package org.forgerock.openidm.provisioner.openicf.impl;

import java.io.IOException;
import java.io.Serializable;
import java.io.StringWriter;
import java.lang.reflect.Array;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.UUID;
import org.codehaus.jackson.map.ObjectMapper;
import org.forgerock.json.fluent.JsonValue;
import org.forgerock.openidm.config.JSONEnhancedConfig;
import org.forgerock.openidm.context.InvokeContext;
import org.forgerock.openidm.crypto.CryptoService;
import org.forgerock.openidm.objset.BadRequestException;
import org.forgerock.openidm.objset.ConflictException;
import org.forgerock.openidm.objset.ForbiddenException;
import org.forgerock.openidm.objset.InternalServerErrorException;
import org.forgerock.openidm.objset.NotFoundException;
import org.forgerock.openidm.objset.ObjectSetException;
import org.forgerock.openidm.objset.Patch;
import org.forgerock.openidm.objset.ServiceUnavailableException;
import org.forgerock.openidm.provisioner.Id;
import org.forgerock.openidm.provisioner.ProvisionerService;
import org.forgerock.openidm.provisioner.SystemIdentifier;
import org.forgerock.openidm.provisioner.openicf.ConnectorInfoProvider;
import org.forgerock.openidm.provisioner.openicf.ConnectorReference;
import org.forgerock.openidm.provisioner.openicf.OperationHelper;
import org.forgerock.openidm.provisioner.openicf.commons.ConnectorUtil;
import org.forgerock.openidm.provisioner.openicf.impl.script.ConnectorScript;
import org.forgerock.openidm.sync.SynchronizationListener;
import org.identityconnectors.framework.api.APIConfiguration;
import org.identityconnectors.framework.api.ConnectorFacade;
import org.identityconnectors.framework.api.ConnectorFacadeFactory;
import org.identityconnectors.framework.api.ConnectorInfo;
import org.identityconnectors.framework.api.operations.CreateApiOp;
import org.identityconnectors.framework.api.operations.DeleteApiOp;
import org.identityconnectors.framework.api.operations.GetApiOp;
import org.identityconnectors.framework.api.operations.SearchApiOp;
import org.identityconnectors.framework.api.operations.SyncApiOp;
import org.identityconnectors.framework.api.operations.TestApiOp;
import org.identityconnectors.framework.api.operations.UpdateApiOp;
import org.identityconnectors.framework.common.FrameworkUtil;
import org.identityconnectors.framework.common.exceptions.AlreadyExistsException;
import org.identityconnectors.framework.common.exceptions.ConfigurationException;
import org.identityconnectors.framework.common.exceptions.ConnectionBrokenException;
import org.identityconnectors.framework.common.exceptions.ConnectionFailedException;
import org.identityconnectors.framework.common.exceptions.ConnectorException;
import org.identityconnectors.framework.common.exceptions.ConnectorIOException;
import org.identityconnectors.framework.common.exceptions.ConnectorSecurityException;
import org.identityconnectors.framework.common.exceptions.InvalidCredentialException;
import org.identityconnectors.framework.common.exceptions.InvalidPasswordException;
import org.identityconnectors.framework.common.exceptions.OperationTimeoutException;
import org.identityconnectors.framework.common.exceptions.PasswordExpiredException;
import org.identityconnectors.framework.common.exceptions.PermissionDeniedException;
import org.identityconnectors.framework.common.exceptions.UnknownUidException;
import org.identityconnectors.framework.common.objects.Attribute;
import org.identityconnectors.framework.common.objects.AttributeUtil;
import org.identityconnectors.framework.common.objects.ConnectorObject;
import org.identityconnectors.framework.common.objects.Name;
import org.identityconnectors.framework.common.objects.OperationOptions;
import org.identityconnectors.framework.common.objects.OperationOptionsBuilder;
import org.identityconnectors.framework.common.objects.ScriptContext;
import org.identityconnectors.framework.common.objects.SyncDelta;
import org.identityconnectors.framework.common.objects.SyncDeltaType;
import org.identityconnectors.framework.common.objects.SyncResultsHandler;
import org.identityconnectors.framework.common.objects.SyncToken;
import org.identityconnectors.framework.common.objects.Uid;
import org.identityconnectors.framework.common.objects.filter.EqualsFilter;
import org.identityconnectors.framework.common.objects.filter.Filter;
import org.identityconnectors.framework.common.serializer.SerializerUtil;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.component.ComponentException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/forgerock/openidm/provisioner/openicf/impl/OpenICFProvisionerService.class */
public class OpenICFProvisionerService implements ProvisionerService {
    public static final String PID = "org.forgerock.openidm.provisioner.openicf";
    private ComponentContext context = null;
    private SimpleSystemIdentifier systemIdentifier = null;
    private OperationHelperBuilder operationHelperBuilder = null;
    private boolean allowModification = true;
    private ConnectorInfoProvider connectorInfoProvider = null;
    protected CryptoService cryptoService = null;
    private static final Logger logger = LoggerFactory.getLogger(OpenICFProvisionerService.class);
    private static final ObjectMapper mapper = new ObjectMapper();

