package org.forgerock.openam.upgrade.steps;

import com.iplanet.sso.SSOToken;
import com.sun.identity.sm.ServiceConfig;
import com.sun.identity.sm.ServiceConfigManager;
import com.sun.identity.sm.ServiceNotFoundException;
import java.security.PrivilegedAction;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.inject.Inject;
import org.forgerock.openam.sm.datalayer.api.ConnectionFactory;
import org.forgerock.openam.sm.datalayer.api.ConnectionType;
import org.forgerock.openam.sm.datalayer.api.DataLayer;
import org.forgerock.openam.upgrade.UpgradeException;
import org.forgerock.openam.upgrade.UpgradeServices;
import org.forgerock.openam.upgrade.UpgradeStepInfo;
import org.forgerock.openam.utils.CollectionUtils;

@UpgradeStepInfo(dependsOn = {"org.forgerock.openam.upgrade.steps.UpgradeServiceSchemaStep"})
/* loaded from: input_file:org/forgerock/openam/upgrade/steps/UpgradeOAuth2AuthModulesStep.class */
public class UpgradeOAuth2AuthModulesStep extends AbstractUpgradeStep {
    public static final String ACCOUNT_MAPPER_PROPERTY = "org-forgerock-auth-oauth-account-mapper";
    public static final String ATTRIBUTE_MAPPER_PROPERTY = "org-forgerock-auth-oauth-attribute-mapper";
    private static final String REPORT_DATA = "%REPORT_DATA%";
    private static final String SERVICE_NAME = "sunAMAuthOAuthService";
    private static final String JSON_MAPPER = "org.forgerock.openam.authentication.modules.common.mapping.JsonAttributeMapper";
    private static final String DEFAULT_ACCOUNT_MAPPER = "org.forgerock.openam.authentication.modules.oauth2.DefaultAccountMapper";
    private static final String DEFAULT_ATTRIBUTE_MAPPER = "org.forgerock.openam.authentication.modules.oauth2.DefaultAttributeMapper";
    private Map<String, Set<String>> affectedRealms;
    private Map<String, Set<String>> customisedRealms;
    private int moduleCount;

    @Inject
    public UpgradeOAuth2AuthModulesStep(PrivilegedAction<SSOToken> privilegedAction, @DataLayer(ConnectionType.DATA_LAYER) ConnectionFactory connectionFactory) {
        super(privilegedAction, connectionFactory);
        this.affectedRealms = new HashMap();
        this.customisedRealms = new HashMap();
        this.moduleCount = 0;
    }

    @Override // org.forgerock.openam.upgrade.steps.UpgradeStep
    public void initialize() throws UpgradeException {
        try {
            ServiceConfigManager serviceConfigManager = new ServiceConfigManager(SERVICE_NAME, getAdminToken());
            for (String str : getRealmNames()) {
                ServiceConfig organizationConfig = serviceConfigManager.getOrganizationConfig(str, (String) null);
                for (String str2 : organizationConfig.getSubConfigNames()) {
                    Map<String, Set<String>> attributes = getAttributes(organizationConfig.getSubConfig(str2));
                    check(attributes, ACCOUNT_MAPPER_PROPERTY, DEFAULT_ACCOUNT_MAPPER, str, str2);
                    check(attributes, ATTRIBUTE_MAPPER_PROPERTY, DEFAULT_ATTRIBUTE_MAPPER, str, str2);
                }
            }
        } catch (ServiceNotFoundException e) {
            DEBUG.message("OAuth2 auth modules not found. Nothing to upgrade", e);
        } catch (Exception e2) {
            DEBUG.error("An error occurred while trying to look for upgradable OAuth2 auth modules", e2);
            throw new UpgradeException("Unable to retrieve OAuth2 auth modules", e2);
        }
    }

    private Map<String, Set<String>> getAttributes(ServiceConfig serviceConfig) {
        return serviceConfig.getAttributes();
    }

    private void check(Map<String, Set<String>> map, String str, String str2, String str3, String str4) {
        if (map.get(str).contains(str2)) {
            flagModule(this.affectedRealms, str3, str4);
        } else {
            flagModule(this.customisedRealms, str3, str4);
        }
    }

    private void flagModule(Map<String, Set<String>> map, String str, String str2) {
        if (map.containsKey(str)) {
            map.get(str).add(str2);
        } else {
            map.put(str, CollectionUtils.asSet(new String[]{str2}));
        }
    }

