package net.smartcosmos.plugin.service.stormpath.authn;

import com.stormpath.sdk.account.Account;
import com.stormpath.sdk.account.AccountStatus;
import com.stormpath.sdk.account.Accounts;
import com.stormpath.sdk.api.ApiKeys;
import com.stormpath.sdk.application.Application;
import com.stormpath.sdk.authc.UsernamePasswordRequest;
import com.stormpath.sdk.client.Client;
import com.stormpath.sdk.client.Clients;
import com.stormpath.sdk.directory.Directory;
import com.stormpath.sdk.directory.DirectoryStatus;
import com.stormpath.sdk.group.Group;
import com.stormpath.sdk.group.GroupStatus;
import com.stormpath.sdk.resource.ResourceException;
import com.stormpath.sdk.tenant.Tenant;
import io.dropwizard.auth.basic.BasicCredentials;
import io.dropwizard.lifecycle.Managed;
import java.net.UnknownHostException;
import net.smartcosmos.model.context.IUser;
import net.smartcosmos.model.context.RoleType;
import net.smartcosmos.platform.api.authentication.IAuthenticatedUser;
import net.smartcosmos.platform.api.authentication.ICredentials;
import net.smartcosmos.platform.api.authentication.IRegistration;
import net.smartcosmos.platform.api.directory.IAccountDirectory;
import net.smartcosmos.platform.api.service.IDirectoryService;
import net.smartcosmos.platform.base.AbstractService;
import net.smartcosmos.platform.pojo.directory.AccountDirectory;
import net.smartcosmos.util.HashUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/smartcosmos/plugin/service/stormpath/authn/StormpathDirectoryService.class */
public class StormpathDirectoryService extends AbstractService implements IDirectoryService, Managed {
    private static final Logger LOG = LoggerFactory.getLogger(StormpathDirectoryService.class);
    private Client client;
    private Application application;

    /* renamed from: net.smartcosmos.plugin.service.stormpath.authn.StormpathDirectoryService$1, reason: invalid class name */
    /* loaded from: input_file:net/smartcosmos/plugin/service/stormpath/authn/StormpathDirectoryService$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$net$smartcosmos$model$context$RoleType = new int[RoleType.values().length];

        static {
            try {
                $SwitchMap$net$smartcosmos$model$context$RoleType[RoleType.Administrator.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
        }
    }

    public StormpathDirectoryService() {
        super("64abfb90d8a44ed7bd172e640f580b5b", "Stormpath Directory Service");
    }

    public void start() throws Exception {
        String str = (String) this.context.getConfiguration().getServiceParameters().get("stormpathApiKeys");
        String str2 = (String) this.context.getConfiguration().getServiceParameters().get("stormpathApplicationHref");
        LOG.info("Verifying Stormpath directory services...");
        this.client = Clients.builder().setApiKey(ApiKeys.builder().setFileLocation(str).build()).build();
        LOG.info("Loading Stormpath application from href {}", str2);
        try {
            this.application = this.client.getDataStore().getResource(str2, Application.class);
            LOG.info("Loaded Stormpath application {}", this.application.getName());
        } catch (Exception e) {
            e.printStackTrace();
            if (e.getCause() != null) {
                LOG.error("Unable to locate Stormpath application: {}", e.getCause().getMessage());
                throw new UnknownHostException(e.getCause().getMessage());
            }
            LOG.error("Unable to locate Stormpath application: {}", e.getMessage());
            throw new UnknownHostException(e.getMessage());
        }
    }

    public void stop() throws Exception {
    }

    private Client getClient() {
        return this.client;
    }

    private Application getApplication() {
        return this.application;
    }

    public void sendPasswordResetEmail(IUser iUser) {
        getApplication().sendPasswordResetEmail(iUser.getEmailAddress());
    }

    public void setPassword(IUser iUser, String str) {
        for (Account account : getApplication().getAccounts(Accounts.where(Accounts.email().eqIgnoreCase(iUser.getEmailAddress())))) {
            LOG.info("Administrator has assigned a specific password to user " + iUser.getEmailAddress());
            account.setPassword(str);
            account.save();
        }
    }

    public void setPassword(IUser iUser, String str, String str2) {
        throw new UnsupportedOperationException();
    }

    public void setEnabled(IUser iUser, boolean z) {
        throw new UnsupportedOperationException();
    }

    public RoleType lookupUserRole(IUser iUser) {
        throw new UnsupportedOperationException("Not Yet Implemented");
    }

