package com.evolveum.midpoint.provisioning.impl.shadows.manager;

import com.evolveum.midpoint.common.Clock;
import com.evolveum.midpoint.common.refinery.RefinedAssociationDefinition;
import com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition;
import com.evolveum.midpoint.prism.PrismContext;
import com.evolveum.midpoint.prism.PrismObject;
import com.evolveum.midpoint.prism.crypto.EncryptionException;
import com.evolveum.midpoint.prism.crypto.Protector;
import com.evolveum.midpoint.provisioning.impl.ProvisioningContext;
import com.evolveum.midpoint.provisioning.impl.ProvisioningOperationState;
import com.evolveum.midpoint.provisioning.impl.shadows.ConstraintsChecker;
import com.evolveum.midpoint.provisioning.util.ProvisioningUtil;
import com.evolveum.midpoint.repo.api.RepositoryService;
import com.evolveum.midpoint.schema.constants.SchemaConstants;
import com.evolveum.midpoint.schema.processor.ResourceAttribute;
import com.evolveum.midpoint.schema.processor.ResourceAttributeContainer;
import com.evolveum.midpoint.schema.result.AsynchronousOperationReturnValue;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.schema.util.ObjectTypeUtil;
import com.evolveum.midpoint.schema.util.ShadowUtil;
import com.evolveum.midpoint.task.api.Task;
import com.evolveum.midpoint.util.annotation.Experimental;
import com.evolveum.midpoint.util.exception.CommunicationException;
import com.evolveum.midpoint.util.exception.ConfigurationException;
import com.evolveum.midpoint.util.exception.ExpressionEvaluationException;
import com.evolveum.midpoint.util.exception.ObjectAlreadyExistsException;
import com.evolveum.midpoint.util.exception.ObjectNotFoundException;
import com.evolveum.midpoint.util.exception.SchemaException;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.xml.ns._public.common.common_3.CachingMetadataType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.CachingStategyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.PendingOperationExecutionStatusType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceObjectAssociationDirectionType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType;
import com.evolveum.prism.xml.ns._public.types_3.PolyStringType;
import com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType;
import java.util.Iterator;
import javax.xml.namespace.QName;
import org.jetbrains.annotations.NotNull;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;

/* JADX INFO: Access modifiers changed from: package-private */
@Experimental
@Component
/* loaded from: input_file:WEB-INF/lib/provisioning-impl-4.3.3-SNAPSHOT.jar:com/evolveum/midpoint/provisioning/impl/shadows/manager/ShadowCreator.class */
public class ShadowCreator {
    private static final Trace LOGGER = TraceManager.getTrace((Class<?>) ShadowManager.class);

    @Autowired
    @Qualifier("cacheRepositoryService")
    private RepositoryService repositoryService;

    @Autowired
    private Clock clock;

    @Autowired
    private PrismContext prismContext;

    @Autowired
    private Protector protector;

    @Autowired
    private ShadowFinder shadowFinder;

    @Autowired
    private Helper helper;

    @Autowired
    private ShadowManager shadowManager;

    @Autowired
    private CreatorUpdaterHelper creatorUpdaterHelper;

    @Autowired
    private PendingOperationsHelper pendingOperationsHelper;

    ShadowCreator() {
    }

    @NotNull
    public PrismObject<ShadowType> addDiscoveredRepositoryShadow(ProvisioningContext provisioningContext, PrismObject<ShadowType> prismObject, OperationResult operationResult) throws SchemaException, ConfigurationException, ObjectNotFoundException, CommunicationException, ObjectAlreadyExistsException, ExpressionEvaluationException, EncryptionException {
        LOGGER.trace("Adding new shadow from resource object:\n{}", prismObject.debugDumpLazily(1));
        PrismObject<ShadowType> createRepositoryShadow = createRepositoryShadow(provisioningContext, prismObject);
        ConstraintsChecker.onShadowAddOperation(createRepositoryShadow.asObjectable());
        createRepositoryShadow.setOid(this.repositoryService.addObject(createRepositoryShadow, null, operationResult));
        LOGGER.debug("Added new shadow (from resource object): {}", createRepositoryShadow);
        LOGGER.trace("Added new shadow (from resource object):\n{}", createRepositoryShadow.debugDumpLazily(1));
        return createRepositoryShadow;
    }

