package io.gravitee.am.service.impl;

import io.gravitee.am.common.event.Action;
import io.gravitee.am.common.event.Type;
import io.gravitee.am.identityprovider.api.User;
import io.gravitee.am.model.IdentityProvider;
import io.gravitee.am.model.PasswordPolicy;
import io.gravitee.am.model.PasswordSettingsAware;
import io.gravitee.am.model.Reference;
import io.gravitee.am.model.ReferenceType;
import io.gravitee.am.model.common.event.Event;
import io.gravitee.am.model.common.event.Payload;
import io.gravitee.am.repository.management.api.PasswordPolicyRepository;
import io.gravitee.am.service.AuditService;
import io.gravitee.am.service.EventService;
import io.gravitee.am.service.IdentityProviderService;
import io.gravitee.am.service.PasswordPolicyService;
import io.gravitee.am.service.exception.InvalidParameterException;
import io.gravitee.am.service.exception.PasswordPolicyNotFoundException;
import io.gravitee.am.service.exception.TechnicalManagementException;
import io.gravitee.am.service.model.AssignPasswordPolicy;
import io.gravitee.am.service.model.UpdatePasswordPolicy;
import io.gravitee.am.service.reporter.builder.AuditBuilder;
import io.gravitee.am.service.reporter.builder.management.PasswordPolicyAuditBuilder;
import io.reactivex.rxjava3.core.Completable;
import io.reactivex.rxjava3.core.Flowable;
import io.reactivex.rxjava3.core.Maybe;
import io.reactivex.rxjava3.core.Single;
import java.util.Date;
import java.util.Optional;
import java.util.function.Predicate;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

@Component
/* loaded from: input_file:io/gravitee/am/service/impl/PasswordPolicyServiceImpl.class */
public class PasswordPolicyServiceImpl implements PasswordPolicyService {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(PasswordPolicyServiceImpl.class);

    @Autowired
    @Lazy
    private PasswordPolicyRepository passwordPolicyRepository;

    @Autowired
    private AuditService auditService;

    @Autowired
    private EventService eventService;

    @Autowired
    private IdentityProviderService identityProviderService;

    @Override // io.gravitee.am.service.PasswordPolicyService
    public Flowable<PasswordPolicy> findByDomain(String str) {
        log.debug("Find password policy by domain: {}", str);
        return this.passwordPolicyRepository.findByReference(ReferenceType.DOMAIN, str).onErrorResumeNext(th -> {
            log.error("An error occurs while trying to find password policy by domain", th);
            return Flowable.error(new TechnicalManagementException("An error occurs while trying to find password policy by domain", th));
        });
    }

    @Override // io.gravitee.am.service.PasswordPolicyService
    public Single<PasswordPolicy> create(PasswordPolicy passwordPolicy, User user) {
        log.debug("Create a new password policy named '{}' for {} {}", new Object[]{passwordPolicy.getName(), passwordPolicy.getReferenceType(), passwordPolicy.getReferenceId()});
        if (!StringUtils.hasLength(passwordPolicy.getReferenceId()) && !ReferenceType.DOMAIN.equals(passwordPolicy.getReferenceType())) {
            return Single.error(new InvalidParameterException("Password policy requires a reference type DOMAIN and a reference ID"));
        }
        Date date = new Date();
        passwordPolicy.setCreatedAt(date);
        passwordPolicy.setUpdatedAt(date);
        passwordPolicy.setDefaultPolicy(Boolean.FALSE);
        return this.passwordPolicyRepository.findByDefaultPolicy(passwordPolicy.getReferenceType(), passwordPolicy.getReferenceId()).map(passwordPolicy2 -> {
            return passwordPolicy;
        }).switchIfEmpty(Single.fromCallable(() -> {
            passwordPolicy.setDefaultPolicy(Boolean.TRUE);
            return passwordPolicy;
        })).flatMap(passwordPolicy3 -> {
            return this.passwordPolicyRepository.create(passwordPolicy3);
        }).flatMap(passwordPolicy4 -> {
            return this.eventService.create(new Event(Type.PASSWORD_POLICY, new Payload(passwordPolicy4.getId(), passwordPolicy.getReferenceType(), passwordPolicy.getReferenceId(), Action.CREATE))).flatMap(event -> {
                return Single.just(passwordPolicy4);
            });
        }).doOnSuccess(passwordPolicy5 -> {
            this.auditService.report(((PasswordPolicyAuditBuilder) ((PasswordPolicyAuditBuilder) ((PasswordPolicyAuditBuilder) AuditBuilder.builder(PasswordPolicyAuditBuilder.class)).principal(user)).type("PASSWORD_POLICY_CREATED")).policy(passwordPolicy5));
        }).doOnError(th -> {
            this.auditService.report(((PasswordPolicyAuditBuilder) ((PasswordPolicyAuditBuilder) ((PasswordPolicyAuditBuilder) ((PasswordPolicyAuditBuilder) AuditBuilder.builder(PasswordPolicyAuditBuilder.class)).principal(user)).reference(new Reference(passwordPolicy.getReferenceType(), passwordPolicy.getReferenceId()))).type("PASSWORD_POLICY_CREATED")).throwable(th));
        });
    }

