package jp.openstandia.connector.auth0;

import com.auth0.client.mgmt.filter.ConnectionFilter;
import com.auth0.exception.APIException;
import com.auth0.exception.Auth0Exception;
import com.auth0.exception.RateLimitException;
import java.time.Instant;
import java.time.ZoneId;
import java.time.ZonedDateTime;
import java.time.format.DateTimeFormatter;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import org.identityconnectors.common.logging.Log;
import org.identityconnectors.framework.common.exceptions.AlreadyExistsException;
import org.identityconnectors.framework.common.exceptions.ConnectionFailedException;
import org.identityconnectors.framework.common.exceptions.ConnectorException;
import org.identityconnectors.framework.common.exceptions.ConnectorIOException;
import org.identityconnectors.framework.common.exceptions.ConnectorSecurityException;
import org.identityconnectors.framework.common.exceptions.InvalidAttributeValueException;
import org.identityconnectors.framework.common.exceptions.RetryableException;
import org.identityconnectors.framework.common.exceptions.UnknownUidException;
import org.identityconnectors.framework.common.objects.Attribute;
import org.identityconnectors.framework.common.objects.AttributeDelta;
import org.identityconnectors.framework.common.objects.AttributeInfo;
import org.identityconnectors.framework.common.objects.ObjectClass;
import org.identityconnectors.framework.common.objects.ObjectClassInfo;
import org.identityconnectors.framework.common.objects.OperationOptionInfoBuilder;
import org.identityconnectors.framework.common.objects.OperationOptions;
import org.identityconnectors.framework.common.objects.ResultsHandler;
import org.identityconnectors.framework.common.objects.Schema;
import org.identityconnectors.framework.common.objects.SchemaBuilder;
import org.identityconnectors.framework.common.objects.SearchResult;
import org.identityconnectors.framework.common.objects.Uid;
import org.identityconnectors.framework.common.objects.filter.FilterTranslator;
import org.identityconnectors.framework.spi.Configuration;
import org.identityconnectors.framework.spi.ConnectorClass;
import org.identityconnectors.framework.spi.InstanceNameAware;
import org.identityconnectors.framework.spi.PoolableConnector;
import org.identityconnectors.framework.spi.SearchResultsHandler;
import org.identityconnectors.framework.spi.operations.CreateOp;
import org.identityconnectors.framework.spi.operations.DeleteOp;
import org.identityconnectors.framework.spi.operations.SchemaOp;
import org.identityconnectors.framework.spi.operations.SearchOp;
import org.identityconnectors.framework.spi.operations.TestOp;
import org.identityconnectors.framework.spi.operations.UpdateDeltaOp;

@ConnectorClass(configurationClass = Auth0Configuration.class, displayNameKey = "Auth0 Connector")
/* loaded from: input_file:jp/openstandia/connector/auth0/Auth0Connector.class */
public class Auth0Connector implements PoolableConnector, CreateOp, UpdateDeltaOp, DeleteOp, SchemaOp, TestOp, SearchOp<Auth0Filter>, InstanceNameAware {
    private static final Log LOG = Log.getLog(Auth0Connector.class);
    protected Auth0Configuration configuration;
    protected Auth0Client client;
    private Map<String, Map<String, AttributeInfo>> schemaMap;
    private String instanceName;

    public Configuration getConfiguration() {
        return this.configuration;
    }

    public void init(Configuration configuration) {
        this.configuration = (Auth0Configuration) configuration;
        initClient();
        LOG.ok("Connector {0} successfully initialized", new Object[]{getClass().getName()});
    }

    protected void initClient() {
        this.client = new Auth0Client();
        try {
            this.client.initClient(this.configuration);
        } catch (Exception e) {
            throw processException(e);
        }
    }

