package org.apereo.cas.azure.ad.authentication;

import com.fasterxml.jackson.annotation.JsonIgnore;
import com.squareup.moshi.Json;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import lombok.Generated;
import okhttp3.OkHttpClient;
import okhttp3.ResponseBody;
import okhttp3.logging.HttpLoggingInterceptor;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.attribute.BasePersonAttributeDao;
import org.apereo.cas.authentication.attribute.SimplePersonAttributes;
import org.apereo.cas.authentication.attribute.SimpleUsernameAttributeProvider;
import org.apereo.cas.authentication.principal.attribute.PersonAttributeDaoFilter;
import org.apereo.cas.authentication.principal.attribute.PersonAttributes;
import org.apereo.cas.authentication.principal.attribute.UsernameAttributeProvider;
import org.apereo.cas.util.function.FunctionUtils;
import org.springframework.util.ReflectionUtils;
import retrofit2.Call;
import retrofit2.Response;
import retrofit2.Retrofit;
import retrofit2.converter.moshi.MoshiConverterFactory;
import retrofit2.http.Field;
import retrofit2.http.FormUrlEncoded;
import retrofit2.http.GET;
import retrofit2.http.POST;
import retrofit2.http.Path;
import retrofit2.http.Query;

/* loaded from: input_file:org/apereo/cas/azure/ad/authentication/MicrosoftGraphPersonAttributeDao.class */
public class MicrosoftGraphPersonAttributeDao extends BasePersonAttributeDao {
    private String tenant;
    private String scope;
    private String clientId;
    private String clientSecret;
    private String properties;
    private String domain;
    private final UsernameAttributeProvider usernameAttributeProvider = new SimpleUsernameAttributeProvider();
    private String resource = "https://graph.microsoft.com/";
    private String grantType = "client_credentials";
    private String apiBaseUrl = "https://graph.microsoft.com/v1.0/";
    private String loginBaseUrl = "https://login.microsoftonline.com/%s/";
    private String loggingLevel = "BASIC";

    /* loaded from: input_file:org/apereo/cas/azure/ad/authentication/MicrosoftGraphPersonAttributeDao$GraphApiService.class */
    private interface GraphApiService {
        @GET("users/{upn}")
        Call<User> getUserByUserPrincipalName(@Path("upn") String str, @Query(value = "$select", encoded = true) String str2);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apereo/cas/azure/ad/authentication/MicrosoftGraphPersonAttributeDao$GraphAuthApiService.class */
    public interface GraphAuthApiService {
        @FormUrlEncoded
        @POST("oauth2/token")
        Call<OAuthTokenInfo> getOauth2Token(@Field("grant_type") String str, @Field("client_id") String str2, @Field("client_secret") String str3, @Field("scope") String str4, @Field("resource") String str5);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apereo/cas/azure/ad/authentication/MicrosoftGraphPersonAttributeDao$OAuthTokenInfo.class */
    public static final class OAuthTokenInfo implements Serializable {
        private static final long serialVersionUID = -8586825191767772463L;

        @Json(name = "token_type")
        private String tokenType;

        @Json(name = "scope")
        private String scope;

        @Json(name = "expires_in")
        private int expiresIn;

        @Json(name = "expires_on")
        private int expiresOn;

        @Json(name = "not_before")
        private int notBefore;

        @Json(name = "resource")
        private String resource;

        @Json(name = "access_token")
        private String accessToken;

        private OAuthTokenInfo() {
        }

        @Generated
        public String getTokenType() {
            return this.tokenType;
        }

        @Generated
        public String getScope() {
            return this.scope;
        }

        @Generated
        public int getExpiresIn() {
            return this.expiresIn;
        }

        @Generated
        public int getExpiresOn() {
            return this.expiresOn;
        }

        @Generated
        public int getNotBefore() {
            return this.notBefore;
        }

        @Generated
        public String getResource() {
            return this.resource;
        }

        @Generated
        public String getAccessToken() {
            return this.accessToken;
        }

        @Generated
        public void setTokenType(String str) {
            this.tokenType = str;
        }

        @Generated
        public void setScope(String str) {
            this.scope = str;
        }

        @Generated
        public void setExpiresIn(int i) {
            this.expiresIn = i;
        }

        @Generated
        public void setExpiresOn(int i) {
            this.expiresOn = i;
        }

