package jp.openstandia.connector.amazonaws;

import java.net.URI;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import org.identityconnectors.common.StringUtil;
import org.identityconnectors.common.logging.Log;
import org.identityconnectors.framework.common.exceptions.AlreadyExistsException;
import org.identityconnectors.framework.common.exceptions.ConfigurationException;
import org.identityconnectors.framework.common.exceptions.ConnectorException;
import org.identityconnectors.framework.common.exceptions.ConnectorIOException;
import org.identityconnectors.framework.common.exceptions.InvalidAttributeValueException;
import org.identityconnectors.framework.common.exceptions.RetryableException;
import org.identityconnectors.framework.common.exceptions.UnknownUidException;
import org.identityconnectors.framework.common.objects.Attribute;
import org.identityconnectors.framework.common.objects.AttributeDelta;
import org.identityconnectors.framework.common.objects.AttributeInfo;
import org.identityconnectors.framework.common.objects.AttributeInfoBuilder;
import org.identityconnectors.framework.common.objects.ObjectClass;
import org.identityconnectors.framework.common.objects.ObjectClassInfo;
import org.identityconnectors.framework.common.objects.OperationOptionInfoBuilder;
import org.identityconnectors.framework.common.objects.OperationOptions;
import org.identityconnectors.framework.common.objects.ResultsHandler;
import org.identityconnectors.framework.common.objects.Schema;
import org.identityconnectors.framework.common.objects.SchemaBuilder;
import org.identityconnectors.framework.common.objects.Uid;
import org.identityconnectors.framework.common.objects.filter.FilterTranslator;
import org.identityconnectors.framework.spi.Configuration;
import org.identityconnectors.framework.spi.ConnectorClass;
import org.identityconnectors.framework.spi.InstanceNameAware;
import org.identityconnectors.framework.spi.PoolableConnector;
import org.identityconnectors.framework.spi.operations.CreateOp;
import org.identityconnectors.framework.spi.operations.DeleteOp;
import org.identityconnectors.framework.spi.operations.SchemaOp;
import org.identityconnectors.framework.spi.operations.SearchOp;
import org.identityconnectors.framework.spi.operations.TestOp;
import org.identityconnectors.framework.spi.operations.UpdateDeltaOp;
import software.amazon.awssdk.auth.credentials.AwsBasicCredentials;
import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider;
import software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider;
import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider;
import software.amazon.awssdk.http.apache.ApacheHttpClient;
import software.amazon.awssdk.http.apache.ProxyConfiguration;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.cognitoidentityprovider.CognitoIdentityProviderClient;
import software.amazon.awssdk.services.cognitoidentityprovider.CognitoIdentityProviderClientBuilder;
import software.amazon.awssdk.services.cognitoidentityprovider.model.CognitoIdentityProviderException;
import software.amazon.awssdk.services.cognitoidentityprovider.model.DescribeUserPoolRequest;
import software.amazon.awssdk.services.cognitoidentityprovider.model.DescribeUserPoolResponse;
import software.amazon.awssdk.services.cognitoidentityprovider.model.GroupExistsException;
import software.amazon.awssdk.services.cognitoidentityprovider.model.InternalErrorException;
import software.amazon.awssdk.services.cognitoidentityprovider.model.InvalidParameterException;
import software.amazon.awssdk.services.cognitoidentityprovider.model.LimitExceededException;
import software.amazon.awssdk.services.cognitoidentityprovider.model.ResourceNotFoundException;
import software.amazon.awssdk.services.cognitoidentityprovider.model.TooManyRequestsException;
import software.amazon.awssdk.services.cognitoidentityprovider.model.UserNotFoundException;
import software.amazon.awssdk.services.cognitoidentityprovider.model.UserPoolType;
import software.amazon.awssdk.services.cognitoidentityprovider.model.UsernameExistsException;
import software.amazon.awssdk.services.sts.StsClient;
import software.amazon.awssdk.services.sts.StsClientBuilder;
import software.amazon.awssdk.services.sts.auth.StsAssumeRoleCredentialsProvider;
import software.amazon.awssdk.services.sts.model.AssumeRoleRequest;