    /* renamed from: org.forgerock.openidm.provisioner.openicf.impl.OpenICFProvisionerService$2, reason: invalid class name */
    /* loaded from: input_file:org/forgerock/openidm/provisioner/openicf/impl/OpenICFProvisionerService$2.class */
    static /* synthetic */ class AnonymousClass2 {
        static final /* synthetic */ int[] $SwitchMap$org$identityconnectors$framework$common$objects$SyncDeltaType = new int[SyncDeltaType.values().length];

        static {
            try {
                $SwitchMap$org$identityconnectors$framework$common$objects$SyncDeltaType[SyncDeltaType.CREATE_OR_UPDATE.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$identityconnectors$framework$common$objects$SyncDeltaType[SyncDeltaType.DELETE.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    protected void bind(ConnectorInfoProvider connectorInfoProvider) {
        logger.info("ConnectorInfoProvider is bound.");
        this.connectorInfoProvider = connectorInfoProvider;
    }

    protected void unbind(ConnectorInfoProvider connectorInfoProvider) {
        this.connectorInfoProvider = null;
        logger.info("ConnectorInfoProvider is unbound.");
    }

    protected void bindCryptoService(CryptoService cryptoService) {
        this.cryptoService = cryptoService;
    }

    protected void unbindCryptoService(CryptoService cryptoService) {
        this.cryptoService = null;
    }

    protected void activate(ComponentContext componentContext) {
        this.context = componentContext;
        try {
            JsonValue configuration = getConfiguration(componentContext);
            ConnectorReference connectorReference = ConnectorUtil.getConnectorReference(configuration);
            ConnectorInfo findConnectorInfo = this.connectorInfoProvider.findConnectorInfo(connectorReference);
            if (null == findConnectorInfo) {
                logger.error("ERROR - ConnectorInfo can not be retrieved for {}", connectorReference);
                throw new ComponentException("ConnectorInfo can not be retrieved for " + connectorReference);
            }
            logger.info("OK - ConnectorInfo was found.");
            try {
                this.systemIdentifier = new SimpleSystemIdentifier(configuration);
                this.operationHelperBuilder = new OperationHelperBuilder(this.systemIdentifier.getName(), configuration, findConnectorInfo.createDefaultAPIConfiguration());
                this.allowModification = !configuration.get("readOnly").defaultTo(false).asBoolean().booleanValue();
                logger.info("OK - Configuration accepted.");
                try {
                    ConnectorFacade connectorFacade = getConnectorFacade(this.operationHelperBuilder.getRuntimeAPIConfiguration());
                    if (connectorFacade.getSupportedOperations().contains(TestApiOp.class)) {
                        try {
                            connectorFacade.test();
                            logger.debug("OK - Test of {} succeeded!", this.systemIdentifier);
                        } catch (Exception e) {
                            logger.warn("Test of {} failed when service was activated! Remote system may be unavailable or the It can be configuration problem.", this.systemIdentifier, e);
                        }
                    } else {
                        logger.debug("Test is not supported.");
                    }
                    logger.info("OK - OpenICFProvisionerService component with '{}' is activated.", this.systemIdentifier);
                } catch (Throwable th) {
                    logger.error("ERROR - Test of {} failed.", this.systemIdentifier, th);
                    throw new ComponentException("Connector test failed.", th);
                }
            } catch (Exception e2) {
                logger.error("ERROR - Invalid Configuration", e2);
                throw new ComponentException("Invalid Configuration, service can not be started", e2);
            }
        } catch (Exception e3) {
            logger.error("ERROR - Invalid Configuration and/or ConnectorReference", e3);
            throw new ComponentException("Invalid Configuration and/or ConnectorReference", e3);
        }
    }

    protected void deactivate(ComponentContext componentContext) {
        logger.info("Component {} is deactivated.", this.systemIdentifier);
        this.context = null;
        this.systemIdentifier = null;
        this.operationHelperBuilder = null;
    }

    public SystemIdentifier getSystemIdentifier() {
        return this.systemIdentifier;
    }

    public Map<String, Object> getStatus() {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        try {
            JsonValue jsonValue = new JsonValue(linkedHashMap);
            jsonValue.put("name", this.systemIdentifier.getName());
            jsonValue.put("component.id", this.context.getProperties().get("component.id"));
            jsonValue.put("component.name", this.context.getProperties().get("component.name"));
            getConnectorFacade(this.operationHelperBuilder.getRuntimeAPIConfiguration()).test();
            jsonValue.put("ok", true);
        } catch (Exception e) {
            linkedHashMap.put("error", e.getMessage());
        }
        return linkedHashMap;
    }

