package com.evolveum.midpoint.security.impl;

import com.evolveum.midpoint.common.ActivationComputer;
import com.evolveum.midpoint.common.Clock;
import com.evolveum.midpoint.prism.PrismContext;
import com.evolveum.midpoint.prism.PrismObject;
import com.evolveum.midpoint.prism.delta.ObjectDelta;
import com.evolveum.midpoint.prism.polystring.PolyString;
import com.evolveum.midpoint.prism.query.ObjectQuery;
import com.evolveum.midpoint.repo.api.RepositoryService;
import com.evolveum.midpoint.schema.SearchResultList;
import com.evolveum.midpoint.schema.constants.ObjectTypes;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.schema.util.ObjectQueryUtil;
import com.evolveum.midpoint.security.api.Authorization;
import com.evolveum.midpoint.security.api.AuthorizationTransformer;
import com.evolveum.midpoint.security.api.MidPointPrincipal;
import com.evolveum.midpoint.security.api.UserProfileService;
import com.evolveum.midpoint.util.exception.ObjectAlreadyExistsException;
import com.evolveum.midpoint.util.exception.ObjectNotFoundException;
import com.evolveum.midpoint.util.exception.SchemaException;
import com.evolveum.midpoint.util.exception.SystemException;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AbstractRoleType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SystemConfigurationType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SystemObjectsType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
import java.util.Collection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/evolveum/midpoint/security/impl/UserProfileServiceMock.class */
public class UserProfileServiceMock implements UserProfileService, UserDetailsService {
    private static final Trace LOGGER = TraceManager.getTrace(UserProfileServiceMock.class);

    @Autowired(required = true)
    private transient RepositoryService repositoryService;

    @Autowired(required = true)
    private ActivationComputer activationComputer;

    @Autowired(required = true)
    private Clock clock;

    @Autowired(required = true)
    private PrismContext prismContext;

    public MidPointPrincipal getPrincipal(String str) throws ObjectNotFoundException, SchemaException {
        OperationResult operationResult = new OperationResult(OPERATION_GET_PRINCIPAL);
        try {
            return getPrincipal(findByUsername(str, operationResult), null, operationResult);
        } catch (Exception e) {
            LOGGER.warn("Error getting user with name '{}', reason: {}.", new Object[]{str, e.getMessage(), e});
            throw new SystemException(e.getMessage(), e);
        } catch (ObjectNotFoundException e2) {
            LOGGER.trace("Couldn't find user with name '{}', reason: {}.", new Object[]{str, e2.getMessage(), e2});
            throw e2;
        }
    }

    public MidPointPrincipal getPrincipal(PrismObject<UserType> prismObject) throws SchemaException {
        return getPrincipal(prismObject, null, new OperationResult(OPERATION_GET_PRINCIPAL));
    }

    public MidPointPrincipal getPrincipal(PrismObject<UserType> prismObject, AuthorizationTransformer authorizationTransformer, OperationResult operationResult) throws SchemaException {
        if (prismObject == null) {
            return null;
        }
        PrismObject<SystemConfigurationType> systemConfiguration = getSystemConfiguration(operationResult);
        MidPointPrincipal midPointPrincipal = new MidPointPrincipal(prismObject.asObjectable());
        initializePrincipalFromAssignments(midPointPrincipal, systemConfiguration);
        return midPointPrincipal;
    }

    private PrismObject<SystemConfigurationType> getSystemConfiguration(OperationResult operationResult) {
        PrismObject<SystemConfigurationType> prismObject = null;
        try {
            prismObject = this.repositoryService.getObject(SystemConfigurationType.class, SystemObjectsType.SYSTEM_CONFIGURATION.value(), (Collection) null, operationResult);
        } catch (ObjectNotFoundException | SchemaException e) {
            LOGGER.warn("No system configuration: {}", e.getMessage(), e);
        }
        return prismObject;
    }

    public void updateUser(MidPointPrincipal midPointPrincipal) {
        try {
            save(midPointPrincipal, new OperationResult(OPERATION_UPDATE_USER));
        } catch (Exception e) {
            LOGGER.warn("Couldn't save user '{}, ({})', reason: {}.", new Object[]{midPointPrincipal.getFullName(), midPointPrincipal.getOid(), e.getMessage()});
        }
    }

