package io.gravitee.am.management.handlers.management.api.resources.organizations.environments.domains;

import io.gravitee.am.identityprovider.api.User;
import io.gravitee.am.management.handlers.management.api.resources.AbstractResource;
import io.gravitee.am.model.Acl;
import io.gravitee.am.model.Application;
import io.gravitee.am.model.ReferenceType;
import io.gravitee.am.model.application.ApplicationSettings;
import io.gravitee.am.model.permissions.Permission;
import io.gravitee.am.service.ApplicationService;
import io.gravitee.am.service.DomainService;
import io.gravitee.am.service.exception.ApplicationNotFoundException;
import io.gravitee.am.service.exception.DomainNotFoundException;
import io.gravitee.am.service.model.PatchApplication;
import io.gravitee.am.service.model.PatchApplicationType;
import io.reactivex.rxjava3.core.Completable;
import io.reactivex.rxjava3.core.Maybe;
import io.reactivex.rxjava3.core.Single;
import io.reactivex.rxjava3.functions.Action;
import io.reactivex.rxjava3.functions.Consumer;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import jakarta.validation.Valid;
import jakarta.validation.constraints.NotNull;
import jakarta.ws.rs.BadRequestException;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.DELETE;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.PATCH;
import jakarta.ws.rs.POST;
import jakarta.ws.rs.PUT;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.PathParam;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.container.AsyncResponse;
import jakarta.ws.rs.container.ResourceContext;
import jakarta.ws.rs.container.Suspended;
import jakarta.ws.rs.core.Context;
import jakarta.ws.rs.core.Response;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:io/gravitee/am/management/handlers/management/api/resources/organizations/environments/domains/ApplicationResource.class */
public class ApplicationResource extends AbstractResource {

    @Autowired
    private ApplicationService applicationService;

    @Autowired
    private DomainService domainService;

    @Context
    private ResourceContext resourceContext;

    @Produces({"application/json"})
    @Operation(operationId = "findApplication", summary = "Get an application", description = "User must have the APPLICATION[READ] permission on the specified application or APPLICATION[READ] permission on the specified domain or APPLICATION[READ] permission on the specified environment or APPLICATION[READ] permission on the specified organization. Application will be filtered according to permissions (READ on APPLICATION_IDENTITY_PROVIDER, APPLICATION_CERTIFICATE, APPLICATION_METADATA, APPLICATION_USER_ACCOUNT, APPLICATION_SETTINGS)")
    @GET
    @ApiResponses({@ApiResponse(responseCode = "200", description = "Application", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = Application.class))}), @ApiResponse(responseCode = "500", description = "Internal server error")})
    public void get(@PathParam("organizationId") String str, @PathParam("environmentId") String str2, @PathParam("domain") String str3, @PathParam("application") String str4, @Suspended AsyncResponse asyncResponse) {
        User authenticatedUser = getAuthenticatedUser();
        Maybe map = checkAnyPermission(str, str2, str3, str4, Permission.APPLICATION, Acl.READ).andThen(this.domainService.findById(str3).switchIfEmpty(Maybe.error(new DomainNotFoundException(str3))).flatMap(domain -> {
            return this.applicationService.findById(str4);
        }).switchIfEmpty(Maybe.error(new ApplicationNotFoundException(str4))).flatMapSingle(application -> {
            return findAllPermissions(authenticatedUser, str, str2, str3, str4).map(map2 -> {
                return filterApplicationInfos(application, map2);
            });
        })).map(application2 -> {
            if (application2.getDomain().equalsIgnoreCase(str3)) {
                return Response.ok(application2).build();
            }
            throw new BadRequestException("Application does not belong to domain");
        });
        Objects.requireNonNull(asyncResponse);
        map.subscribe((v1) -> {
            r1.resume(v1);
        }, th -> {
            asyncResponse.resume(th);
        });
    }

    @Produces({"application/json"})
    @Operation(operationId = "patchApplication", summary = "Patch an application", description = "User must have APPLICATION[UPDATE] permission on the specified application or APPLICATION[UPDATE] permission on the specified domain or APPLICATION[UPDATE] permission on the specified environment or APPLICATION[UPDATE] permission on the specified organization")
    @PATCH
    @Consumes({"application/json"})
    @ApiResponses({@ApiResponse(responseCode = "200", description = "Application successfully patched", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = Application.class))}), @ApiResponse(responseCode = "500", description = "Internal server error")})
    public void patch(@PathParam("organizationId") String str, @PathParam("environmentId") String str2, @PathParam("domain") String str3, @PathParam("application") String str4, @Parameter(name = "application", required = true) @Valid @NotNull PatchApplication patchApplication, @Suspended AsyncResponse asyncResponse) {
        updateInternal(str, str2, str3, str4, patchApplication, asyncResponse);
    }