    public void create(String str, Map<String, Object> map) throws ObjectSetException {
        traceObject("create", str, map);
        OperationHelper build = this.operationHelperBuilder.build(new Id(str).getObjectType(), map, this.cryptoService);
        if (!this.allowModification || !build.isOperationPermitted(CreateApiOp.class)) {
            logger.debug("Operation {} of {} is not permitted", "create", str);
            return;
        }
        try {
            ConnectorObject build2 = build.build(CreateApiOp.class, map);
            build.resetUid(getConnectorFacade(build.getRuntimeAPIConfiguration()).create(build2.getObjectClass(), AttributeUtil.filterUid(build2.getAttributes()), build.getOperationOptionsBuilder(CreateApiOp.class, build2, map).build()), map);
        } catch (ConnectionBrokenException e) {
            logger.error("Operation {} failed with ConnectionBrokenException on system object: {}", new Object[]{"create", str}, e);
            throw new ServiceUnavailableException(e);
        } catch (OperationTimeoutException e2) {
            logger.error("Operation {} Timeout on system object: {}", new Object[]{"create", str}, e2);
            throw new ServiceUnavailableException(e2);
        } catch (ConfigurationException e3) {
            logger.error("Operation {} failed with ConfigurationException on system object: {}", new Object[]{"create", str}, e3);
            throw new InternalServerErrorException(e3);
        } catch (AlreadyExistsException e4) {
            logger.error("System object {} already exists", str, e4);
            throw new ConflictException(e4);
        } catch (ConnectorException e5) {
            logger.error("Operation {} failed with ConnectorException on system object: {}", new Object[]{"create", str}, e5);
            throw new InternalServerErrorException(e5);
        } catch (UnknownUidException e6) {
            logger.error("Operation {} failed with UnknownUidException on system object: {}", new Object[]{"create", str}, e6);
            throw new NotFoundException(e6);
        } catch (Exception e7) {
            logger.error("Operation {} failed with Exception on system object: {}", new Object[]{"create", str}, e7);
            throw new ObjectSetException(e7);
        } catch (InvalidCredentialException e8) {
            logger.error("Invalid credential has been provided to operation {} for system object: {}", new Object[]{"create", str}, e8);
            throw new InternalServerErrorException(e8);
        } catch (ConnectorSecurityException e9) {
            logger.error("Operation {} failed with ConnectorSecurityException on system object: {}", new Object[]{"create", str}, e9);
            throw new InternalServerErrorException(e9);
        } catch (InvalidPasswordException e10) {
            logger.error("Invalid password has been provided to operation {} for system object: {}", new Object[]{"create", str}, e10);
            throw new InternalServerErrorException(e10);
        } catch (PermissionDeniedException e11) {
            logger.error("Permission was denied on {} operation for system object: {}", new Object[]{"create", str}, e11);
            throw new ForbiddenException(e11);
        } catch (PasswordExpiredException e12) {
            logger.error("Operation {} failed with PasswordExpiredException on system object: {}", new Object[]{"create", str}, e12);
            throw new InternalServerErrorException(e12);
        } catch (ConnectorIOException e13) {
            logger.error("Operation {} failed with ConnectorIOException on system object: {}", new Object[]{"create", str}, e13);
            throw new ServiceUnavailableException(e13);
        } catch (ConnectionFailedException e14) {
            logger.error("Connection failed during operation {} on system object: {}", new Object[]{"create", str}, e14);
            throw new ServiceUnavailableException(e14);
        }
    }

