package io.gravitee.am.gateway.handler.common.flow.impl;

import io.gravitee.am.common.event.EventManager;
import io.gravitee.am.common.event.FlowEvent;
import io.gravitee.am.common.policy.ExtensionPoint;
import io.gravitee.am.gateway.handler.common.flow.ExecutionPredicate;
import io.gravitee.am.gateway.handler.common.flow.FlowManager;
import io.gravitee.am.gateway.handler.common.flow.execution.ExecutionFlow;
import io.gravitee.am.gateway.policy.Policy;
import io.gravitee.am.model.Domain;
import io.gravitee.am.model.ReferenceType;
import io.gravitee.am.model.common.event.Payload;
import io.gravitee.am.model.flow.Flow;
import io.gravitee.am.model.flow.Step;
import io.gravitee.am.model.flow.Type;
import io.gravitee.am.model.oidc.Client;
import io.gravitee.am.plugins.policy.core.PolicyPluginManager;
import io.gravitee.am.service.FlowService;
import io.gravitee.common.event.Event;
import io.gravitee.common.event.EventListener;
import io.gravitee.common.service.AbstractService;
import io.reactivex.rxjava3.core.Single;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:io/gravitee/am/gateway/handler/common/flow/impl/FlowManagerImpl.class */
public class FlowManagerImpl extends AbstractService implements FlowManager, InitializingBean, EventListener<FlowEvent, Payload> {
    private static final Logger logger = LoggerFactory.getLogger(FlowManagerImpl.class);
    private static final Map<Type, List<ExtensionPoint>> extensionPoints = Map.of(Type.ROOT, List.of(ExtensionPoint.ROOT), Type.LOGIN_IDENTIFIER, List.of(ExtensionPoint.PRE_LOGIN_IDENTIFIER, ExtensionPoint.POST_LOGIN_IDENTIFIER), Type.CONSENT, List.of(ExtensionPoint.PRE_CONSENT, ExtensionPoint.POST_CONSENT), Type.LOGIN, List.of(ExtensionPoint.PRE_LOGIN, ExtensionPoint.POST_LOGIN), Type.REGISTER, List.of(ExtensionPoint.PRE_REGISTER, ExtensionPoint.POST_REGISTER), Type.RESET_PASSWORD, List.of(ExtensionPoint.PRE_RESET_PASSWORD, ExtensionPoint.POST_RESET_PASSWORD), Type.REGISTRATION_CONFIRMATION, List.of(ExtensionPoint.PRE_REGISTRATION_CONFIRMATION, ExtensionPoint.POST_REGISTRATION_CONFIRMATION), Type.TOKEN, List.of(ExtensionPoint.PRE_TOKEN, ExtensionPoint.POST_TOKEN), Type.WEBAUTHN_REGISTER, List.of(ExtensionPoint.PRE_WEBAUTHN_REGISTER, ExtensionPoint.POST_WEBAUTHN_REGISTER));

    @Autowired
    private Domain domain;

    @Autowired
    private FlowService flowService;

    @Autowired
    private PolicyPluginManager policyPluginManager;

    @Autowired
    private EventManager eventManager;
    private final ConcurrentMap<String, Flow> flows = new ConcurrentHashMap();
    private final ConcurrentMap<ExtensionPoint, Set<ExecutionFlow>> policies = new ConcurrentHashMap();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: io.gravitee.am.gateway.handler.common.flow.impl.FlowManagerImpl$1, reason: invalid class name */
    /* loaded from: input_file:io/gravitee/am/gateway/handler/common/flow/impl/FlowManagerImpl$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$io$gravitee$am$common$event$FlowEvent;
        static final /* synthetic */ int[] $SwitchMap$io$gravitee$am$model$flow$Type = new int[Type.values().length];

        static {
            try {
                $SwitchMap$io$gravitee$am$model$flow$Type[Type.ROOT.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$io$gravitee$am$model$flow$Type[Type.CONSENT.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$io$gravitee$am$model$flow$Type[Type.LOGIN.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$io$gravitee$am$model$flow$Type[Type.LOGIN_IDENTIFIER.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$io$gravitee$am$model$flow$Type[Type.REGISTER.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$io$gravitee$am$model$flow$Type[Type.RESET_PASSWORD.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$io$gravitee$am$model$flow$Type[Type.REGISTRATION_CONFIRMATION.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$io$gravitee$am$model$flow$Type[Type.TOKEN.ordinal()] = 8;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$io$gravitee$am$model$flow$Type[Type.CONNECT.ordinal()] = 9;
            } catch (NoSuchFieldError e9) {
            }
            try {
                $SwitchMap$io$gravitee$am$model$flow$Type[Type.WEBAUTHN_REGISTER.ordinal()] = 10;
            } catch (NoSuchFieldError e10) {
            }
            $SwitchMap$io$gravitee$am$common$event$FlowEvent = new int[FlowEvent.values().length];
            try {
                $SwitchMap$io$gravitee$am$common$event$FlowEvent[FlowEvent.DEPLOY.ordinal()] = 1;
            } catch (NoSuchFieldError e11) {
            }
            try {
                $SwitchMap$io$gravitee$am$common$event$FlowEvent[FlowEvent.UPDATE.ordinal()] = 2;
            } catch (NoSuchFieldError e12) {
            }
            try {
                $SwitchMap$io$gravitee$am$common$event$FlowEvent[FlowEvent.UNDEPLOY.ordinal()] = 3;
            } catch (NoSuchFieldError e13) {
            }
        }
    }

