package io.gravitee.am.management.handlers.management.api.authentication.service.impl;

import io.gravitee.am.identityprovider.api.DefaultUser;
import io.gravitee.am.identityprovider.api.SimpleAuthenticationContext;
import io.gravitee.am.identityprovider.api.User;
import io.gravitee.am.management.handlers.management.api.authentication.provider.generator.JWTGenerator;
import io.gravitee.am.management.handlers.management.api.authentication.provider.security.EndUserAuthentication;
import io.gravitee.am.management.handlers.management.api.authentication.service.AuthenticationService;
import io.gravitee.am.management.handlers.management.api.preview.PreviewBuilder;
import io.gravitee.am.model.Membership;
import io.gravitee.am.model.ReferenceType;
import io.gravitee.am.model.membership.MemberType;
import io.gravitee.am.service.AuditService;
import io.gravitee.am.service.MembershipService;
import io.gravitee.am.service.OrganizationUserService;
import io.gravitee.am.service.RoleService;
import io.gravitee.am.service.exception.UserNotFoundException;
import io.gravitee.am.service.reporter.builder.AuditBuilder;
import io.gravitee.am.service.reporter.builder.AuthenticationAuditBuilder;
import io.gravitee.am.service.reporter.builder.management.UserAuditBuilder;
import io.reactivex.rxjava3.core.Completable;
import io.reactivex.rxjava3.core.Maybe;
import io.reactivex.rxjava3.core.Single;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.TimeUnit;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.Authentication;

/* loaded from: input_file:io/gravitee/am/management/handlers/management/api/authentication/service/impl/AuthenticationServiceImpl.class */
public class AuthenticationServiceImpl implements AuthenticationService {
    public static final String SOURCE = "source";
    private static final String IP_ADDRESS_KEY = "ip_address";
    private static final String USER_AGENT_KEY = "user_agent";

    @Autowired
    private OrganizationUserService userService;

    @Autowired
    private RoleService roleService;

    @Autowired
    private MembershipService membershipService;

    @Autowired
    private AuditService auditService;

    @Value("${http.blockingGet.timeoutMillis:120000}")
    private long blockingGetTimeoutMillis = 120000;

