package org.forgerock.openam.entitlement.rest;

import com.sun.identity.entitlement.Application;
import com.sun.identity.entitlement.EntitlementException;
import com.sun.identity.shared.debug.Debug;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import org.apache.hc.core5.http.HttpStatus;
import org.forgerock.openam.entitlement.conditions.environment.ConditionConstants;
import org.forgerock.openam.entitlement.rest.wrappers.ApplicationTypeManagerWrapper;
import org.forgerock.openam.entitlement.rest.wrappers.ApplicationWrapper;
import org.forgerock.openam.entitlement.service.ApplicationService;
import org.forgerock.openam.entitlement.service.ApplicationServiceFactory;
import org.forgerock.openam.errors.ExceptionMappingHandler;
import org.forgerock.openam.forgerockrest.utils.PrincipalRestUtils;
import org.forgerock.openam.rest.RealmAwareResource;
import org.forgerock.openam.rest.RestUtils;
import org.forgerock.openam.rest.query.QueryByStringFilterConverter;
import org.forgerock.openam.rest.query.QueryResponsePresentation;
import org.forgerock.openam.sdk.com.fasterxml.jackson.databind.DeserializationFeature;
import org.forgerock.openam.sdk.com.fasterxml.jackson.databind.ObjectMapper;
import org.forgerock.openam.sdk.javax.inject.Inject;
import org.forgerock.openam.sdk.javax.inject.Named;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.ApiError;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.CollectionProvider;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.Create;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.Delete;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.Handler;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.Operation;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.Parameter;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.Query;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.Read;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.Schema;
import org.forgerock.openam.sdk.org.forgerock.api.annotations.Update;
import org.forgerock.openam.sdk.org.forgerock.api.enums.QueryType;
import org.forgerock.openam.sdk.org.forgerock.json.JsonValue;
import org.forgerock.openam.sdk.org.forgerock.json.resource.ActionRequest;
import org.forgerock.openam.sdk.org.forgerock.json.resource.ActionResponse;
import org.forgerock.openam.sdk.org.forgerock.json.resource.BadRequestException;
import org.forgerock.openam.sdk.org.forgerock.json.resource.CreateRequest;
import org.forgerock.openam.sdk.org.forgerock.json.resource.DeleteRequest;
import org.forgerock.openam.sdk.org.forgerock.json.resource.PatchRequest;
import org.forgerock.openam.sdk.org.forgerock.json.resource.QueryRequest;
import org.forgerock.openam.sdk.org.forgerock.json.resource.QueryResourceHandler;
import org.forgerock.openam.sdk.org.forgerock.json.resource.QueryResponse;
import org.forgerock.openam.sdk.org.forgerock.json.resource.ReadRequest;
import org.forgerock.openam.sdk.org.forgerock.json.resource.ResourceException;
import org.forgerock.openam.sdk.org.forgerock.json.resource.ResourceResponse;
import org.forgerock.openam.sdk.org.forgerock.json.resource.Responses;
import org.forgerock.openam.sdk.org.forgerock.json.resource.UpdateRequest;
import org.forgerock.openam.sdk.org.forgerock.opendj.ldap.DN;
import org.forgerock.openam.sdk.org.forgerock.services.context.Context;
import org.forgerock.openam.sdk.org.forgerock.util.Reject;
import org.forgerock.openam.sdk.org.forgerock.util.promise.Promise;
import org.forgerock.openam.sdk.org.forgerock.util.promise.Promises;
import org.forgerock.openam.sdk.org.forgerock.util.query.QueryFilter;
import org.forgerock.openam.utils.CollectionUtils;
import org.forgerock.openam.utils.StringUtils;