    public Map<String, Object> read(String str) throws ObjectSetException {
        Id id = new Id(str);
        OperationHelper build = this.operationHelperBuilder.build(id.getObjectType(), null, this.cryptoService);
        try {
            ConnectorFacade connectorFacade = getConnectorFacade(build.getRuntimeAPIConfiguration());
            if (connectorFacade.getSupportedOperations().contains(GetApiOp.class)) {
                if (build.isOperationPermitted(GetApiOp.class)) {
                    ConnectorObject object = connectorFacade.getObject(build.getObjectClass(), new Uid(id.getLocalId()), build.getOperationOptionsBuilder(GetApiOp.class, null, null).build());
                    if (null != object) {
                        return build.build(object);
                    }
                } else {
                    logger.debug("Operation {} of {} is not permitted", "read", str);
                }
            } else if (connectorFacade.getSupportedOperations().contains(SearchApiOp.class)) {
                if (build.isOperationPermitted(SearchApiOp.class)) {
                    connectorFacade.search(build.getObjectClass(), new EqualsFilter(new Name(id.getLocalId())), build.getResultsHandler(), build.getOperationOptionsBuilder(SearchApiOp.class, null, null).build());
                    if (!build.getQueryResult().isEmpty()) {
                        return build.getQueryResult().get(0);
                    }
                } else {
                    logger.debug("Operation {} of {} is not permitted", "read", str);
                }
            }
            throw new NotFoundException(str);
        } catch (ConnectionBrokenException e) {
            logger.error("Operation {} failed with ConnectionBrokenException on system object: {}", new Object[]{"read", str}, e);
            throw new ServiceUnavailableException(e);
        } catch (OperationTimeoutException e2) {
            logger.error("Operation {} Timeout on system object: {}", new Object[]{"read", str}, e2);
            throw new ServiceUnavailableException(e2);
        } catch (AlreadyExistsException e3) {
            logger.error("System object {} already exists", str, e3);
            throw new ConflictException(e3);
        } catch (ConnectorException e4) {
            logger.error("Operation {} failed with ConnectorException on system object: {}", new Object[]{"read", str}, e4);
            throw new InternalServerErrorException(e4);
        } catch (UnknownUidException e5) {
            logger.error("Operation {} failed with UnknownUidException on system object: {}", new Object[]{"read", str}, e5);
            throw new NotFoundException(e5);
        } catch (ConfigurationException e6) {
            logger.error("Operation {} failed with ConfigurationException on system object: {}", new Object[]{"read", str}, e6);
            throw new InternalServerErrorException(e6);
        } catch (InvalidCredentialException e7) {
            logger.error("Invalid credential has been provided to operation {} for system object: {}", new Object[]{"read", str}, e7);
            throw new InternalServerErrorException(e7);
        } catch (Exception e8) {
            logger.error("Operation {} failed with Exception on system object: {}", new Object[]{"read", str}, e8);
            throw new ObjectSetException(e8);
        } catch (PermissionDeniedException e9) {
            logger.error("Permission was denied on {} operation for system object: {}", new Object[]{"read", str}, e9);
            throw new ForbiddenException(e9);
        } catch (ConnectorSecurityException e10) {
            logger.error("Operation {} failed with ConnectorSecurityException on system object: {}", new Object[]{"read", str}, e10);
            throw new InternalServerErrorException(e10);
        } catch (PasswordExpiredException e11) {
            logger.error("Operation {} failed with PasswordExpiredException on system object: {}", new Object[]{"read", str}, e11);
            throw new InternalServerErrorException(e11);
        } catch (ConnectorIOException e12) {
            logger.error("Operation {} failed with ConnectorIOException on system object: {}", new Object[]{"read", str}, e12);
            throw new ServiceUnavailableException(e12);
        } catch (ConnectionFailedException e13) {
            logger.error("Connection failed during operation {} on system object: {}", new Object[]{"read", str}, e13);
            throw new ServiceUnavailableException(e13);
        } catch (InvalidPasswordException e14) {
            logger.error("Invalid password has been provided to operation {} for system object: {}", new Object[]{"read", str}, e14);
            throw new InternalServerErrorException(e14);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v72, types: [java.util.Set] */
    public void update(String str, String str2, Map<String, Object> map) throws ObjectSetException {
        ConnectorObject build;
        HashSet hashSet;
        traceObject("update", str, map);
        Id id = new Id(str);
        OperationHelper build2 = this.operationHelperBuilder.build(id.getObjectType(), map, this.cryptoService);
        if (!this.allowModification || !build2.isOperationPermitted(UpdateApiOp.class)) {
            logger.debug("Operation {} of {} is not permitted", "update", str);
            return;
        }
        try {
            Object obj = map.get("_name");
            if (obj instanceof String) {
                build = build2.build(UpdateApiOp.class, (String) obj, map);
                hashSet = AttributeUtil.filterUid(build.getAttributes());
            } else {
                build = build2.build(UpdateApiOp.class, id.getLocalId(), map);
                hashSet = new HashSet();
                for (Attribute attribute : build.getAttributes()) {
                    if (!attribute.is(Name.NAME) && !attribute.is(Uid.NAME)) {
                        hashSet.add(attribute);
                    }
                }
            }
            build2.resetUid(getConnectorFacade(build2.getRuntimeAPIConfiguration()).update(build.getObjectClass(), build.getUid(), hashSet, build2.getOperationOptionsBuilder(UpdateApiOp.class, build, map).build()), map);
        } catch (ConnectorException e) {
            logger.error("Operation {} failed with ConnectorException on system object: {}", new Object[]{"update", str}, e);
            throw new InternalServerErrorException(e);
        } catch (AlreadyExistsException e2) {
            logger.error("System object {} already exists", str, e2);
            throw new ConflictException(e2);
        } catch (PasswordExpiredException e3) {
            logger.error("Operation {} failed with PasswordExpiredException on system object: {}", new Object[]{"update", str}, e3);
            throw new InternalServerErrorException(e3);
        } catch (Exception e4) {
            logger.error("Operation {} failed with Exception on system object: {}", new Object[]{"update", str}, e4);
            throw new ObjectSetException(e4);
        } catch (InvalidCredentialException e5) {
            logger.error("Invalid credential has been provided to operation {} for system object: {}", new Object[]{"update", str}, e5);
            throw new InternalServerErrorException(e5);
        } catch (ConnectorIOException e6) {
            logger.error("Operation {} failed with ConnectorIOException on system object: {}", new Object[]{"update", str}, e6);
            throw new ServiceUnavailableException(e6);
        } catch (UnknownUidException e7) {
            logger.error("Operation {} failed with UnknownUidException on system object: {}", new Object[]{"update", str}, e7);
            throw new NotFoundException(e7);
        } catch (ConnectorSecurityException e8) {
            logger.error("Operation {} failed with ConnectorSecurityException on system object: {}", new Object[]{"update", str}, e8);
            throw new InternalServerErrorException(e8);
        } catch (ConnectionFailedException e9) {
            logger.error("Connection failed during operation {} on system object: {}", new Object[]{"update", str}, e9);
            throw new ServiceUnavailableException(e9);
        } catch (InvalidPasswordException e10) {
            logger.error("Invalid password has been provided to operation {} for system object: {}", new Object[]{"update", str}, e10);
            throw new InternalServerErrorException(e10);
        } catch (OperationTimeoutException e11) {
            logger.error("Operation {} Timeout on system object: {}", new Object[]{"update", str}, e11);
            throw new ServiceUnavailableException(e11);
        } catch (ConnectionBrokenException e12) {
            logger.error("Operation {} failed with ConnectionBrokenException on system object: {}", new Object[]{"update", str}, e12);
            throw new ServiceUnavailableException(e12);
        } catch (ConfigurationException e13) {
            logger.error("Operation {} failed with ConfigurationException on system object: {}", new Object[]{"update", str}, e13);
            throw new InternalServerErrorException(e13);
        } catch (PermissionDeniedException e14) {
            logger.error("Permission was denied on {} operation for system object: {}", new Object[]{"update", str}, e14);
            throw new ForbiddenException(e14);
        }
    }

