package org.nuxeo.ecm.platform.ui.web.keycloak;

import java.io.Serializable;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.nuxeo.ecm.core.api.DocumentModel;
import org.nuxeo.ecm.core.api.DocumentModelList;
import org.nuxeo.ecm.core.api.NuxeoException;
import org.nuxeo.ecm.core.api.NuxeoPrincipal;
import org.nuxeo.ecm.platform.api.login.UserIdentificationInfo;
import org.nuxeo.ecm.platform.usermanager.UserManager;
import org.nuxeo.runtime.api.Framework;
import org.nuxeo.usermapper.extension.UserMapper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/nuxeo/ecm/platform/ui/web/keycloak/KeycloakUserMapper.class */
public class KeycloakUserMapper implements UserMapper {
    private static final Logger log = LoggerFactory.getLogger(KeycloakUserMapper.class);
    protected static String userSchemaName = "user";
    protected static String groupSchemaName = "group";
    protected UserManager userManager;

    public NuxeoPrincipal getOrCreateAndUpdateNuxeoPrincipal(Object obj) {
        return getOrCreateAndUpdateNuxeoPrincipal(obj, true, true, null);
    }

    public NuxeoPrincipal getOrCreateAndUpdateNuxeoPrincipal(Object obj, boolean z, boolean z2, Map<String, Serializable> map) {
        KeycloakUserInfo keycloakUserInfo = (KeycloakUserInfo) obj;
        Iterator<String> it = keycloakUserInfo.getRoles().iterator();
        while (it.hasNext()) {
            findOrCreateGroup(it.next(), keycloakUserInfo.getUserName());
        }
        DocumentModel findUser = findUser(keycloakUserInfo);
        if (findUser == null) {
            findUser = createUser(keycloakUserInfo);
        }
        return this.userManager.getPrincipal((String) updateUser(findUser, keycloakUserInfo).getPropertyValue(this.userManager.getUserIdField()));
    }

    public void init(Map<String, String> map) throws Exception {
        this.userManager = (UserManager) Framework.getService(UserManager.class);
        userSchemaName = this.userManager.getUserSchemaName();
        groupSchemaName = this.userManager.getGroupSchemaName();
    }

    private DocumentModel findOrCreateGroup(String str, String str2) {
        DocumentModel findGroup = findGroup(str);
        if (findGroup == null) {
            DocumentModel bareGroupModel = this.userManager.getBareGroupModel();
            bareGroupModel.setPropertyValue(this.userManager.getGroupIdField(), str);
            bareGroupModel.setProperty(groupSchemaName, "groupname", str);
            bareGroupModel.setProperty(groupSchemaName, "grouplabel", str + " group");
            bareGroupModel.setProperty(groupSchemaName, "description", "Group automatically created by Keycloak based on user role [" + str + "]");
            findGroup = this.userManager.createGroup(bareGroupModel);
        }
        List usersInGroupAndSubGroups = this.userManager.getUsersInGroupAndSubGroups(str);
        if (!usersInGroupAndSubGroups.contains(str2)) {
            usersInGroupAndSubGroups.add(str2);
            findGroup.setProperty(groupSchemaName, this.userManager.getGroupMembersField(), usersInGroupAndSubGroups);
            this.userManager.updateGroup(findGroup);
        }
        return findGroup;
    }

    private DocumentModel findGroup(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put(this.userManager.getGroupIdField(), str);
        DocumentModelList searchGroups = this.userManager.searchGroups(hashMap, (Set) null);
        if (searchGroups.isEmpty()) {
            return null;
        }
        return (DocumentModel) searchGroups.get(0);
    }

    private DocumentModel findUser(UserIdentificationInfo userIdentificationInfo) {
        HashMap hashMap = new HashMap();
        hashMap.put(this.userManager.getUserIdField(), userIdentificationInfo.getUserName());
        DocumentModelList searchUsers = this.userManager.searchUsers(hashMap, (Set) null);
        if (searchUsers.isEmpty()) {
            return null;
        }
        return (DocumentModel) searchUsers.get(0);
    }

    private DocumentModel createUser(KeycloakUserInfo keycloakUserInfo) {
        try {
            DocumentModel bareUserModel = this.userManager.getBareUserModel();
            bareUserModel.setPropertyValue(this.userManager.getUserIdField(), keycloakUserInfo.getUserName());
            bareUserModel.setPropertyValue(this.userManager.getUserEmailField(), keycloakUserInfo.getUserName());
            this.userManager.createUser(bareUserModel);
            return bareUserModel;
        } catch (NuxeoException e) {
            String str = "Error while creating user [" + keycloakUserInfo.getUserName() + "] in UserManager";
            log.error(str, e);
            throw new RuntimeException(str);
        }
    }

    private DocumentModel updateUser(DocumentModel documentModel, KeycloakUserInfo keycloakUserInfo) {
        documentModel.setPropertyValue(this.userManager.getUserIdField(), keycloakUserInfo.getUserName());
        documentModel.setPropertyValue(this.userManager.getUserEmailField(), keycloakUserInfo.getUserName());
        documentModel.setProperty(userSchemaName, "firstName", keycloakUserInfo.getFirstName());
        documentModel.setProperty(userSchemaName, "lastName", keycloakUserInfo.getLastName());
        documentModel.setProperty(userSchemaName, "password", keycloakUserInfo.getPassword());
        documentModel.setProperty(userSchemaName, "company", keycloakUserInfo.getCompany());
        this.userManager.updateUser(documentModel);
        return documentModel;
    }

    public Object wrapNuxeoPrincipal(NuxeoPrincipal nuxeoPrincipal, Object obj, Map<String, Serializable> map) {
        throw new UnsupportedOperationException();
    }

    public void release() {
    }
}
