package io.gravitee.am.management.handlers.management.api.resources.organizations.idps;

import io.gravitee.am.management.handlers.management.api.resources.AbstractResource;
import io.gravitee.am.management.handlers.management.api.resources.model.FilteredIdentityProviderInfo;
import io.gravitee.am.management.service.IdentityProviderManager;
import io.gravitee.am.management.service.IdentityProviderServiceProxy;
import io.gravitee.am.model.Acl;
import io.gravitee.am.model.IdentityProvider;
import io.gravitee.am.model.ReferenceType;
import io.gravitee.am.model.permissions.Permission;
import io.gravitee.am.service.model.NewIdentityProvider;
import io.reactivex.rxjava3.core.Maybe;
import io.reactivex.rxjava3.core.Single;
import io.reactivex.rxjava3.functions.Consumer;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.ArraySchema;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.validation.Valid;
import jakarta.validation.constraints.NotNull;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.POST;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.PathParam;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.QueryParam;
import jakarta.ws.rs.container.AsyncResponse;
import jakarta.ws.rs.container.ResourceContext;
import jakarta.ws.rs.container.Suspended;
import jakarta.ws.rs.core.Context;
import jakarta.ws.rs.core.Response;
import java.net.URI;
import java.util.Objects;
import org.springframework.beans.factory.annotation.Autowired;

@Tag(name = "identity provider")
/* loaded from: input_file:io/gravitee/am/management/handlers/management/api/resources/organizations/idps/IdentityProvidersResource.class */
public class IdentityProvidersResource extends AbstractResource {

    @Context
    private ResourceContext resourceContext;

    @Autowired
    private IdentityProviderServiceProxy identityProviderService;

    @Autowired
    private IdentityProviderManager identityProviderManager;

    @Produces({"application/json"})
    @Operation(summary = "List registered identity providers of the organization", description = "User must have the ORGANIZATION_IDENTITY_PROVIDER[LIST] permission on the specified organization. Each returned identity provider is filtered and contains only basic information such as id, name, type and isExternal.")
    @GET
    @ApiResponses({@ApiResponse(responseCode = "200", description = "List registered identity providers of the organization", content = {@Content(mediaType = "application/json", array = @ArraySchema(schema = @Schema(implementation = FilteredIdentityProviderInfo.class)))}), @ApiResponse(responseCode = "500", description = "Internal server error")})
    public void list(@PathParam("organizationId") String str, @QueryParam("userProvider") boolean z, @Suspended AsyncResponse asyncResponse) {
        Single andThen = checkPermission(ReferenceType.ORGANIZATION, str, Permission.ORGANIZATION_IDENTITY_PROVIDER, Acl.LIST).andThen(this.identityProviderService.findAll(ReferenceType.ORGANIZATION, str).flatMapMaybe(identityProvider -> {
            return z ? this.identityProviderManager.getUserProvider(identityProvider.getId()).map(userProvider -> {
                return identityProvider;
            }) : Maybe.just(identityProvider);
        }).map(this::filterIdentityProviderInfos).sorted((filteredIdentityProviderInfo, filteredIdentityProviderInfo2) -> {
            return String.CASE_INSENSITIVE_ORDER.compare(filteredIdentityProviderInfo.name(), filteredIdentityProviderInfo2.name());
        }).toList());
        Objects.requireNonNull(asyncResponse);
        Consumer consumer = (v1) -> {
            r1.resume(v1);
        };
        Objects.requireNonNull(asyncResponse);
        andThen.subscribe(consumer, asyncResponse::resume);
    }

    @Produces({"application/json"})
    @Operation(summary = "Create an identity provider for the organization", description = "User must have the ORGANIZATION_IDENTITY_PROVIDER[CREATE] permission on the specified organization")
    @POST
    @Consumes({"application/json"})
    @ApiResponses({@ApiResponse(responseCode = "201", description = "Identity provider successfully created"), @ApiResponse(responseCode = "500", description = "Internal server error")})
    public void create(@PathParam("organizationId") String str, @Parameter(name = "identity", required = true) @Valid @NotNull NewIdentityProvider newIdentityProvider, @Suspended AsyncResponse asyncResponse) {
        Single andThen = checkPermission(ReferenceType.ORGANIZATION, str, Permission.ORGANIZATION_IDENTITY_PROVIDER, Acl.CREATE).andThen(this.identityProviderManager.checkPluginDeployment(newIdentityProvider.getType())).andThen(this.identityProviderService.create(ReferenceType.ORGANIZATION, str, newIdentityProvider, getAuthenticatedUser(), false).map(identityProvider -> {
            return Response.created(URI.create("/organizations/" + str + "/identities/" + identityProvider.getId())).entity(identityProvider).build();
        }));
        Objects.requireNonNull(asyncResponse);
        Consumer consumer = (v1) -> {
            r1.resume(v1);
        };
        Objects.requireNonNull(asyncResponse);
        andThen.subscribe(consumer, asyncResponse::resume);
    }

    @Path("{identity}")
    public IdentityProviderResource getIdentityProviderResource() {
        return (IdentityProviderResource) this.resourceContext.getResource(IdentityProviderResource.class);
    }

    private FilteredIdentityProviderInfo filterIdentityProviderInfos(IdentityProvider identityProvider) {
        return new FilteredIdentityProviderInfo(identityProvider.getId(), identityProvider.getName(), identityProvider.getType(), identityProvider.isSystem(), identityProvider.isExternal(), identityProvider.getPasswordPolicy());
    }
}