/* JADX WARN: Classes with same name are omitted:
  input_file:jp/openstandia/connector/amazonaws/CognitoUserPoolConnector.class
 */
@ConnectorClass(configurationClass = CognitoUserPoolConfiguration.class, displayNameKey = "NRI OpenStandia Amazon Cognito User Pool Connector")
/* loaded from: input_file:lib/connector-amazon-cognito-user-pool-1.1.1.jar:jp/openstandia/connector/amazonaws/CognitoUserPoolConnector.class */
public class CognitoUserPoolConnector implements PoolableConnector, CreateOp, UpdateDeltaOp, DeleteOp, SchemaOp, TestOp, SearchOp<CognitoUserPoolFilter>, InstanceNameAware {
    private static final Log LOG = Log.getLog(CognitoUserPoolConnector.class);
    protected CognitoUserPoolConfiguration configuration;
    protected CognitoIdentityProviderClient client;
    private Map<String, AttributeInfo> userSchemaMap;
    private String instanceName;

    public Configuration getConfiguration() {
        return this.configuration;
    }

    public void init(Configuration configuration) {
        this.configuration = (CognitoUserPoolConfiguration) configuration;
        try {
            authenticateResource();
            LOG.ok("Connector {0} successfully initialized", new Object[]{getClass().getName()});
        } catch (RuntimeException e) {
            throw processRuntimeException(e);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    protected void authenticateResource() {
        ApacheHttpClient.Builder builder = ApacheHttpClient.builder();
        if (StringUtil.isNotEmpty(this.configuration.getHttpProxyHost())) {
            ProxyConfiguration.Builder endpoint = ProxyConfiguration.builder().endpoint(URI.create(String.format("http://%s:%d", this.configuration.getHttpProxyHost(), Integer.valueOf(this.configuration.getHttpProxyPort()))));
            if (StringUtil.isNotEmpty(this.configuration.getHttpProxyUser()) && this.configuration.getHttpProxyPassword() != null) {
                this.configuration.getHttpProxyPassword().access(cArr -> {
                    endpoint.username(this.configuration.getHttpProxyUser()).password(String.valueOf(cArr));
                });
            }
            builder.proxyConfiguration((ProxyConfiguration) endpoint.mo1063build());
        }
        AwsCredentialsProvider[] awsCredentialsProviderArr = {DefaultCredentialsProvider.create()};
        if (this.configuration.getAWSAccessKeyID() != null && this.configuration.getAWSSecretAccessKey() != null) {
            this.configuration.getAWSAccessKeyID().access(cArr2 -> {
                this.configuration.getAWSSecretAccessKey().access(cArr2 -> {
                    awsCredentialsProviderArr[0] = StaticCredentialsProvider.create(AwsBasicCredentials.create(String.valueOf(cArr2), String.valueOf(cArr2)));
                });
            });
        }
        if (StringUtil.isNotEmpty(this.configuration.getAssumeRoleArn())) {
            StsClient build = ((StsClientBuilder) ((StsClientBuilder) StsClient.builder().credentialsProvider(awsCredentialsProviderArr[0])).httpClientBuilder(builder)).mo1063build();
            AssumeRoleRequest.Builder roleArn = AssumeRoleRequest.builder().roleArn(this.configuration.getAssumeRoleArn());
            if (StringUtil.isNotEmpty(this.configuration.getAssumeRoleExternalId())) {
                roleArn.externalId(this.configuration.getAssumeRoleExternalId());
            }
            awsCredentialsProviderArr[0] = StsAssumeRoleCredentialsProvider.builder().stsClient(build).refreshRequest((AssumeRoleRequest) roleArn.durationSeconds(Integer.valueOf(this.configuration.getAssumeRoleDurationSeconds())).roleSessionName("identity-connector").mo1063build()).build();
        }
        CognitoIdentityProviderClientBuilder cognitoIdentityProviderClientBuilder = (CognitoIdentityProviderClientBuilder) CognitoIdentityProviderClient.builder().credentialsProvider(awsCredentialsProviderArr[0]);
        String region = this.configuration.getRegion();
        if (StringUtil.isNotEmpty(region)) {
            try {
                cognitoIdentityProviderClientBuilder.region(Region.of(region));
            } catch (IllegalArgumentException e) {
                LOG.error(e, "Invalid AWS region: {0}", new Object[]{region});
                throw new ConfigurationException("Invalid AWS region: " + region);
            }
        }
        this.client = ((CognitoIdentityProviderClientBuilder) cognitoIdentityProviderClientBuilder.httpClientBuilder(builder)).mo1063build();
        describeUserPool();
    }

