package com.evolveum.midpoint.provisioning.ucf.impl.connid;

import com.evolveum.midpoint.prism.PrismObject;
import com.evolveum.midpoint.prism.crypto.EncryptionException;
import com.evolveum.midpoint.prism.path.ItemName;
import com.evolveum.midpoint.prism.polystring.PolyString;
import com.evolveum.midpoint.prism.xml.XmlTypeConverter;
import com.evolveum.midpoint.schema.processor.ResourceAttribute;
import com.evolveum.midpoint.schema.processor.ResourceAttributeContainer;
import com.evolveum.midpoint.schema.processor.ResourceAttributeContainerDefinition;
import com.evolveum.midpoint.schema.processor.ResourceAttributeDefinition;
import com.evolveum.midpoint.schema.processor.ResourceObjectDefinition;
import com.evolveum.midpoint.schema.util.ShadowUtil;
import com.evolveum.midpoint.util.MiscUtil;
import com.evolveum.midpoint.util.exception.SchemaException;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationStatusType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.LockoutStatusType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType;
import com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType;
import java.time.ZonedDateTime;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.xml.namespace.QName;
import org.identityconnectors.common.security.GuardedString;
import org.identityconnectors.framework.common.objects.Attribute;
import org.identityconnectors.framework.common.objects.AttributeValueCompleteness;
import org.identityconnectors.framework.common.objects.ConnectorObject;
import org.identityconnectors.framework.common.objects.ObjectClass;
import org.identityconnectors.framework.common.objects.OperationalAttributes;
import org.identityconnectors.framework.common.objects.PredefinedAttributes;
import org.identityconnectors.framework.common.objects.Uid;
import org.jetbrains.annotations.NotNull;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:WEB-INF/lib/ucf-impl-connid-4.5.1-SNAPSHOT.jar:com/evolveum/midpoint/provisioning/ucf/impl/connid/ConnIdToMidPointConversion.class */
public class ConnIdToMidPointConversion {
    private static final Trace LOGGER = TraceManager.getTrace((Class<?>) ConnIdToMidPointConversion.class);

    @NotNull
    private final ConnectorObject connectorObject;

    @NotNull
    private final PrismObject<ShadowType> resourceObject;

    @NotNull
    private final ShadowType resourceObjectBean;

    @NotNull
    private final ResourceAttributeContainer attributesContainer;

    @NotNull
    private final ResourceAttributeContainerDefinition attributesContainerDefinition;
    private final boolean full;
    private final boolean caseIgnoreAttributeNames;
    private final boolean legacySchema;
    private final ConnIdConvertor connIdConvertor;
    private final List<ResourceObjectDefinition> auxiliaryObjectClassDefinitions = new ArrayList();

    /* JADX INFO: Access modifiers changed from: package-private */
    public ConnIdToMidPointConversion(@NotNull ConnectorObject connectorObject, @NotNull PrismObject<ShadowType> prismObject, boolean z, boolean z2, boolean z3, ConnIdConvertor connIdConvertor) throws SchemaException {
        this.connectorObject = connectorObject;
        this.resourceObject = prismObject;
        this.resourceObjectBean = prismObject.asObjectable();
        this.attributesContainer = (ResourceAttributeContainer) prismObject.findOrCreateContainer(ShadowType.F_ATTRIBUTES);
        this.attributesContainerDefinition = this.attributesContainer.getDefinition();
        this.full = z;
        this.caseIgnoreAttributeNames = z2;
        this.legacySchema = z3;
        this.connIdConvertor = connIdConvertor;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void execute() throws SchemaException {
        convertObjectClasses();
        Iterator<Attribute> it = this.connectorObject.getAttributes().iterator();
        while (it.hasNext()) {
            convertAttribute(it.next());
        }
        convertUid();
    }

    private void convertObjectClasses() throws SchemaException {
        this.resourceObjectBean.setObjectClass(this.attributesContainerDefinition.getTypeName());
        convertAuxiliaryObjectClasses();
    }

    private void convertAuxiliaryObjectClasses() throws SchemaException {
        List<QName> auxiliaryObjectClass = this.resourceObjectBean.getAuxiliaryObjectClass();
        ConnIdNameMapper connIdNameMapper = this.connIdConvertor.connIdNameMapper;
        Iterator<?> it = getConnIdAuxiliaryObjectClasses().iterator();
        while (it.hasNext()) {
            QName objectClassToQname = connIdNameMapper.objectClassToQname(new ObjectClass((String) it.next()), this.legacySchema);
            auxiliaryObjectClass.add(objectClassToQname);
            ResourceObjectDefinition findDefinitionForObjectClass = connIdNameMapper.getResourceSchema().findDefinitionForObjectClass(objectClassToQname);
            if (findDefinitionForObjectClass == null) {
                throw new SchemaException("Resource object " + this.connectorObject + " refers to auxiliary object class " + objectClassToQname + " which is not in the schema");
            }
            this.auxiliaryObjectClassDefinitions.add(findDefinitionForObjectClass);
        }
    }