    public void addNewProposedShadow(ProvisioningContext provisioningContext, PrismObject<ShadowType> prismObject, ProvisioningOperationState<AsynchronousOperationReturnValue<PrismObject<ShadowType>>> provisioningOperationState, Task task, OperationResult operationResult) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, ExpressionEvaluationException, ObjectAlreadyExistsException, EncryptionException {
        if (this.creatorUpdaterHelper.isUseProposedShadows(provisioningContext) && provisioningOperationState.getRepoShadow() == null) {
            PrismObject<ShadowType> createRepositoryShadow = createRepositoryShadow(provisioningContext, prismObject);
            createRepositoryShadow.asObjectable().setLifecycleState(SchemaConstants.LIFECYCLE_PROPOSED);
            provisioningOperationState.setExecutionStatus(PendingOperationExecutionStatusType.REQUESTED);
            this.pendingOperationsHelper.addPendingOperationAdd(createRepositoryShadow, prismObject, provisioningOperationState, task.getTaskIdentifier());
            ConstraintsChecker.onShadowAddOperation(createRepositoryShadow.asObjectable());
            createRepositoryShadow.setOid(this.repositoryService.addObject(createRepositoryShadow, null, operationResult));
            LOGGER.trace("Proposed shadow added to the repository: {}", createRepositoryShadow);
            provisioningOperationState.setRepoShadow(createRepositoryShadow);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @NotNull
    public PrismObject<ShadowType> createRepositoryShadow(ProvisioningContext provisioningContext, PrismObject<ShadowType> prismObject) throws SchemaException, ConfigurationException, ObjectNotFoundException, CommunicationException, ExpressionEvaluationException, EncryptionException {
        PasswordType password;
        ResourceAttribute findAttribute;
        ResourceAttributeContainer attributesContainer = ShadowUtil.getAttributesContainer(prismObject);
        PrismObject<ShadowType> mo841clone = prismObject.mo841clone();
        ShadowType asObjectable = mo841clone.asObjectable();
        ResourceAttributeContainer attributesContainer2 = ShadowUtil.getAttributesContainer(mo841clone);
        asObjectable.setPrimaryIdentifierValue(this.helper.determinePrimaryIdentifierValue(provisioningContext, prismObject));
        CachingStategyType cachingStrategy = ProvisioningUtil.getCachingStrategy(provisioningContext);
        if (cachingStrategy == CachingStategyType.NONE) {
            attributesContainer2.clear();
            Iterator<ResourceAttribute<?>> it = attributesContainer.getPrimaryIdentifiers().iterator();
            while (it.hasNext()) {
                attributesContainer2.add(it.next().mo841clone());
            }
            Iterator<ResourceAttribute<?>> it2 = attributesContainer.getSecondaryIdentifiers().iterator();
            while (it2.hasNext()) {
                attributesContainer2.add(it2.next().mo841clone());
            }
            for (RefinedAssociationDefinition refinedAssociationDefinition : provisioningContext.getObjectClassDefinition().getAssociationDefinitions()) {
                if (refinedAssociationDefinition.getResourceObjectAssociationType().getDirection() == ResourceObjectAssociationDirectionType.OBJECT_TO_SUBJECT) {
                    QName valueAttribute = refinedAssociationDefinition.getResourceObjectAssociationType().getValueAttribute();
                    if (attributesContainer2.findAttribute(valueAttribute) == null && (findAttribute = attributesContainer.findAttribute(valueAttribute)) != null) {
                        attributesContainer2.add(findAttribute.mo841clone());
                    }
                }
            }
            asObjectable.setCachingMetadata(null);
            ProvisioningUtil.cleanupShadowActivation(asObjectable);
        } else {
            if (cachingStrategy != CachingStategyType.PASSIVE) {
                throw new ConfigurationException("Unknown caching strategy " + cachingStrategy);
            }
            CachingMetadataType cachingMetadataType = new CachingMetadataType();
            cachingMetadataType.setRetrievalTimestamp(this.clock.currentTimeXMLGregorianCalendar());
            asObjectable.setCachingMetadata(cachingMetadataType);
        }
        this.helper.setKindIfNecessary(asObjectable, provisioningContext.getObjectClassDefinition());
        CredentialsType credentials = asObjectable.getCredentials();
        if (credentials != null && (password = credentials.getPassword()) != null) {
            preparePasswordForStorage(password, provisioningContext.getObjectClassDefinition());
            ProvisioningUtil.addPasswordMetadata(password, this.clock.currentTimeXMLGregorianCalendar(), provisioningContext.getTask() != null ? provisioningContext.getTask().getOwnerRef() : null);
        }
        if (asObjectable.getResourceRef() == null) {
            asObjectable.setResourceRef(ObjectTypeUtil.createObjectRef(provisioningContext.getResource(), this.prismContext));
        }
        if (asObjectable.getName() == null) {
            asObjectable.setName(new PolyStringType(ShadowUtil.determineShadowName(prismObject)));
        }
        if (asObjectable.getObjectClass() == null) {
            asObjectable.setObjectClass(attributesContainer.getDefinition().getTypeName());
        }
        if (asObjectable.isProtectedObject() != null) {
            asObjectable.setProtectedObject(null);
        }
        this.helper.normalizeAttributes(mo841clone, provisioningContext.getObjectClassDefinition());
        return mo841clone;
    }

    private void preparePasswordForStorage(PasswordType passwordType, RefinedObjectClassDefinition refinedObjectClassDefinition) throws SchemaException, EncryptionException {
        ProtectedStringType value = passwordType.getValue();
        if (value == null) {
            return;
        }
        CachingStategyType passwordCachingStrategy = ProvisioningUtil.getPasswordCachingStrategy(refinedObjectClassDefinition);
        if (passwordCachingStrategy == null || passwordCachingStrategy == CachingStategyType.NONE) {
            ProvisioningUtil.cleanupShadowPassword(passwordType);
        } else {
            if (value.isHashed()) {
                return;
            }
            this.protector.hash(value);
        }
    }
}