        @Generated
        public void setNotBefore(int i) {
            this.notBefore = i;
        }

        @Generated
        public void setResource(String str) {
            this.resource = str;
        }

        @Generated
        public void setAccessToken(String str) {
            this.accessToken = str;
        }
    }

    /* loaded from: input_file:org/apereo/cas/azure/ad/authentication/MicrosoftGraphPersonAttributeDao$User.class */
    private static final class User implements Serializable {
        private static final long serialVersionUID = 8497244140827305607L;
        private String userPrincipalName;
        private String id;
        private boolean accountEnabled;
        private String displayName;
        private String mail;
        private String jobTitle;
        private String officeLocation;
        private String preferredLanguage;
        private String mobilePhone;
        private String surname;
        private String givenName;
        private String passwordPolicies;
        private String preferredName;
        private List<String> businessPhones = new ArrayList(0);
        private List<String> schools = new ArrayList(0);
        private List<String> skills = new ArrayList(0);
        private String postalCode;
        private String consentProvidedForMinor;
        private String aboutMe;
        private String streetAddress;
        private String userType;
        private String usageLocation;
        private String state;
        private String ageGroup;
        private String otherMails;
        private String city;
        private String country;
        private String countryName;
        private String department;
        private String employeeId;
        private String faxNumber;
        private String mailNickname;
        private String onPremisesSamAccountName;

        private User() {
        }

        static List<String> getDefaultFieldQuery() {
            return List.of("businessPhones,displayName,givenName,id,jobTitle,mail,givenName,employeeId,mobilePhone,officeLocation,accountEnabled,preferredLanguage,surname,userPrincipalName");
        }

        @JsonIgnore
        private Map<String, Object> buildAttributes() {
            HashMap hashMap = new HashMap();
            ReflectionUtils.doWithFields(getClass(), field -> {
                field.setAccessible(true);
                hashMap.put(field.getName(), field.get(this));
            });
            return hashMap;
        }

        @Generated
        public String getUserPrincipalName() {
            return this.userPrincipalName;
        }

        @Generated
        public String getId() {
            return this.id;
        }

        @Generated
        public boolean isAccountEnabled() {
            return this.accountEnabled;
        }

        @Generated
        public String getDisplayName() {
            return this.displayName;
        }

        @Generated
        public String getMail() {
            return this.mail;
        }

        @Generated
        public String getJobTitle() {
            return this.jobTitle;
        }

        @Generated
        public String getOfficeLocation() {
            return this.officeLocation;
        }

        @Generated
        public String getPreferredLanguage() {
            return this.preferredLanguage;
        }

        @Generated
        public String getMobilePhone() {
            return this.mobilePhone;
        }

        @Generated
        public String getSurname() {
            return this.surname;
        }

        @Generated
        public String getGivenName() {
            return this.givenName;
        }

        @Generated
        public String getPasswordPolicies() {
            return this.passwordPolicies;
        }

        @Generated
        public String getPreferredName() {
            return this.preferredName;
        }

        @Generated
        public List<String> getBusinessPhones() {
            return this.businessPhones;
        }

        @Generated
        public List<String> getSchools() {
            return this.schools;
        }

        @Generated
        public List<String> getSkills() {
            return this.skills;
        }

        @Generated
        public String getPostalCode() {
            return this.postalCode;
        }

        @Generated
        public String getConsentProvidedForMinor() {
            return this.consentProvidedForMinor;
        }

        @Generated
        public String getAboutMe() {
            return this.aboutMe;
        }

        @Generated
        public String getStreetAddress() {
            return this.streetAddress;
        }

        @Generated
        public String getUserType() {
            return this.userType;
        }

        @Generated
        public String getUsageLocation() {
            return this.usageLocation;
        }

        @Generated
        public String getState() {
            return this.state;
        }

        @Generated
        public String getAgeGroup() {
            return this.ageGroup;
        }

        @Generated
        public String getOtherMails() {
            return this.otherMails;
        }

        @Generated
        public String getCity() {
            return this.city;
        }

        @Generated
        public String getCountry() {
            return this.country;
        }

        @Generated
        public String getCountryName() {
            return this.countryName;
        }

        @Generated
        public String getDepartment() {
            return this.department;
        }

        @Generated
        public String getEmployeeId() {
            return this.employeeId;
        }

        @Generated
        public String getFaxNumber() {
            return this.faxNumber;
        }

