package io.mapsmessaging.security.access;

import io.mapsmessaging.security.SubjectHelper;
import io.mapsmessaging.security.access.mapping.GroupIdMap;
import io.mapsmessaging.security.access.mapping.GroupMapManagement;
import io.mapsmessaging.security.access.mapping.UserIdMap;
import io.mapsmessaging.security.access.mapping.UserMapManagement;
import io.mapsmessaging.security.access.mapping.store.MapStore;
import io.mapsmessaging.security.identity.GroupEntry;
import io.mapsmessaging.security.identity.IdentityEntry;
import io.mapsmessaging.security.identity.IdentityLookup;
import io.mapsmessaging.security.identity.IdentityLookupFactory;
import io.mapsmessaging.security.identity.impl.encrypted.EncryptedAuth;
import io.mapsmessaging.security.identity.principals.GroupIdPrincipal;
import io.mapsmessaging.security.identity.principals.UniqueIdentifierPrincipal;
import io.mapsmessaging.security.passwords.PasswordHandler;
import io.mapsmessaging.security.passwords.PasswordHandlerFactory;
import io.mapsmessaging.security.passwords.ciphers.EncryptedPasswordCipher;
import io.mapsmessaging.security.uuid.UuidGenerator;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;

/* loaded from: input_file:io/mapsmessaging/security/access/IdentityAccessManager.class */
public class IdentityAccessManager {
    private final IdentityLookup identityLookup;
    private final GroupMapManagement groupMapManagement;
    private final UserMapManagement userMapManagement;
    private PasswordHandler passwordHandler;

    public IdentityAccessManager(String str, Map<String, Object> map, MapStore<UserIdMap> mapStore, MapStore<GroupIdMap> mapStore2) {
        this.identityLookup = IdentityLookupFactory.getInstance().get(str, map);
        this.groupMapManagement = new GroupMapManagement(mapStore2);
        this.userMapManagement = new UserMapManagement(mapStore);
        Iterator<IdentityEntry> it = this.identityLookup.getEntries().iterator();
        while (it.hasNext()) {
            mapUser(it.next());
        }
        String str2 = (String) map.get("passwordHander");
        PasswordHandler byClassName = PasswordHandlerFactory.getInstance().getByClassName((str2 == null || str2.isEmpty()) ? "Pbkdf2Sha512PasswordHasher" : str2);
        if ((byClassName instanceof EncryptedPasswordCipher) && (this.identityLookup instanceof EncryptedAuth)) {
            this.passwordHandler = ((EncryptedAuth) this.identityLookup).getPasswordHandler();
        } else {
            this.passwordHandler = byClassName;
        }
        this.userMapManagement.save();
        this.groupMapManagement.save();
    }

    public List<UserIdMap> getAllUsers() {
        return this.userMapManagement.getAll();
    }

    public List<GroupIdMap> getAllGroups() {
        return this.groupMapManagement.getAll();
    }

    public Subject updateSubject(Subject subject) {
        String username = SubjectHelper.getUsername(subject);
        IdentityEntry findEntry = this.identityLookup.findEntry(username);
        if (findEntry == null) {
            return null;
        }
        UserIdMap userIdMap = this.userMapManagement.get(this.identityLookup.getDomain() + ":" + username);
        if (userIdMap == null) {
            userIdMap = mapUser(findEntry);
            this.userMapManagement.save();
            this.groupMapManagement.save();
        }
        Set<Principal> principals = subject.getPrincipals();
        principals.add(new UniqueIdentifierPrincipal(userIdMap.getAuthId()));
        ArrayList arrayList = new ArrayList();
        Iterator<GroupEntry> it = findEntry.getGroups().iterator();
        while (it.hasNext()) {
            GroupIdMap groupIdMap = this.groupMapManagement.get(this.identityLookup.getDomain() + ":" + it.next().getName());
            if (groupIdMap != null) {
                arrayList.add(groupIdMap);
            }
        }
        principals.add(new GroupIdPrincipal(arrayList));
        return subject;
    }

    public GroupIdMap createGroup(String str) throws IOException {
        GroupEntry findGroup = this.identityLookup.findGroup(str);
        GroupIdMap groupIdMap = this.groupMapManagement.get(this.identityLookup.getDomain() + ":" + str);
        if (findGroup != null && groupIdMap != null) {
            return groupIdMap;
        }
        if (findGroup == null) {
            this.identityLookup.createGroup(str);
        }
        if (groupIdMap == null) {
            groupIdMap = new GroupIdMap(UuidGenerator.getInstance().generate(), str, this.identityLookup.getDomain());
            this.groupMapManagement.add(groupIdMap);
            this.groupMapManagement.save();
        }
        return groupIdMap;
    }

