package org.apache.karaf.jaas.modules.syncope;

import java.security.Principal;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.felix.utils.json.JSONParser;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.methods.HttpDelete;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.util.EntityUtils;
import org.apache.karaf.jaas.boot.principal.GroupPrincipal;
import org.apache.karaf.jaas.boot.principal.RolePrincipal;
import org.apache.karaf.jaas.boot.principal.UserPrincipal;
import org.apache.karaf.jaas.modules.BackingEngine;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/karaf/jaas/modules/syncope/SyncopeBackingEngine.class */
public class SyncopeBackingEngine implements BackingEngine {
    private final Logger logger = LoggerFactory.getLogger(SyncopeBackingEngine.class);
    private String address;
    private boolean version2;
    private DefaultHttpClient client;

    public SyncopeBackingEngine(String str, String str2, String str3, String str4) {
        this.address = str;
        this.version2 = str2 != null && (str2.equals("2.x") || str2.equals("2"));
        this.client = new DefaultHttpClient();
        this.client.getCredentialsProvider().setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(str3, str4));
    }

    @Override // org.apache.karaf.jaas.modules.BackingEngine
    public void addUser(String str, String str2) {
        if (str.startsWith(BackingEngine.GROUP_PREFIX)) {
            throw new IllegalArgumentException("Group prefix _g_: not permitted with Syncope backend");
        }
        if (this.version2) {
            addUserSyncope2(str, str2);
        } else {
            addUserSyncope1(str, str2);
        }
    }

    private void addUserSyncope1(String str, String str2) {
        HttpPost httpPost = new HttpPost(this.address + "/users");
        httpPost.setHeader("Content-Type", "application/xml");
        try {
            httpPost.setEntity(new StringEntity("<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?><user><attributes><attribute><readonly>false</readonly><schema>fullname</schema><value>" + str + "</value></attribute><attribute><readonly>false</readonly><schema>surname</schema><value>" + str + "</value></attribute><attribute><readonly>false</readonly><schema>userId</schema><value>" + str + "@karaf.apache.org</value></attribute></attributes><password>" + str2 + "</password><username>" + str + "</username></user>"));
            this.client.execute((HttpUriRequest) httpPost);
        } catch (Exception e) {
            this.logger.error("Can't add user {}", str, e);
            throw new RuntimeException("Can't add user " + str, e);
        }
    }

    private void addUserSyncope2(String str, String str2) {
        HttpPost httpPost = new HttpPost(this.address + "/users");
        httpPost.setHeader("Content-Type", "application/json");
        try {
            httpPost.setEntity(new StringEntity("{\"@class\": \"org.apache.syncope.common.lib.to.UserTO\",\"type\": \"USER\",\"realm\": \"/\",\"username\": \"" + str + "\",\"password\": \"" + str2 + "\",\"plainAttrs\": [{ \"schema\": \"surname\", \"values\": [\"" + str + "\"] },{ \"schema\": \"fullname\", \"values\": [\"" + str + "\"] },{ \"schema\": \"userId\", \"value\": [\"" + str + "@karaf.apache.org\"] }}"));
            this.client.execute((HttpUriRequest) httpPost);
        } catch (Exception e) {
            this.logger.error("Can't add user {}", str, e);
            throw new RuntimeException("Can't add user " + str, e);
        }
    }

    @Override // org.apache.karaf.jaas.modules.BackingEngine
    public void deleteUser(String str) {
        if (str.startsWith(BackingEngine.GROUP_PREFIX)) {
            throw new IllegalArgumentException("Group prefix _g_: not permitted with Syncope backend");
        }
        HttpDelete httpDelete = new HttpDelete(this.address + "/users/" + str);
        if (this.version2) {
            httpDelete.setHeader("Content-Type", "application/json");
        } else {
            httpDelete.setHeader("Content-Type", "application/xml");
        }
        try {
            this.client.execute((HttpUriRequest) httpDelete);
        } catch (Exception e) {
            this.logger.error("Can't delete user {}", str, e);
            throw new RuntimeException("Can't delete user " + str, e);
        }
    }

    @Override // org.apache.karaf.jaas.modules.BackingEngine
    public List<UserPrincipal> listUsers() {
        return this.version2 ? listUsersSyncope2() : listUsersSyncope1();
    }

    private List<UserPrincipal> listUsersSyncope1() {
        ArrayList arrayList = new ArrayList();
        HttpGet httpGet = new HttpGet(this.address + "/users");
        httpGet.setHeader("Content-Type", "application/xml");
        try {
            String entityUtils = EntityUtils.toString(this.client.execute((HttpUriRequest) httpGet).getEntity());
            if (entityUtils != null && !entityUtils.isEmpty()) {
                int indexOf = entityUtils.indexOf("<username>");
                while (indexOf != -1) {
                    String substring = entityUtils.substring(indexOf + "<username>".length());
                    int indexOf2 = substring.indexOf("</username>");
                    if (indexOf2 == -1) {
                    }
                    arrayList.add(new UserPrincipal(substring.substring(0, indexOf2)));
                    entityUtils = substring.substring(indexOf2 + "</username>".length());
                    indexOf = entityUtils.indexOf("<username>");
                }
            }
            return arrayList;
        } catch (Exception e) {
            throw new RuntimeException("Error listing users", e);
        }
    }