    @Override // io.gravitee.am.management.handlers.management.api.authentication.service.AuthenticationService
    public User onAuthenticationSuccess(Authentication authentication) {
        DefaultUser defaultUser = (DefaultUser) authentication.getPrincipal();
        EndUserAuthentication endUserAuthentication = new EndUserAuthentication(defaultUser.getUsername(), null, new SimpleAuthenticationContext());
        HashMap hashMap = authentication.getDetails() == null ? new HashMap() : new HashMap((Map) authentication.getDetails());
        hashMap.putIfAbsent("org", "DEFAULT");
        String str = (String) hashMap.get("org");
        String str2 = (String) hashMap.get(SOURCE);
        try {
            Single onErrorResumeNext = this.userService.findByExternalIdAndSource(ReferenceType.ORGANIZATION, str, defaultUser.getId(), str2).switchIfEmpty(Maybe.defer(() -> {
                return this.userService.findByUsernameAndSource(ReferenceType.ORGANIZATION, str, defaultUser.getUsername(), str2);
            })).switchIfEmpty(Single.error(new UserNotFoundException(defaultUser.getUsername()))).flatMap(user -> {
                user.setSource((String) hashMap.get(SOURCE));
                user.setLoggedAt(new Date());
                user.setLoginsCount(Long.valueOf(user.getLoginsCount().longValue() + 1));
                if (defaultUser.getEmail() != null) {
                    user.setEmail(defaultUser.getEmail());
                }
                if (user.getAdditionalInformation() != null) {
                    user.getAdditionalInformation().putAll(defaultUser.getAdditionalInformation());
                } else {
                    user.setAdditionalInformation(new HashMap(defaultUser.getAdditionalInformation()));
                }
                return this.userService.update(user).flatMap(user -> {
                    return updateRoles(defaultUser, user).andThen(Single.just(user));
                });
            }).onErrorResumeNext(th -> {
                if (!(th instanceof UserNotFoundException)) {
                    return Single.error(th);
                }
                io.gravitee.am.model.User user2 = new io.gravitee.am.model.User();
                user2.setInternal(false);
                user2.setExternalId(defaultUser.getId());
                user2.setUsername(defaultUser.getUsername());
                if (defaultUser.getEmail() != null) {
                    user2.setEmail(defaultUser.getEmail());
                }
                user2.setSource((String) hashMap.get(SOURCE));
                user2.setReferenceType(ReferenceType.ORGANIZATION);
                user2.setReferenceId(str);
                user2.setLoggedAt(new Date());
                user2.setLoginsCount(1L);
                user2.setAdditionalInformation(defaultUser.getAdditionalInformation());
                return this.userService.create(user2).doOnSuccess(user3 -> {
                    this.auditService.report(((UserAuditBuilder) ((UserAuditBuilder) AuditBuilder.builder(UserAuditBuilder.class)).type("USER_CREATED")).user(user3));
                }).doOnError(th -> {
                    this.auditService.report((AuditBuilder) ((UserAuditBuilder) ((UserAuditBuilder) AuditBuilder.builder(UserAuditBuilder.class)).type("USER_CREATED")).throwable(th));
                }).flatMap(user4 -> {
                    return this.userService.setRoles(defaultUser, user4).andThen(Single.just(user4));
                });
            });
            OrganizationUserService organizationUserService = this.userService;
            Objects.requireNonNull(organizationUserService);
            Single doOnSuccess = onErrorResumeNext.flatMap(organizationUserService::enhance).doOnSuccess(user2 -> {
                this.auditService.report((AuditBuilder) ((AuthenticationAuditBuilder) ((AuthenticationAuditBuilder) ((AuthenticationAuditBuilder) ((AuthenticationAuditBuilder) AuditBuilder.builder(AuthenticationAuditBuilder.class)).principal(endUserAuthentication).referenceType(ReferenceType.ORGANIZATION)).referenceId(str)).user(user2).ipAddress((String) hashMap.get(IP_ADDRESS_KEY))).userAgent((String) hashMap.get(USER_AGENT_KEY)));
            });
            if (this.blockingGetTimeoutMillis > 0) {
                doOnSuccess = doOnSuccess.timeout(this.blockingGetTimeoutMillis, TimeUnit.MILLISECONDS);
            }
            io.gravitee.am.model.User user3 = (io.gravitee.am.model.User) doOnSuccess.blockingGet();
            defaultUser.setId(user3.getId());
            defaultUser.setUsername(user3.getUsername());
            if (user3.getAdditionalInformation() != null) {
                defaultUser.getAdditionalInformation().putAll(user3.getAdditionalInformation());
            }
            defaultUser.getAdditionalInformation().put("sub", user3.getId());
            defaultUser.getAdditionalInformation().put("preferred_username", user3.getUsername());
            defaultUser.getAdditionalInformation().put("org", user3.getReferenceId());
            defaultUser.getAdditionalInformation().put(JWTGenerator.AM_CLAIMS_LOGINS, user3.getLoginsCount());
            defaultUser.getAdditionalInformation().computeIfAbsent("email", str3 -> {
                return user3.getEmail();
            });
            defaultUser.getAdditionalInformation().computeIfAbsent(PreviewBuilder.FACTOR_NAME, str4 -> {
                return user3.getDisplayName();
            });
            HashSet hashSet = user3.getRoles() != null ? new HashSet(user3.getRoles()) : new HashSet();
            if (defaultUser.getRoles() != null) {
                hashSet.addAll(defaultUser.getRoles());
            }
            defaultUser.getAdditionalInformation().put("roles", hashSet);
            return defaultUser;
        } catch (Exception e) {
            throw new IllegalStateException("Unable to read user information");
        }
    }

    private Completable updateRoles(User user, io.gravitee.am.model.User user2) {
        if (user.getRoles() == null || user.getRoles().isEmpty()) {
            return Completable.complete();
        }
        String str = (String) user.getRoles().get(0);
        return this.membershipService.findByMember(user2.getId(), MemberType.USER).filter(membership -> {
            return ReferenceType.ORGANIZATION == membership.getReferenceType();
        }).firstElement().map(membership2 -> {
            return Boolean.valueOf(!membership2.getRoleId().equals(str));
        }).switchIfEmpty(Maybe.just(false)).flatMapCompletable(bool -> {
            if (!bool.booleanValue()) {
                return Completable.complete();
            }
            Membership membership3 = new Membership();
            membership3.setMemberType(MemberType.USER);
            membership3.setMemberId(user2.getId());
            membership3.setReferenceType(user2.getReferenceType());
            membership3.setReferenceId(user2.getReferenceId());
            membership3.setRoleId(str);
            return this.roleService.findById(user2.getReferenceType(), user2.getReferenceId(), str).flatMap(role -> {
                return this.membershipService.addOrUpdate(user2.getReferenceId(), membership3);
            }).ignoreElement();
        });
    }
}