    public boolean deleteGroup(String str) throws IOException {
        if (this.identityLookup.findGroup(str) == null) {
            return false;
        }
        this.identityLookup.deleteGroup(str);
        this.groupMapManagement.delete(this.identityLookup.getDomain() + ":" + str);
        this.groupMapManagement.save();
        return true;
    }

    public UserIdMap getUser(String str) {
        return this.userMapManagement.get(this.identityLookup.getDomain() + ":" + str);
    }

    public GroupIdMap getGroup(String str) {
        return this.groupMapManagement.get(this.identityLookup.getDomain() + ":" + str);
    }

    public GroupEntry getGroupDetails(String str) {
        return this.identityLookup.findGroup(str);
    }

    public UserIdMap createUser(String str, String str2) throws IOException, GeneralSecurityException {
        IdentityEntry findEntry = this.identityLookup.findEntry(str);
        UserIdMap userIdMap = this.userMapManagement.get(this.identityLookup.getDomain() + ":" + str);
        if (findEntry != null && userIdMap != null) {
            return userIdMap;
        }
        if (findEntry == null) {
            this.identityLookup.createUser(str, str2, this.passwordHandler);
        }
        if (userIdMap == null) {
            userIdMap = new UserIdMap(UuidGenerator.getInstance().generate(), str, this.identityLookup.getDomain());
            this.userMapManagement.add(userIdMap);
            this.userMapManagement.save();
        }
        return userIdMap;
    }

    public boolean updateUserPassword(String str, String str2, PasswordHandler passwordHandler) throws IOException, GeneralSecurityException {
        if (this.identityLookup.findEntry(str) == null) {
            return false;
        }
        this.identityLookup.deleteUser(str);
        this.identityLookup.createUser(str, str2, passwordHandler);
        return true;
    }

    public IdentityEntry getUserIdentity(String str) {
        return this.identityLookup.findEntry(str);
    }

    public boolean deleteUser(String str) throws IOException {
        if (this.identityLookup.findEntry(str) == null) {
            return false;
        }
        this.identityLookup.deleteUser(str);
        this.userMapManagement.delete(this.identityLookup.getDomain() + ":" + str);
        this.userMapManagement.save();
        for (GroupEntry groupEntry : this.identityLookup.getGroups()) {
            if (groupEntry.isInGroup(str)) {
                groupEntry.removeUser(str);
                if (groupEntry.getUserCount() == 0) {
                    this.identityLookup.deleteGroup(groupEntry.getName());
                    this.groupMapManagement.delete(groupEntry.getName());
                }
                this.identityLookup.updateGroup(groupEntry);
            }
        }
        this.groupMapManagement.save();
        return true;
    }

    public boolean addUserToGroup(String str, String str2) throws IOException {
        GroupEntry findGroup;
        IdentityEntry findEntry = this.identityLookup.findEntry(str);
        if (findEntry == null || (findGroup = this.identityLookup.findGroup(str2)) == null || findEntry.isInGroup(findGroup.getName())) {
            return false;
        }
        findEntry.addGroup(findGroup);
        findGroup.addUser(str);
        this.identityLookup.updateGroup(findGroup);
        return true;
    }

    public boolean removeUserFromGroup(String str, String str2) throws IOException {
        GroupEntry findGroup;
        IdentityEntry findEntry = this.identityLookup.findEntry(str);
        if (findEntry == null || (findGroup = this.identityLookup.findGroup(str2)) == null || !findEntry.isInGroup(findGroup.getName())) {
            return false;
        }
        findEntry.removeGroup(findGroup);
        findGroup.removeUser(str);
        this.identityLookup.updateGroup(findGroup);
        if (findGroup.getUserCount() != 0) {
            return true;
        }
        this.identityLookup.deleteGroup(findGroup.getName());
        this.groupMapManagement.delete(findGroup.getName());
        this.groupMapManagement.save();
        return true;
    }

    private UserIdMap mapUser(IdentityEntry identityEntry) {
        UserIdMap userIdMap = null;
        if (this.userMapManagement.get(identityEntry.getUsername()) == null) {
            userIdMap = new UserIdMap(UuidGenerator.getInstance().generate(), identityEntry.getUsername(), this.identityLookup.getDomain());
            this.userMapManagement.add(userIdMap);
        }
        for (GroupEntry groupEntry : identityEntry.getGroups()) {
            if (this.groupMapManagement.get(groupEntry.getName()) == null) {
                this.groupMapManagement.add(new GroupIdMap(UuidGenerator.getInstance().generate(), groupEntry.getName(), this.identityLookup.getDomain()));
            }
        }
        return userIdMap;
    }

    public IdentityLookup getIdentityLookup() {
        return this.identityLookup;
    }

    public PasswordHandler getPasswordHandler() {
        return this.passwordHandler;
    }

    public void setPasswordHandler(PasswordHandler passwordHandler) {
        this.passwordHandler = passwordHandler;
    }
}
