package com.ibm.ws.security.wim.scim.rest;

import com.ibm.json.java.JSONArray;
import com.ibm.json.java.JSONObject;
import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.collective.routing.member.internal.WebModuleRoutingInfo;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.wim.VMMService;
import com.ibm.ws.security.wim.scim.util.UserSCIMConverter;
import com.ibm.ws.security.wim.util.ControlsHelper;
import com.ibm.wsspi.kernel.service.utils.AtomicServiceReference;
import com.ibm.wsspi.rest.handler.RESTHandler;
import com.ibm.wsspi.rest.handler.RESTRequest;
import com.ibm.wsspi.rest.handler.RESTResponse;
import com.ibm.wsspi.security.wim.SchemaConstants;
import com.ibm.wsspi.security.wim.exception.WIMException;
import com.ibm.wsspi.security.wim.model.Context;
import com.ibm.wsspi.security.wim.model.Entity;
import com.ibm.wsspi.security.wim.model.GroupMembershipControl;
import com.ibm.wsspi.security.wim.model.IdentifierType;
import com.ibm.wsspi.security.wim.model.PageControl;
import com.ibm.wsspi.security.wim.model.PageResponseControl;
import com.ibm.wsspi.security.wim.model.PersonAccount;
import com.ibm.wsspi.security.wim.model.PropertyControl;
import com.ibm.wsspi.security.wim.model.Root;
import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.opensaml.xacml.policy.ResourcesType;
import org.osgi.framework.ServiceReference;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.osgi.service.component.annotations.ReferencePolicyOption;

@InjectedFFDC
@TraceObjectField(fieldName = "$$$tc$$$", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@Component(service = {RESTHandler.class}, configurationPolicy = ConfigurationPolicy.IGNORE, immediate = true, property = {"service.vendor=IBM", "com.ibm.wsspi.rest.handler.root=/scim/Users"})
/* loaded from: input_file:wlp/lib/com.ibm.ws.security.wim.scim.rest_1.0.15.jar:com/ibm/ws/security/wim/scim/rest/UserHandler.class */
public class UserHandler implements RESTHandler {
    private static final String GET = "GET";
    private static final String POST = "POST";
    private static final String DELETE = "DELETE";
    private static final String PUT = "PUT";
    public static final String KEY_VMM_SERVICE = "VMMService";
    static final long serialVersionUID = 4566822796171764427L;
    private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(UserHandler.class);
    private static final AtomicServiceReference<VMMService> VMMServiceRef = new AtomicServiceReference<>("VMMService");

    @Activate
    protected void activate(ComponentContext componentContext, Map<String, Object> map) {
        VMMServiceRef.activate(componentContext);
    }

    @Deactivate
    protected void deactivate(ComponentContext componentContext, int i) {
        VMMServiceRef.deactivate(componentContext);
    }

    @Reference(service = VMMService.class, name = "VMMService", policy = ReferencePolicy.DYNAMIC, policyOption = ReferencePolicyOption.GREEDY)
    protected void setVMMService(ServiceReference<VMMService> serviceReference) {
        VMMServiceRef.setReference(serviceReference);
    }

    protected void unsetVMMService(ServiceReference<VMMService> serviceReference) {
        VMMServiceRef.unsetReference(serviceReference);
    }

    public static VMMService getVMMService() {
        return VMMServiceRef.getServiceWithException();
    }

