package com.liferay.scim.rest.internal.configuration;

import com.liferay.oauth.client.LocalOAuthClient;
import com.liferay.oauth2.provider.constants.ClientProfile;
import com.liferay.oauth2.provider.constants.GrantType;
import com.liferay.oauth2.provider.model.OAuth2Application;
import com.liferay.oauth2.provider.rest.spi.bearer.token.provider.BearerTokenProvider;
import com.liferay.oauth2.provider.service.OAuth2ApplicationLocalService;
import com.liferay.oauth2.provider.util.OAuth2SecureRandomGenerator;
import com.liferay.osgi.util.configuration.ConfigurationFactoryUtil;
import com.liferay.petra.string.StringBundler;
import com.liferay.portal.configuration.metatype.bnd.util.ConfigurableUtil;
import com.liferay.portal.kernel.exception.PortalException;
import com.liferay.portal.kernel.feature.flag.FeatureFlagManagerUtil;
import com.liferay.portal.kernel.json.JSONFactory;
import com.liferay.portal.kernel.json.JSONObject;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.model.User;
import com.liferay.portal.kernel.service.CompanyLocalService;
import com.liferay.portal.kernel.service.ServiceContext;
import com.liferay.portal.kernel.service.UserLocalService;
import com.liferay.portal.kernel.util.HashMapDictionaryBuilder;
import com.liferay.portal.kernel.util.ListUtil;
import com.liferay.portal.util.PropsValues;
import com.liferay.scim.rest.internal.provider.ScimClientBearerTokenProvider;
import com.liferay.scim.rest.internal.util.ScimClientUtil;
import java.util.Collections;
import java.util.Map;
import java.util.function.Consumer;
import org.osgi.framework.BundleContext;
import org.osgi.framework.ServiceRegistration;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Reference;

@Component(configurationPid = {"com.liferay.scim.rest.internal.configuration.ScimClientOAuth2ApplicationConfiguration"}, configurationPolicy = ConfigurationPolicy.REQUIRE, service = {})
/* loaded from: input_file:com/liferay/scim/rest/internal/configuration/ScimClientOAuth2ApplicationConfigurationFactory.class */
public class ScimClientOAuth2ApplicationConfigurationFactory {

    @Reference
    protected UserLocalService userLocalService;
    private static final Log _log = LogFactoryUtil.getLog(ScimClientOAuth2ApplicationConfigurationFactory.class);

    @Reference
    private CompanyLocalService _companyLocalService;

    @Reference
    private JSONFactory _jsonFactory;

    @Reference
    private LocalOAuthClient _localOAuthClient;
    private volatile OAuth2Application _oAuth2Application;

    @Reference
    private OAuth2ApplicationLocalService _oAuth2ApplicationLocalService;
    private volatile ServiceRegistration<BearerTokenProvider> _serviceRegistration;

    @Activate
    protected void activate(BundleContext bundleContext, Map<String, Object> map) throws Exception {
        if (FeatureFlagManagerUtil.isEnabled("LPS-96845")) {
            ConfigurationFactoryUtil.executeAsCompany(this._companyLocalService, map, l -> {
                this._oAuth2Application = _getOrAddOAuth2Application(l.longValue(), (ScimClientOAuth2ApplicationConfiguration) ConfigurableUtil.createConfigurable(ScimClientOAuth2ApplicationConfiguration.class, map));
                this._serviceRegistration = bundleContext.registerService(BearerTokenProvider.class, new ScimClientBearerTokenProvider(), HashMapDictionaryBuilder.put("clientId", this._oAuth2Application.getClientId()).put("companyId", l.toString()).build());
                JSONObject createJSONObject = this._jsonFactory.createJSONObject(this._localOAuthClient.requestTokens(this._oAuth2Application, this.userLocalService.getGuestUser(l.longValue()).getUserId()));
                if (_log.isInfoEnabled()) {
                    _log.info(StringBundler.concat(new String[]{"New access token for SCIM OAuth 2 application ", this._oAuth2Application.getName(), " generated: ", createJSONObject.getString("access_token")}));
                }
            });
        }
    }

    @Deactivate
    protected void deactivate(Integer num) throws PortalException {
        if (FeatureFlagManagerUtil.isEnabled("LPS-96845") && num.intValue() == 4) {
            this._oAuth2ApplicationLocalService.deleteOAuth2Application(this._oAuth2Application);
            if (this._serviceRegistration != null) {
                this._serviceRegistration.unregister();
                this._serviceRegistration = null;
            }
            if (_log.isDebugEnabled()) {
                _log.debug("Removed OAuth2 application: " + this._oAuth2Application.getName());
            }
        }
    }

    private OAuth2Application _getOrAddOAuth2Application(long j, ScimClientOAuth2ApplicationConfiguration scimClientOAuth2ApplicationConfiguration) throws Exception {
        User guestUser = this.userLocalService.getGuestUser(j);
        User userByScreenName = this.userLocalService.getUserByScreenName(j, PropsValues.DEFAULT_ADMIN_SCREEN_NAME);
        String generateScimClientId = ScimClientUtil.generateScimClientId(scimClientOAuth2ApplicationConfiguration.applicationName());
        OAuth2Application fetchOAuth2Application = this._oAuth2ApplicationLocalService.fetchOAuth2Application(j, generateScimClientId);
        if (fetchOAuth2Application == null) {
            fetchOAuth2Application = this._oAuth2ApplicationLocalService.addOAuth2Application(j, guestUser.getUserId(), guestUser.getScreenName(), ListUtil.fromArray(new GrantType[]{GrantType.JWT_BEARER}), "client_secret_post", userByScreenName.getUserId(), generateScimClientId, ClientProfile.HEADLESS_SERVER.id(), OAuth2SecureRandomGenerator.generateClientSecret(), (String) null, Collections.emptyList(), (String) null, 0L, (String) null, scimClientOAuth2ApplicationConfiguration.applicationName(), (String) null, Collections.emptyList(), false, true, (Consumer) null, new ServiceContext());
            if (_log.isDebugEnabled()) {
                _log.debug("Created OAuth2 application: " + fetchOAuth2Application.getName());
            }
        }
        return this._oAuth2ApplicationLocalService.updateScopeAliases(fetchOAuth2Application.getUserId(), fetchOAuth2Application.getUserName(), fetchOAuth2Application.getOAuth2ApplicationId(), ListUtil.fromArray(new String[]{"Liferay.Scim.REST.everything"}));
    }
}