        @Generated
        public String getMailNickname() {
            return this.mailNickname;
        }

        @Generated
        public String getOnPremisesSamAccountName() {
            return this.onPremisesSamAccountName;
        }

        @Generated
        public void setUserPrincipalName(String str) {
            this.userPrincipalName = str;
        }

        @Generated
        public void setId(String str) {
            this.id = str;
        }

        @Generated
        public void setAccountEnabled(boolean z) {
            this.accountEnabled = z;
        }

        @Generated
        public void setDisplayName(String str) {
            this.displayName = str;
        }

        @Generated
        public void setMail(String str) {
            this.mail = str;
        }

        @Generated
        public void setJobTitle(String str) {
            this.jobTitle = str;
        }

        @Generated
        public void setOfficeLocation(String str) {
            this.officeLocation = str;
        }

        @Generated
        public void setPreferredLanguage(String str) {
            this.preferredLanguage = str;
        }

        @Generated
        public void setMobilePhone(String str) {
            this.mobilePhone = str;
        }

        @Generated
        public void setSurname(String str) {
            this.surname = str;
        }

        @Generated
        public void setGivenName(String str) {
            this.givenName = str;
        }

        @Generated
        public void setPasswordPolicies(String str) {
            this.passwordPolicies = str;
        }

        @Generated
        public void setPreferredName(String str) {
            this.preferredName = str;
        }

        @Generated
        public void setBusinessPhones(List<String> list) {
            this.businessPhones = list;
        }

        @Generated
        public void setSchools(List<String> list) {
            this.schools = list;
        }

        @Generated
        public void setSkills(List<String> list) {
            this.skills = list;
        }

        @Generated
        public void setPostalCode(String str) {
            this.postalCode = str;
        }

        @Generated
        public void setConsentProvidedForMinor(String str) {
            this.consentProvidedForMinor = str;
        }

        @Generated
        public void setAboutMe(String str) {
            this.aboutMe = str;
        }

        @Generated
        public void setStreetAddress(String str) {
            this.streetAddress = str;
        }

        @Generated
        public void setUserType(String str) {
            this.userType = str;
        }

        @Generated
        public void setUsageLocation(String str) {
            this.usageLocation = str;
        }

        @Generated
        public void setState(String str) {
            this.state = str;
        }

        @Generated
        public void setAgeGroup(String str) {
            this.ageGroup = str;
        }

        @Generated
        public void setOtherMails(String str) {
            this.otherMails = str;
        }

        @Generated
        public void setCity(String str) {
            this.city = str;
        }

        @Generated
        public void setCountry(String str) {
            this.country = str;
        }

        @Generated
        public void setCountryName(String str) {
            this.countryName = str;
        }

        @Generated
        public void setDepartment(String str) {
            this.department = str;
        }

        @Generated
        public void setEmployeeId(String str) {
            this.employeeId = str;
        }

        @Generated
        public void setFaxNumber(String str) {
            this.faxNumber = str;
        }

        @Generated
        public void setMailNickname(String str) {
            this.mailNickname = str;
        }

        @Generated
        public void setOnPremisesSamAccountName(String str) {
            this.onPremisesSamAccountName = str;
        }
    }

    public PersonAttributes getPerson(String str, Set<PersonAttributes> set, PersonAttributeDaoFilter personAttributeDaoFilter) {
        return (PersonAttributes) FunctionUtils.doUnchecked(() -> {
            HttpLoggingInterceptor httpLoggingInterceptor = new HttpLoggingInterceptor();
            httpLoggingInterceptor.setLevel(HttpLoggingInterceptor.Level.valueOf(this.loggingLevel.toUpperCase(Locale.ENGLISH)));
            String token = getToken();
            Response execute = ((GraphApiService) new Retrofit.Builder().baseUrl(this.apiBaseUrl).addConverterFactory(MoshiConverterFactory.create()).client(new OkHttpClient.Builder().addInterceptor(chain -> {
                return chain.proceed(chain.request().newBuilder().header("Authorization", "Bearer " + token).build());
            }).addInterceptor(httpLoggingInterceptor).build()).build().create(GraphApiService.class)).getUserByUserPrincipalName(this.domain == null ? str : str + "@" + this.domain, (String) StringUtils.defaultIfBlank(this.properties, String.join(",", User.getDefaultFieldQuery()))).execute();
            if (execute.isSuccessful()) {
                return new SimplePersonAttributes(str, stuffAttributesIntoList(((User) execute.body()).buildAttributes(), personAttributeDaoFilter));
            }
            ResponseBody errorBody = execute.errorBody();
            try {
                throw new RuntimeException("error requesting token (" + execute.code() + "): " + String.valueOf(errorBody));
            } catch (Throwable th) {
                if (errorBody != null) {
                    try {
                        errorBody.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        });
    }

