package com.evolveum.midpoint.provisioning.ucf.impl.connid;

import com.evolveum.midpoint.common.LocalizationService;
import com.evolveum.midpoint.prism.PrismObject;
import com.evolveum.midpoint.prism.PrismObjectDefinition;
import com.evolveum.midpoint.prism.PrismPropertyValue;
import com.evolveum.midpoint.prism.crypto.EncryptionException;
import com.evolveum.midpoint.prism.crypto.Protector;
import com.evolveum.midpoint.prism.path.ItemName;
import com.evolveum.midpoint.prism.polystring.PolyString;
import com.evolveum.midpoint.prism.xml.XmlTypeConverter;
import com.evolveum.midpoint.schema.processor.ObjectClassComplexTypeDefinition;
import com.evolveum.midpoint.schema.processor.ResourceAttribute;
import com.evolveum.midpoint.schema.processor.ResourceAttributeContainer;
import com.evolveum.midpoint.schema.processor.ResourceAttributeContainerDefinition;
import com.evolveum.midpoint.schema.processor.ResourceAttributeDefinition;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.schema.util.ShadowUtil;
import com.evolveum.midpoint.util.MiscUtil;
import com.evolveum.midpoint.util.exception.SchemaException;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationStatusType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.LockoutStatusType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType;
import com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType;
import java.time.ZonedDateTime;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.xml.namespace.QName;
import org.apache.directory.api.ldap.model.constants.SchemaConstants;
import org.identityconnectors.common.security.GuardedString;
import org.identityconnectors.framework.common.objects.Attribute;
import org.identityconnectors.framework.common.objects.AttributeBuilder;
import org.identityconnectors.framework.common.objects.AttributeValueCompleteness;
import org.identityconnectors.framework.common.objects.ConnectorObject;
import org.identityconnectors.framework.common.objects.Name;
import org.identityconnectors.framework.common.objects.ObjectClass;
import org.identityconnectors.framework.common.objects.OperationalAttributes;
import org.identityconnectors.framework.common.objects.PredefinedAttributes;
import org.identityconnectors.framework.common.objects.Uid;
import org.jetbrains.annotations.NotNull;

/* loaded from: input_file:WEB-INF/lib/ucf-impl-connid-4.1.1-SNAPSHOT.jar:com/evolveum/midpoint/provisioning/ucf/impl/connid/ConnIdConvertor.class */
public class ConnIdConvertor {
    private static final Trace LOGGER = TraceManager.getTrace((Class<?>) ConnIdConvertor.class);
    private String resourceSchemaNamespace;
    private Protector protector;
    private ConnIdNameMapper connIdNameMapper;
    private LocalizationService localizationService;

    /* JADX INFO: Access modifiers changed from: package-private */
    public ConnIdConvertor(Protector protector, String str, LocalizationService localizationService) {
        this.protector = protector;
        this.resourceSchemaNamespace = str;
        this.localizationService = localizationService;
    }

    public ConnIdNameMapper getConnIdNameMapper() {
        return this.connIdNameMapper;
    }