    public void delete(String str, String str2) throws ObjectSetException {
        Id id = new Id(str);
        OperationHelper build = this.operationHelperBuilder.build(id.getObjectType(), null, this.cryptoService);
        if (!this.allowModification || !build.isOperationPermitted(DeleteApiOp.class)) {
            logger.debug("Operation {} of {} is not permitted", "delete", str);
            return;
        }
        try {
            getConnectorFacade(build.getRuntimeAPIConfiguration()).delete(build.getObjectClass(), new Uid(id.getLocalId()), build.getOperationOptionsBuilder(DeleteApiOp.class, null, null).build());
        } catch (InvalidPasswordException e) {
            logger.error("Invalid password has been provided to operation {} for system object: {}", new Object[]{"delete", str}, e);
            throw new InternalServerErrorException(e);
        } catch (ConnectionBrokenException e2) {
            logger.error("Operation {} failed with ConnectionBrokenException on system object: {}", new Object[]{"delete", str}, e2);
            throw new ServiceUnavailableException(e2);
        } catch (AlreadyExistsException e3) {
            logger.error("System object {} already exists", str, e3);
            throw new ConflictException(e3);
        } catch (ConnectionFailedException e4) {
            logger.error("Connection failed during operation {} on system object: {}", new Object[]{"delete", str}, e4);
            throw new ServiceUnavailableException(e4);
        } catch (Exception e5) {
            logger.error("Operation {} failed with Exception on system object: {}", new Object[]{"delete", str}, e5);
            throw new ObjectSetException(e5);
        } catch (ConnectorIOException e6) {
            logger.error("Operation {} failed with ConnectorIOException on system object: {}", new Object[]{"delete", str}, e6);
            throw new ServiceUnavailableException(e6);
        } catch (ConfigurationException e7) {
            logger.error("Operation {} failed with ConfigurationException on system object: {}", new Object[]{"delete", str}, e7);
            throw new InternalServerErrorException(e7);
        } catch (ConnectorException e8) {
            logger.error("Operation {} failed with ConnectorException on system object: {}", new Object[]{"delete", str}, e8);
            throw new InternalServerErrorException(e8);
        } catch (PasswordExpiredException e9) {
            logger.error("Operation {} failed with PasswordExpiredException on system object: {}", new Object[]{"delete", str}, e9);
            throw new InternalServerErrorException(e9);
        } catch (OperationTimeoutException e10) {
            logger.error("Operation {} Timeout on system object: {}", new Object[]{"delete", str}, e10);
            throw new ServiceUnavailableException(e10);
        } catch (PermissionDeniedException e11) {
            logger.error("Permission was denied on {} operation for system object: {}", new Object[]{"delete", str}, e11);
            throw new ForbiddenException(e11);
        } catch (InvalidCredentialException e12) {
            logger.error("Invalid credential has been provided to operation {} for system object: {}", new Object[]{"delete", str}, e12);
            throw new InternalServerErrorException(e12);
        } catch (ConnectorSecurityException e13) {
            logger.error("Operation {} failed with ConnectorSecurityException on system object: {}", new Object[]{"delete", str}, e13);
            throw new InternalServerErrorException(e13);
        } catch (UnknownUidException e14) {
            logger.error("Operation {} failed with UnknownUidException on system object: {}", new Object[]{"delete", str}, e14);
            throw new NotFoundException(e14);
        }
    }

    public void patch(String str, String str2, Patch patch) throws ObjectSetException {
    }