    public void afterPropertiesSet() {
        logger.info("Initializing flows for domain {}", this.domain.getName());
        loadFlows();
    }

    protected void doStart() throws Exception {
        super.doStart();
        logger.info("Register event listener for flow events for domain {}", this.domain.getName());
        this.eventManager.subscribeForEvents(this, FlowEvent.class, this.domain.getId());
    }

    protected void doStop() throws Exception {
        super.doStop();
        logger.info("Dispose event listener for flow events for domain {}", this.domain.getName());
        this.eventManager.unsubscribeForEvents(this, FlowEvent.class, this.domain.getId());
    }

    public void onEvent(Event<FlowEvent, Payload> event) {
        if (((Payload) event.content()).getReferenceType() == ReferenceType.DOMAIN && this.domain.getId().equals(((Payload) event.content()).getReferenceId())) {
            switch (AnonymousClass1.$SwitchMap$io$gravitee$am$common$event$FlowEvent[event.type().ordinal()]) {
                case 1:
                case 2:
                    updateFlow(((Payload) event.content()).getId(), (FlowEvent) event.type());
                    return;
                case 3:
                    removeFlow(((Payload) event.content()).getId());
                    return;
                default:
                    return;
            }
        }
    }

    @Override // io.gravitee.am.gateway.handler.common.flow.FlowManager
    public Single<List<Policy>> findByExtensionPoint(ExtensionPoint extensionPoint, Client client, ExecutionPredicate executionPredicate) {
        if (executionPredicate == null) {
            executionPredicate = ExecutionPredicate.alwaysTrue();
        }
        Set<ExecutionFlow> set = this.policies.get(extensionPoint);
        if (set == null) {
            return Single.just(Collections.emptyList());
        }
        List<Policy> executionPolicies = getExecutionPolicies(set, client, true, executionPredicate);
        if (client == null) {
            return Single.just(executionPolicies);
        }
        List<Policy> executionPolicies2 = getExecutionPolicies(set, client, false, executionPredicate);
        return !client.isFlowsInherited() ? Single.just(executionPolicies2) : Single.just((List) Stream.concat(executionPolicies.stream(), executionPolicies2.stream()).collect(Collectors.toList()));
    }

    private void updateFlow(String str, FlowEvent flowEvent) {
        logger.info("Domain {} has received {} flow event for {}", new Object[]{this.domain.getName(), flowEvent.toString().toLowerCase(), str});
        this.flowService.findById(str).subscribe(flow -> {
            loadFlow(flow);
            this.flows.put(flow.getId(), flow);
            logger.info("Flow {} has been deployed for domain {}", str, this.domain.getName());
        }, th -> {
            logger.error("Unable to deploy flow {} for domain {}", new Object[]{str, this.domain.getName(), th});
        }, () -> {
            logger.error("No flow found with id {}", str);
        });
    }

    private void removeFlow(String str) {
        logger.info("Domain {} has received flow event, delete flow {}", this.domain.getName(), str);
        Flow remove = this.flows.remove(str);
        if (remove != null) {
            extensionPoints.get(remove.getType()).forEach(extensionPoint -> {
                removeExecutionFlow(extensionPoint, remove.getId());
            });
        }
    }

    private void loadFlows() {
        this.flowService.findAll(ReferenceType.DOMAIN, this.domain.getId()).subscribe(flow -> {
            if (needDeployment(flow)) {
                loadFlow(flow);
                this.flows.put(flow.getId(), flow);
                logger.info("Flow {} loaded for domain {}", flow.getType(), this.domain.getName());
            }
        }, th -> {
            logger.error("Unable to initialize flows for domain {}", this.domain.getName(), th);
        });
    }