@CollectionProvider(details = @Handler(title = "i18n:api-descriptor/ApplicationsResource#title", description = "i18n:api-descriptor/ApplicationsResource#description", mvccSupported = false, resourceSchema = @Schema(schemaResource = "ApplicationsResource.schema.json")), pathParam = @Parameter(name = ConditionConstants.APPLICATION_NAME, type = "string", description = "i18n:api-descriptor/ApplicationsResource#pathparam.description"))
/* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.3.jar:org/forgerock/openam/entitlement/rest/ApplicationsResource.class */
public class ApplicationsResource extends RealmAwareResource {
    public static final int UNAUTHORIZED = 401;
    private static final ObjectMapper mapper = new ObjectMapper().disable(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES);
    private final ApplicationServiceFactory applicationServiceFactory;
    private final ApplicationTypeManagerWrapper appTypeManagerWrapper;
    private final Debug debug;
    private final ExceptionMappingHandler<EntitlementException, ResourceException> exceptionMappingHandler;

    @Inject
    public ApplicationsResource(@Named("frRest") Debug debug, ApplicationServiceFactory applicationServiceFactory, ApplicationTypeManagerWrapper applicationTypeManagerWrapper, ExceptionMappingHandler<EntitlementException, ResourceException> exceptionMappingHandler) {
        Reject.ifNull(applicationTypeManagerWrapper);
        this.debug = debug;
        this.applicationServiceFactory = applicationServiceFactory;
        this.appTypeManagerWrapper = applicationTypeManagerWrapper;
        this.exceptionMappingHandler = exceptionMappingHandler;
    }

    private ApplicationService appService(Subject subject, String str) {
        return this.applicationServiceFactory.create(subject, str);
    }

    public Promise<ActionResponse, ResourceException> actionCollection(Context context, ActionRequest actionRequest) {
        return RestUtils.generateUnsupportedOperation();
    }

    public Promise<ActionResponse, ResourceException> actionInstance(Context context, String str, ActionRequest actionRequest) {
        return RestUtils.generateUnsupportedOperation();
    }

    @Create(operationDescription = @Operation(description = "i18n:api-descriptor/ApplicationsResource#create.description", errors = {@ApiError(code = 400, description = "i18n:api-descriptor/ApplicationsResource#create.error.400.description"), @ApiError(code = 401, description = "i18n:api-descriptor/ApplicationsResource#error.401.description"), @ApiError(code = HttpStatus.SC_CONFLICT, description = "i18n:api-descriptor/ApplicationsResource#error.409.description")}))
    public Promise<ResourceResponse, ResourceException> createInstance(Context context, CreateRequest createRequest) {
        Subject contextSubject = getContextSubject(context);
        if (contextSubject == null) {
            this.debug.error("ApplicationsResource :: CREATE : Unknown Subject");
            return new BadRequestException().asPromise();
        }
        String realm = getRealm(context);
        try {
            ApplicationWrapper createApplicationWrapper = createApplicationWrapper(createRequest.getContent(), contextSubject);
            ensureApplicationIdMatch(createApplicationWrapper, createRequest.getNewResourceId());
            String name = createApplicationWrapper.getName();
            validateApplicationId(name);
            if (applicationExists(name, realm, contextSubject)) {
                throw new EntitlementException(228);
            }
            Application saveApplication = appService(contextSubject, realm).saveApplication(createApplicationWrapper.getApplication());
            return Promises.newResultPromise(Responses.newResourceResponse(saveApplication.getName(), Long.toString(saveApplication.getLastModifiedDate()), applicationToJson(saveApplication)));
        } catch (EntitlementException e) {
            this.debug.error("ApplicationsResource :: CREATE by {}: Application creation failed. {}", PrincipalRestUtils.getPrincipalNameFromSubject(contextSubject), null, e);
            return this.exceptionMappingHandler.handleError(context, createRequest, e).asPromise();
        }
    }

    protected ApplicationWrapper createApplicationWrapper(JsonValue jsonValue) throws EntitlementException {
        try {
            return (ApplicationWrapper) mapper.readValue(jsonValue.toString(), ApplicationWrapper.class);
        } catch (IOException e) {
            throw new EntitlementException(EntitlementException.INVALID_CLASS, e.getCause().getMessage());
        }
    }

    protected ApplicationWrapper createApplicationWrapper(JsonValue jsonValue, Subject subject) throws EntitlementException {
        ApplicationWrapper createApplicationWrapper = createApplicationWrapper(jsonValue);
        JsonValue jsonValue2 = jsonValue.get("applicationType");
        if (jsonValue2.getObject() != null && !jsonValue2.asString().isEmpty() && createApplicationWrapper.setApplicationType(subject, jsonValue2.asString())) {
            return createApplicationWrapper;
        }
        this.debug.error("ApplicationsResource.createApplicationWrapper() : Specified Application Type was not available.");
        throw new EntitlementException(317);
    }

    protected ApplicationWrapper createApplicationWrapper(Application application, ApplicationTypeManagerWrapper applicationTypeManagerWrapper) {
        return new ApplicationWrapper(application, applicationTypeManagerWrapper);
    }

