package io.gravitee.am.management.handlers.management.api.authentication.manager.idp.impl;

import io.gravitee.am.common.event.IdentityProviderEvent;
import io.gravitee.am.identityprovider.api.AuthenticationProvider;
import io.gravitee.am.management.handlers.management.api.authentication.manager.idp.IdentityProviderManager;
import io.gravitee.am.management.service.InMemoryIdentityProviderListener;
import io.gravitee.am.model.IdentityProvider;
import io.gravitee.am.model.ReferenceType;
import io.gravitee.am.model.common.event.Payload;
import io.gravitee.am.plugins.idp.core.AuthenticationProviderConfiguration;
import io.gravitee.am.plugins.idp.core.IdentityProviderPluginManager;
import io.gravitee.am.service.IdentityProviderService;
import io.gravitee.common.event.Event;
import io.gravitee.common.event.EventListener;
import io.gravitee.common.event.EventManager;
import java.util.HashSet;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component("managementIdentityProviderManager")
/* loaded from: input_file:io/gravitee/am/management/handlers/management/api/authentication/manager/idp/impl/IdentityProviderManagerImpl.class */
public class IdentityProviderManagerImpl implements IdentityProviderManager, InitializingBean, EventListener<IdentityProviderEvent, Payload>, InMemoryIdentityProviderListener {

    @Autowired
    private IdentityProviderPluginManager identityProviderPluginManager;

    @Autowired
    private IdentityProviderService identityProviderService;

    @Autowired
    private EventManager eventManager;

    @Autowired
    private io.gravitee.am.management.service.IdentityProviderManager commonIdentityProviderManager;
    private final Logger logger = LoggerFactory.getLogger(IdentityProviderManagerImpl.class);
    private final ConcurrentMap<String, AuthenticationProvider> providers = new ConcurrentHashMap();
    private final ConcurrentMap<String, IdentityProvider> identities = new ConcurrentHashMap();
    private final Set<String> transientProviders = new HashSet();

    @Override // io.gravitee.am.management.handlers.management.api.authentication.manager.idp.IdentityProviderManager
    public AuthenticationProvider get(String str) {
        return this.providers.get(str);
    }

    @Override // io.gravitee.am.management.handlers.management.api.authentication.manager.idp.IdentityProviderManager
    public IdentityProvider getIdentityProvider(String str) {
        return this.identities.get(str);
    }

    public void afterPropertiesSet() throws Exception {
        this.logger.info("Register event listener for identity provider events for all organizations");
        this.eventManager.subscribeForEvents(this, IdentityProviderEvent.class);
        this.logger.info("Initializing identity providers for all organizations");
        try {
            this.identityProviderService.findAll(ReferenceType.ORGANIZATION).blockingForEach(this::updateAuthenticationProvider);
            this.logger.info("Identity providers loaded for all organizations");
        } catch (Exception e) {
            this.logger.error("Unable to initialize identity providers", e);
        }
        this.commonIdentityProviderManager.setListener(this);
    }

    public void registerAuthenticationProvider(IdentityProvider identityProvider) {
        updateAuthenticationProvider(identityProvider);
        this.transientProviders.add(identityProvider.getId());
    }

    @Override // io.gravitee.am.management.handlers.management.api.authentication.manager.idp.IdentityProviderManager
    public Set<String> getTransientProviders() {
        return this.transientProviders;
    }

    public void onEvent(Event<IdentityProviderEvent, Payload> event) {
        if (((Payload) event.content()).getReferenceType() != ReferenceType.ORGANIZATION || ((Payload) event.content()).getReferenceId() == null) {
            return;
        }
        IdentityProviderEvent type = event.type();
        if (Objects.requireNonNull(type) == IdentityProviderEvent.DEPLOY || type == IdentityProviderEvent.UPDATE) {
            updateIdentityProvider(((Payload) event.content()).getId(), ((Payload) event.content()).getReferenceId(), (IdentityProviderEvent) event.type());
        } else if (type == IdentityProviderEvent.UNDEPLOY) {
            removeIdentityProvider(((Payload) event.content()).getId());
        }
    }

    private void updateIdentityProvider(String str, String str2, IdentityProviderEvent identityProviderEvent) {
        String lowerCase = identityProviderEvent.toString().toLowerCase();
        this.logger.info("Organization {} has received {} identity provider event for {}", new Object[]{str2, lowerCase, str});
        this.identityProviderService.findById(str).subscribe(identityProvider -> {
            updateAuthenticationProvider(identityProvider);
            this.logger.info("Identity provider {} {}d for organization {}", new Object[]{str, lowerCase, str2});
        }, th -> {
            this.logger.error("Unable to {} identity provider for organization {}", new Object[]{lowerCase, str2, th});
        }, () -> {
            this.logger.error("No identity provider found with id {}", str);
        });
    }

    private void updateAuthenticationProvider(IdentityProvider identityProvider) {
        try {
            if (needDeployment(identityProvider)) {
                this.logger.info("\tInitializing identity provider: {} for organization {} [{}]", new Object[]{identityProvider.getName(), identityProvider.getReferenceId(), identityProvider.getType()});
                clearProvider(identityProvider.getId());
                AuthenticationProvider authenticationProvider = (AuthenticationProvider) this.identityProviderPluginManager.create(new AuthenticationProviderConfiguration(identityProvider));
                if (authenticationProvider != null) {
                    authenticationProvider.start();
                    this.providers.put(identityProvider.getId(), authenticationProvider);
                    this.identities.put(identityProvider.getId(), identityProvider);
                }
                this.identities.put(identityProvider.getId(), identityProvider);
            } else {
                this.logger.info("\tIdentity provider already initialized: {} for organization {} [{}]", new Object[]{identityProvider.getName(), identityProvider.getReferenceId(), identityProvider.getType()});
            }
        } catch (Exception e) {
            this.logger.error("An error occurs while initializing the identity provider : {}", identityProvider.getName(), e);
            clearProvider(identityProvider.getId());
        }
    }

    private void removeIdentityProvider(String str) {
        this.logger.info("Received identity provider event, delete identity provider {}", str);
        clearProvider(str);
    }

    private void clearProvider(String str) {
        AuthenticationProvider remove = this.providers.remove(str);
        if (remove != null) {
            try {
                remove.stop();
            } catch (Exception e) {
                this.logger.error("An error occurs while stopping the identity provider : {}", str, e);
            }
        }
        this.identities.remove(str);
    }

    private boolean needDeployment(IdentityProvider identityProvider) {
        IdentityProvider identityProvider2 = this.identities.get(identityProvider.getId());
        return identityProvider2 == null || identityProvider2.getUpdatedAt().before(identityProvider.getUpdatedAt());
    }
}