    public Set<PersonAttributes> getPeople(Map<String, Object> map, PersonAttributeDaoFilter personAttributeDaoFilter, Set<PersonAttributes> set) {
        return getPeopleWithMultivaluedAttributes(stuffAttributesIntoList(map, personAttributeDaoFilter), personAttributeDaoFilter, set);
    }

    public Set<PersonAttributes> getPeopleWithMultivaluedAttributes(Map<String, List<Object>> map, PersonAttributeDaoFilter personAttributeDaoFilter, Set<PersonAttributes> set) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        PersonAttributes person = getPerson(this.usernameAttributeProvider.getUsernameFromQuery(map), set, personAttributeDaoFilter);
        if (person != null) {
            linkedHashSet.add(person);
        }
        return linkedHashSet;
    }

    private String getToken() throws Exception {
        HttpLoggingInterceptor httpLoggingInterceptor = new HttpLoggingInterceptor();
        httpLoggingInterceptor.setLevel(HttpLoggingInterceptor.Level.valueOf(this.loggingLevel.toUpperCase(Locale.ENGLISH)));
        Response execute = ((GraphAuthApiService) new Retrofit.Builder().baseUrl(String.format(this.loginBaseUrl, this.tenant)).addConverterFactory(MoshiConverterFactory.create()).client(new OkHttpClient.Builder().addInterceptor(httpLoggingInterceptor).build()).build().create(GraphAuthApiService.class)).getOauth2Token(this.grantType, this.clientId, this.clientSecret, this.scope, this.resource).execute();
        if (execute.isSuccessful()) {
            return ((OAuthTokenInfo) Objects.requireNonNull((OAuthTokenInfo) execute.body())).accessToken;
        }
        ResponseBody errorBody = execute.errorBody();
        try {
            throw new RuntimeException("error requesting token (" + execute.code() + "): " + String.valueOf(errorBody));
        } catch (Throwable th) {
            if (errorBody != null) {
                try {
                    errorBody.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Generated
    public UsernameAttributeProvider getUsernameAttributeProvider() {
        return this.usernameAttributeProvider;
    }

    @Generated
    public String getTenant() {
        return this.tenant;
    }

    @Generated
    public String getResource() {
        return this.resource;
    }

    @Generated
    public String getScope() {
        return this.scope;
    }

    @Generated
    public String getGrantType() {
        return this.grantType;
    }

    @Generated
    public String getClientId() {
        return this.clientId;
    }

    @Generated
    public String getClientSecret() {
        return this.clientSecret;
    }

    @Generated
    public String getProperties() {
        return this.properties;
    }

    @Generated
    public String getApiBaseUrl() {
        return this.apiBaseUrl;
    }

    @Generated
    public String getLoginBaseUrl() {
        return this.loginBaseUrl;
    }

    @Generated
    public String getDomain() {
        return this.domain;
    }

    @Generated
    public String getLoggingLevel() {
        return this.loggingLevel;
    }

    @Generated
    public void setTenant(String str) {
        this.tenant = str;
    }

    @Generated
    public void setResource(String str) {
        this.resource = str;
    }

    @Generated
    public void setScope(String str) {
        this.scope = str;
    }

    @Generated
    public void setGrantType(String str) {
        this.grantType = str;
    }

    @Generated
    public void setClientId(String str) {
        this.clientId = str;
    }

    @Generated
    public void setClientSecret(String str) {
        this.clientSecret = str;
    }

    @Generated
    public void setProperties(String str) {
        this.properties = str;
    }

    @Generated
    public void setApiBaseUrl(String str) {
        this.apiBaseUrl = str;
    }

    @Generated
    public void setLoginBaseUrl(String str) {
        this.loginBaseUrl = str;
    }

    @Generated
    public void setDomain(String str) {
        this.domain = str;
    }

    @Generated
    public void setLoggingLevel(String str) {
        this.loggingLevel = str;
    }
}