    public String createUser(IUser iUser, RoleType roleType) {
        Group resource;
        AccountDirectory accountDirectory = new AccountDirectory();
        String createRandomPassword = HashUtil.createRandomPassword();
        Account createAccount = createAccount(iUser, createRandomPassword);
        String createAccountInDirectory = createAccountInDirectory(accountDirectory, createAccount);
        switch (AnonymousClass1.$SwitchMap$net$smartcosmos$model$context$RoleType[roleType.ordinal()]) {
            case 1:
                resource = (Group) getClient().getDataStore().getResource(accountDirectory.getAdminGroupHref(), Group.class);
                break;
            default:
                resource = getClient().getDataStore().getResource(accountDirectory.getUserGroupHref(), Group.class);
                break;
        }
        resource.addAccount(createAccount);
        LOG.info("New user {} under realm {} with role {} created at {}", new Object[]{iUser.getEmailAddress(), accountDirectory.getRealm(), roleType, createAccountInDirectory});
        return createRandomPassword;
    }

    public IAuthenticatedUser exchangeToken(String str) {
        return null;
    }

    public boolean isHealthy() {
        return (this.client == null || this.application == null) ? false : true;
    }

    public boolean isUserEnabled(IUser iUser) {
        boolean z = false;
        for (Account account : getApplication().getAccounts(Accounts.where(Accounts.email().eqIgnoreCase(iUser.getEmailAddress())))) {
            LOG.info("User {} has a status of {}", iUser.getEmailAddress(), account.getStatus());
            z = account.getStatus() == AccountStatus.ENABLED;
        }
        return z;
    }

    public IAuthenticatedUser authenticate(ICredentials iCredentials) {
        BasicCredentials basicCredentials = (BasicCredentials) iCredentials;
        UsernamePasswordRequest usernamePasswordRequest = new UsernamePasswordRequest(basicCredentials.getUsername(), basicCredentials.getPassword());
        try {
            try {
                getApplication().authenticateAccount(usernamePasswordRequest).getAccount();
                usernamePasswordRequest.clear();
                return null;
            } catch (ResourceException e) {
                LOG.warn("Failed authentication attempt detected for username {}", basicCredentials.getUsername());
                throw e;
            }
        } catch (Throwable th) {
            usernamePasswordRequest.clear();
            throw th;
        }
    }

    public void createDirectory(IRegistration iRegistration) {
        Directory createRemoteDirectory = createRemoteDirectory(iRegistration);
        getApplication().addAccountStore(createRemoteDirectory);
        createAccountDirectory(iRegistration, createRemoteDirectory.getHref(), createDirectoryGroup(createRemoteDirectory, String.format("%s Admins", iRegistration.getRealm())).getHref(), createDirectoryGroup(createRemoteDirectory, String.format("%s Users", iRegistration.getRealm())).getHref());
    }

    private void createAccountDirectory(IRegistration iRegistration, String str, String str2, String str3) {
        AccountDirectory accountDirectory = new AccountDirectory();
        accountDirectory.setAccount(iRegistration.getAccount());
        accountDirectory.setDirectoryHref(str);
        accountDirectory.setAdminGroupHref(str2);
        accountDirectory.setUserGroupHref(str3);
        accountDirectory.setRealm(iRegistration.getRealm());
    }

    private Group createDirectoryGroup(Directory directory, String str) {
        Group instantiate = getClient().getDataStore().instantiate(Group.class);
        instantiate.setName(str);
        instantiate.setStatus(GroupStatus.ENABLED);
        directory.createGroup(instantiate);
        LOG.info("Created {} group", str);
        return instantiate;
    }

    private Directory createRemoteDirectory(IRegistration iRegistration) {
        Tenant tenant = getApplication().getTenant();
        Directory instantiate = getClient().getDataStore().instantiate(Directory.class);
        instantiate.setName(iRegistration.getRealm());
        instantiate.setStatus(DirectoryStatus.ENABLED);
        LOG.info("Creating directory {} for realm {}", instantiate.getName(), iRegistration.getRealm());
        return tenant.createDirectory(instantiate);
    }

    private String createAccountInDirectory(IAccountDirectory iAccountDirectory, Account account) {
        Directory resource = this.client.getDataStore().getResource(iAccountDirectory.getDirectoryHref(), Directory.class);
        LOG.info("Loaded realm {} directory {}", iAccountDirectory.getRealm(), resource.getName());
        resource.createAccount(account);
        LOG.info("Created new account in realm {} for user {}", iAccountDirectory.getRealm(), account.getEmail());
        return account.getHref();
    }

    private Account createAccount(IUser iUser, String str) {
        Account instantiate = getClient().getDataStore().instantiate(Account.class);
        instantiate.setGivenName(iUser.getGivenName());
        instantiate.setSurname(iUser.getSurname());
        instantiate.setEmail(iUser.getEmailAddress());
        instantiate.setStatus(AccountStatus.ENABLED);
        instantiate.setPassword(str);
        return instantiate;
    }
}
