package org.nuxeo.ecm.platform.oauth2.providers;

import java.io.Serializable;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.nuxeo.ecm.core.api.DocumentModel;
import org.nuxeo.ecm.core.api.DocumentModelList;
import org.nuxeo.ecm.directory.DirectoryException;
import org.nuxeo.ecm.directory.Session;
import org.nuxeo.ecm.directory.api.DirectoryService;
import org.nuxeo.runtime.api.Framework;
import org.nuxeo.runtime.model.ComponentContext;
import org.nuxeo.runtime.model.ComponentInstance;
import org.nuxeo.runtime.model.DefaultComponent;

/* loaded from: input_file:org/nuxeo/ecm/platform/oauth2/providers/OAuth2ServiceProviderRegistryImpl.class */
public class OAuth2ServiceProviderRegistryImpl extends DefaultComponent implements OAuth2ServiceProviderRegistry {
    protected static final Log log = LogFactory.getLog(OAuth2ServiceProviderRegistryImpl.class);
    public static final String PROVIDER_EP = "providers";
    public static final String DIRECTORY_NAME = "oauth2ServiceProviders";
    public static final String SCHEMA = "oauth2ServiceProvider";
    protected OAuth2ServiceProviderContributionRegistry registry = new OAuth2ServiceProviderContributionRegistry();

    protected DocumentModel getProviderDocModel(String str) {
        try {
            if (StringUtils.isBlank(str)) {
                log.warn("Can not find provider without a serviceName!");
                return null;
            }
            HashMap hashMap = new HashMap();
            hashMap.put("serviceName", str);
            List<DocumentModel> queryProviders = queryProviders(hashMap, 1);
            if (queryProviders.isEmpty()) {
                return null;
            }
            return queryProviders.get(0);
        } catch (DirectoryException e) {
            log.error("Unable to read provider from Directory backend", e);
            return null;
        }
    }

    @Override // org.nuxeo.ecm.platform.oauth2.providers.OAuth2ServiceProviderRegistry
    public OAuth2ServiceProvider getProvider(String str) {
        DocumentModel providerDocModel = getProviderDocModel(str);
        if (providerDocModel == null) {
            return null;
        }
        return buildProvider(providerDocModel);
    }

    @Override // org.nuxeo.ecm.platform.oauth2.providers.OAuth2ServiceProviderRegistry
    public List<OAuth2ServiceProvider> getProviders() {
        return (List) queryProviders(Collections.emptyMap(), 0).stream().map(this::buildProvider).collect(Collectors.toList());
    }

    @Override // org.nuxeo.ecm.platform.oauth2.providers.OAuth2ServiceProviderRegistry
    public OAuth2ServiceProvider addProvider(String str, String str2, String str3, String str4, String str5, String str6, List<String> list) {
        return addProvider(str, str2, str3, str4, null, str5, str6, list, Boolean.TRUE);
    }

    /* JADX WARN: Removed duplicated region for block: B:18:0x00db A[Catch: Throwable -> 0x0138, all -> 0x0141, TryCatch #3 {, blocks: (B:3:0x0018, B:13:0x00c1, B:16:0x00ce, B:18:0x00db, B:19:0x00fb), top: B:2:0x0018, outer: #0 }] */
    /* JADX WARN: Removed duplicated region for block: B:21:0x0113  */
    @Override // org.nuxeo.ecm.platform.oauth2.providers.OAuth2ServiceProviderRegistry
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public org.nuxeo.ecm.platform.oauth2.providers.OAuth2ServiceProvider addProvider(java.lang.String r7, java.lang.String r8, java.lang.String r9, java.lang.String r10, java.lang.String r11, java.lang.String r12, java.lang.String r13, java.util.List<java.lang.String> r14, java.lang.Boolean r15) {
        /*
            Method dump skipped, instructions count: 365
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.nuxeo.ecm.platform.oauth2.providers.OAuth2ServiceProviderRegistryImpl.addProvider(java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.util.List, java.lang.Boolean):org.nuxeo.ecm.platform.oauth2.providers.OAuth2ServiceProvider");
    }

    @Override // org.nuxeo.ecm.platform.oauth2.providers.OAuth2ServiceProviderRegistry
    public OAuth2ServiceProvider updateProvider(String str, OAuth2ServiceProvider oAuth2ServiceProvider) {
        Session open = ((DirectoryService) Framework.getService(DirectoryService.class)).open(DIRECTORY_NAME);
        Throwable th = null;
        try {
            try {
                DocumentModel providerDocModel = getProviderDocModel(str);
                providerDocModel.setProperty("oauth2ServiceProvider", "serviceName", oAuth2ServiceProvider.getServiceName());
                providerDocModel.setProperty("oauth2ServiceProvider", "description", oAuth2ServiceProvider.getDescription());
                providerDocModel.setProperty("oauth2ServiceProvider", "authorizationServerURL", oAuth2ServiceProvider.getAuthorizationServerURL());
                providerDocModel.setProperty("oauth2ServiceProvider", "tokenServerURL", oAuth2ServiceProvider.getTokenServerURL());
                providerDocModel.setProperty("oauth2ServiceProvider", "userAuthorizationURL", oAuth2ServiceProvider.getUserAuthorizationURL());
                providerDocModel.setProperty("oauth2ServiceProvider", "clientId", oAuth2ServiceProvider.getClientId());
                providerDocModel.setProperty("oauth2ServiceProvider", "clientSecret", oAuth2ServiceProvider.getClientSecret());
                providerDocModel.setProperty("oauth2ServiceProvider", "scopes", String.join(",", oAuth2ServiceProvider.getScopes()));
                boolean z = (oAuth2ServiceProvider.getClientId() == null || oAuth2ServiceProvider.getClientSecret() == null) ? false : true;
                providerDocModel.setProperty("oauth2ServiceProvider", "enabled", Boolean.valueOf(z && oAuth2ServiceProvider.isEnabled()));
                if (!z) {
                    log.info("OAuth2 provider for " + str + " is disabled because clientId and/or clientSecret are empty");
                }
                open.updateEntry(providerDocModel);
                OAuth2ServiceProvider provider = getProvider(str);
                if (open != null) {
                    if (0 != 0) {
                        try {
                            open.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        open.close();
                    }
                }
                return provider;
            } finally {
            }
        } catch (Throwable th3) {
            if (open != null) {
                if (th != null) {
                    try {
                        open.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    open.close();
                }
            }
            throw th3;
        }
    }