    @Override // org.forgerock.openam.upgrade.steps.UpgradeStep
    public boolean isApplicable() {
        return (this.affectedRealms.isEmpty() && this.customisedRealms.isEmpty()) ? false : true;
    }

    @Override // org.forgerock.openam.upgrade.steps.UpgradeStep
    public void perform() throws UpgradeException {
        try {
            ServiceConfigManager serviceConfigManager = new ServiceConfigManager(SERVICE_NAME, getAdminToken());
            for (Map.Entry<String, Set<String>> entry : this.affectedRealms.entrySet()) {
                ServiceConfig organizationConfig = serviceConfigManager.getOrganizationConfig(entry.getKey(), (String) null);
                Iterator<String> it = entry.getValue().iterator();
                while (it.hasNext()) {
                    ServiceConfig subConfig = organizationConfig.getSubConfig(it.next());
                    Map<String, Set<String>> attributes = getAttributes(subConfig);
                    if (attributes.get(ACCOUNT_MAPPER_PROPERTY).contains(DEFAULT_ACCOUNT_MAPPER)) {
                        subConfig.replaceAttributeValues(ACCOUNT_MAPPER_PROPERTY, CollectionUtils.asSet(new String[]{DEFAULT_ACCOUNT_MAPPER}), CollectionUtils.asSet(new String[]{JSON_MAPPER}));
                    }
                    if (attributes.get(ATTRIBUTE_MAPPER_PROPERTY).contains(DEFAULT_ATTRIBUTE_MAPPER)) {
                        subConfig.replaceAttributeValues(ATTRIBUTE_MAPPER_PROPERTY, CollectionUtils.asSet(new String[]{DEFAULT_ATTRIBUTE_MAPPER}), CollectionUtils.asSet(new String[]{JSON_MAPPER}));
                    }
                    this.moduleCount++;
                }
            }
        } catch (Exception e) {
            DEBUG.error("An error occurred while trying to update OAuth2 auth modules", e);
            throw new UpgradeException("Unable to update OAuth2 modules", e);
        }
    }

    @Override // org.forgerock.openam.upgrade.steps.UpgradeStep
    public String getShortReport(String str) {
        StringBuilder sb = new StringBuilder();
        if (this.moduleCount != 0) {
            sb.append(BUNDLE.getString("upgrade.oauth2.modules")).append(" (").append(this.moduleCount).append(')').append(str);
        }
        return sb.toString();
    }

    @Override // org.forgerock.openam.upgrade.steps.UpgradeStep
    public String getDetailedReport(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put(UpgradeServices.LF, str);
        hashMap.put(REPORT_DATA, getModulesReport("upgrade.oauth2modulesreport.updated", str, this.affectedRealms) + getModulesReport("upgrade.oauth2modulesreport.customised", str, this.customisedRealms));
        return UpgradeServices.tagSwapReport(hashMap, "upgrade.oauth2modulesreport");
    }

    private String getModulesReport(String str, String str2, Map<String, Set<String>> map) {
        if (map.isEmpty()) {
            return "";
        }
        HashMap hashMap = new HashMap();
        hashMap.put(UpgradeServices.LF, str2);
        StringBuilder sb = new StringBuilder();
        for (Map.Entry<String, Set<String>> entry : map.entrySet()) {
            sb.append(BUNDLE.getString("upgrade.realm")).append(": ").append(entry.getKey()).append(str2);
            Iterator<String> it = entry.getValue().iterator();
            while (it.hasNext()) {
                sb.append("\t").append(it.next()).append(str2);
            }
        }
        hashMap.put(REPORT_DATA, sb.toString());
        return UpgradeServices.tagSwapReport(hashMap, str);
    }
}