    @Delete(operationDescription = @Operation(description = "i18n:api-descriptor/ApplicationsResource#delete.description", errors = {@ApiError(code = 401, description = "i18n:api-descriptor/ApplicationsResource#error.401.description"), @ApiError(code = 404, description = "i18n:api-descriptor/ApplicationsResource#error.404.description")}))
    public Promise<ResourceResponse, ResourceException> deleteInstance(Context context, String str, DeleteRequest deleteRequest) {
        Subject contextSubject = getContextSubject(context);
        if (contextSubject == null) {
            this.debug.error("ApplicationsResource :: DELETE : Unknown Subject");
            return new BadRequestException().asPromise();
        }
        String realm = getRealm(context);
        try {
            if (!applicationExists(str, realm, contextSubject)) {
                throw new EntitlementException(EntitlementException.NO_SUCH_APPLICATION, str);
            }
            appService(contextSubject, realm).deleteApplication(str);
            return Promises.newResultPromise(Responses.newResourceResponse(str, "0", JsonValue.json(JsonValue.object((Map.Entry<String, Object>[]) new Map.Entry[0]))));
        } catch (EntitlementException e) {
            this.debug.error("ApplicationsResource :: DELETE by {}: Application failed to delete the resource specified. ", PrincipalRestUtils.getPrincipalNameFromSubject(contextSubject), e);
            return this.exceptionMappingHandler.handleError(context, deleteRequest, e).asPromise();
        }
    }

    public Promise<ResourceResponse, ResourceException> patchInstance(Context context, String str, PatchRequest patchRequest) {
        return RestUtils.generateUnsupportedOperation();
    }

    @Query(operationDescription = @Operation(description = "i18n:api-descriptor/ApplicationsResource#query.description"), type = QueryType.FILTER, queryableFields = {"*"})
    public Promise<QueryResponse, ResourceException> queryCollection(Context context, QueryRequest queryRequest, QueryResourceHandler queryResourceHandler) {
        Subject contextSubject = getContextSubject(context);
        if (contextSubject == null) {
            this.debug.error("ApplicationsResource :: UPDATE : Unknown Subject");
            return new BadRequestException().asPromise();
        }
        String realm = getRealm(context);
        QueryFilter queryFilter = queryRequest.getQueryFilter();
        if (queryFilter == null) {
            queryFilter = QueryFilter.alwaysTrue();
        }
        try {
            Set<Application> search = appService(contextSubject, realm).search((QueryFilter) queryFilter.accept(new QueryByStringFilterConverter(), null));
            ArrayList arrayList = new ArrayList();
            for (Application application : search) {
                arrayList.add(Responses.newResourceResponse(application.getName(), (String) null, applicationToJson(application)));
            }
            QueryResponsePresentation.enableDeprecatedRemainingQueryResponse(queryRequest);
            return QueryResponsePresentation.perform(queryResourceHandler, queryRequest, arrayList);
        } catch (EntitlementException e) {
            this.debug.error("ApplicationsResource :: QUERY by {}: Failed to query resource.", PrincipalRestUtils.getPrincipalNameFromSubject(contextSubject), e);
            return this.exceptionMappingHandler.handleError(context, queryRequest, e).asPromise();
        }
    }