    private List<?> getConnIdAuxiliaryObjectClasses() {
        for (Attribute attribute : this.connectorObject.getAttributes()) {
            if (attribute.is(PredefinedAttributes.AUXILIARY_OBJECT_CLASS_NAME)) {
                return attribute.getValue();
            }
        }
        return Collections.emptyList();
    }

    private void convertAttribute(Attribute attribute) throws SchemaException {
        List<Object> emptyIfNull = MiscUtil.emptyIfNull((List) attribute.getValue());
        String name = attribute.getName();
        LOGGER.trace("Reading ICF attribute {}: {}", name, emptyIfNull);
        if (name.equals(Uid.NAME) || attribute.is(PredefinedAttributes.AUXILIARY_OBJECT_CLASS_NAME)) {
            return;
        }
        if (name.equals(OperationalAttributes.PASSWORD_NAME)) {
            convertPassword(attribute);
            return;
        }
        if (name.equals(OperationalAttributes.ENABLE_NAME)) {
            convertEnable(attribute);
            return;
        }
        if (name.equals(OperationalAttributes.ENABLE_DATE_NAME)) {
            convertEnableDate(attribute);
            return;
        }
        if (name.equals(OperationalAttributes.DISABLE_DATE_NAME)) {
            convertDisableDate(attribute);
        } else if (name.equals(OperationalAttributes.LOCK_OUT_NAME)) {
            convertLockOut(attribute);
        } else {
            convertStandardAttribute(attribute, name, emptyIfNull);
        }
    }

    private void convertPassword(Attribute attribute) throws SchemaException {
        ProtectedStringType protectedStringType = (ProtectedStringType) getSingleValue(attribute, ProtectedStringType.class);
        if (protectedStringType != null) {
            ShadowUtil.setPassword(this.resourceObjectBean, protectedStringType);
            LOGGER.trace("Converted password: {}", protectedStringType);
        } else if (isIncomplete(attribute)) {
            ShadowUtil.setPasswordIncomplete(this.resourceObjectBean);
            LOGGER.trace("Converted password: (incomplete)");
        }
    }

    private boolean isIncomplete(Attribute attribute) {
        return AttributeValueCompleteness.INCOMPLETE.equals(attribute.getAttributeValueCompleteness());
    }

    private void convertEnable(Attribute attribute) throws SchemaException {
        Boolean bool = (Boolean) getSingleValue(attribute, Boolean.class);
        if (bool == null) {
            return;
        }
        ActivationType orCreateActivation = ShadowUtil.getOrCreateActivation(this.resourceObjectBean);
        ActivationStatusType activationStatusType = bool.booleanValue() ? ActivationStatusType.ENABLED : ActivationStatusType.DISABLED;
        orCreateActivation.setAdministrativeStatus(activationStatusType);
        orCreateActivation.setEffectiveStatus(activationStatusType);
        LOGGER.trace("Converted activation administrativeStatus/effectiveStatus: {}", activationStatusType);
    }

    private void convertEnableDate(Attribute attribute) throws SchemaException {
        Long l = (Long) getSingleValue(attribute, Long.class);
        if (l == null) {
            return;
        }
        ShadowUtil.getOrCreateActivation(this.resourceObjectBean).setValidFrom(XmlTypeConverter.createXMLGregorianCalendar(l));
    }

    private void convertDisableDate(Attribute attribute) throws SchemaException {
        Long l = (Long) getSingleValue(attribute, Long.class);
        if (l == null) {
            return;
        }
        ShadowUtil.getOrCreateActivation(this.resourceObjectBean).setValidTo(XmlTypeConverter.createXMLGregorianCalendar(l));
    }

    private void convertLockOut(Attribute attribute) throws SchemaException {
        Boolean bool = (Boolean) getSingleValue(attribute, Boolean.class);
        if (bool == null) {
            return;
        }
        ActivationType orCreateActivation = ShadowUtil.getOrCreateActivation(this.resourceObjectBean);
        LockoutStatusType lockoutStatusType = bool.booleanValue() ? LockoutStatusType.LOCKED : LockoutStatusType.NORMAL;
        orCreateActivation.setLockoutStatus(lockoutStatusType);
        LOGGER.trace("Converted activation lockoutStatus: {}", lockoutStatusType);
    }

    private void convertUid() throws SchemaException {
        Uid uid = this.connectorObject.getUid();
        ResourceObjectDefinition complexTypeDefinition = this.attributesContainerDefinition.getComplexTypeDefinition();
        ResourceAttributeDefinition<?> uidDefinition = ConnIdUtil.getUidDefinition(complexTypeDefinition);
        if (uidDefinition == null) {
            throw new SchemaException("No definition for ConnId UID attribute found in definition " + complexTypeDefinition);
        }
        if (this.attributesContainer.getValue().contains(uidDefinition.getItemName())) {
            return;
        }
        ResourceAttribute<?> instantiate = uidDefinition.instantiate();
        instantiate.setRealValue(uid.getUidValue());
        this.attributesContainer.getValue().add(instantiate);
    }

