package io.gravitee.am.service.impl;

import io.gravitee.am.common.event.Action;
import io.gravitee.am.common.event.Type;
import io.gravitee.am.common.utils.RandomString;
import io.gravitee.am.identityprovider.api.User;
import io.gravitee.am.model.common.event.Event;
import io.gravitee.am.model.common.event.Payload;
import io.gravitee.am.model.oauth2.Scope;
import io.gravitee.am.repository.management.api.ScopeRepository;
import io.gravitee.am.repository.oauth2.api.ScopeApprovalRepository;
import io.gravitee.am.service.AuditService;
import io.gravitee.am.service.ClientService;
import io.gravitee.am.service.EventService;
import io.gravitee.am.service.RoleService;
import io.gravitee.am.service.ScopeService;
import io.gravitee.am.service.exception.AbstractManagementException;
import io.gravitee.am.service.exception.InvalidClientMetadataException;
import io.gravitee.am.service.exception.ScopeAlreadyExistsException;
import io.gravitee.am.service.exception.ScopeNotFoundException;
import io.gravitee.am.service.exception.SystemScopeDeleteException;
import io.gravitee.am.service.exception.TechnicalManagementException;
import io.gravitee.am.service.model.NewScope;
import io.gravitee.am.service.model.NewSystemScope;
import io.gravitee.am.service.model.PatchClient;
import io.gravitee.am.service.model.PatchScope;
import io.gravitee.am.service.model.UpdateRole;
import io.gravitee.am.service.model.UpdateScope;
import io.gravitee.am.service.model.UpdateSystemScope;
import io.gravitee.am.service.reporter.builder.AuditBuilder;
import io.gravitee.am.service.reporter.builder.management.ScopeAuditBuilder;
import io.reactivex.Completable;
import io.reactivex.Maybe;
import io.reactivex.Observable;
import io.reactivex.Single;
import java.util.Date;
import java.util.List;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:io/gravitee/am/service/impl/ScopeServiceImpl.class */
public class ScopeServiceImpl implements ScopeService {
    private final Logger LOGGER = LoggerFactory.getLogger(ScopeServiceImpl.class);

    @Autowired
    private ScopeRepository scopeRepository;

    @Autowired
    private ScopeApprovalRepository scopeApprovalRepository;

    @Autowired
    private RoleService roleService;

    @Autowired
    private ClientService clientService;

    @Autowired
    private EventService eventService;

    @Autowired
    private AuditService auditService;

    @Override // io.gravitee.am.service.ScopeService
    public Maybe<Scope> findById(String str) {
        this.LOGGER.debug("Find scope by ID: {}", str);
        return this.scopeRepository.findById(str).onErrorResumeNext(th -> {
            this.LOGGER.error("An error occurs while trying to find a scope using its ID: {}", str, th);
            return Maybe.error(new TechnicalManagementException(String.format("An error occurs while trying to find a scope using its ID: %s", str), th));
        });
    }

    @Override // io.gravitee.am.service.ScopeService
    public Single<Scope> create(String str, NewScope newScope, User user) {
        this.LOGGER.debug("Create a new scope {} for domain {}", newScope, str);
        String replaceAll = newScope.getKey().replaceAll("\\s+", "_");
        return this.scopeRepository.findByDomainAndKey(str, replaceAll).isEmpty().flatMap(bool -> {
            if (!bool.booleanValue()) {
                throw new ScopeAlreadyExistsException(replaceAll, str);
            }
            Scope scope = new Scope();
            scope.setId(RandomString.generate());
            scope.setDomain(str);
            scope.setKey(replaceAll);
            scope.setName(newScope.getName());
            scope.setDescription(newScope.getDescription());
            scope.setExpiresIn(newScope.getExpiresIn());
            scope.setDiscovery(newScope.isDiscovery());
            scope.setCreatedAt(new Date());
            scope.setUpdatedAt(new Date());
            return this.scopeRepository.create(scope);
        }).flatMap(scope -> {
            return this.eventService.create(new Event(Type.SCOPE, new Payload(scope.getId(), scope.getDomain(), Action.CREATE))).flatMap(event -> {
                return Single.just(scope);
            });
        }).onErrorResumeNext(th -> {
            if (th instanceof AbstractManagementException) {
                return Single.error(th);
            }
            this.LOGGER.error("An error occurs while trying to create a scope", th);
            return Single.error(new TechnicalManagementException("An error occurs while trying to create a scope", th));
        }).doOnSuccess(scope2 -> {
            this.auditService.report(((ScopeAuditBuilder) AuditBuilder.builder(ScopeAuditBuilder.class)).principal(user).type("SCOPE_CREATED").scope(scope2));
        }).doOnError(th2 -> {
            this.auditService.report(((ScopeAuditBuilder) AuditBuilder.builder(ScopeAuditBuilder.class)).principal(user).type("SCOPE_CREATED").throwable(th2));
        });
    }