    private void loadFlow(Flow flow) {
        if (!flow.isEnabled()) {
            logger.debug("Flow {} is disabled, skip process", flow.getId());
            extensionPoints.get(flow.getType()).forEach(extensionPoint -> {
                removeExecutionFlow(extensionPoint, flow.getId());
            });
            return;
        }
        List<Policy> loadPolicies = loadPolicies(flow.getPre());
        List<Policy> loadPolicies2 = loadPolicies(flow.getPost());
        switch (AnonymousClass1.$SwitchMap$io$gravitee$am$model$flow$Type[flow.getType().ordinal()]) {
            case 1:
                addExecutionFlow(ExtensionPoint.ROOT, flow, loadPolicies);
                return;
            case 2:
                addExecutionFlow(ExtensionPoint.PRE_CONSENT, flow, loadPolicies);
                addExecutionFlow(ExtensionPoint.POST_CONSENT, flow, loadPolicies2);
                return;
            case 3:
                addExecutionFlow(ExtensionPoint.PRE_LOGIN, flow, loadPolicies);
                addExecutionFlow(ExtensionPoint.POST_LOGIN, flow, loadPolicies2);
                return;
            case 4:
                addExecutionFlow(ExtensionPoint.PRE_LOGIN_IDENTIFIER, flow, loadPolicies);
                addExecutionFlow(ExtensionPoint.POST_LOGIN_IDENTIFIER, flow, loadPolicies2);
                return;
            case 5:
                addExecutionFlow(ExtensionPoint.PRE_REGISTER, flow, loadPolicies);
                addExecutionFlow(ExtensionPoint.POST_REGISTER, flow, loadPolicies2);
                return;
            case 6:
                addExecutionFlow(ExtensionPoint.PRE_RESET_PASSWORD, flow, loadPolicies);
                addExecutionFlow(ExtensionPoint.POST_RESET_PASSWORD, flow, loadPolicies2);
                return;
            case 7:
                addExecutionFlow(ExtensionPoint.PRE_REGISTRATION_CONFIRMATION, flow, loadPolicies);
                addExecutionFlow(ExtensionPoint.POST_REGISTRATION_CONFIRMATION, flow, loadPolicies2);
                return;
            case 8:
                addExecutionFlow(ExtensionPoint.PRE_TOKEN, flow, loadPolicies);
                addExecutionFlow(ExtensionPoint.POST_TOKEN, flow, loadPolicies2);
                return;
            case 9:
                addExecutionFlow(ExtensionPoint.PRE_CONNECT, flow, loadPolicies);
                addExecutionFlow(ExtensionPoint.POST_CONNECT, flow, loadPolicies2);
                return;
            case 10:
                addExecutionFlow(ExtensionPoint.PRE_WEBAUTHN_REGISTER, flow, loadPolicies);
                addExecutionFlow(ExtensionPoint.POST_WEBAUTHN_REGISTER, flow, loadPolicies2);
                return;
            default:
                throw new IllegalArgumentException("No suitable flow type found for : " + flow.getType());
        }
    }

    private List<Policy> loadPolicies(List<Step> list) {
        return (List) list.stream().filter((v0) -> {
            return v0.isEnabled();
        }).map(this::createPolicy).filter((v0) -> {
            return Objects.nonNull(v0);
        }).collect(Collectors.toList());
    }

    private Policy createPolicy(Step step) {
        try {
            logger.info("\tInitializing policy: {} [{}]", step.getName(), step.getPolicy());
            Policy create = this.policyPluginManager.create(step.getPolicy(), step.getCondition(), step.getConfiguration());
            logger.info("\tPolicy : {} [{}] has been loaded", step.getName(), step.getPolicy());
            create.activate();
            return create;
        } catch (Exception e) {
            return null;
        }
    }

    private void addExecutionFlow(ExtensionPoint extensionPoint, Flow flow, List<Policy> list) {
        Set<ExecutionFlow> set = this.policies.get(extensionPoint);
        if (set == null) {
            set = new HashSet();
        }
        ExecutionFlow executionFlow = new ExecutionFlow(flow, list);
        set.remove(executionFlow);
        set.add(executionFlow);
        this.policies.put(extensionPoint, set);
    }

    private void removeExecutionFlow(ExtensionPoint extensionPoint, String str) {
        Set<ExecutionFlow> set = this.policies.get(extensionPoint);
        if (set == null || set.isEmpty()) {
            return;
        }
        set.removeIf(executionFlow -> {
            return str.equals(executionFlow.getFlowId());
        });
    }

    private List<Policy> getExecutionPolicies(Set<ExecutionFlow> set, Client client, boolean z, ExecutionPredicate executionPredicate) {
        return (List) set.stream().filter(executionFlow -> {
            return excludeApps(client, z, executionFlow);
        }).filter(executionFlow2 -> {
            return executionPredicate.evaluate(executionFlow2.getCondition());
        }).map((v0) -> {
            return v0.getPolicies();
        }).filter((v0) -> {
            return Objects.nonNull(v0);
        }).flatMap((v0) -> {
            return v0.stream();
        }).collect(Collectors.toList());
    }

    private boolean excludeApps(Client client, boolean z, ExecutionFlow executionFlow) {
        return z ? Objects.isNull(executionFlow.getApplication()) : client.getId().equals(executionFlow.getApplication());
    }

    private boolean needDeployment(Flow flow) {
        if (flow == null || flow.getId() == null) {
            return false;
        }
        Flow flow2 = this.flows.get(flow.getId());
        return flow2 == null || flow2.getUpdatedAt().before(flow.getUpdatedAt());
    }
}
