package be.personify.iam.scim.storage.impl;

import be.personify.iam.scim.authentication.Consumer;
import be.personify.iam.scim.schema.SchemaAttribute;
import be.personify.iam.scim.schema.SchemaReader;
import be.personify.iam.scim.storage.ConstraintViolationException;
import be.personify.iam.scim.storage.DataException;
import be.personify.iam.scim.storage.Storage;
import be.personify.iam.scim.util.Constants;
import be.personify.util.LogicalOperator;
import be.personify.util.SearchCriteria;
import be.personify.util.SearchCriterium;
import be.personify.util.SearchOperation;
import be.personify.util.StringUtils;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.mongodb.ConnectionString;
import com.mongodb.MongoClientSettings;
import com.mongodb.MongoWriteException;
import com.mongodb.client.FindIterable;
import com.mongodb.client.MongoClient;
import com.mongodb.client.MongoClients;
import com.mongodb.client.MongoCollection;
import com.mongodb.client.MongoCursor;
import com.mongodb.client.model.Filters;
import com.mongodb.client.model.IndexOptions;
import com.mongodb.client.model.Indexes;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bson.Document;
import org.bson.conversions.Bson;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;

/* loaded from: input_file:be/personify/iam/scim/storage/impl/MongoStorage.class */
public class MongoStorage implements Storage {
    private static final Logger logger = LogManager.getLogger(MongoStorage.class);

    @Value("${scim.storage.mongo.constr}")
    private String constr;

    @Value("${scim.storage.mongo.connectionTimeout:5000}")
    private int connectionTimeout;

    @Value("${scim.storage.mongo.readTimeout:5000}")
    private int readTimeout;

    @Value("${scim.storage.mongo.maxConnectionPoolSize:4}")
    private int maxConnectionPoolSize;

    @Value("${scim.storage.mongo.serverSelectionTimeout:5000}")
    private int serverSelectionTimeout;

    @Value("${scim.storage.mongo.sslEnabled:false}")
    private boolean sslEnabled;

    @Value("${scim.storage.mongo.attributeNameReplacements}")
    private String attributeReplacementsString;
    private Map attributeReplacements;

    @Autowired
    private SchemaReader schemaReader;
    private MongoClient client;
    private static final String oid = "_id";
    private static final String $set = "$set";
    private static final String $regex = "$regex";
    private static final String start = "^";
    private static final String end = "$";
    private static final String minus = "-1";
    private static final String descending = "descending";
    private MongoCollection<Document> col;

    @Value("${scim.storage.mongo.database}")
    private String database = "scim-database";

    @Value("${scim.storage.mongo.collection.users}")
    private String userCollection = "users";

    @Value("${scim.storage.mongo.collection.groups}")
    private String groupCollection = Constants.KEY_GROUPS;
    private String type = null;

    @Override // be.personify.iam.scim.storage.Storage
    public Map<String, Object> get(String str, Consumer consumer) {
        Document document = (Document) this.col.find(new Document(oid, str)).first();
        logger.info("doc {}", document);
        if (document == null) {
            return null;
        }
        document.remove(oid);
        document.put(Constants.ID, str);
        if (consumerCanRead(consumer, document)) {
            return unsafetyfyAttributes(document);
        }
        return null;
    }

    @Override // be.personify.iam.scim.storage.Storage
    public Map<String, Object> get(String str, String str2, Consumer consumer) {
        Document document = (Document) this.col.find(new Document(oid, str).append(Constants.KEY_META, new Document(Constants.KEY_VERSION, str2))).first();
        if (document == null) {
            return null;
        }
        document.remove(oid);
        document.put(Constants.ID, str);
        if (consumerCanRead(consumer, document)) {
            return unsafetyfyAttributes(document);
        }
        return null;
    }

    @Override // be.personify.iam.scim.storage.Storage
    public List<String> getVersions(String str, Consumer consumer) {
        ArrayList arrayList = new ArrayList();
        Document document = (Document) this.col.find(new Document(oid, str)).first();
        if (document != null) {
            arrayList.add(unsafetyfyAttributes((Document) document.get(Constants.KEY_META)).getString(Constants.KEY_VERSION));
        }
        return arrayList;
    }

    @Override // be.personify.iam.scim.storage.Storage
    public boolean delete(String str, Consumer consumer) {
        if (!StringUtils.isEmpty(consumer.getTenant())) {
            String str2 = (String) ((Document) this.col.find(new Document(oid, str)).first()).get(Constants.TENANT_ATTRIBUTE);
            if (StringUtils.isEmpty(str2) || !str2.equals(consumer.getTenant())) {
                throw new DataException("the consumer " + consumer.getClientid() + " can not delete a user of tenant " + str2);
            }
        }
        return this.col.findOneAndDelete(new Document(oid, str)) != null;
    }