    @Produces({"application/json"})
    @Operation(operationId = "updateApplication", summary = "Update an application", description = "User must have APPLICATION[UPDATE] permission on the specified application or APPLICATION[UPDATE] permission on the specified domain or APPLICATION[UPDATE] permission on the specified environment or APPLICATION[UPDATE] permission on the specified organization")
    @PUT
    @Consumes({"application/json"})
    @ApiResponses({@ApiResponse(responseCode = "200", description = "Application successfully updated", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = Application.class))}), @ApiResponse(responseCode = "500", description = "Internal server error")})
    public void update(@PathParam("organizationId") String str, @PathParam("environmentId") String str2, @PathParam("domain") String str3, @PathParam("application") String str4, @Parameter(name = "application", required = true) @Valid @NotNull PatchApplication patchApplication, @Suspended AsyncResponse asyncResponse) {
        updateInternal(str, str2, str3, str4, patchApplication, asyncResponse);
    }

    @Produces({"application/json"})
    @Operation(operationId = "updateApplicationType", summary = "Update an application type", description = "User must have APPLICATION[UPDATE] permission on the specified application or APPLICATION[UPDATE] permission on the specified domain or APPLICATION[UPDATE] permission on the specified environment or APPLICATION[UPDATE] permission on the specified organization")
    @PUT
    @Path("type")
    @Consumes({"application/json"})
    @ApiResponses({@ApiResponse(responseCode = "200", description = "Application type successfully updated", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = Application.class))}), @ApiResponse(responseCode = "500", description = "Internal server error")})
    public void update(@PathParam("organizationId") String str, @PathParam("environmentId") String str2, @PathParam("domain") String str3, @PathParam("application") String str4, @Parameter(name = "type", required = true) @Valid @NotNull PatchApplicationType patchApplicationType, @Suspended AsyncResponse asyncResponse) {
        Single andThen = checkAnyPermission(str, str2, str3, str4, Permission.APPLICATION, Acl.UPDATE).andThen(this.applicationService.updateType(str3, str4, patchApplicationType.getType(), getAuthenticatedUser()));
        Objects.requireNonNull(asyncResponse);
        Consumer consumer = (v1) -> {
            r1.resume(v1);
        };
        Objects.requireNonNull(asyncResponse);
        andThen.subscribe(consumer, asyncResponse::resume);
    }

    @DELETE
    @Operation(operationId = "deleteApplication", summary = "Delete an application", description = "User must have APPLICATION[DELETE] permission on the specified application or APPLICATION[DELETE] permission on the specified domain or APPLICATION[DELETE] permission on the specified environment or APPLICATION[DELETE] permission on the specified organization")
    @ApiResponses({@ApiResponse(responseCode = "204", description = "Application successfully deleted"), @ApiResponse(responseCode = "500", description = "Internal server error")})
    public void delete(@PathParam("organizationId") String str, @PathParam("environmentId") String str2, @PathParam("domain") String str3, @PathParam("application") String str4, @Suspended AsyncResponse asyncResponse) {
        Completable andThen = checkAnyPermission(str, str2, str3, str4, Permission.APPLICATION, Acl.DELETE).andThen(this.applicationService.delete(str4, getAuthenticatedUser()));
        Action action = () -> {
            asyncResponse.resume(Response.noContent().build());
        };
        Objects.requireNonNull(asyncResponse);
        andThen.subscribe(action, asyncResponse::resume);
    }

    @Produces({"application/json"})
    @Operation(operationId = "renewClientSecret", summary = "Renew application secret", description = "User must have APPLICATION_OPENID[UPDATE] permission on the specified application or APPLICATION_OPENID[UPDATE] permission on the specified domain or APPLICATION_OPENID[UPDATE] permission on the specified environment or APPLICATION_OPENID[UPDATE] permission on the specified organization")
    @POST
    @Path("secret/_renew")
    @ApiResponses({@ApiResponse(responseCode = "200", description = "Application secret successfully updated", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = Application.class))}), @ApiResponse(responseCode = "500", description = "Internal server error")})
    public void renewClientSecret(@PathParam("organizationId") String str, @PathParam("environmentId") String str2, @PathParam("domain") String str3, @PathParam("application") String str4, @Suspended AsyncResponse asyncResponse) {
        User authenticatedUser = getAuthenticatedUser();
        Maybe andThen = checkAnyPermission(str, str2, str3, str4, Permission.APPLICATION_OPENID, Acl.READ).andThen(this.domainService.findById(str3).switchIfEmpty(Maybe.error(new DomainNotFoundException(str3))).flatMapSingle(domain -> {
            return this.applicationService.renewClientSecret(str3, str4, authenticatedUser);
        }));
        Objects.requireNonNull(asyncResponse);
        Consumer consumer = (v1) -> {
            r1.resume(v1);
        };
        Objects.requireNonNull(asyncResponse);
        andThen.subscribe(consumer, asyncResponse::resume);
    }