    public Schema schema() {
        try {
            List list = (List) this.client.getConnection(new ConnectionFilter()).stream().map(connection -> {
                return connection.getName();
            }).collect(Collectors.toList());
            if (this.configuration.getConnectionFilter() != null && this.configuration.getConnectionFilter().length > 0) {
                list = (List) list.stream().filter(str -> {
                    return Arrays.stream(this.configuration.getConnectionFilter()).anyMatch(str -> {
                        return str.equals(str);
                    });
                }).collect(Collectors.toList());
            }
            SchemaBuilder schemaBuilder = new SchemaBuilder(Auth0Connector.class);
            HashMap hashMap = new HashMap();
            Iterator it = list.iterator();
            while (it.hasNext()) {
                ObjectClassInfo schema = Auth0UserHandler.getSchema(this.configuration, (String) it.next());
                schemaBuilder.defineObjectClass(schema);
                HashMap hashMap2 = new HashMap();
                for (AttributeInfo attributeInfo : schema.getAttributeInfo()) {
                    hashMap2.put(attributeInfo.getName(), attributeInfo);
                }
                hashMap.put(schema.getType(), Collections.unmodifiableMap(hashMap2));
            }
            ObjectClassInfo schema2 = Auth0RoleHandler.getSchema(this.configuration);
            schemaBuilder.defineObjectClass(schema2);
            ObjectClassInfo schema3 = Auth0OrganizationHandler.getSchema(this.configuration);
            schemaBuilder.defineObjectClass(schema3);
            schemaBuilder.defineOperationOption(OperationOptionInfoBuilder.buildAttributesToGet(), new Class[]{SearchOp.class});
            schemaBuilder.defineOperationOption(OperationOptionInfoBuilder.buildReturnDefaultAttributes(), new Class[]{SearchOp.class});
            schemaBuilder.defineOperationOption(OperationOptionInfoBuilder.buildPageSize(), new Class[]{SearchOp.class});
            schemaBuilder.defineOperationOption(OperationOptionInfoBuilder.buildPagedResultsOffset(), new Class[]{SearchOp.class});
            HashMap hashMap3 = new HashMap();
            for (AttributeInfo attributeInfo2 : schema2.getAttributeInfo()) {
                hashMap3.put(attributeInfo2.getName(), attributeInfo2);
            }
            hashMap.put(schema2.getType(), Collections.unmodifiableMap(hashMap3));
            HashMap hashMap4 = new HashMap();
            for (AttributeInfo attributeInfo3 : schema3.getAttributeInfo()) {
                hashMap4.put(attributeInfo3.getName(), attributeInfo3);
            }
            hashMap.put(schema3.getType(), Collections.unmodifiableMap(hashMap4));
            this.schemaMap = Collections.unmodifiableMap(hashMap);
            return schemaBuilder.build();
        } catch (Auth0Exception | RuntimeException e) {
            throw processException(e);
        }
    }

    private Map<String, AttributeInfo> getSchemaMap(ObjectClass objectClass) {
        if (this.schemaMap == null) {
            schema();
        }
        return this.schemaMap.get(objectClass.getObjectClassValue());
    }

    public Uid create(ObjectClass objectClass, Set<Attribute> set, OperationOptions operationOptions) {
        if (objectClass == null) {
            throw new InvalidAttributeValueException("ObjectClass value not provided");
        }
        LOG.info("CREATE METHOD OBJECTCLASS VALUE: {0}", new Object[]{objectClass});
        if (set == null || set.isEmpty()) {
            throw new InvalidAttributeValueException("attributes not provided or empty");
        }
        try {
            if (objectClass.getObjectClassValue().startsWith(Auth0UserHandler.USER_OBJECT_CLASS_PREFIX)) {
                return new Auth0UserHandler(this.configuration, this.client, getSchemaMap(objectClass), resolveDatabaseConnection(objectClass)).createUser(set);
            }
            if (objectClass.equals(Auth0RoleHandler.ROLE_OBJECT_CLASS)) {
                return new Auth0RoleHandler(this.configuration, this.client, getSchemaMap(objectClass)).createRole(set);
            }
            if (objectClass.equals(Auth0OrganizationHandler.ORGANIZATION_OBJECT_CLASS)) {
                return new Auth0OrganizationHandler(this.configuration, this.client, getSchemaMap(objectClass)).create(set);
            }
            throw new InvalidAttributeValueException("Unsupported object class " + objectClass);
        } catch (Exception e) {
            throw processException(e);
        }
    }

    private String resolveDatabaseConnection(ObjectClass objectClass) {
        return objectClass.getObjectClassValue().split("_")[1];
    }

    public Set<AttributeDelta> updateDelta(ObjectClass objectClass, Uid uid, Set<AttributeDelta> set, OperationOptions operationOptions) {
        try {
            if (objectClass.getObjectClassValue().startsWith(Auth0UserHandler.USER_OBJECT_CLASS_PREFIX)) {
                return new Auth0UserHandler(this.configuration, this.client, getSchemaMap(objectClass), resolveDatabaseConnection(objectClass)).updateDelta(uid, set, operationOptions);
            }
            if (objectClass.equals(Auth0RoleHandler.ROLE_OBJECT_CLASS)) {
                return new Auth0RoleHandler(this.configuration, this.client, getSchemaMap(objectClass)).updateDelta(uid, set, operationOptions);
            }
            if (objectClass.equals(Auth0OrganizationHandler.ORGANIZATION_OBJECT_CLASS)) {
                return new Auth0OrganizationHandler(this.configuration, this.client, getSchemaMap(objectClass)).updateDelta(uid, set, operationOptions);
            }
            throw new InvalidAttributeValueException("Unsupported object class " + objectClass);
        } catch (Exception e) {
            throw processException(e);
        }
    }

    public void delete(ObjectClass objectClass, Uid uid, OperationOptions operationOptions) {
        if (uid == null) {
            throw new InvalidAttributeValueException("uid not provided");
        }
        try {
            if (objectClass.getObjectClassValue().startsWith(Auth0UserHandler.USER_OBJECT_CLASS_PREFIX)) {
                new Auth0UserHandler(this.configuration, this.client, getSchemaMap(objectClass), resolveDatabaseConnection(objectClass)).deleteUser(uid, operationOptions);
            } else if (objectClass.equals(Auth0RoleHandler.ROLE_OBJECT_CLASS)) {
                new Auth0RoleHandler(this.configuration, this.client, getSchemaMap(objectClass)).deleteRole(uid, operationOptions);
            } else {
                if (!objectClass.equals(Auth0OrganizationHandler.ORGANIZATION_OBJECT_CLASS)) {
                    throw new InvalidAttributeValueException("Unsupported object class " + objectClass);
                }
                new Auth0OrganizationHandler(this.configuration, this.client, getSchemaMap(objectClass)).delete(uid, operationOptions);
            }
        } catch (Exception e) {
            throw processException(e);
        }
    }