    public void setConnIdNameMapper(ConnIdNameMapper connIdNameMapper) {
        this.connIdNameMapper = connIdNameMapper;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public <T extends ShadowType> PrismObject<T> convertToResourceObject(ConnectorObject connectorObject, PrismObjectDefinition<T> prismObjectDefinition, boolean z, boolean z2, boolean z3, OperationResult operationResult) throws SchemaException {
        OperationResult build = operationResult.subresult(ConnIdConvertor.class.getName() + ".convertToResourceObject").setMinor().addArbitraryObjectAsParam(SchemaConstants.UID_AT, connectorObject.getUid()).addArbitraryObjectAsParam("objectDefinition", prismObjectDefinition).addParam("full", z).addParam("caseIgnoreAttributeNames", z2).addParam(ConnectorFactoryConnIdImpl.CONNECTOR_SCHEMA_LEGACY_SCHEMA_XML_ELEMENT_NAME, z3).build();
        try {
            try {
                if (prismObjectDefinition == null) {
                    throw new SchemaException("No definition");
                }
                PrismObject<T> instantiate = prismObjectDefinition.instantiate();
                T asObjectable = instantiate.asObjectable();
                ResourceAttributeContainer resourceAttributeContainer = (ResourceAttributeContainer) instantiate.findOrCreateContainer(ShadowType.F_ATTRIBUTES);
                ResourceAttributeContainerDefinition definition = resourceAttributeContainer.getDefinition();
                asObjectable.setObjectClass(definition.getTypeName());
                ArrayList arrayList = new ArrayList();
                Iterator<Attribute> it = connectorObject.getAttributes().iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    Attribute next = it.next();
                    if (next.is(PredefinedAttributes.AUXILIARY_OBJECT_CLASS_NAME)) {
                        List<QName> auxiliaryObjectClass = asObjectable.getAuxiliaryObjectClass();
                        Iterator<Object> it2 = next.getValue().iterator();
                        while (it2.hasNext()) {
                            QName objectClassToQname = this.connIdNameMapper.objectClassToQname(new ObjectClass((String) it2.next()), this.resourceSchemaNamespace, z3);
                            auxiliaryObjectClass.add(objectClassToQname);
                            ObjectClassComplexTypeDefinition findObjectClassDefinition = this.connIdNameMapper.getResourceSchema().findObjectClassDefinition(objectClassToQname);
                            if (findObjectClassDefinition == null) {
                                throw new SchemaException("Resource object " + connectorObject + " refers to auxiliary object class " + objectClassToQname + " which is not in the schema");
                            }
                            arrayList.add(findObjectClassDefinition);
                        }
                    }
                }
                for (Attribute attribute : connectorObject.getAttributes()) {
                    List<Object> emptyIfNull = MiscUtil.emptyIfNull((List) attribute.getValue());
                    String name = attribute.getName();
                    LOGGER.trace("Reading ICF attribute {}: {}", name, emptyIfNull);
                    if (!name.equals(Uid.NAME) && !attribute.is(PredefinedAttributes.AUXILIARY_OBJECT_CLASS_NAME)) {
                        if (name.equals(OperationalAttributes.PASSWORD_NAME)) {
                            ProtectedStringType protectedStringType = (ProtectedStringType) getSingleValue(attribute, ProtectedStringType.class);
                            if (protectedStringType != null) {
                                ShadowUtil.setPassword(asObjectable, protectedStringType);
                                LOGGER.trace("Converted password: {}", protectedStringType);
                            } else if (AttributeValueCompleteness.INCOMPLETE.equals(attribute.getAttributeValueCompleteness())) {
                                ShadowUtil.setPasswordIncomplete(asObjectable);
                                LOGGER.trace("Converted password: (incomplete)");
                            }
                        } else if (name.equals(OperationalAttributes.ENABLE_NAME)) {
                            Boolean bool = (Boolean) getSingleValue(attribute, Boolean.class);
                            if (bool != null) {
                                ActivationType orCreateActivation = ShadowUtil.getOrCreateActivation(asObjectable);
                                ActivationStatusType activationStatusType = bool.booleanValue() ? ActivationStatusType.ENABLED : ActivationStatusType.DISABLED;
                                orCreateActivation.setAdministrativeStatus(activationStatusType);
                                orCreateActivation.setEffectiveStatus(activationStatusType);
                                LOGGER.trace("Converted activation administrativeStatus: {}", activationStatusType);
                            }
                        } else if (name.equals(OperationalAttributes.ENABLE_DATE_NAME)) {
                            Long l = (Long) getSingleValue(attribute, Long.class);
                            if (l != null) {
                                ShadowUtil.getOrCreateActivation(asObjectable).setValidFrom(XmlTypeConverter.createXMLGregorianCalendar(l));
                            }
                        } else if (name.equals(OperationalAttributes.DISABLE_DATE_NAME)) {
                            Long l2 = (Long) getSingleValue(attribute, Long.class);
                            if (l2 != null) {
                                ShadowUtil.getOrCreateActivation(asObjectable).setValidTo(XmlTypeConverter.createXMLGregorianCalendar(l2));
                            }
                        } else if (name.equals(OperationalAttributes.LOCK_OUT_NAME)) {
                            Boolean bool2 = (Boolean) getSingleValue(attribute, Boolean.class);
                            if (bool2 != null) {
                                ActivationType orCreateActivation2 = ShadowUtil.getOrCreateActivation(asObjectable);
                                LockoutStatusType lockoutStatusType = bool2.booleanValue() ? LockoutStatusType.LOCKED : LockoutStatusType.NORMAL;
                                orCreateActivation2.setLockoutStatus(lockoutStatusType);
                                LOGGER.trace("Converted activation lockoutStatus: {}", lockoutStatusType);
                            }
                        } else {
                            convertStandardAttribute(attribute, name, emptyIfNull, z, z2, resourceAttributeContainer, definition, arrayList, connectorObject.getName());
                        }
                    }
                }
                Uid uid = connectorObject.getUid();
                ObjectClassComplexTypeDefinition complexTypeDefinition = definition.getComplexTypeDefinition();
                ResourceAttributeDefinition<String> uidDefinition = ConnIdUtil.getUidDefinition(complexTypeDefinition);
                if (uidDefinition == null) {
                    throw new SchemaException("No definition for ConnId UID attribute found in definition " + complexTypeDefinition);
                }
                if (resourceAttributeContainer.getValue().findItem(uidDefinition.getItemName()) == null) {
                    ResourceAttribute<String> instantiate2 = uidDefinition.instantiate();
                    instantiate2.setRealValue(uid.getUidValue());
                    resourceAttributeContainer.getValue().add(instantiate2);
                }
                return instantiate;
            } catch (SchemaException e) {
                build.recordFatalError(e);
                throw new SchemaException("Couldn't convert resource object from ConnID to midPoint: uid=" + connectorObject.getUid() + ", name=" + connectorObject.getName() + ", class=" + connectorObject.getObjectClass() + ": " + e.getMessage(), e);
            } catch (Throwable th) {
                build.recordFatalError(th);
                throw th;
            }
        } finally {
            build.computeStatusIfUnknown();
        }
    }