    private <T> T getSingleValue(Attribute attribute, Class<T> cls) throws SchemaException {
        List<Object> value = attribute.getValue();
        if (value == null || value.isEmpty()) {
            return null;
        }
        if (value.size() > 1) {
            throw new SchemaException("Expected single value for " + attribute.getName());
        }
        T t = (T) convertValueFromConnId(value.get(0));
        if (t == null) {
            return null;
        }
        if (cls.isAssignableFrom(t.getClass())) {
            return t;
        }
        throw new SchemaException("Expected type " + cls.getName() + " for " + attribute.getName() + " but got " + t.getClass().getName());
    }

    private Object convertValueFromConnId(Object obj) {
        if (obj == null) {
            return null;
        }
        return obj instanceof ZonedDateTime ? XmlTypeConverter.createXMLGregorianCalendar((ZonedDateTime) obj) : obj instanceof GuardedString ? fromGuardedString((GuardedString) obj) : obj instanceof Map ? polyStringFromConnIdMap((Map) obj) : obj;
    }

    private ProtectedStringType fromGuardedString(GuardedString guardedString) {
        ProtectedStringType protectedStringType = new ProtectedStringType();
        guardedString.access(cArr -> {
            try {
                protectedStringType.setClearValue(new String(cArr));
                this.connIdConvertor.protector.encrypt(protectedStringType);
            } catch (EncryptionException e) {
                throw new IllegalStateException("Protector failed to encrypt password");
            }
        });
        return protectedStringType;
    }

    private Object polyStringFromConnIdMap(Map<String, String> map) {
        String str = null;
        HashMap hashMap = null;
        for (Map.Entry<String, String> entry : map.entrySet()) {
            String key = entry.getKey();
            if ("".equals(key)) {
                str = entry.getValue();
            } else {
                if (hashMap == null) {
                    hashMap = new HashMap();
                }
                hashMap.put(key, entry.getValue());
            }
        }
        if (str != null) {
            return new PolyString(str, null, null, hashMap);
        }
        if (hashMap == null || hashMap.isEmpty()) {
            return null;
        }
        String str2 = (String) hashMap.get(this.connIdConvertor.localizationService.getDefaultLocale().getLanguage());
        return new PolyString(str2 != null ? str2 : (String) hashMap.values().iterator().next(), null, null, hashMap);
    }

    private void convertStandardAttribute(Attribute attribute, String str, List<Object> list) throws SchemaException {
        ItemName fromQName = ItemName.fromQName(this.connIdConvertor.connIdNameMapper.convertAttributeNameToQName(str, this.attributesContainerDefinition));
        ResourceAttributeDefinition<?> findAttributeDefinition = findAttributeDefinition(str, fromQName);
        ResourceAttribute<?> instantiate = findAttributeDefinition.instantiate((QName) (this.caseIgnoreAttributeNames ? findAttributeDefinition.getItemName() : fromQName));
        instantiate.setIncomplete(isIncomplete(attribute));
        if (this.full) {
            Iterator<Object> it = list.iterator();
            while (it.hasNext()) {
                instantiate.addRealValueSkipUniquenessCheck(convertValueFromConnId(it.next()));
            }
            LOGGER.trace("Converted attribute {}", instantiate);
            this.attributesContainer.getValue().add(instantiate);
            return;
        }
        for (Object obj : list) {
            if (obj != null) {
                instantiate.addRealValueSkipUniquenessCheck(convertValueFromConnId(obj));
            }
        }
        if (!instantiate.getValues().isEmpty() || instantiate.isIncomplete()) {
            LOGGER.trace("Converted attribute {}", instantiate);
            this.attributesContainer.getValue().add(instantiate);
        }
    }

    @NotNull
    private ResourceAttributeDefinition<?> findAttributeDefinition(String str, ItemName itemName) throws SchemaException {
        ResourceAttributeDefinition<?> findAttributeDefinition = this.attributesContainerDefinition.findAttributeDefinition(itemName, this.caseIgnoreAttributeNames);
        if (findAttributeDefinition != null) {
            return findAttributeDefinition;
        }
        Iterator<ResourceObjectDefinition> it = this.auxiliaryObjectClassDefinitions.iterator();
        while (it.hasNext()) {
            ResourceAttributeDefinition<?> findAttributeDefinition2 = it.next().findAttributeDefinition(itemName, this.caseIgnoreAttributeNames);
            if (findAttributeDefinition2 != null) {
                return findAttributeDefinition2;
            }
        }
        throw new SchemaException("Unknown attribute " + itemName + " in definition of object class " + this.attributesContainerDefinition.getTypeName() + ". Original ConnId name: " + str + " in resource object identified by " + this.connectorObject.getName(), itemName);
    }

    @NotNull
    public PrismObject<ShadowType> getResourceObject() {
        return this.resourceObject;
    }
}
