package org.cloudfoundry.identity.uaa.scim.util;

import java.net.MalformedURLException;
import java.net.URL;
import java.sql.Timestamp;
import java.util.HashMap;
import java.util.regex.Pattern;
import org.cloudfoundry.identity.uaa.codestore.ExpiringCode;
import org.cloudfoundry.identity.uaa.codestore.ExpiringCodeStore;
import org.cloudfoundry.identity.uaa.codestore.ExpiringCodeType;
import org.cloudfoundry.identity.uaa.constants.OriginKeys;
import org.cloudfoundry.identity.uaa.scim.ScimUser;
import org.cloudfoundry.identity.uaa.scim.exception.InvalidScimResourceException;
import org.cloudfoundry.identity.uaa.util.JsonUtils;
import org.cloudfoundry.identity.uaa.util.UaaUrlUtils;
import org.cloudfoundry.identity.uaa.zone.IdentityZoneHolder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.oauth2.common.util.OAuth2Utils;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

/* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-server-4.16.0.jar:org/cloudfoundry/identity/uaa/scim/util/ScimUtils.class */
public final class ScimUtils {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) ScimUtils.class);

    private ScimUtils() {
    }

    public static ExpiringCode getExpiringCode(ExpiringCodeStore expiringCodeStore, String str, String str2, String str3, String str4, ExpiringCodeType expiringCodeType) {
        Assert.notNull(expiringCodeStore);
        Assert.notNull(str);
        Assert.notNull(str2);
        Assert.notNull(expiringCodeType);
        HashMap hashMap = new HashMap();
        hashMap.put("user_id", str);
        hashMap.put("email", str2);
        hashMap.put("client_id", str3);
        if (str4 != null) {
            hashMap.put(OAuth2Utils.REDIRECT_URI, str4);
        }
        return expiringCodeStore.generateCode(JsonUtils.writeValueAsString(hashMap), new Timestamp(System.currentTimeMillis() + 3600000), expiringCodeType.name(), IdentityZoneHolder.get().getId());
    }

    public static URL getVerificationURL(ExpiringCode expiringCode) {
        String str = "";
        try {
            str = UaaUrlUtils.getUaaUrl("/verify_user", true);
            if (expiringCode != null) {
                str = str + "?code=" + expiringCode.getCode();
            }
            return new URL(str);
        } catch (MalformedURLException e) {
            logger.error(String.format("Unexpected error creating user verification URL from %s", str), (Throwable) e);
            throw new IllegalStateException();
        }
    }

    public static void validate(ScimUser scimUser) throws InvalidScimResourceException {
        Pattern compile = Pattern.compile("[\\p{L}+0-9+\\-_.@'!]+");
        if (!StringUtils.hasText(scimUser.getUserName())) {
            throw new InvalidScimResourceException("A username must be provided.");
        }
        if (OriginKeys.UAA.equals(scimUser.getOrigin()) && !compile.matcher(scimUser.getUserName()).matches()) {
            throw new InvalidScimResourceException("Username must match pattern: " + compile.pattern());
        }
        if (scimUser.getEmails() == null || scimUser.getEmails().size() != 1) {
            throw new InvalidScimResourceException("Exactly one email must be provided.");
        }
        for (ScimUser.Email email : scimUser.getEmails()) {
            if (email == null || email.getValue() == null || email.getValue().isEmpty()) {
                throw new InvalidScimResourceException("An email must be provided.");
            }
        }
    }
}