    public FilterTranslator<Auth0Filter> createFilterTranslator(ObjectClass objectClass, OperationOptions operationOptions) {
        return new Auth0FilterTranslator(objectClass, operationOptions);
    }

    public void executeQuery(ObjectClass objectClass, Auth0Filter auth0Filter, ResultsHandler resultsHandler, OperationOptions operationOptions) {
        int query;
        try {
            int resolvePageSize = Auth0Utils.resolvePageSize(this.configuration, operationOptions);
            int resolvePageOffset = Auth0Utils.resolvePageOffset(operationOptions);
            if (objectClass.getObjectClassValue().startsWith(Auth0UserHandler.USER_OBJECT_CLASS_PREFIX)) {
                query = new Auth0UserHandler(this.configuration, this.client, getSchemaMap(objectClass), resolveDatabaseConnection(objectClass)).getUsers(auth0Filter, resultsHandler, operationOptions);
            } else if (objectClass.equals(Auth0RoleHandler.ROLE_OBJECT_CLASS)) {
                query = new Auth0RoleHandler(this.configuration, this.client, getSchemaMap(objectClass)).getRoles(auth0Filter, resultsHandler, operationOptions);
            } else {
                if (!objectClass.equals(Auth0OrganizationHandler.ORGANIZATION_OBJECT_CLASS)) {
                    throw new InvalidAttributeValueException("Unsupported object class " + objectClass);
                }
                query = new Auth0OrganizationHandler(this.configuration, this.client, getSchemaMap(objectClass)).query(auth0Filter, resultsHandler, operationOptions);
            }
            if ((resultsHandler instanceof SearchResultsHandler) && resolvePageOffset > 0) {
                ((SearchResultsHandler) resultsHandler).handleResult(new SearchResult((String) null, query - (resolvePageSize * resolvePageOffset)));
            }
        } catch (Exception e) {
            throw processException(e);
        }
    }

    public void test() {
        try {
            dispose();
            initClient();
        } catch (Exception e) {
            throw processException(e);
        }
    }

    public void dispose() {
        this.client = null;
    }

    public void checkAlive() {
    }

    public void setInstanceName(String str) {
        this.instanceName = str;
    }

    protected ConnectorException processException(Exception exc) {
        if (exc instanceof RuntimeException) {
            return processException((RuntimeException) exc);
        }
        if (exc instanceof Auth0Exception) {
            return processException((Auth0Exception) exc);
        }
        LOG.error(exc, "Exception in Auth0Connector: " + this.instanceName, new Object[0]);
        return new ConnectorException(exc);
    }

    protected ConnectorException processException(RuntimeException runtimeException) {
        if (runtimeException instanceof ConnectorException) {
            return (ConnectorException) runtimeException;
        }
        LOG.error(runtimeException, "RuntimeException in Auth0Connector: " + this.instanceName, new Object[0]);
        return new ConnectorException(runtimeException);
    }

    protected ConnectorException processException(Auth0Exception auth0Exception) {
        if (auth0Exception instanceof RateLimitException) {
            RateLimitException rateLimitException = (RateLimitException) auth0Exception;
            LOG.warn("Detected rate limit. limit: {0}, remaining: {1}, reset(unix): {2} ({3})", new Object[]{Long.valueOf(rateLimitException.getLimit()), Long.valueOf(rateLimitException.getRemaining()), Long.valueOf(rateLimitException.getReset()), formatUnixTimestamp(rateLimitException.getReset())});
            return RetryableException.wrap(auth0Exception.getMessage(), auth0Exception);
        }
        if (auth0Exception instanceof APIException) {
            APIException aPIException = (APIException) auth0Exception;
            switch (aPIException.getStatusCode()) {
                case 400:
                    return new InvalidAttributeValueException(auth0Exception);
                case 401:
                case 403:
                    return new ConnectionFailedException(auth0Exception);
                case 404:
                    return new UnknownUidException(auth0Exception);
                case 409:
                    return new AlreadyExistsException(auth0Exception);
                case 429:
                    return RetryableException.wrap(auth0Exception.getMessage(), auth0Exception);
                default:
                    if (aPIException.isAccessDenied()) {
                        throw new ConnectorSecurityException(aPIException);
                    }
                    if (aPIException.getError().equals("invalid_query_string")) {
                        return new InvalidAttributeValueException(auth0Exception);
                    }
                    break;
            }
        }
        throw new ConnectorIOException(auth0Exception);
    }

    private static String formatUnixTimestamp(long j) {
        return ZonedDateTime.ofInstant(Instant.ofEpochSecond(j), ZoneId.systemDefault()).format(DateTimeFormatter.ISO_DATE_TIME);
    }
}