    @Read(operationDescription = @Operation(description = "i18n:api-descriptor/ApplicationsResource#read.description", errors = {@ApiError(code = 401, description = "i18n:api-descriptor/ApplicationsResource#error.401.description"), @ApiError(code = 404, description = "i18n:api-descriptor/ApplicationsResource#error.404.description")}))
    public Promise<ResourceResponse, ResourceException> readInstance(Context context, String str, ReadRequest readRequest) {
        Subject contextSubject = getContextSubject(context);
        if (contextSubject == null) {
            this.debug.error("ApplicationsResource :: READ : Unknown Subject");
            return new BadRequestException().asPromise();
        }
        String realm = getRealm(context);
        try {
            Application application = appService(contextSubject, realm).getApplication(str);
            if (application == null) {
                throw new EntitlementException(248, realm);
            }
            return Promises.newResultPromise(Responses.newResourceResponse(str, Long.toString(application.getLastModifiedDate()), createApplicationWrapper(application, this.appTypeManagerWrapper).toJsonValue()));
        } catch (EntitlementException e) {
            this.debug.error("ApplicationsResource :: READ by {}: Application failed to retrieve the resource specified.", PrincipalRestUtils.getPrincipalNameFromSubject(contextSubject), e);
            return this.exceptionMappingHandler.handleError(context, readRequest, e).asPromise();
        }
    }

    @Update(operationDescription = @Operation(description = "i18n:api-descriptor/ApplicationsResource#update.description", errors = {@ApiError(code = 400, description = "i18n:api-descriptor/ApplicationsResource#update.error.400.description"), @ApiError(code = 401, description = "i18n:api-descriptor/ApplicationsResource#error.401.description"), @ApiError(code = HttpStatus.SC_FORBIDDEN, description = "i18n:api-descriptor/ApplicationsResource#error.403.description"), @ApiError(code = 404, description = "i18n:api-descriptor/ApplicationsResource#error.404.description")}))
    public Promise<ResourceResponse, ResourceException> updateInstance(Context context, String str, UpdateRequest updateRequest) {
        Subject contextSubject = getContextSubject(context);
        if (contextSubject == null) {
            this.debug.error("ApplicationsResource :: UPDATE : Unknown Subject");
            return new BadRequestException().asPromise();
        }
        String realm = getRealm(context);
        try {
            ApplicationWrapper createApplicationWrapper = createApplicationWrapper(updateRequest.getContent(), contextSubject);
            ensureApplicationIdMatch(createApplicationWrapper, str);
            if (!applicationExists(str, realm, contextSubject)) {
                throw new EntitlementException(325, str);
            }
            Application saveApplication = appService(contextSubject, realm).saveApplication(createApplicationWrapper.getApplication());
            return Promises.newResultPromise(Responses.newResourceResponse(saveApplication.getName(), Long.toString(saveApplication.getLastModifiedDate()), applicationToJson(saveApplication)));
        } catch (EntitlementException e) {
            this.debug.error("ApplicationsResource :: UPDATE by {}: Error performing update operation.", PrincipalRestUtils.getPrincipalNameFromSubject(contextSubject), e);
            return this.exceptionMappingHandler.handleError(context, updateRequest, e).asPromise();
        }
    }

    private boolean applicationExists(String str, String str2, Subject subject) throws EntitlementException {
        return CollectionUtils.isNotEmpty(appService(subject, str2).search(QueryFilter.equalTo("name", str)));
    }

    private void ensureApplicationIdMatch(ApplicationWrapper applicationWrapper, String str) throws EntitlementException {
        String name = applicationWrapper.getName();
        if (name != null && str != null && !name.equals(str)) {
            this.debug.error("ApplicationsResource :: Resource name and JSON body name do not match.");
            throw new EntitlementException(229);
        }
        if (StringUtils.isBlank(name)) {
            applicationWrapper.setName(str);
        }
    }

    private void validateApplicationId(String str) throws EntitlementException {
        if (str == null) {
            throw new EntitlementException(239);
        }
        if (!str.equals(DN.escapeAttributeValue(str))) {
            throw new EntitlementException(EntitlementException.INVALID_APPLICATION_ID);
        }
    }

    private JsonValue applicationToJson(Application application) throws EntitlementException {
        return createApplicationWrapper(application, this.appTypeManagerWrapper).toJsonValue();
    }
}
