package io.gravitee.am.management.service.impl;

import io.gravitee.am.common.event.IdentityProviderEvent;
import io.gravitee.am.identityprovider.api.UserProvider;
import io.gravitee.am.management.service.IdentityProviderManager;
import io.gravitee.am.management.service.InMemoryIdentityProviderListener;
import io.gravitee.am.management.service.impl.utils.InlineOrganizationProviderConfiguration;
import io.gravitee.am.model.IdentityProvider;
import io.gravitee.am.model.ReferenceType;
import io.gravitee.am.model.common.event.Payload;
import io.gravitee.am.plugins.idp.core.IdentityProviderPluginManager;
import io.gravitee.am.service.IdentityProviderService;
import io.gravitee.am.service.RoleService;
import io.gravitee.am.service.exception.PluginNotDeployedException;
import io.gravitee.common.event.Event;
import io.gravitee.common.event.EventListener;
import io.gravitee.common.event.EventManager;
import io.gravitee.common.service.AbstractService;
import io.reactivex.rxjava3.core.Completable;
import io.reactivex.rxjava3.core.Flowable;
import io.reactivex.rxjava3.core.Maybe;
import io.reactivex.rxjava3.core.Single;
import java.util.Objects;
import java.util.Optional;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.env.Environment;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:io/gravitee/am/management/service/impl/IdentityProviderManagerImpl.class */
public class IdentityProviderManagerImpl extends AbstractService<IdentityProviderManager> implements IdentityProviderManager, EventListener<IdentityProviderEvent, Payload> {
    public static final String IDP_GRAVITEE = "gravitee";
    private static final Logger logger = LoggerFactory.getLogger(IdentityProviderManagerImpl.class);
    private final ConcurrentMap<String, UserProvider> userProviders = new ConcurrentHashMap();
    private final ConcurrentMap<String, IdentityProvider> identityProviders = new ConcurrentHashMap();

    @Autowired
    private IdentityProviderPluginManager identityProviderPluginManager;

    @Autowired
    private IdentityProviderService identityProviderService;

    @Autowired
    private EventManager eventManager;

    @Autowired
    private Environment environment;

    @Autowired
    private RoleService roleService;
    private InMemoryIdentityProviderListener listener;

    @Override // io.gravitee.am.management.service.IdentityProviderManager
    public void setListener(InMemoryIdentityProviderListener inMemoryIdentityProviderListener) {
        this.listener = inMemoryIdentityProviderListener;
    }

    protected void doStart() throws Exception {
        super.doStart();
        logger.info("Register event listener for identity provider events for the management API");
        this.eventManager.subscribeForEvents(this, IdentityProviderEvent.class);
        logger.info("Initializing user providers");
        this.identityProviderService.findAll().flatMapMaybe(identityProvider -> {
            logger.info("\tInitializing user provider: {} [{}]", identityProvider.getName(), identityProvider.getType());
            return loadUserProvider(identityProvider);
        }).ignoreElements().andThen(Completable.defer(this::loadIdentityProviders)).blockingAwait();
    }

    public void onEvent(Event<IdentityProviderEvent, Payload> event) {
        if (Objects.requireNonNull(event.type()) == IdentityProviderEvent.UNDEPLOY) {
            removeUserProvider(((Payload) event.content()).getId());
        } else {
            logger.debug("{} event received for IdentityProvider {}, ignore it as it will be loaded on demand", event.type(), ((Payload) event.content()).getId());
        }
    }

    @Override // io.gravitee.am.management.service.IdentityProviderManager
    public Completable loadIdentityProviders() {
        if (this.listener == null) {
            return Completable.complete();
        }
        Flowable mergeWith = loadProvidersFromConfig().mergeWith(Single.just(buildOrganizationUserIdentityProvider()));
        InMemoryIdentityProviderListener inMemoryIdentityProviderListener = this.listener;
        Objects.requireNonNull(inMemoryIdentityProviderListener);
        return mergeWith.doOnNext(inMemoryIdentityProviderListener::registerAuthenticationProvider).flatMapMaybe(this::loadUserProvider).ignoreElements();
    }