    @Override // com.ibm.wsspi.rest.handler.RESTHandler
    public void handleRequest(RESTRequest rESTRequest, RESTResponse rESTResponse) throws IOException {
        JSONObject handleException;
        JSONObject handleException2;
        JSONObject handleException3;
        String method = rESTRequest.getMethod();
        String url = rESTRequest.getURL();
        String substring = url.substring(0, url.lastIndexOf("/Users"));
        if ("GET".equalsIgnoreCase(method)) {
            String path = rESTRequest.getPath();
            String substring2 = path.substring(path.lastIndexOf(47) + 1);
            try {
                handleException3 = "Users".equals(substring2) ? getUserList(rESTRequest.getParameterMap()) : getUser(substring2, substring, rESTRequest.getParameterMap());
            } catch (WIMException e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.wim.scim.rest.UserHandler", "132", this, new Object[]{rESTRequest, rESTResponse});
                handleException3 = HandlerUtil.handleException(e, rESTResponse);
            }
            if (handleException3 != null) {
                rESTResponse.getWriter().write(handleException3.toString());
                rESTResponse.getWriter().flush();
                rESTResponse.getWriter().close();
                return;
            }
            return;
        }
        if ("POST".equalsIgnoreCase(method)) {
            JSONObject jSONObject = HandlerUtil.getJSONObject(rESTRequest);
            if (jSONObject == null) {
                rESTResponse.getWriter().write("No input OBJECT FOUND !!!!");
                rESTResponse.getWriter().flush();
                rESTResponse.getWriter().close();
                return;
            }
            try {
                handleException2 = createUser(jSONObject, substring, rESTRequest.getParameterMap());
                rESTResponse.setStatus(201);
            } catch (WIMException e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.security.wim.scim.rest.UserHandler", "158", this, new Object[]{rESTRequest, rESTResponse});
                handleException2 = HandlerUtil.handleException(e2, rESTResponse);
            }
            if (handleException2 != null) {
                rESTResponse.getWriter().write(handleException2.toString());
                rESTResponse.getWriter().flush();
                rESTResponse.getWriter().close();
                return;
            }
            return;
        }
        if ("DELETE".equalsIgnoreCase(method)) {
            String path2 = rESTRequest.getPath();
            try {
                deleteUser(path2.substring(path2.lastIndexOf(47) + 1), substring);
                return;
            } catch (WIMException e3) {
                FFDCFilter.processException(e3, "com.ibm.ws.security.wim.scim.rest.UserHandler", "174", this, new Object[]{rESTRequest, rESTResponse});
                HandlerUtil.handleException(e3, rESTResponse);
                return;
            }
        }
        if (!"PUT".equalsIgnoreCase(method)) {
            rESTResponse.sendError(501, "Service Provider does not support the requested operation");
            return;
        }
        String path3 = rESTRequest.getPath();
        String substring3 = path3.substring(path3.lastIndexOf(47) + 1);
        JSONObject jSONObject2 = HandlerUtil.getJSONObject(rESTRequest);
        if (jSONObject2 == null) {
            rESTResponse.getWriter().write("No input OBJECT FOUND !!!!");
            rESTResponse.getWriter().flush();
            rESTResponse.getWriter().close();
            return;
        }
        try {
            handleException = updateUser(substring3, jSONObject2, substring, rESTRequest.getParameterMap());
        } catch (WIMException e4) {
            FFDCFilter.processException(e4, "com.ibm.ws.security.wim.scim.rest.UserHandler", "194", this, new Object[]{rESTRequest, rESTResponse});
            handleException = HandlerUtil.handleException(e4, rESTResponse);
        }
        if (handleException != null) {
            rESTResponse.getWriter().write(handleException.toString());
            rESTResponse.getWriter().flush();
            rESTResponse.getWriter().close();
        }
    }

    private JSONObject getUserList(Map<String, String[]> map) throws WIMException {
        Root searchRoot = HandlerUtil.getSearchRoot(map, "PersonAccount");
        PageControl pageControl = (PageControl) ControlsHelper.getControlMap(searchRoot).get(SchemaConstants.DO_PAGE_CONTROL);
        Root search = getVMMService().search(searchRoot);
        List<Entity> entities = search.getEntities();
        PageResponseControl pageResponseControl = (PageResponseControl) ControlsHelper.getControlMap(search).get(SchemaConstants.DO_PAGE_RESPONSE_CONTROL);
        JSONObject jSONObject = new JSONObject();
        if (pageResponseControl == null) {
            jSONObject.put("totalResults", Integer.valueOf(entities.size()));
        } else {
            jSONObject.put("totalResults", Integer.valueOf(pageResponseControl.getTotalSize()));
        }
        if (pageControl != null) {
            jSONObject.put("startIndex", Integer.valueOf(pageControl.getStartIndex() + 1));
            jSONObject.put("itemsPerPage", Integer.valueOf(pageControl.getSize()));
        }
        JSONArray jSONArray = new JSONArray();
        jSONArray.add("urn:scim:schemas:core:1.0");
        jSONObject.put("schemas", jSONArray);
        JSONArray jSONArray2 = new JSONArray();
        UserSCIMConverter userSCIMConverter = new UserSCIMConverter(null);
        Iterator<Entity> it = entities.iterator();
        while (it.hasNext()) {
            jSONArray2.add(userSCIMConverter.getJSONObject((PersonAccount) it.next(), null));
        }
        jSONObject.put(ResourcesType.DEFAULT_ELEMENT_LOCAL_NAME, jSONArray2);
        return jSONObject;
    }