    @Override // be.personify.iam.scim.storage.Storage
    public boolean deleteAll(Consumer consumer) {
        if (!StringUtils.isEmpty(consumer.getTenant())) {
            throw new DataException("consumer of tenant " + consumer.getTenant() + " can not delete all data");
        }
        this.col.drop();
        return true;
    }

    @Override // be.personify.iam.scim.storage.Storage
    public void create(String str, Map<String, Object> map, Consumer consumer) throws ConstraintViolationException {
        Document document = new Document(safetyfyAttributes(map));
        boolean entryExists = entryExists(str);
        document.remove(Constants.ID);
        document.put(oid, str);
        if (!StringUtils.isEmpty(consumer.getTenant())) {
            document.put(Constants.TENANT_ATTRIBUTE, consumer.getTenant());
        }
        try {
            if (entryExists) {
                this.col.findOneAndUpdate(new Document(oid, str), new Document($set, document));
            } else {
                this.col.insertOne(document);
            }
        } catch (MongoWriteException e) {
            throw new DataException(e.getError().getMessage());
        }
    }

    private boolean entryExists(String str) {
        boolean z = false;
        ArrayList arrayList = new ArrayList();
        arrayList.add(new Document(oid, str));
        if (this.col.find(new Document("$or", arrayList)).first() != null) {
            z = true;
        }
        return z;
    }

    @Override // be.personify.iam.scim.storage.Storage
    public void update(String str, Map<String, Object> map, Consumer consumer) {
        if (!StringUtils.isEmpty(consumer.getTenant())) {
            String str2 = (String) ((Document) this.col.find(new Document(oid, str)).first()).get(Constants.TENANT_ATTRIBUTE);
            if (StringUtils.isEmpty(str2) || !str2.equals(consumer.getTenant())) {
                throw new DataException("the consumer " + consumer.getClientid() + " can not update a user of tenant " + str2);
            }
        }
        Document document = new Document(safetyfyAttributes(map));
        Document document2 = new Document(oid, str);
        document.remove(Constants.ID);
        this.col.findOneAndUpdate(document2, new Document($set, document));
    }

    @Override // be.personify.iam.scim.storage.Storage
    public List<Map> search(SearchCriteria searchCriteria, int i, int i2, String str, String str2, Consumer consumer) {
        return search(searchCriteria, i, i2, str, str2, null, consumer);
    }

    @Override // be.personify.iam.scim.storage.Storage
    public List<Map> search(SearchCriteria searchCriteria, int i, int i2, String str, String str2, List<String> list, Consumer consumer) {
        if (searchCriteria == null) {
            searchCriteria = new SearchCriteria(new SearchCriterium[0]);
        }
        if (!StringUtils.isEmpty(consumer.getTenant())) {
            searchCriteria.getCriteria().add(new SearchCriterium(Constants.TENANT_ATTRIBUTE, consumer.getTenant()));
        }
        logger.info("searchcriteria {}", searchCriteria);
        FindIterable<Document> find = find(i, i2, list, getCriteria(searchCriteria));
        logger.info("finds {}", find);
        sort(str, str2, find);
        ArrayList arrayList = new ArrayList();
        MongoCursor it = find.iterator();
        while (it.hasNext()) {
            Document document = (Document) it.next();
            document.put(Constants.ID, ((String) document.remove(oid)).toString());
            arrayList.add(unsafetyfyAttributes(document));
        }
        return arrayList;
    }

    @Override // be.personify.iam.scim.storage.Storage
    public long count(SearchCriteria searchCriteria, Consumer consumer) {
        if (searchCriteria == null) {
            searchCriteria = new SearchCriteria(new SearchCriterium[0]);
        }
        if (!StringUtils.isEmpty(consumer.getTenant())) {
            searchCriteria.getCriteria().add(new SearchCriterium(Constants.TENANT_ATTRIBUTE, consumer.getTenant()));
        }
        return this.col.countDocuments(getCriteria(searchCriteria));
    }

    private FindIterable<Document> find(int i, int i2, List<String> list, Bson bson) {
        FindIterable<Document> limit;
        int i3 = i - 1;
        if (list != null) {
            Document document = new Document();
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                document.append(it.next(), 1);
            }
            limit = this.col.find(bson).projection(document).skip(i3).limit(i2);
        } else {
            limit = this.col.find(bson).skip(i3).limit(i2);
        }
        return limit;
    }

