }

    @Generated
    public OktaPrincipalProvisioner(Client client, OktaPrincipalProvisioningProperties oktaPrincipalProvisioningProperties) {
        this.oktaClient = client;
        this.properties = oktaPrincipalProvisioningProperties;
    }
}