    @Override // io.gravitee.am.service.PasswordPolicyService
    public Maybe<PasswordPolicy> findByReferenceAndId(ReferenceType referenceType, String str, String str2) {
        log.debug("Find password policy with id '{}' for {} {}", new Object[]{str2, referenceType, str});
        return this.passwordPolicyRepository.findByReferenceAndId(referenceType, str, str2);
    }

    @Override // io.gravitee.am.service.PasswordPolicyService
    public Single<PasswordPolicy> update(ReferenceType referenceType, String str, String str2, UpdatePasswordPolicy updatePasswordPolicy, User user) {
        log.debug("Update password policy id '{}' for {} {}", new Object[]{str2, referenceType, str});
        return this.passwordPolicyRepository.findByReferenceAndId(referenceType, str, str2).switchIfEmpty(Single.error(() -> {
            return new PasswordPolicyNotFoundException(str2);
        })).flatMap(passwordPolicy -> {
            PasswordPolicy passwordPolicy = updatePasswordPolicy.toPasswordPolicy(referenceType, str);
            passwordPolicy.setId(passwordPolicy.getId());
            passwordPolicy.setCreatedAt(passwordPolicy.getCreatedAt());
            passwordPolicy.setReferenceType(passwordPolicy.getReferenceType());
            passwordPolicy.setReferenceId(passwordPolicy.getReferenceId());
            passwordPolicy.setDefaultPolicy(passwordPolicy.getDefaultPolicy());
            return updatePasswordPolicy(referenceType, str, passwordPolicy, passwordPolicy, user);
        }).doOnError(th -> {
            this.auditService.report(((PasswordPolicyAuditBuilder) ((PasswordPolicyAuditBuilder) ((PasswordPolicyAuditBuilder) ((PasswordPolicyAuditBuilder) AuditBuilder.builder(PasswordPolicyAuditBuilder.class)).principal(user)).type("PASSWORD_POLICY_UPDATED")).reference(new Reference(referenceType, str))).throwable(th));
        });
    }

    @Override // io.gravitee.am.service.PasswordPolicyService
    public Completable deleteAndUpdateIdp(ReferenceType referenceType, String str, String str2, User user) {
        log.debug("Delete password policy with id '{}' for {} {}", new Object[]{str2, referenceType, str});
        return this.passwordPolicyRepository.findByReferenceAndId(referenceType, str, str2).flatMap(passwordPolicy -> {
            return doDelete(passwordPolicy, user);
        }).flatMap(passwordPolicy2 -> {
            return passwordPolicy2.getDefaultPolicy().equals(Boolean.TRUE) ? setOldestPolicyDefault(referenceType, str, user) : Maybe.empty();
        }).ignoreElement();
    }

    private Maybe<PasswordPolicy> doDelete(PasswordPolicy passwordPolicy, User user) {
        Reference reference = new Reference(passwordPolicy.getReferenceType(), passwordPolicy.getReferenceId());
        return resetPolicyOnIdentityProviders(reference.type(), reference.id(), passwordPolicy.getId()).andThen(this.passwordPolicyRepository.delete(passwordPolicy.getId())).andThen(this.eventService.create(new Event(Type.PASSWORD_POLICY, new Payload(passwordPolicy.getId(), reference.type(), reference.id(), Action.DELETE)))).ignoreElement().doOnComplete(() -> {
            this.auditService.report(((PasswordPolicyAuditBuilder) ((PasswordPolicyAuditBuilder) ((PasswordPolicyAuditBuilder) AuditBuilder.builder(PasswordPolicyAuditBuilder.class)).principal(user)).type("PASSWORD_POLICY_DELETED")).policy(passwordPolicy).oldValue(passwordPolicy));
        }).doOnError(th -> {
            this.auditService.report(((PasswordPolicyAuditBuilder) ((PasswordPolicyAuditBuilder) ((PasswordPolicyAuditBuilder) AuditBuilder.builder(PasswordPolicyAuditBuilder.class)).principal(user)).type("PASSWORD_POLICY_DELETED")).policy(passwordPolicy).throwable(th));
        }).andThen(Maybe.just(passwordPolicy));
    }