    @Override // io.gravitee.am.service.ScopeService
    public Single<Scope> create(String str, NewSystemScope newSystemScope) {
        this.LOGGER.debug("Create a new system scope {} for domain {}", newSystemScope, str);
        String lowerCase = newSystemScope.getKey().toLowerCase();
        return this.scopeRepository.findByDomainAndKey(str, lowerCase).isEmpty().flatMap(bool -> {
            if (!bool.booleanValue()) {
                throw new ScopeAlreadyExistsException(lowerCase, str);
            }
            Scope scope = new Scope();
            scope.setId(RandomString.generate());
            scope.setDomain(str);
            scope.setKey(lowerCase);
            scope.setSystem(true);
            scope.setClaims(newSystemScope.getClaims());
            scope.setName(newSystemScope.getName());
            scope.setDescription(newSystemScope.getDescription());
            scope.setExpiresIn(newSystemScope.getExpiresIn());
            scope.setDiscovery(newSystemScope.isDiscovery());
            scope.setCreatedAt(new Date());
            scope.setUpdatedAt(new Date());
            return this.scopeRepository.create(scope);
        }).flatMap(scope -> {
            return this.eventService.create(new Event(Type.SCOPE, new Payload(scope.getId(), scope.getDomain(), Action.CREATE))).flatMap(event -> {
                return Single.just(scope);
            });
        }).onErrorResumeNext(th -> {
            if (th instanceof AbstractManagementException) {
                return Single.error(th);
            }
            this.LOGGER.error("An error occurs while trying to create a system scope", th);
            return Single.error(new TechnicalManagementException("An error occurs while trying to create a system scope", th));
        });
    }

    @Override // io.gravitee.am.service.ScopeService
    public Single<Scope> patch(String str, String str2, PatchScope patchScope, User user) {
        this.LOGGER.debug("Patching a scope {} for domain {}", str2, str);
        return this.scopeRepository.findById(str2).switchIfEmpty(Maybe.error(new ScopeNotFoundException(str2))).flatMapSingle(scope -> {
            return update(str, patchScope.patch(scope), scope, user);
        }).onErrorResumeNext(th -> {
            if (th instanceof AbstractManagementException) {
                return Single.error(th);
            }
            this.LOGGER.error("An error occurs while trying to patch a scope", th);
            return Single.error(new TechnicalManagementException("An error occurs while trying to patch a scope", th));
        });
    }

    @Override // io.gravitee.am.service.ScopeService
    public Single<Scope> update(String str, String str2, UpdateScope updateScope, User user) {
        this.LOGGER.debug("Update a scope {} for domain {}", str2, str);
        return this.scopeRepository.findById(str2).switchIfEmpty(Maybe.error(new ScopeNotFoundException(str2))).flatMapSingle(scope -> {
            Scope scope = new Scope(scope);
            scope.setName(updateScope.getName());
            scope.setDescription(updateScope.getDescription());
            scope.setExpiresIn(updateScope.getExpiresIn());
            if (!scope.isSystem() && updateScope.getDiscovery() != null) {
                scope.setDiscovery(updateScope.isDiscovery());
            }
            return update(str, scope, scope, user);
        }).onErrorResumeNext(th -> {
            if (th instanceof AbstractManagementException) {
                return Single.error(th);
            }
            this.LOGGER.error("An error occurs while trying to update a scope", th);
            return Single.error(new TechnicalManagementException("An error occurs while trying to update a scope", th));
        });
    }

    private Single<Scope> update(String str, Scope scope, Scope scope2, User user) {
        scope.setUpdatedAt(new Date());
        return this.scopeRepository.update(scope).flatMap(scope3 -> {
            return this.eventService.create(new Event(Type.SCOPE, new Payload(scope3.getId(), scope3.getDomain(), Action.UPDATE))).flatMap(event -> {
                return Single.just(scope3);
            });
        }).doOnSuccess(scope4 -> {
            this.auditService.report(((ScopeAuditBuilder) AuditBuilder.builder(ScopeAuditBuilder.class)).principal(user).type("SCOPE_UPDATED").oldValue(scope2).scope(scope4));
        }).doOnError(th -> {
            this.auditService.report(((ScopeAuditBuilder) AuditBuilder.builder(ScopeAuditBuilder.class)).principal(user).type("SCOPE_UPDATED").throwable(th));
        });
    }

    @Override // io.gravitee.am.service.ScopeService
    public Single<Scope> update(String str, String str2, UpdateSystemScope updateSystemScope) {
        this.LOGGER.debug("Update a system scope {} for domain {}", str2, str);
        return this.scopeRepository.findById(str2).switchIfEmpty(Maybe.error(new ScopeNotFoundException(str2))).flatMapSingle(scope -> {
            scope.setName(updateSystemScope.getName());
            scope.setDescription(updateSystemScope.getDescription());
            scope.setUpdatedAt(new Date());
            scope.setSystem(true);
            scope.setClaims(updateSystemScope.getClaims());
            scope.setExpiresIn(updateSystemScope.getExpiresIn());
            scope.setDiscovery(updateSystemScope.isDiscovery());
            return this.scopeRepository.update(scope);
        }).flatMap(scope2 -> {
            return this.eventService.create(new Event(Type.SCOPE, new Payload(scope2.getId(), scope2.getDomain(), Action.UPDATE))).flatMap(event -> {
                return Single.just(scope2);
            });
        }).onErrorResumeNext(th -> {
            if (th instanceof AbstractManagementException) {
                return Single.error(th);
            }
            this.LOGGER.error("An error occurs while trying to update a system scope", th);
            return Single.error(new TechnicalManagementException("An error occurs while trying to update a system scope", th));
        });
    }