    @Override // org.nuxeo.ecm.platform.oauth2.providers.OAuth2ServiceProviderRegistry
    public void deleteProvider(String str) {
        Session open = ((DirectoryService) Framework.getService(DirectoryService.class)).open(DIRECTORY_NAME);
        Throwable th = null;
        try {
            try {
                open.deleteEntry(getProviderDocModel(str));
                if (open != null) {
                    if (0 == 0) {
                        open.close();
                        return;
                    }
                    try {
                        open.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (open != null) {
                if (th != null) {
                    try {
                        open.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    open.close();
                }
            }
            throw th4;
        }
    }

    protected List<DocumentModel> queryProviders(Map<String, Serializable> map, int i) {
        DirectoryService directoryService = (DirectoryService) Framework.getService(DirectoryService.class);
        return (List) Framework.doPrivileged(() -> {
            try {
                Session open = directoryService.open(DIRECTORY_NAME);
                Throwable th = null;
                try {
                    try {
                        DocumentModelList query = open.query(map, Collections.emptySet(), Collections.emptyMap(), true, i, 0);
                        if (open != null) {
                            if (0 != 0) {
                                try {
                                    open.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                open.close();
                            }
                        }
                        return query;
                    } finally {
                    }
                } finally {
                }
            } catch (DirectoryException e) {
                log.error("Error while fetching provider directory", e);
                return Collections.emptyList();
            }
        });
    }

    protected OAuth2ServiceProvider buildProvider(DocumentModel documentModel) {
        String str = (String) documentModel.getProperty("oauth2ServiceProvider", "serviceName");
        OAuth2ServiceProvider provider = this.registry.getProvider(str);
        if (provider == null) {
            provider = new NuxeoOAuth2ServiceProvider();
            provider.setServiceName(str);
        }
        provider.setId((Long) documentModel.getProperty("oauth2ServiceProvider", "id"));
        provider.setDescription((String) documentModel.getProperty("oauth2ServiceProvider", "description"));
        provider.setAuthorizationServerURL((String) documentModel.getProperty("oauth2ServiceProvider", "authorizationServerURL"));
        provider.setTokenServerURL((String) documentModel.getProperty("oauth2ServiceProvider", "tokenServerURL"));
        provider.setUserAuthorizationURL((String) documentModel.getProperty("oauth2ServiceProvider", "userAuthorizationURL"));
        provider.setClientId((String) documentModel.getProperty("oauth2ServiceProvider", "clientId"));
        provider.setClientSecret((String) documentModel.getProperty("oauth2ServiceProvider", "clientSecret"));
        provider.setScopes(StringUtils.split((String) documentModel.getProperty("oauth2ServiceProvider", "scopes"), ","));
        provider.setEnabled((Boolean) documentModel.getProperty("oauth2ServiceProvider", "enabled"));
        return provider;
    }

    public void registerContribution(Object obj, String str, ComponentInstance componentInstance) {
        if (PROVIDER_EP.equals(str)) {
            OAuth2ServiceProviderDescriptor oAuth2ServiceProviderDescriptor = (OAuth2ServiceProviderDescriptor) obj;
            log.info("OAuth2 provider for " + oAuth2ServiceProviderDescriptor.getName() + " will be registered at application startup");
            this.registry.addContribution(oAuth2ServiceProviderDescriptor);
        }
    }

    public void start(ComponentContext componentContext) {
        registerCustomProviders();
    }

    protected void registerCustomProviders() {
        for (OAuth2ServiceProviderDescriptor oAuth2ServiceProviderDescriptor : this.registry.getContribs()) {
            if (getProvider(oAuth2ServiceProviderDescriptor.getName()) == null) {
                addProvider(oAuth2ServiceProviderDescriptor.getName(), oAuth2ServiceProviderDescriptor.getDescription(), oAuth2ServiceProviderDescriptor.getTokenServerURL(), oAuth2ServiceProviderDescriptor.getAuthorizationServerURL(), oAuth2ServiceProviderDescriptor.getClientId(), oAuth2ServiceProviderDescriptor.getClientSecret(), Arrays.asList(oAuth2ServiceProviderDescriptor.getScopes()));
            } else {
                log.info("Provider " + oAuth2ServiceProviderDescriptor.getName() + " is already in the Database, XML contribution  won't overwrite it");
            }
        }
    }
}