    private JSONObject getUser(String str, String str2, Map<String, String[]> map) throws WIMException {
        String[] strArr;
        VMMService vMMService = getVMMService();
        UserSCIMConverter userSCIMConverter = new UserSCIMConverter(null);
        Root root = new Root();
        PersonAccount personAccount = new PersonAccount();
        IdentifierType identifierType = new IdentifierType();
        identifierType.setUniqueName(str);
        personAccount.setIdentifier(identifierType);
        root.getEntities().add(personAccount);
        PropertyControl propertyControl = HandlerUtil.getPropertyControl(map, userSCIMConverter);
        if (propertyControl == null) {
            propertyControl = new PropertyControl();
            propertyControl.getProperties().add("*");
        }
        root.getControls().add(propertyControl);
        boolean z = true;
        if (map != null && (strArr = map.get(WebModuleRoutingInfo.MODULEATTRIBUTES_KEY)) != null && strArr[0].indexOf(SchemaConstants.DO_GROUPS) == -1) {
            z = false;
        }
        if (z) {
            GroupMembershipControl groupMembershipControl = new GroupMembershipControl();
            groupMembershipControl.setLevel(1);
            groupMembershipControl.getProperties().add("cn");
            groupMembershipControl.setCountLimit(0);
            root.getControls().add(groupMembershipControl);
        }
        Context context = new Context();
        context.set("key", SchemaConstants.VALUE_CONTEXT_TRUST_ENTITY_TYPE_KEY);
        context.set("value", "true");
        root.getContexts().add(context);
        List<Entity> entities = vMMService.get(root).getEntities();
        if (entities.size() > 0) {
            return userSCIMConverter.getJSONObject((PersonAccount) entities.get(0), str2);
        }
        return null;
    }

    private JSONObject createUser(JSONObject jSONObject, String str, Map<String, String[]> map) throws WIMException {
        PersonAccount personAccount = new UserSCIMConverter(null).getPersonAccount(jSONObject);
        personAccount.set("principalName", null);
        personAccount.unsetActive();
        Root root = new Root();
        root.getEntities().add(personAccount);
        List<Entity> entities = getVMMService().create(root).getEntities();
        if (entities.size() > 0) {
            return getUser(entities.get(0).getIdentifier().getUniqueName(), str, map);
        }
        return null;
    }

    private void deleteUser(String str, String str2) throws WIMException {
        VMMService vMMService = getVMMService();
        Root root = new Root();
        PersonAccount personAccount = new PersonAccount();
        IdentifierType identifierType = new IdentifierType();
        identifierType.setUniqueName(str);
        personAccount.setIdentifier(identifierType);
        root.getEntities().add(personAccount);
        vMMService.delete(root);
    }

    private JSONObject updateUser(String str, JSONObject jSONObject, String str2, Map<String, String[]> map) throws WIMException {
        UserSCIMConverter userSCIMConverter = new UserSCIMConverter(null);
        PersonAccount personAccount = userSCIMConverter.getPersonAccount(jSONObject);
        personAccount.set("principalName", null);
        personAccount.unsetActive();
        if (!str.equalsIgnoreCase(personAccount.getIdentifier().getUniqueName())) {
            throw new IllegalArgumentException("The Id of the user cannot be updated.");
        }
        JSONObject user = getUser(str, str2, null);
        if (user != null) {
            for (String str3 : user.keySet()) {
                if ("phoneNumbers".equalsIgnoreCase(str3) || "photos".equalsIgnoreCase(str3) || "addresses".equalsIgnoreCase(str3)) {
                    for (String str4 : userSCIMConverter.getMultiValuedPropertyNames(str3)) {
                        if (!personAccount.isSet(str4)) {
                            personAccount.unset(str4);
                        }
                    }
                }
                String propertyName = userSCIMConverter.getPropertyName(str3.toLowerCase());
                if (personAccount.getExtendedPropertyNames() != null && personAccount.getExtendedPropertyNames().contains(str3)) {
                    propertyName = str3;
                }
                if (!personAccount.isSet(propertyName)) {
                    personAccount.unset(propertyName);
                }
            }
        }
        Root root = new Root();
        root.getEntities().add(personAccount);
        List<Entity> entities = getVMMService().update(root).getEntities();
        if (entities.size() > 0) {
            return getUser(entities.get(0).getIdentifier().getUniqueName(), str2, map);
        }
        return null;
    }
}