    private void sort(String str, String str2, FindIterable<Document> findIterable) {
        if (str != null) {
            int i = 1;
            if (str2 != null && (descending.equals(str2) || minus.equals(str2))) {
                i = -1;
            }
            findIterable.sort(new Document(str, Integer.valueOf(i)));
        }
    }

    private Bson getCriteria(SearchCriteria searchCriteria) {
        if (searchCriteria != null) {
            ArrayList arrayList = new ArrayList();
            Iterator it = searchCriteria.getCriteria().iterator();
            while (it.hasNext()) {
                arrayList.add(getCriterium((SearchCriterium) it.next()));
            }
            Iterator it2 = searchCriteria.getGroupedCriteria().iterator();
            while (it2.hasNext()) {
                arrayList.add(getCriteria((SearchCriteria) it2.next()));
            }
            if (arrayList.size() > 0) {
                if (searchCriteria.getOperator().equals(LogicalOperator.AND)) {
                    return Filters.and(arrayList);
                }
                if (searchCriteria.getOperator().equals(LogicalOperator.OR)) {
                    return Filters.or(arrayList);
                }
            }
        }
        return new Document();
    }

    private Bson getCriterium(SearchCriterium searchCriterium) {
        SearchOperation searchOperation = searchCriterium.getSearchOperation();
        String safeName = safeName(searchCriterium.getKey());
        if (SearchOperation.EQUALS.equals(searchOperation)) {
            return Filters.eq(safeName, searchCriterium.getValue());
        }
        if (SearchOperation.NOT_EQUALS.equals(searchOperation)) {
            return Filters.ne(safeName, searchCriterium.getValue());
        }
        if (SearchOperation.CONTAINS.equals(searchOperation)) {
            return Filters.eq(safeName, new Document($regex, searchCriterium.getValue()));
        }
        if (SearchOperation.STARTS_WITH.equals(searchOperation)) {
            return Filters.eq(safeName, new Document($regex, startRgx((String) searchCriterium.getValue())));
        }
        if (SearchOperation.ENDS_WITH.equals(searchOperation)) {
            return Filters.eq(safeName, new Document($regex, endRgx((String) searchCriterium.getValue())));
        }
        if (SearchOperation.PRESENT.equals(searchOperation)) {
            return Filters.exists(safeName);
        }
        if (SearchOperation.GREATER_THEN.equals(searchOperation)) {
            return Filters.gt(safeName, searchCriterium.getValue());
        }
        if (SearchOperation.GREATER_THEN_OR_EQUAL.equals(searchOperation)) {
            return Filters.gte(safeName, searchCriterium.getValue());
        }
        if (SearchOperation.LESS_THEN.equals(searchOperation)) {
            return Filters.lt(safeName, searchCriterium.getValue());
        }
        if (SearchOperation.LESS_THEN_EQUAL.equals(searchOperation)) {
            return Filters.lte(safeName, searchCriterium.getValue());
        }
        throw new DataException("the operator " + searchOperation.name() + " is not implemented");
    }

    private String startRgx(String str) {
        return start + str;
    }

    private String endRgx(String str) {
        return str + end;
    }

    @Override // be.personify.iam.scim.storage.Storage
    public void flush() {
    }

    @Override // be.personify.iam.scim.storage.Storage
    public void initialize(String str) {
        this.type = str;
        logger.info("initializing store of type {}", str);
        this.client = MongoClients.create(getMongoClientSettings());
        if (str.equals(Constants.RESOURCE_TYPE_USER)) {
            this.col = this.client.getDatabase(this.database).getCollection(this.userCollection);
        } else {
            if (!str.equalsIgnoreCase(Constants.RESOURCE_TYPE_GROUP)) {
                throw new DataException("the type " + str + " is not a valid resource type");
            }
            this.col = this.client.getDatabase(this.database).getCollection(this.groupCollection);
        }
        try {
            if (!StringUtils.isEmpty(this.attributeReplacementsString)) {
                this.attributeReplacements = (Map) new ObjectMapper().readValue(this.attributeReplacementsString, Map.class);
                logger.info("replacements {}", this.attributeReplacements);
            }
        } catch (Exception e) {
            logger.error("can not parse attribute replacements", e);
        }
        createUniqueIndexes(str);
    }

    private MongoClientSettings getMongoClientSettings() {
        return MongoClientSettings.builder().applyToSocketSettings(builder -> {
            builder.connectTimeout(this.connectionTimeout, TimeUnit.MILLISECONDS);
            builder.readTimeout(this.readTimeout, TimeUnit.MILLISECONDS);
        }).applyToClusterSettings(builder2 -> {
            builder2.serverSelectionTimeout(this.serverSelectionTimeout, TimeUnit.MILLISECONDS);
        }).applyToConnectionPoolSettings(builder3 -> {
            builder3.maxSize(this.maxConnectionPoolSize);
        }).applyConnectionString(new ConnectionString(this.constr)).applyToSslSettings(builder4 -> {
            builder4.enabled(this.sslEnabled);
        }).build();
    }