    private UserPoolType describeUserPool() {
        DescribeUserPoolResponse describeUserPool = this.client.describeUserPool((DescribeUserPoolRequest) DescribeUserPoolRequest.builder().userPoolId(this.configuration.getUserPoolID()).mo1063build());
        if (describeUserPool.sdkHttpResponse().statusCode() != 200) {
            throw new ConnectorIOException("Failed to describe user pool: " + this.configuration.getUserPoolID());
        }
        return describeUserPool.userPool();
    }

    public Schema schema() {
        try {
            UserPoolType describeUserPool = describeUserPool();
            SchemaBuilder schemaBuilder = new SchemaBuilder(CognitoUserPoolConnector.class);
            ObjectClassInfo userSchema = CognitoUserPoolUserHandler.getUserSchema(describeUserPool);
            schemaBuilder.defineObjectClass(userSchema);
            schemaBuilder.defineObjectClass(CognitoUserPoolGroupHandler.getGroupSchema(describeUserPool));
            schemaBuilder.defineOperationOption(OperationOptionInfoBuilder.buildAttributesToGet(), new Class[]{SearchOp.class});
            schemaBuilder.defineOperationOption(OperationOptionInfoBuilder.buildReturnDefaultAttributes(), new Class[]{SearchOp.class});
            this.userSchemaMap = new HashMap();
            userSchema.getAttributeInfo().stream().forEach(attributeInfo -> {
                this.userSchemaMap.put(attributeInfo.getName(), attributeInfo);
            });
            this.userSchemaMap.put(Uid.NAME, AttributeInfoBuilder.define("username").build());
            this.userSchemaMap = Collections.unmodifiableMap(this.userSchemaMap);
            return schemaBuilder.build();
        } catch (RuntimeException e) {
            throw processRuntimeException(e);
        }
    }

    private Map<String, AttributeInfo> getUserSchemaMap() {
        if (this.userSchemaMap == null) {
            schema();
        }
        return this.userSchemaMap;
    }

    public Uid create(ObjectClass objectClass, Set<Attribute> set, OperationOptions operationOptions) {
        if (objectClass == null) {
            throw new InvalidAttributeValueException("ObjectClass value not provided");
        }
        LOG.info("CREATE METHOD OBJECTCLASS VALUE: {0}", new Object[]{objectClass});
        if (set == null) {
            throw new InvalidAttributeValueException("Attributes not provided or empty");
        }
        try {
            if (objectClass.equals(CognitoUserPoolUserHandler.USER_OBJECT_CLASS)) {
                return new CognitoUserPoolUserHandler(this.configuration, this.client, getUserSchemaMap()).createUser(set);
            }
            if (objectClass.equals(CognitoUserPoolGroupHandler.GROUP_OBJECT_CLASS)) {
                return new CognitoUserPoolGroupHandler(this.configuration, this.client).createGroup(set);
            }
            throw new InvalidAttributeValueException("Unsupported object class " + objectClass);
        } catch (RuntimeException e) {
            throw processRuntimeException(e);
        }
    }

    public Set<AttributeDelta> updateDelta(ObjectClass objectClass, Uid uid, Set<AttributeDelta> set, OperationOptions operationOptions) {
        try {
            if (objectClass.equals(CognitoUserPoolUserHandler.USER_OBJECT_CLASS)) {
                return new CognitoUserPoolUserHandler(this.configuration, this.client, getUserSchemaMap()).updateDelta(uid, set, operationOptions);
            }
            if (objectClass.equals(CognitoUserPoolGroupHandler.GROUP_OBJECT_CLASS)) {
                return new CognitoUserPoolGroupHandler(this.configuration, this.client).updateDelta(uid, set, operationOptions);
            }
            throw new InvalidAttributeValueException("Unsupported object class " + objectClass);
        } catch (RuntimeException e) {
            throw processRuntimeException(e);
        }
    }