    private void convertStandardAttribute(Attribute attribute, String str, List<Object> list, boolean z, boolean z2, ResourceAttributeContainer resourceAttributeContainer, ResourceAttributeContainerDefinition resourceAttributeContainerDefinition, List<ObjectClassComplexTypeDefinition> list2, Name name) throws SchemaException {
        ItemName fromQName = ItemName.fromQName(this.connIdNameMapper.convertAttributeNameToQName(str, resourceAttributeContainerDefinition));
        ResourceAttributeDefinition<Object> findAttributeDefinition = findAttributeDefinition(str, fromQName, z2, resourceAttributeContainerDefinition, list2, name);
        ItemName itemName = z2 ? findAttributeDefinition.getItemName() : fromQName;
        ResourceAttribute<Object> instantiate = findAttributeDefinition.instantiate((QName) itemName);
        instantiate.setIncomplete(attribute.getAttributeValueCompleteness() == AttributeValueCompleteness.INCOMPLETE);
        if (z) {
            Iterator<Object> it = list.iterator();
            while (it.hasNext()) {
                instantiate.addRealValueSkipUniquenessCheck(convertValueFromConnId(it.next(), itemName));
            }
            LOGGER.trace("Converted attribute {}", instantiate);
            resourceAttributeContainer.getValue().add(instantiate);
            return;
        }
        for (Object obj : list) {
            if (obj != null) {
                instantiate.addRealValueSkipUniquenessCheck(convertValueFromConnId(obj, itemName));
            }
        }
        if (!instantiate.getValues().isEmpty() || instantiate.isIncomplete()) {
            LOGGER.trace("Converted attribute {}", instantiate);
            resourceAttributeContainer.getValue().add(instantiate);
        }
    }

    @NotNull
    private ResourceAttributeDefinition<Object> findAttributeDefinition(String str, ItemName itemName, boolean z, ResourceAttributeContainerDefinition resourceAttributeContainerDefinition, List<ObjectClassComplexTypeDefinition> list, Name name) throws SchemaException {
        ResourceAttributeDefinition<Object> findAttributeDefinition = resourceAttributeContainerDefinition.findAttributeDefinition(itemName, z);
        if (findAttributeDefinition == null) {
            Iterator<ObjectClassComplexTypeDefinition> it = list.iterator();
            while (it.hasNext()) {
                findAttributeDefinition = it.next().findAttributeDefinition(itemName, z);
                if (findAttributeDefinition != null) {
                    break;
                }
            }
            if (findAttributeDefinition == null) {
                throw new SchemaException("Unknown attribute " + itemName + " in definition of object class " + resourceAttributeContainerDefinition.getTypeName() + ". Original ConnId name: " + str + " in resource object identified by " + name, itemName);
            }
        }
        return findAttributeDefinition;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Set<Attribute> convertFromResourceObjectToConnIdAttributes(ResourceAttributeContainer resourceAttributeContainer, ObjectClassComplexTypeDefinition objectClassComplexTypeDefinition) throws SchemaException {
        return convertFromResourceObjectToConnIdAttributes(resourceAttributeContainer.getAttributes(), objectClassComplexTypeDefinition);
    }

