package org.apereo.cas.scim.v2;

import com.unboundid.scim2.client.ScimService;
import com.unboundid.scim2.common.filters.Filter;
import com.unboundid.scim2.common.messages.ListResponse;
import com.unboundid.scim2.common.types.UserResource;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.api.PrincipalProvisioner;
import org.apereo.cas.authentication.Authentication;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.principal.Principal;
import org.apereo.cas.configuration.model.support.scim.ScimProperties;
import org.apereo.cas.services.RegisteredService;
import org.apereo.cas.services.RegisteredServiceProperty;
import org.apereo.cas.util.LoggingUtils;
import org.glassfish.jersey.client.ClientConfig;
import org.glassfish.jersey.client.authentication.HttpAuthenticationFeature;
import org.glassfish.jersey.client.oauth2.OAuth2ClientSupport;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apereo/cas/scim/v2/ScimV2PrincipalProvisioner.class */
public class ScimV2PrincipalProvisioner implements PrincipalProvisioner {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(ScimV2PrincipalProvisioner.class);
    private final ScimProperties scimProperties;
    private final ScimV2PrincipalAttributeMapper mapper;

    @Override // org.apereo.cas.api.PrincipalProvisioner
    public boolean create(Authentication authentication, Credential credential, RegisteredService registeredService) {
        try {
            Principal principal = authentication.getPrincipal();
            ListResponse search = getScimService(registeredService).search("Users", Filter.eq("userName", principal.getId()).toString(), UserResource.class);
            return search.getTotalResults() > 0 ? updateUserResource((UserResource) search.getResources().iterator().next(), principal, credential, registeredService) : createUserResource(principal, credential, registeredService);
        } catch (Exception e) {
            LoggingUtils.error(LOGGER, e);
            return false;
        }
    }

    protected boolean updateUserResource(UserResource userResource, Principal principal, Credential credential, RegisteredService registeredService) {
        this.mapper.map(userResource, principal, credential);
        return getScimService(registeredService).replace(userResource) != null;
    }

    protected boolean createUserResource(Principal principal, Credential credential, RegisteredService registeredService) {
        UserResource userResource = new UserResource();
        this.mapper.map(userResource, principal, credential);
        return getScimService(registeredService).create("Users", userResource) != null;
    }

    protected ScimService getScimService(RegisteredService registeredService) {
        Client newClient = ClientBuilder.newClient(new ClientConfig());
        String oauthToken = this.scimProperties.getOauthToken();
        if (RegisteredServiceProperty.RegisteredServiceProperties.SCIM_OAUTH_TOKEN.isAssignedTo(registeredService)) {
            oauthToken = RegisteredServiceProperty.RegisteredServiceProperties.SCIM_OAUTH_TOKEN.getPropertyValue(registeredService).getValue();
        }
        if (StringUtils.isNotBlank(oauthToken)) {
            newClient.register(OAuth2ClientSupport.feature(oauthToken));
        }
        String username = this.scimProperties.getUsername();
        if (RegisteredServiceProperty.RegisteredServiceProperties.SCIM_USERNAME.isAssignedTo(registeredService)) {
            username = RegisteredServiceProperty.RegisteredServiceProperties.SCIM_USERNAME.getPropertyValue(registeredService).getValue();
        }
        String password = this.scimProperties.getPassword();
        if (RegisteredServiceProperty.RegisteredServiceProperties.SCIM_PASSWORD.isAssignedTo(registeredService)) {
            password = RegisteredServiceProperty.RegisteredServiceProperties.SCIM_PASSWORD.getPropertyValue(registeredService).getValue();
        }
        if (StringUtils.isNotBlank(username) && StringUtils.isNotBlank(password)) {
            newClient.register(HttpAuthenticationFeature.basic(username, password));
        }
        String target = this.scimProperties.getTarget();
        if (RegisteredServiceProperty.RegisteredServiceProperties.SCIM_TARGET.isAssignedTo(registeredService)) {
            target = RegisteredServiceProperty.RegisteredServiceProperties.SCIM_TARGET.getPropertyValue(registeredService).getValue();
        }
        return new ScimService(newClient.target(target));
    }

    @Generated
    public ScimV2PrincipalProvisioner(ScimProperties scimProperties, ScimV2PrincipalAttributeMapper scimV2PrincipalAttributeMapper) {
        this.scimProperties = scimProperties;
        this.mapper = scimV2PrincipalAttributeMapper;
    }
}