    public void delete(ObjectClass objectClass, Uid uid, OperationOptions operationOptions) {
        try {
            if (objectClass.equals(CognitoUserPoolUserHandler.USER_OBJECT_CLASS)) {
                new CognitoUserPoolUserHandler(this.configuration, this.client, getUserSchemaMap()).deleteUser(uid, operationOptions);
            } else {
                if (!objectClass.equals(CognitoUserPoolGroupHandler.GROUP_OBJECT_CLASS)) {
                    throw new InvalidAttributeValueException("Unsupported object class " + objectClass);
                }
                new CognitoUserPoolGroupHandler(this.configuration, this.client).deleteGroup(objectClass, uid, operationOptions);
            }
        } catch (RuntimeException e) {
            throw processRuntimeException(e);
        }
    }

    public FilterTranslator<CognitoUserPoolFilter> createFilterTranslator(ObjectClass objectClass, OperationOptions operationOptions) {
        return new CognitoUserPoolFilterTranslator(objectClass, operationOptions);
    }

    public void executeQuery(ObjectClass objectClass, CognitoUserPoolFilter cognitoUserPoolFilter, ResultsHandler resultsHandler, OperationOptions operationOptions) {
        if (objectClass.equals(CognitoUserPoolUserHandler.USER_OBJECT_CLASS)) {
            try {
                new CognitoUserPoolUserHandler(this.configuration, this.client, getUserSchemaMap()).getUsers(cognitoUserPoolFilter, resultsHandler, operationOptions);
                return;
            } catch (UserNotFoundException e) {
                return;
            } catch (RuntimeException e2) {
                throw processRuntimeException(e2);
            }
        }
        if (!objectClass.equals(CognitoUserPoolGroupHandler.GROUP_OBJECT_CLASS)) {
            throw new InvalidAttributeValueException("Unsupported object class " + objectClass);
        }
        try {
            new CognitoUserPoolGroupHandler(this.configuration, this.client).getGroups(cognitoUserPoolFilter, resultsHandler, operationOptions);
        } catch (ResourceNotFoundException e3) {
        } catch (RuntimeException e4) {
            throw processRuntimeException(e4);
        }
    }

    public void test() {
        try {
            dispose();
            authenticateResource();
        } catch (RuntimeException e) {
            throw processRuntimeException(e);
        }
    }

    public void dispose() {
        this.client.close();
        this.client = null;
    }

    public void checkAlive() {
    }

    public void setInstanceName(String str) {
        this.instanceName = str;
    }

    protected ConnectorException processRuntimeException(RuntimeException runtimeException) {
        return runtimeException instanceof ConnectorException ? (ConnectorException) runtimeException : runtimeException instanceof CognitoIdentityProviderException ? processCognitoIdentityProviderException((CognitoIdentityProviderException) runtimeException) : new ConnectorException(runtimeException);
    }

    private ConnectorException processCognitoIdentityProviderException(CognitoIdentityProviderException cognitoIdentityProviderException) {
        if (cognitoIdentityProviderException instanceof InvalidParameterException) {
            return new InvalidAttributeValueException(cognitoIdentityProviderException);
        }
        if (!(cognitoIdentityProviderException instanceof UserNotFoundException) && !(cognitoIdentityProviderException instanceof ResourceNotFoundException)) {
            if (!(cognitoIdentityProviderException instanceof UsernameExistsException) && !(cognitoIdentityProviderException instanceof GroupExistsException)) {
                if (!(cognitoIdentityProviderException instanceof LimitExceededException) && !(cognitoIdentityProviderException instanceof TooManyRequestsException) && !(cognitoIdentityProviderException instanceof InternalErrorException)) {
                    throw new ConnectorIOException(cognitoIdentityProviderException);
                }
                return RetryableException.wrap(cognitoIdentityProviderException.getMessage(), cognitoIdentityProviderException);
            }
            return new AlreadyExistsException(cognitoIdentityProviderException);
        }
        return new UnknownUidException(cognitoIdentityProviderException);
    }
}