    @Path("emails")
    public ApplicationEmailsResource getEmailsResource() {
        return (ApplicationEmailsResource) this.resourceContext.getResource(ApplicationEmailsResource.class);
    }

    @Path("forms")
    public ApplicationFormsResource getFormsResource() {
        return (ApplicationFormsResource) this.resourceContext.getResource(ApplicationFormsResource.class);
    }

    @Path("members")
    public ApplicationMembersResource getMembersResource() {
        return (ApplicationMembersResource) this.resourceContext.getResource(ApplicationMembersResource.class);
    }

    @Path("resources")
    public ApplicationResourcesResource getResourcesResource() {
        return (ApplicationResourcesResource) this.resourceContext.getResource(ApplicationResourcesResource.class);
    }

    @Path("analytics")
    public ApplicationAnalyticsResource getAnalyticsResource() {
        return (ApplicationAnalyticsResource) this.resourceContext.getResource(ApplicationAnalyticsResource.class);
    }

    @Path("flows")
    public ApplicationFlowsResource getFlowsResource() {
        return (ApplicationFlowsResource) this.resourceContext.getResource(ApplicationFlowsResource.class);
    }

    public void updateInternal(String str, String str2, String str3, String str4, PatchApplication patchApplication, AsyncResponse asyncResponse) {
        User authenticatedUser = getAuthenticatedUser();
        Set requiredPermissions = patchApplication.getRequiredPermissions();
        if (requiredPermissions.isEmpty()) {
            asyncResponse.resume(new BadRequestException("You need to specify at least one value to update."));
            return;
        }
        Maybe andThen = Completable.merge((Iterable) requiredPermissions.stream().map(permission -> {
            return checkAnyPermission(str, str2, str3, str4, permission, Acl.UPDATE);
        }).collect(Collectors.toList())).andThen(this.domainService.findById(str3).switchIfEmpty(Maybe.error(new DomainNotFoundException(str3))).flatMapSingle(domain -> {
            return this.applicationService.patch(str3, str4, patchApplication, authenticatedUser).flatMap(application -> {
                return findAllPermissions(authenticatedUser, str, str2, str3, str4).map(map -> {
                    return filterApplicationInfos(application, map);
                });
            });
        }));
        Objects.requireNonNull(asyncResponse);
        Consumer consumer = (v1) -> {
            r1.resume(v1);
        };
        Objects.requireNonNull(asyncResponse);
        andThen.subscribe(consumer, asyncResponse::resume);
    }

    private Application filterApplicationInfos(Application application, Map<ReferenceType, Map<Permission, Set<Acl>>> map) {
        Application application2 = new Application();
        if (hasAnyPermission(map, Permission.APPLICATION, Acl.READ).booleanValue()) {
            application2.setId(application.getId());
            application2.setName(application.getName());
            application2.setType(application.getType());
            application2.setDescription(application.getDescription());
            application2.setDomain(application.getDomain());
            application2.setEnabled(application.isEnabled());
            application2.setTemplate(application.isTemplate());
            application2.setCreatedAt(application.getCreatedAt());
            application2.setUpdatedAt(application.getUpdatedAt());
        }
        if (hasAnyPermission(map, Permission.APPLICATION_FACTOR, Acl.READ).booleanValue()) {
            application2.setFactors(application.getFactors());
        }
        if (hasAnyPermission(map, Permission.APPLICATION_IDENTITY_PROVIDER, Acl.READ).booleanValue()) {
            application2.setIdentityProviders(application.getIdentityProviders());
        }
        if (hasAnyPermission(map, Permission.APPLICATION_CERTIFICATE, Acl.READ).booleanValue()) {
            application2.setCertificate(application.getCertificate());
        }
        ApplicationSettings settings = application.getSettings();
        if (settings != null) {
            ApplicationSettings applicationSettings = new ApplicationSettings();
            application2.setSettings(applicationSettings);
            if (hasAnyPermission(map, Permission.APPLICATION_SETTINGS, Acl.READ).booleanValue()) {
                application2.setMetadata(application.getMetadata());
                applicationSettings.setAdvanced(settings.getAdvanced());
                applicationSettings.setAccount(settings.getAccount());
                applicationSettings.setLogin(settings.getLogin());
                applicationSettings.setPasswordSettings(settings.getPasswordSettings());
                applicationSettings.setMfa(settings.getMfa());
                applicationSettings.setCookieSettings(settings.getCookieSettings());
                applicationSettings.setRiskAssessment(settings.getRiskAssessment());
            }
            if (hasAnyPermission(map, Permission.APPLICATION_OPENID, Acl.READ).booleanValue()) {
                applicationSettings.setOauth(settings.getOauth());
            }
            if (hasAnyPermission(map, Permission.APPLICATION_SAML, Acl.READ).booleanValue()) {
                applicationSettings.setSaml(settings.getSaml());
            }
        }
        application2.setSecrets(application.getSecrets());
        application2.setSecretSettings(application.getSecretSettings());
        return application2;
    }
}