    private Set<Attribute> convertFromResourceObjectToConnIdAttributes(Collection<ResourceAttribute<?>> collection, ObjectClassComplexTypeDefinition objectClassComplexTypeDefinition) throws SchemaException {
        HashSet hashSet = new HashSet();
        if (collection == null) {
            return hashSet;
        }
        Iterator<ResourceAttribute<?>> it = collection.iterator();
        while (it.hasNext()) {
            hashSet.add(convertToConnIdAttribute(it.next(), objectClassComplexTypeDefinition));
        }
        return hashSet;
    }

    private Attribute convertToConnIdAttribute(ResourceAttribute<?> resourceAttribute, ObjectClassComplexTypeDefinition objectClassComplexTypeDefinition) throws SchemaException {
        if (resourceAttribute.getElementName().equals(com.evolveum.midpoint.schema.constants.SchemaConstants.ICFS_UID)) {
            throw new SchemaException("ICF UID explicitly specified in attributes");
        }
        String convertAttributeNameToConnId = this.connIdNameMapper.convertAttributeNameToConnId(resourceAttribute, objectClassComplexTypeDefinition);
        HashSet hashSet = new HashSet();
        Iterator it = resourceAttribute.getValues().iterator();
        while (it.hasNext()) {
            hashSet.add(ConnIdUtil.convertValueToConnId((PrismPropertyValue) it.next(), this.protector, resourceAttribute.getElementName()));
        }
        try {
            return AttributeBuilder.build(convertAttributeNameToConnId, hashSet);
        } catch (IllegalArgumentException e) {
            throw new SchemaException(e.getMessage(), e);
        }
    }

    private <T> T getSingleValue(Attribute attribute, Class<T> cls) throws SchemaException {
        List<Object> value = attribute.getValue();
        if (value == null || value.isEmpty()) {
            return null;
        }
        if (value.size() > 1) {
            throw new SchemaException("Expected single value for " + attribute.getName());
        }
        T t = (T) convertValueFromConnId(value.get(0), null);
        if (t == null) {
            return null;
        }
        if (cls.isAssignableFrom(t.getClass())) {
            return t;
        }
        throw new SchemaException("Expected type " + cls.getName() + " for " + attribute.getName() + " but got " + t.getClass().getName());
    }

    private Object convertValueFromConnId(Object obj, QName qName) {
        if (obj == null) {
            return null;
        }
        return obj instanceof ZonedDateTime ? XmlTypeConverter.createXMLGregorianCalendar((ZonedDateTime) obj) : obj instanceof GuardedString ? fromGuardedString((GuardedString) obj) : obj instanceof Map ? polyStringFromConnIdMap((Map) obj) : obj;
    }

    private ProtectedStringType fromGuardedString(GuardedString guardedString) {
        final ProtectedStringType protectedStringType = new ProtectedStringType();
        guardedString.access(new GuardedString.Accessor() { // from class: com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnIdConvertor.1
            @Override // org.identityconnectors.common.security.GuardedString.Accessor
            public void access(char[] cArr) {
                try {
                    protectedStringType.setClearValue(new String(cArr));
                    ConnIdConvertor.this.protector.encrypt(protectedStringType);
                } catch (EncryptionException e) {
                    throw new IllegalStateException("Protector failed to encrypt password");
                }
            }
        });
        return protectedStringType;
    }

    private Object polyStringFromConnIdMap(Map<String, String> map) {
        String str = null;
        HashMap hashMap = null;
        for (Map.Entry<String, String> entry : map.entrySet()) {
            String key = entry.getKey();
            if ("".equals(key)) {
                str = entry.getValue();
            } else {
                if (hashMap == null) {
                    hashMap = new HashMap();
                }
                hashMap.put(key, entry.getValue());
            }
        }
        if (str != null) {
            return new PolyString(str, null, null, hashMap);
        }
        if (hashMap == null || hashMap.isEmpty()) {
            return null;
        }
        String str2 = (String) hashMap.get(this.localizationService.getDefaultLocale().getLanguage());
        return new PolyString(str2 != null ? str2 : (String) hashMap.values().iterator().next(), null, null, hashMap);
    }
}