    private Flowable<IdentityProvider> loadProvidersFromConfig() {
        boolean z = true;
        int i = 0;
        Flowable<IdentityProvider> empty = Flowable.empty();
        while (z) {
            String property = this.environment.getProperty("security.providers[" + i + "].type");
            z = property != null;
            if (z) {
                if (property.equals(InlineOrganizationProviderConfiguration.MEMORY_TYPE)) {
                    InlineOrganizationProviderConfiguration inlineOrganizationProviderConfiguration = new InlineOrganizationProviderConfiguration(this.roleService, this.environment, i);
                    if (inlineOrganizationProviderConfiguration.isEnabled()) {
                        empty = empty.mergeWith(inlineOrganizationProviderConfiguration.buildIdentityProvider());
                    }
                } else {
                    logger.warn("Unsupported provider with type '{}'", property);
                }
            }
            i++;
        }
        return empty;
    }

    private IdentityProvider buildOrganizationUserIdentityProvider() {
        IdentityProvider identityProvider = new IdentityProvider();
        identityProvider.setId(IDP_GRAVITEE);
        identityProvider.setExternal(false);
        identityProvider.setType("gravitee-am-idp");
        identityProvider.setName(IDP_GRAVITEE);
        identityProvider.setReferenceId("DEFAULT");
        identityProvider.setReferenceType(ReferenceType.ORGANIZATION);
        identityProvider.setConfiguration("{}");
        return identityProvider;
    }

    @Override // io.gravitee.am.management.service.IdentityProviderManager
    public Maybe<UserProvider> getUserProvider(String str) {
        return str == null ? Maybe.empty() : (IDP_GRAVITEE.equals(str) && this.userProviders.containsKey(str)) ? Maybe.just(this.userProviders.get(str)) : this.identityProviderService.findById(str).flatMap(identityProvider -> {
            UserProvider userProvider = this.userProviders.get(str);
            if (userProvider != null && this.identityProviders.containsKey(str) && this.identityProviders.get(str).getUpdatedAt().getTime() >= identityProvider.getUpdatedAt().getTime()) {
                return Maybe.just(userProvider);
            }
            removeUserProvider(str);
            return loadUserProvider(identityProvider);
        });
    }

    @Override // io.gravitee.am.management.service.IdentityProviderManager
    public Optional<IdentityProvider> getIdentityProvider(String str) {
        return Optional.ofNullable(this.identityProviders.get(str));
    }

    private void removeUserProvider(String str) {
        logger.info("Management API has received a undeploy identity provider event for {}", str);
        UserProvider remove = this.userProviders.remove(str);
        this.identityProviders.remove(str);
        if (remove != null) {
            try {
                remove.stop();
            } catch (Exception e) {
                logger.error("An error has occurred while stopping the user provider : {}", str, e);
            }
        }
    }

    private Maybe<UserProvider> loadUserProvider(IdentityProvider identityProvider) {
        return this.identityProviderPluginManager.create(identityProvider.getType(), identityProvider.getConfiguration(), identityProvider).flatMapMaybe(optional -> {
            if (optional.isPresent()) {
                this.userProviders.put(identityProvider.getId(), (UserProvider) optional.get());
                this.identityProviders.put(identityProvider.getId(), identityProvider);
                return Maybe.just((UserProvider) optional.get());
            }
            this.userProviders.remove(identityProvider.getId());
            this.identityProviders.remove(identityProvider.getId());
            return Maybe.empty();
        }).onErrorResumeNext(th -> {
            logger.error("An error has occurred while loading user provider: {} [{}]", new Object[]{identityProvider.getName(), identityProvider.getType(), th});
            this.userProviders.remove(identityProvider.getId());
            this.identityProviders.remove(identityProvider.getId());
            return Maybe.empty();
        });
    }

    @Override // io.gravitee.am.management.service.IdentityProviderManager
    public Completable checkPluginDeployment(String str) {
        if (this.identityProviderPluginManager.isPluginDeployed(str)) {
            return Completable.complete();
        }
        logger.debug("Plugin {} not deployed", str);
        return Completable.error(PluginNotDeployedException.forType(str));
    }
}