    private void createUniqueIndexes(String str) {
        try {
            for (SchemaAttribute schemaAttribute : this.schemaReader.getSchemaByName(str).getAttributes()) {
                if (schemaAttribute.getUniqueness() != null && (schemaAttribute.getUniqueness().equalsIgnoreCase("server") || schemaAttribute.getUniqueness().equalsIgnoreCase("global"))) {
                    logger.info("creating index for type {} and attribute [{}]", str, schemaAttribute.getName());
                    this.col.createIndex(Indexes.descending(new String[]{schemaAttribute.getName()}), new IndexOptions().background(true).unique(true));
                }
            }
        } catch (Exception e) {
            throw new DataException(e.getMessage());
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v37, types: [java.lang.Object] */
    /* JADX WARN: Type inference failed for: r0v42, types: [java.util.List, java.util.ArrayList] */
    /* JADX WARN: Type inference failed for: r0v50, types: [java.lang.Object] */
    public Map<String, Object> safetyfyAttributes(Map<String, Object> map) {
        if (!this.type.equalsIgnoreCase(Constants.RESOURCE_TYPE_GROUP)) {
            if (this.attributeReplacements.size() <= 0) {
                return map;
            }
            HashMap hashMap = new HashMap();
            for (String str : map.keySet()) {
                Object obj = map.get(str);
                if (this.attributeReplacements.containsKey(str)) {
                    hashMap.put((String) this.attributeReplacements.get(str), obj);
                } else {
                    hashMap.put(str, obj);
                }
            }
            return hashMap;
        }
        HashMap hashMap2 = new HashMap();
        for (String str2 : map.keySet()) {
            Map<String, Object> map2 = map.get(str2);
            if (map2 instanceof Map) {
                map2 = safetyfyAttributes(map2);
            } else if (map2 instanceof List) {
                ?? arrayList = new ArrayList();
                for (Map<String, Object> map3 : (List) map2) {
                    if (map3 instanceof Map) {
                        map3 = safetyfyAttributes(map3);
                    }
                    arrayList.add(map3);
                }
                map2 = arrayList;
            }
            hashMap2.put(safeName(str2), map2);
        }
        return hashMap2;
    }

    private String safeName(String str) {
        if (str.startsWith(end)) {
            str = "_" + str;
        }
        if (this.attributeReplacements.size() > 0 && this.attributeReplacements.containsKey(str)) {
            str = (String) this.attributeReplacements.get(str);
        }
        return str;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public Document unsafetyfyAttributes(Document document) {
        if (!this.type.equalsIgnoreCase(Constants.RESOURCE_TYPE_GROUP) || document == null) {
            if (this.attributeReplacements.size() <= 0) {
                return document;
            }
            Document document2 = new Document();
            for (String str : document.keySet()) {
                Object obj = document.get(str);
                if (this.attributeReplacements.containsValue(str)) {
                    for (Object obj2 : this.attributeReplacements.keySet()) {
                        if (this.attributeReplacements.get(obj2).equals(str)) {
                            str = (String) obj2;
                        }
                    }
                }
                document2.put(str, obj);
            }
            return document2;
        }
        Document document3 = new Document();
        for (String str2 : document.keySet()) {
            Object obj3 = document.get(str2);
            if (obj3 instanceof Document) {
                obj3 = unsafetyfyAttributes((Document) obj3);
            } else if (obj3 instanceof List) {
                Document arrayList = new ArrayList();
                for (Document document4 : (List) obj3) {
                    if (document4 instanceof Document) {
                        document4 = unsafetyfyAttributes(document4);
                    }
                    arrayList.add(document4);
                }
                obj3 = arrayList;
            }
            if (str2.startsWith("_$")) {
                str2 = str2.substring(1, str2.length());
            }
            document3.put(str2, obj3);
        }
        return document3;
    }

    @Override // be.personify.iam.scim.storage.Storage
    public boolean tenantCompatible() {
        return true;
    }

    private boolean consumerCanRead(Consumer consumer, Document document) {
        if (StringUtils.isEmpty(consumer.getTenant())) {
            return true;
        }
        String str = (String) document.get(Constants.TENANT_ATTRIBUTE);
        return !StringUtils.isEmpty(str) && str.equals(consumer.getTenant());
    }
}