    public Map<String, Object> query(String str, Map<String, Object> map) throws ObjectSetException {
        OperationHelper build = this.operationHelperBuilder.build(new Id(str).getObjectType(), null, this.cryptoService);
        HashMap hashMap = new HashMap();
        if (build.isOperationPermitted(SearchApiOp.class)) {
            try {
                OperationOptionsBuilder operationOptionsBuilder = build.getOperationOptionsBuilder(SearchApiOp.class, null, null);
                Filter filter = null;
                if (null != map) {
                    Map<String, Object> map2 = (Map) map.get("query");
                    String str2 = (String) map.get("_query-id");
                    if (map2 != null) {
                        filter = build.build(map2, (Map<String, Object>) map.get("params"));
                    } else if (str2 != null) {
                        if (!str2.equals("query-all-ids")) {
                            throw new BadRequestException("Unknown query id: " + str2);
                        }
                        operationOptionsBuilder.setAttributesToGet(new String[]{Uid.NAME});
                    }
                }
                getConnectorFacade(build.getRuntimeAPIConfiguration()).search(build.getObjectClass(), filter, build.getResultsHandler(), operationOptionsBuilder.build());
                hashMap.put("result", build.getQueryResult());
            } catch (Exception e) {
                logger.error("Operation {} failed with Exception on system object: {}", new Object[]{"query", str}, e);
                throw new ObjectSetException(e);
            } catch (ConnectorException e2) {
                logger.error("Operation {} failed with ConnectorException on system object: {}", new Object[]{"query", str}, e2);
                throw new InternalServerErrorException(e2);
            } catch (OperationTimeoutException e3) {
                logger.error("Operation {} Timeout on system object: {}", new Object[]{"query", str}, e3);
                throw new ServiceUnavailableException(e3);
            } catch (PasswordExpiredException e4) {
                logger.error("Operation {} failed with PasswordExpiredException on system object: {}", new Object[]{"query", str}, e4);
                throw new InternalServerErrorException(e4);
            } catch (ConnectorSecurityException e5) {
                logger.error("Operation {} failed with ConnectorSecurityException on system object: {}", new Object[]{"query", str}, e5);
                throw new InternalServerErrorException(e5);
            } catch (ConnectorIOException e6) {
                logger.error("Operation {} failed with ConnectorIOException on system object: {}", new Object[]{"query", str}, e6);
                throw new ServiceUnavailableException(e6);
            } catch (PermissionDeniedException e7) {
                logger.error("Permission was denied on {} operation for system object: {}", new Object[]{"query", str}, e7);
                throw new ForbiddenException(e7);
            } catch (UnknownUidException e8) {
                logger.error("Operation {} failed with UnknownUidException on system object: {}", new Object[]{"query", str}, e8);
                throw new NotFoundException(e8);
            } catch (ConnectionBrokenException e9) {
                logger.error("Operation {} failed with ConnectionBrokenException on system object: {}", new Object[]{"query", str}, e9);
                throw new ServiceUnavailableException(e9);
            } catch (InvalidPasswordException e10) {
                logger.error("Invalid password has been provided to operation {} for system object: {}", new Object[]{"query", str}, e10);
                throw new InternalServerErrorException(e10);
            } catch (AlreadyExistsException e11) {
                logger.error("System object {} already exists", str, e11);
                throw new ConflictException(e11);
            } catch (ConnectionFailedException e12) {
                logger.error("Connection failed during operation {} on system object: {}", new Object[]{"query", str}, e12);
                throw new ServiceUnavailableException(e12);
            } catch (ConfigurationException e13) {
                logger.error("Operation {} failed with ConfigurationException on system object: {}", new Object[]{"query", str}, e13);
                throw new InternalServerErrorException(e13);
            } catch (InvalidCredentialException e14) {
                logger.error("Invalid credential has been provided to operation {} for system object: {}", new Object[]{"query", str}, e14);
                throw new InternalServerErrorException(e14);
            }
        } else {
            logger.debug("Operation {} of {} is not permitted", "query", str);
        }
        return hashMap;
    }