    private List<UserPrincipal> listUsersSyncope2() {
        ArrayList arrayList = new ArrayList();
        HttpGet httpGet = new HttpGet(this.address + "/users");
        httpGet.setHeader("Content-Type", "application/json");
        try {
            Iterator it = ((List) new JSONParser(EntityUtils.toString(this.client.execute((HttpUriRequest) httpGet).getEntity())).getParsed().get("result")).iterator();
            while (it.hasNext()) {
                arrayList.add(new UserPrincipal((String) ((Map) it.next()).get("username")));
            }
            return arrayList;
        } catch (Exception e) {
            throw new RuntimeException("Error listing users", e);
        }
    }

    @Override // org.apache.karaf.jaas.modules.BackingEngine
    public List<RolePrincipal> listRoles(Principal principal) {
        return this.version2 ? listRolesSyncope2(principal) : listRolesSyncope1(principal);
    }

    private List<RolePrincipal> listRolesSyncope1(Principal principal) {
        ArrayList arrayList = new ArrayList();
        HttpGet httpGet = new HttpGet(this.address + "/users?username=" + principal.getName());
        httpGet.setHeader("Content-Type", "application/xml");
        try {
            String entityUtils = EntityUtils.toString(this.client.execute((HttpUriRequest) httpGet).getEntity());
            if (entityUtils != null && !entityUtils.isEmpty()) {
                int indexOf = entityUtils.indexOf("<roleName>");
                while (indexOf != 1) {
                    String substring = entityUtils.substring(indexOf + "<roleName>".length());
                    int indexOf2 = substring.indexOf("</roleName>");
                    if (indexOf2 == -1) {
                        break;
                    }
                    arrayList.add(new RolePrincipal(substring.substring(0, indexOf2)));
                    entityUtils = substring.substring(indexOf2 + "</roleName>".length());
                    indexOf = entityUtils.indexOf("<roleName>");
                }
            }
            return arrayList;
        } catch (Exception e) {
            throw new RuntimeException("Error listing roles", e);
        }
    }

    private List<RolePrincipal> listRolesSyncope2(Principal principal) {
        ArrayList arrayList = new ArrayList();
        HttpGet httpGet = new HttpGet(this.address + "/users/" + principal.getName());
        httpGet.setHeader("Content-Type", "application/json");
        try {
            String entityUtils = EntityUtils.toString(this.client.execute((HttpUriRequest) httpGet).getEntity());
            if (entityUtils != null && !entityUtils.isEmpty()) {
                Iterator it = ((List) new JSONParser(entityUtils).getParsed().get("roles")).iterator();
                while (it.hasNext()) {
                    arrayList.add(new RolePrincipal((String) it.next()));
                }
            }
            return arrayList;
        } catch (Exception e) {
            throw new RuntimeException("Error listing roles", e);
        }
    }

    @Override // org.apache.karaf.jaas.modules.BackingEngine
    public void addRole(String str, String str2) {
        throw new RuntimeException("Roles management should be done on the Syncope side");
    }

    @Override // org.apache.karaf.jaas.modules.BackingEngine
    public void deleteRole(String str, String str2) {
        throw new RuntimeException("Roles management should be done on the Syncope side");
    }

    @Override // org.apache.karaf.jaas.modules.BackingEngine
    public List<GroupPrincipal> listGroups(UserPrincipal userPrincipal) {
        return new ArrayList();
    }

    @Override // org.apache.karaf.jaas.modules.BackingEngine
    public void addGroup(String str, String str2) {
        throw new RuntimeException("Group management is not supported by Syncope backend");
    }

    @Override // org.apache.karaf.jaas.modules.BackingEngine
    public void deleteGroup(String str, String str2) {
        throw new RuntimeException("Group management is not supported by Syncope backend");
    }

    @Override // org.apache.karaf.jaas.modules.BackingEngine
    public void addGroupRole(String str, String str2) {
        throw new RuntimeException("Group management is not supported by Syncope backend");
    }

    @Override // org.apache.karaf.jaas.modules.BackingEngine
    public void deleteGroupRole(String str, String str2) {
        throw new RuntimeException("Group management is not supported by Syncope backend");
    }

    @Override // org.apache.karaf.jaas.modules.BackingEngine
    public Map<GroupPrincipal, String> listGroups() {
        throw new RuntimeException("Group management is not supported by Syncope backend");
    }

    @Override // org.apache.karaf.jaas.modules.BackingEngine
    public void createGroup(String str) {
        throw new RuntimeException("Group management is not supported by Syncope backend");
    }
}
