package io.gravitee.am.management.service.impl.utils;

import io.gravitee.am.model.IdentityProvider;
import io.gravitee.am.model.ReferenceType;
import io.gravitee.am.model.Role;
import io.gravitee.am.model.permissions.DefaultRole;
import io.gravitee.am.model.permissions.SystemRole;
import io.gravitee.am.service.RoleService;
import io.reactivex.rxjava3.core.Flowable;
import io.vertx.core.json.JsonArray;
import io.vertx.core.json.JsonObject;
import java.util.Arrays;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.env.Environment;
import org.springframework.util.StringUtils;

/* loaded from: input_file:io/gravitee/am/management/service/impl/utils/InlineOrganizationProviderConfiguration.class */
public class InlineOrganizationProviderConfiguration extends OrganizationProviderConfiguration {
    public static final String MEMORY_TYPE = "memory";
    private final String passwordEncoder;
    private final Map<String, UserDefinition> users;
    private RoleService roleService;
    private static final Logger LOGGER = LoggerFactory.getLogger(InlineOrganizationProviderConfiguration.class);
    private static final List<String> authorizedRoles = Arrays.asList(DefaultRole.ORGANIZATION_OWNER.name(), DefaultRole.ORGANIZATION_USER.name(), SystemRole.ORGANIZATION_PRIMARY_OWNER.name());

    /* loaded from: input_file:io/gravitee/am/management/service/impl/utils/InlineOrganizationProviderConfiguration$UserDefinition.class */
    public static final class UserDefinition {
        private String username;
        private String email;
        private String firstname;
        private String lastname;
        private String password;
        private String role;

        public String getUsername() {
            return this.username;
        }

        public void setUsername(String str) {
            this.username = str;
        }

        public String getEmail() {
            return this.email;
        }

        public void setEmail(String str) {
            this.email = str;
        }

        public String getFirstname() {
            return this.firstname;
        }

        public void setFirstname(String str) {
            this.firstname = str;
        }

        public String getLastname() {
            return this.lastname;
        }

        public void setLastname(String str) {
            this.lastname = str;
        }

        public String getPassword() {
            return this.password;
        }

        public void setPassword(String str) {
            this.password = str;
        }

        public String getRole() {
            return this.role;
        }

        public void setRole(String str) {
            this.role = str;
        }
    }

    public InlineOrganizationProviderConfiguration(RoleService roleService, Environment environment, int i) {
        super(MEMORY_TYPE, environment, i);
        this.users = new LinkedHashMap();
        this.roleService = roleService;
        String propertyBase = getPropertyBase(i);
        this.passwordEncoder = (String) environment.getProperty(propertyBase + "password-encoding-algo", String.class, "BCrypt");
        boolean z = true;
        int i2 = 0;
        while (z) {
            String str = propertyBase + "users[" + i2 + "].";
            String property = environment.getProperty(str + "username");
            z = property != null;
            if (z) {
                UserDefinition userDefinition = new UserDefinition();
                userDefinition.setUsername(property);
                userDefinition.setFirstname(environment.getProperty(str + "firstname"));
                userDefinition.setLastname(environment.getProperty(str + "lastname"));
                userDefinition.setEmail(environment.getProperty(str + "email"));
                userDefinition.setPassword(environment.getProperty(str + "password"));
                userDefinition.setRole(environment.getProperty(str + "role"));
                if (StringUtils.isEmpty(userDefinition.getPassword()) || StringUtils.isEmpty(userDefinition.getRole())) {
                    LOGGER.warn("User definition ignored for '{}': missing role or password", property);
                } else if (authorizedRoles.contains(userDefinition.getRole())) {
                    this.users.put(property, userDefinition);
                } else {
                    LOGGER.warn("User definition ignored for '{}': invalid role. (expected: \"ORGANIZATION_OWNER\", \"ORGANIZATION_USER\", \"ORGANIZATION_PRIMARY_OWNER\")", property);
                }
            }
            i2++;
        }
    }

    @Override // io.gravitee.am.management.service.impl.utils.OrganizationProviderConfiguration
    public IdentityProvider buildIdentityProvider() {
        IdentityProvider identityProvider = new IdentityProvider();
        identityProvider.setId(MEMORY_TYPE);
        identityProvider.setConfiguration(generateConfiguration());
        identityProvider.setExternal(false);
        identityProvider.setType("inline-am-idp");
        identityProvider.setName(getName());
        identityProvider.setSystem(false);
        identityProvider.setReferenceId("DEFAULT");
        identityProvider.setReferenceType(ReferenceType.ORGANIZATION);
        identityProvider.setRoleMapper(generateRoleMapper());
        return identityProvider;
    }

    private String generateConfiguration() {
        JsonObject jsonObject = new JsonObject();
        if ("BCrypt".equals(this.passwordEncoder)) {
            jsonObject.put("passwordEncoder", this.passwordEncoder);
        }
        JsonArray jsonArray = new JsonArray();
        jsonObject.put("users", jsonArray);
        this.users.forEach((str, userDefinition) -> {
            jsonArray.add(new JsonObject().put("firstname", userDefinition.firstname).put("lastname", userDefinition.lastname).put("username", userDefinition.username).put("email", userDefinition.email).put("password", userDefinition.password));
        });
        return jsonObject.encode();
    }

    private Map<String, String[]> generateRoleMapper() {
        HashMap hashMap = new HashMap();
        List asList = Arrays.asList(SystemRole.ORGANIZATION_PRIMARY_OWNER.name(), DefaultRole.ORGANIZATION_OWNER.name(), DefaultRole.ORGANIZATION_USER.name());
        Map map = (Map) Flowable.merge(this.roleService.findRolesByName(ReferenceType.PLATFORM, "PLATFORM", ReferenceType.ORGANIZATION, asList), this.roleService.findRolesByName(ReferenceType.ORGANIZATION, "DEFAULT", ReferenceType.ORGANIZATION, asList)).collect(HashMap::new, (hashMap2, role) -> {
            hashMap2.put(role.getName(), role);
        }).blockingGet();
        this.users.forEach((str, userDefinition) -> {
            Role role2 = (Role) map.get(userDefinition.getRole());
            if (role2 != null) {
                String[] strArr = (String[]) hashMap.get(role2.getId());
                String[] strArr2 = strArr == null ? new String[1] : (String[]) Arrays.copyOf(strArr, strArr.length + 1);
                strArr2[strArr2.length - 1] = "username=" + str;
                hashMap.put(role2.getId(), strArr2);
            }
        });
        return hashMap;
    }

    public String getPasswordEncoder() {
        return this.passwordEncoder;
    }

    public Map<String, UserDefinition> getUsers() {
        return this.users;
    }
}