    public Map<String, Object> action(String str, Map<String, Object> map) throws ObjectSetException {
        OperationHelper build = this.operationHelperBuilder.build(new Id(str).getObjectType(), map, this.cryptoService);
        HashMap hashMap = new HashMap();
        ConnectorScript connectorScript = new ConnectorScript(map);
        if (build.isOperationPermitted(connectorScript.getAPIOperation())) {
            try {
                Object obj = map.get(ConnectorScript.SCRIPT_VARIABLE_PREFIX);
                String str2 = obj instanceof String ? (String) obj : null;
                for (Map.Entry<String, Object> entry : map.entrySet()) {
                    if (!entry.getKey().startsWith("_")) {
                        Object value = entry.getValue();
                        Object obj2 = value;
                        if (null != value) {
                            if (value instanceof Collection) {
                                obj2 = Array.newInstance((Class<?>) Object.class, ((Collection) value).size());
                                int i = 0;
                                for (Object obj3 : (Collection) value) {
                                    if (null == obj3 || FrameworkUtil.isSupportedAttributeType(obj3.getClass())) {
                                        Array.set(obj2, i, obj3);
                                    } else {
                                        Array.set(obj2, i, obj3 instanceof Serializable ? obj3 : obj3.toString());
                                    }
                                    i++;
                                }
                            } else if (!value.getClass().isArray() && !FrameworkUtil.isSupportedAttributeType(value.getClass())) {
                                obj2 = value instanceof Serializable ? value : value.toString();
                            }
                        }
                        if (null != str2) {
                            connectorScript.getScriptContextBuilder().addScriptArgument(str2 + entry.getKey(), obj2);
                        } else {
                            connectorScript.getScriptContextBuilder().addScriptArgument(entry.getKey(), obj2);
                        }
                    }
                }
                connectorScript.getScriptContextBuilder().addScriptArgument("openidm_id", str);
                Object obj4 = null;
                ConnectorFacade connectorFacade = getConnectorFacade(build.getRuntimeAPIConfiguration());
                ScriptContext build2 = connectorScript.getScriptContextBuilder().build();
                OperationOptions build3 = connectorScript.getOperationOptionsBuilder().build();
                try {
                    obj4 = ConnectorScript.ExecutionMode.CONNECTOR.equals(connectorScript.getExecMode()) ? connectorFacade.runScriptOnConnector(build2, build3) : connectorFacade.runScriptOnResource(build2, build3);
                } catch (Throwable th) {
                    logger.error("Script execution error.", th);
                    hashMap.put("error", th.getMessage());
                }
                hashMap.put("result", ConnectorUtil.coercedTypeCasting(obj4, Object.class));
            } catch (ConnectionBrokenException e) {
                logger.error("Operation {} failed with ConnectionBrokenException on system object: {}", new Object[]{"action", str}, e);
                throw new ServiceUnavailableException(e);
            } catch (OperationTimeoutException e2) {
                logger.error("Operation {} Timeout on system object: {}", new Object[]{"action", str}, e2);
                throw new ServiceUnavailableException(e2);
            } catch (AlreadyExistsException e3) {
                logger.error("System object {} already exists", str, e3);
                throw new ConflictException(e3);
            } catch (ConnectorException e4) {
                logger.error("Operation {} failed with ConnectorException on system object: {}", new Object[]{"action", str}, e4);
                throw new InternalServerErrorException(e4);
            } catch (UnknownUidException e5) {
                logger.error("Operation {} failed with UnknownUidException on system object: {}", new Object[]{"action", str}, e5);
                throw new NotFoundException(e5);
            } catch (ConfigurationException e6) {
                logger.error("Operation {} failed with ConfigurationException on system object: {}", new Object[]{"action", str}, e6);
                throw new InternalServerErrorException(e6);
            } catch (InvalidCredentialException e7) {
                logger.error("Invalid credential has been provided to operation {} for system object: {}", new Object[]{"action", str}, e7);
                throw new InternalServerErrorException(e7);
            } catch (Exception e8) {
                logger.error("Operation {} failed with Exception on system object: {}", new Object[]{"action", str}, e8);
                throw new ObjectSetException(e8);
            } catch (PermissionDeniedException e9) {
                logger.error("Permission was denied on {} operation for system object: {}", new Object[]{"action", str}, e9);
                throw new ForbiddenException(e9);
            } catch (ConnectorSecurityException e10) {
                logger.error("Operation {} failed with ConnectorSecurityException on system object: {}", new Object[]{"action", str}, e10);
                throw new InternalServerErrorException(e10);
            } catch (PasswordExpiredException e11) {
                logger.error("Operation {} failed with PasswordExpiredException on system object: {}", new Object[]{"action", str}, e11);
                throw new InternalServerErrorException(e11);
            } catch (ConnectorIOException e12) {
                logger.error("Operation {} failed with ConnectorIOException on system object: {}", new Object[]{"action", str}, e12);
                throw new ServiceUnavailableException(e12);
            } catch (ConnectionFailedException e13) {
                logger.error("Connection failed during operation {} on system object: {}", new Object[]{"action", str}, e13);
                throw new ServiceUnavailableException(e13);
            } catch (InvalidPasswordException e14) {
                logger.error("Invalid password has been provided to operation {} for system object: {}", new Object[]{"action", str}, e14);
                throw new InternalServerErrorException(e14);
            }
        } else {
            logger.debug("Operation {} of {} is not permitted", "action", str);
        }
        return hashMap;
    }

