package be.personify.iam.scim.rest;

import be.personify.iam.scim.schema.SchemaReader;
import be.personify.iam.scim.schema.SchemaResourceType;
import be.personify.iam.scim.util.Constants;
import be.personify.util.StringUtils;
import java.util.ArrayList;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.http.server.ServletServerHttpRequest;
import org.springframework.util.Base64Utils;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PatchMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.util.UriComponentsBuilder;

@RestController
/* loaded from: input_file:be/personify/iam/scim/rest/MeController.class */
public class MeController extends Controller {

    @Autowired
    private SchemaReader schemaReader;

    private SchemaResourceType getResourceType() {
        return this.schemaReader.getResourceTypeByName(Constants.RESOURCE_TYPE_USER);
    }

    @PutMapping(path = {"/scim/v2/Me"}, produces = {"application/scim+json", "application/json"})
    public ResponseEntity<Map<String, Object>> putMe(@RequestBody Map<String, Object> map, @RequestParam(required = false, name = "attributes") String str, @RequestParam(required = false, name = "excludedAttributes") String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Map<String, Object> andValidateUserName = getAndValidateUserName(httpServletRequest);
        return !StringUtils.isEmpty(andValidateUserName) ? andValidateUserName.get(Constants.ID).equals(map.get(Constants.ID)) ? put(andValidateUserName.get(Constants.ID).toString(), map, httpServletRequest, httpServletResponse, getResourceType(), str, str2) : showError(HttpStatus.UNAUTHORIZED.value(), "not authorized to update user with id " + map.get(Constants.ID), null) : showError(HttpStatus.UNAUTHORIZED.value(), "no valid authorization subject found", null);
    }

    @GetMapping(path = {"/scim/v2/Me"}, produces = {"application/scim+json", "application/json"})
    public ResponseEntity<Map<String, Object>> getMe(@RequestParam(required = false, name = "attributes") String str, @RequestParam(required = false, name = "excludedAttributes") String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Map<String, Object> andValidateUserName = getAndValidateUserName(httpServletRequest);
        if (StringUtils.isEmpty(andValidateUserName)) {
            return showError(HttpStatus.UNAUTHORIZED.value(), "no valid authorization subject found", null);
        }
        ResponseEntity<Map<String, Object>> responseEntity = new ResponseEntity<>(filterAttributes(getResourceType().getSchemaObject(), andValidateUserName, getListFromString(str), str2), HttpStatus.OK);
        String uriString = UriComponentsBuilder.fromHttpRequest(new ServletServerHttpRequest(httpServletRequest)).build().toUriString();
        httpServletResponse.addHeader(Constants.HEADER_LOCATION, uriString.substring(0, uriString.lastIndexOf("/Me") + 1) + "Users/" + andValidateUserName.get(Constants.ID));
        return responseEntity;
    }

    @DeleteMapping(path = {"/scim/v2/Me"})
    public ResponseEntity<?> delete(@PathVariable String str, @PathVariable String str2) {
        return showError(HttpStatus.NOT_IMPLEMENTED.value(), "the delete against the /Me endpoint is not yet implemented", null);
    }

    @PostMapping(path = {"/scim/v2/Me"}, produces = {"application/scim+json", "application/json"})
    public ResponseEntity<Map<String, Object>> post(@RequestBody Map<String, Object> map, @RequestParam(required = false, name = "attributes") String str, @RequestParam(required = false, name = "excludedAttributes") String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return showError(HttpStatus.NOT_IMPLEMENTED.value(), "the post to the /Me endpoint is not yet implemented", null);
    }

    @PatchMapping(path = {"/scim/v2/Me"}, produces = {"application/scim+json", "application/json"})
    public ResponseEntity<Map<String, Object>> patchMe(@RequestBody Map<String, Object> map, @RequestParam(required = false, name = "attributes") String str, @RequestParam(required = false, name = "excludedAttributes") String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return showError(HttpStatus.NOT_IMPLEMENTED.value(), "the patch against the /Me endpoint is not yet implemented", null);
    }

    private Map<String, Object> getAndValidateUserName(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("Authorization");
        if (header == null) {
            return null;
        }
        String[] split = header.split(" ");
        if (split.length != 2 || !split[0].equalsIgnoreCase(Constants.BASIC)) {
            return null;
        }
        String[] split2 = new String(Base64Utils.decode(split[1].getBytes())).split(":");
        if (split2.length != 2) {
            return null;
        }
        ResponseEntity<Map<String, Object>> search = search(1, 1, getResourceType().getSchemaObject(), "userName eq " + split2[0] + " and password eq " + split2[1]);
        if (((Long) ((Map) search.getBody()).get(Constants.KEY_TOTALRESULTS)).longValue() == 1) {
            return (Map) ((ArrayList) ((Map) search.getBody()).get(Constants.KEY_RESOURCES)).get(0);
        }
        return null;
    }
}
