package org.jboss.bpm.console.server;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.StringTokenizer;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.jboss.bpm.console.client.model.RoleAssignmentRef;
import org.jboss.bpm.console.client.model.RoleAssignmentRefWrapper;
import org.jboss.bpm.console.server.gson.GsonFactory;
import org.jboss.bpm.console.server.integration.ManagementFactory;
import org.jboss.bpm.console.server.integration.UserManagement;
import org.jboss.bpm.console.server.util.ProjectName;
import org.jboss.bpm.console.server.util.RsComment;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Path("identity")
@RsComment(title = "User management", description = "Manage user and groups", project = {ProjectName.JBPM})
/* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.2.1.redhat-216-02.zip:standalone/deployments/switchyard-bpel-console-server.war:WEB-INF/classes/org/jboss/bpm/console/server/UserMgmtFacade.class */
public class UserMgmtFacade {
    private static final Logger log = LoggerFactory.getLogger(UserMgmtFacade.class);
    private UserManagement userManagement;

    private UserManagement getUserManagement() {
        if (null == this.userManagement) {
            this.userManagement = ManagementFactory.newInstance().createUserManagement();
        }
        return this.userManagement;
    }

    @GET
    @Produces({"text/plain"})
    @Path("sid")
    public Response getSessionID(@Context HttpServletRequest httpServletRequest) {
        return Response.ok(httpServletRequest.getSession().getId()).build();
    }

    @POST
    @Produces({"text/plain"})
    @Path("sid/invalidate")
    public Response destroySession(@Context HttpServletRequest httpServletRequest) {
        httpServletRequest.getSession().invalidate();
        return Response.ok().build();
    }

    @GET
    @Produces({"text/plain"})
    @Path("secure/sid")
    public Response getSessionIDSecure(@Context HttpServletRequest httpServletRequest) {
        return Response.ok(httpServletRequest.getSession().getId()).build();
    }

    @GET
    @Produces({"application/json"})
    @Path("user/roles")
    public Response getRolesForJAASPrincipal(@Context HttpServletRequest httpServletRequest, @QueryParam("roleCheck") String str) {
        if (null == str) {
            throw new WebApplicationException(new IllegalArgumentException("Missing parameter 'roleCheck'"));
        }
        log.debug("Role check user: " + httpServletRequest.getUserPrincipal().getName() + ", actualRoles requested: " + str);
        ArrayList arrayList = new ArrayList();
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            arrayList.add(new RoleAssignmentRef(nextToken, httpServletRequest.isUserInRole(nextToken)));
        }
        return createJsonResponse(new RoleAssignmentRefWrapper(arrayList));
    }

    @GET
    @Produces({"application/json"})
    @Path("user/{actorId}/groups/")
    public Response getGroupsForActor(@PathParam("actorId") String str) {
        return createJsonResponse(getUserManagement().getGroupsForActor(str));
    }

    @GET
    @Produces({"application/json"})
    @Path("group/{groupName}/members")
    public Response getActorsForGroup(@PathParam("groupName") String str) {
        return createJsonResponse(getUserManagement().getActorsForGroup(str));
    }

    @GET
    @Produces({"application/json"})
    @Path("user/{actorId}/actors")
    public Response getAvailableActors(@PathParam("actorId") String str) {
        HashSet hashSet = new HashSet();
        List<String> groupsForActor = getUserManagement().getGroupsForActor(str);
        Iterator<String> it = groupsForActor.iterator();
        while (it.hasNext()) {
            hashSet.addAll(getUserManagement().getActorsForGroup(it.next()));
        }
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(hashSet);
        arrayList.addAll(groupsForActor);
        return createJsonResponse(arrayList);
    }

    private Response createJsonResponse(Object obj) {
        return Response.ok(GsonFactory.createInstance().toJson(obj)).type("application/json").build();
    }
}