    @Override // io.gravitee.am.service.ScopeService
    public Completable delete(String str, boolean z, User user) {
        this.LOGGER.debug("Delete scope {}", str);
        return this.scopeRepository.findById(str).switchIfEmpty(Maybe.error(new ScopeNotFoundException(str))).flatMapSingle(scope -> {
            if (!scope.isSystem() || z) {
                return Single.just(scope);
            }
            throw new SystemScopeDeleteException(str);
        }).flatMapCompletable(scope2 -> {
            return Completable.fromSingle(this.roleService.findByDomain(scope2.getDomain()).flatMapObservable(set -> {
                return Observable.fromIterable((Iterable) set.stream().filter(role -> {
                    return role.getPermissions() != null && role.getPermissions().contains(scope2.getKey());
                }).collect(Collectors.toList()));
            }).flatMapSingle(role -> {
                role.getPermissions().remove(scope2.getKey());
                UpdateRole updateRole = new UpdateRole();
                updateRole.setName(role.getName());
                updateRole.setDescription(role.getDescription());
                updateRole.setPermissions(role.getPermissions());
                return this.roleService.update(scope2.getDomain(), role.getId(), updateRole);
            }).toList()).andThen(this.clientService.findByDomain(scope2.getDomain()).flatMapObservable(set2 -> {
                return Observable.fromIterable((Iterable) set2.stream().filter(client -> {
                    return client.getScopes() != null && client.getScopes().contains(scope2.getKey());
                }).collect(Collectors.toList()));
            }).flatMapSingle(client -> {
                client.getScopes().remove(scope2.getKey());
                PatchClient patchClient = new PatchClient();
                patchClient.setScopes(Optional.of(client.getScopes()));
                return this.clientService.patch(scope2.getDomain(), client.getId(), patchClient);
            }).toList()).toCompletable().andThen(this.scopeApprovalRepository.deleteByDomainAndScopeKey(scope2.getDomain(), scope2.getKey())).andThen(this.scopeRepository.delete(str)).andThen(Completable.fromSingle(this.eventService.create(new Event(Type.SCOPE, new Payload(scope2.getId(), scope2.getDomain(), Action.DELETE))))).doOnComplete(() -> {
                this.auditService.report(((ScopeAuditBuilder) AuditBuilder.builder(ScopeAuditBuilder.class)).principal(user).type("SCOPE_DELETED").scope(scope2));
            }).doOnError(th -> {
                this.auditService.report(((ScopeAuditBuilder) AuditBuilder.builder(ScopeAuditBuilder.class)).principal(user).type("SCOPE_DELETED").throwable(th));
            });
        }).onErrorResumeNext(th -> {
            if (th instanceof AbstractManagementException) {
                return Completable.error(th);
            }
            this.LOGGER.error("An error occurs while trying to delete scope: {}", str, th);
            return Completable.error(new TechnicalManagementException(String.format("An error occurs while trying to delete scope: %s", str), th));
        });
    }

    @Override // io.gravitee.am.service.ScopeService
    public Single<Set<Scope>> findByDomain(String str) {
        this.LOGGER.debug("Find scopes by domain: {}", str);
        return this.scopeRepository.findByDomain(str).onErrorResumeNext(th -> {
            this.LOGGER.error("An error occurs while trying to find scopes by domain: {}", str, th);
            return Single.error(new TechnicalManagementException(String.format("An error occurs while trying to find scopes by domain: %s", str), th));
        });
    }

    @Override // io.gravitee.am.service.ScopeService
    public Maybe<Scope> findByDomainAndKey(String str, String str2) {
        this.LOGGER.debug("Find scopes by domain: {} and scope key: {}", str, str2);
        return this.scopeRepository.findByDomainAndKey(str, str2).onErrorResumeNext(th -> {
            this.LOGGER.error("An error occurs while trying to find scopes by domain: {} and scope key: {}", new Object[]{str, str2, th});
            return Maybe.error(new TechnicalManagementException(String.format("An error occurs while trying to find scopes by domain: %s and scope key: %s", str, str2), th));
        });
    }

    @Override // io.gravitee.am.service.ScopeService
    public Single<Boolean> validateScope(String str, List<String> list) {
        return (list == null || list.isEmpty()) ? Single.just(true) : findByDomain(str).map(set -> {
            return (Set) set.stream().map(scope -> {
                return scope.getKey();
            }).collect(Collectors.toSet());
        }).flatMap(set2 -> {
            return validateScope((Set<String>) set2, (List<String>) list);
        });
    }

    private Single<Boolean> validateScope(Set<String> set, List<String> list) {
        for (String str : list) {
            if (!set.contains(str)) {
                return Single.error(new InvalidClientMetadataException("scope " + str + " is not valid."));
            }
        }
        return Single.just(true);
    }
}