    public JsonValue liveSynchronize(String str, JsonValue jsonValue, final SynchronizationListener synchronizationListener) {
        SyncToken syncToken;
        JsonValue copy = jsonValue != null ? jsonValue.copy() : new JsonValue(new LinkedHashMap());
        JsonValue jsonValue2 = copy.get("connectorData");
        SyncToken syncToken2 = null;
        if (!jsonValue2.isNull()) {
            if (!jsonValue2.isMap()) {
                throw new IllegalArgumentException("Illegal connectorData property. Value must be Map");
            }
            syncToken2 = ConnectorUtil.convertToSyncToken(jsonValue2);
        }
        copy.remove("lastException");
        try {
            final OperationHelper build = this.operationHelperBuilder.build(str, copy.asMap(), this.cryptoService);
            if (build.isOperationPermitted(SyncApiOp.class)) {
                SyncApiOp operation = getConnectorFacade(build.getRuntimeAPIConfiguration()).getOperation(SyncApiOp.class);
                if (null == operation) {
                    throw new UnsupportedOperationException(SyncApiOp.class.getCanonicalName());
                }
                if (null == syncToken2) {
                    syncToken = operation.getLatestSyncToken(build.getObjectClass());
                    logger.debug("New LatestSyncToken has been fetched. New token is: {}", syncToken);
                } else {
                    final SyncToken[] syncTokenArr = {syncToken2};
                    final String[] strArr = new String[1];
                    OperationOptionsBuilder operationOptionsBuilder = build.getOperationOptionsBuilder(SyncApiOp.class, null, jsonValue.asMap());
                    InvokeContext.getContext().pushActivityId(UUID.randomUUID().toString());
                    try {
                        try {
                            logger.debug("Execute sync(ObjectClass:{}, SyncToken:{})", new Object[]{build.getObjectClass().getObjectClassValue(), syncToken2});
                            operation.sync(build.getObjectClass(), syncToken2, new SyncResultsHandler() { // from class: org.forgerock.openidm.provisioner.openicf.impl.OpenICFProvisionerService.1
                                public boolean handle(SyncDelta syncDelta) {
                                    try {
                                        switch (AnonymousClass2.$SwitchMap$org$identityconnectors$framework$common$objects$SyncDeltaType[syncDelta.getDeltaType().ordinal()]) {
                                            case 1:
                                                Map<String, Object> build2 = build.build(syncDelta.getObject());
                                                if (null != syncDelta.getPreviousUid()) {
                                                    build2.put("_previous-id", Id.escapeUid(syncDelta.getPreviousUid().getUidValue()));
                                                }
                                                synchronizationListener.onUpdate(build.resolveQualifiedId(syncDelta.getUid()).toString(), (JsonValue) null, new JsonValue(build2));
                                                break;
                                            case 2:
                                                synchronizationListener.onDelete(build.resolveQualifiedId(syncDelta.getUid()).toString());
                                                break;
                                        }
                                        syncTokenArr[0] = syncDelta.getToken();
                                        return true;
                                    } catch (Exception e) {
                                        strArr[0] = SerializerUtil.serializeXmlObject(syncDelta, true);
                                        OpenICFProvisionerService.logger.error("Failed synchronise {} object", syncDelta.getUid(), e);
                                        throw new ConnectorException("Failed synchronise " + syncDelta.getUid() + " object", e);
                                    }
                                }
                            }, operationOptionsBuilder.build());
                            syncToken = syncTokenArr[0];
                            logger.debug("Synchronization is finished. New LatestSyncToken value: {}", syncToken);
                            InvokeContext.getContext().popActivityId();
                        } catch (Throwable th) {
                            logger.debug("Synchronization is finished. New LatestSyncToken value: {}", syncTokenArr[0]);
                            InvokeContext.getContext().popActivityId();
                            throw th;
                        }
                    } catch (Throwable th2) {
                        LinkedHashMap linkedHashMap = new LinkedHashMap(2);
                        linkedHashMap.put("throwable", th2.getMessage());
                        if (null != strArr[0]) {
                            linkedHashMap.put("syncDelta", strArr[0]);
                        }
                        copy.put("lastException", linkedHashMap);
                        logger.error("Live synchronization of {} failed on {}", new Object[]{str, this.systemIdentifier.getName()}, th2);
                        syncToken = syncTokenArr[0];
                        logger.debug("Synchronization is finished. New LatestSyncToken value: {}", syncToken);
                        InvokeContext.getContext().popActivityId();
                    }
                }
                if (null != syncToken) {
                    copy.put("connectorData", ConnectorUtil.convertFromSyncToken(syncToken));
                }
            }
            return copy;
        } catch (Exception e) {
            logger.error("Failed to get OperationOptionsBuilder", e);
            throw new RuntimeException(e);
        } catch (ObjectSetException e2) {
            logger.error("Failed to get OperationHelper", e2);
            throw new RuntimeException((Throwable) e2);
        }
    }

    private JsonValue getConfiguration(ComponentContext componentContext) {
        JsonValue configurationAsJson = new JSONEnhancedConfig().getConfigurationAsJson(componentContext);
        if (null != this.cryptoService) {
            configurationAsJson = this.cryptoService.decrypt(configurationAsJson);
        }
        return configurationAsJson;
    }

    ConnectorFacade getConnectorFacade(APIConfiguration aPIConfiguration) {
        return ConnectorFacadeFactory.getInstance().newInstance(aPIConfiguration);
    }

    private void traceObject(String str, String str2, Map<String, Object> map) {
        if (!logger.isTraceEnabled() || null == map) {
            return;
        }
        try {
            StringWriter stringWriter = new StringWriter();
            mapper.writeValue(stringWriter, map);
            logger.info("Action: {}, Id: {}, Object: {}", new Object[]{str, str2, stringWriter});
        } catch (IOException e) {
        }
    }
}