    @Override // io.gravitee.am.service.PasswordPolicyService
    public Single<PasswordPolicy> setDefaultPasswordPolicy(ReferenceType referenceType, String str, String str2, User user) {
        log.debug("Setting default policy for id {} for {} {}", new Object[]{str2, referenceType, str});
        return this.passwordPolicyRepository.findByReferenceAndId(referenceType, str, str2).switchIfEmpty(Single.error(() -> {
            return new PasswordPolicyNotFoundException(str2);
        })).flatMap(passwordPolicy -> {
            return this.passwordPolicyRepository.findByDefaultPolicy(referenceType, str).flatMapSingle(passwordPolicy -> {
                PasswordPolicy passwordPolicy = new PasswordPolicy(passwordPolicy);
                passwordPolicy.setUpdatedAt(new Date());
                passwordPolicy.setDefaultPolicy(Boolean.FALSE);
                return updatePasswordPolicy(referenceType, str, passwordPolicy, passwordPolicy, user).flatMap(passwordPolicy2 -> {
                    return setNewDefaultPolicy(referenceType, str, passwordPolicy, user);
                });
            }).switchIfEmpty(Single.defer(() -> {
                return setNewDefaultPolicy(referenceType, str, passwordPolicy, user);
            }));
        }).onErrorResumeNext(th -> {
            log.error("An error occurs while trying to set default policy", th);
            return Single.error(new TechnicalManagementException("An error occurs while trying to set default policy", th));
        });
    }

    @Override // io.gravitee.am.service.PasswordPolicyService
    public Completable deleteByReference(ReferenceType referenceType, String str) {
        return this.passwordPolicyRepository.deleteByReference(referenceType, str);
    }

    @Override // io.gravitee.am.service.PasswordPolicyService
    public Maybe<PasswordPolicy> retrievePasswordPolicy(io.gravitee.am.model.User user, PasswordSettingsAware passwordSettingsAware, IdentityProvider identityProvider) {
        return ((Maybe) Optional.ofNullable(passwordSettingsAware).map((v0) -> {
            return v0.getPasswordSettings();
        }).filter(Predicate.not((v0) -> {
            return v0.isInherited();
        })).map((v0) -> {
            return v0.toPasswordPolicy();
        }).map((v0) -> {
            return Maybe.just(v0);
        }).orElse(Maybe.empty())).switchIfEmpty((Maybe) Optional.ofNullable(identityProvider).map((v0) -> {
            return v0.getPasswordPolicy();
        }).map(str -> {
            return this.passwordPolicyRepository.findByReferenceAndId(user.getReferenceType(), user.getReferenceId(), str);
        }).orElse(Maybe.empty())).switchIfEmpty(Maybe.defer(() -> {
            return defaultPasswordPolicy(user);
        }));
    }

    private Completable resetPolicyOnIdentityProviders(ReferenceType referenceType, String str, String str2) {
        return this.identityProviderService.findWithPasswordPolicy(referenceType, str, str2).flatMapSingle(identityProvider -> {
            return this.identityProviderService.updatePasswordPolicy(str, identityProvider.getId(), new AssignPasswordPolicy());
        }).ignoreElements();
    }

    private Maybe<PasswordPolicy> setOldestPolicyDefault(ReferenceType referenceType, String str, User user) {
        return this.passwordPolicyRepository.findByOldest(referenceType, str).flatMapSingle(passwordPolicy -> {
            return setNewDefaultPolicy(referenceType, str, passwordPolicy, user);
        });
    }

    private Maybe<PasswordPolicy> defaultPasswordPolicy(io.gravitee.am.model.User user) {
        return this.passwordPolicyRepository.findByDefaultPolicy(user.getReferenceType(), user.getReferenceId());
    }

    private Single<PasswordPolicy> setNewDefaultPolicy(ReferenceType referenceType, String str, PasswordPolicy passwordPolicy, User user) {
        PasswordPolicy passwordPolicy2 = new PasswordPolicy(passwordPolicy);
        passwordPolicy2.setUpdatedAt(new Date());
        passwordPolicy2.setDefaultPolicy(Boolean.TRUE);
        return updatePasswordPolicy(referenceType, str, passwordPolicy2, passwordPolicy, user);
    }

    private Single<PasswordPolicy> updatePasswordPolicy(ReferenceType referenceType, String str, PasswordPolicy passwordPolicy, PasswordPolicy passwordPolicy2, User user) {
        return this.passwordPolicyRepository.update(passwordPolicy).flatMap(passwordPolicy3 -> {
            return this.eventService.create(new Event(Type.PASSWORD_POLICY, new Payload(passwordPolicy3.getId(), referenceType, str, Action.UPDATE))).flatMap(event -> {
                return Single.just(passwordPolicy3);
            });
        }).doOnSuccess(passwordPolicy4 -> {
            this.auditService.report(((PasswordPolicyAuditBuilder) ((PasswordPolicyAuditBuilder) ((PasswordPolicyAuditBuilder) AuditBuilder.builder(PasswordPolicyAuditBuilder.class)).principal(user)).type("PASSWORD_POLICY_UPDATED")).policy(passwordPolicy4).oldValue(passwordPolicy2));
        });
    }
}