    private PrismObject<UserType> findByUsername(String str, OperationResult operationResult) throws SchemaException, ObjectNotFoundException {
        ObjectQuery createNormNameQuery = ObjectQueryUtil.createNormNameQuery(new PolyString(str), this.prismContext);
        LOGGER.trace("Looking for user, query:\n" + createNormNameQuery.debugDump());
        SearchResultList searchObjects = this.repositoryService.searchObjects(UserType.class, createNormNameQuery, (Collection) null, operationResult);
        LOGGER.trace("Users found: {}.", Integer.valueOf(searchObjects != null ? searchObjects.size() : 0));
        if (searchObjects == null || searchObjects.size() != 1) {
            return null;
        }
        return (PrismObject) searchObjects.get(0);
    }

    private void initializePrincipalFromAssignments(MidPointPrincipal midPointPrincipal, PrismObject<SystemConfigurationType> prismObject) {
        midPointPrincipal.setApplicableSecurityPolicy(locateSecurityPolicy(midPointPrincipal, prismObject, new OperationResult(UserProfileServiceMock.class.getName() + ".addAuthorizations")));
        if (prismObject != null) {
            midPointPrincipal.setAdminGuiConfiguration(prismObject.asObjectable().getAdminGuiConfiguration());
        }
        AuthorizationType authorizationType = new AuthorizationType();
        authorizationType.getAction().add("FAKE");
        midPointPrincipal.getAuthorities().add(new Authorization(authorizationType));
        ActivationType activation = midPointPrincipal.getUser().getActivation();
        if (activation != null) {
            this.activationComputer.computeEffective(midPointPrincipal.getUser().getLifecycleState(), activation);
        }
    }

    private SecurityPolicyType locateSecurityPolicy(MidPointPrincipal midPointPrincipal, PrismObject<SystemConfigurationType> prismObject, OperationResult operationResult) {
        ObjectReferenceType globalSecurityPolicyRef;
        if (prismObject == null || (globalSecurityPolicyRef = prismObject.asObjectable().getGlobalSecurityPolicyRef()) == null) {
            return null;
        }
        try {
            return this.repositoryService.getObject(SecurityPolicyType.class, globalSecurityPolicyRef.getOid(), (Collection) null, operationResult).asObjectable();
        } catch (ObjectNotFoundException | SchemaException e) {
            LOGGER.error(e.getMessage(), e);
            return null;
        }
    }

    private MidPointPrincipal save(MidPointPrincipal midPointPrincipal, OperationResult operationResult) throws ObjectNotFoundException, SchemaException, ObjectAlreadyExistsException {
        ObjectDelta diff = getUserByOid(midPointPrincipal.getOid(), operationResult).asPrismObject().diff(midPointPrincipal.getUser().asPrismObject());
        this.repositoryService.modifyObject(UserType.class, diff.getOid(), diff.getModifications(), new OperationResult(OPERATION_UPDATE_USER));
        return midPointPrincipal;
    }

    private UserType getUserByOid(String str, OperationResult operationResult) throws ObjectNotFoundException, SchemaException {
        UserType userType = (ObjectType) this.repositoryService.getObject(UserType.class, str, (Collection) null, operationResult).asObjectable();
        if (userType == null || !(userType instanceof UserType)) {
            return null;
        }
        return userType;
    }

    public <F extends FocusType, O extends ObjectType> PrismObject<F> resolveOwner(PrismObject<O> prismObject) {
        ObjectReferenceType ownerRef;
        if (prismObject == null || prismObject.getOid() == null) {
            return null;
        }
        PrismObject<F> prismObject2 = null;
        if (prismObject.canRepresent(ShadowType.class)) {
            prismObject2 = this.repositoryService.searchShadowOwner(prismObject.getOid(), (Collection) null, new OperationResult(UserProfileServiceMock.class + ".resolveOwner"));
        } else if (prismObject.canRepresent(AbstractRoleType.class) && (ownerRef = prismObject.asObjectable().getOwnerRef()) != null && ownerRef.getOid() != null && ownerRef.getType() != null) {
            try {
                prismObject2 = this.repositoryService.getObject(ObjectTypes.getObjectTypeFromTypeQName(ownerRef.getType()).getClassDefinition(), ownerRef.getOid(), (Collection) null, new OperationResult(UserProfileService.class.getName() + ".resolveOwner"));
            } catch (ObjectNotFoundException | SchemaException e) {
                LOGGER.warn("Cannot resolve owner of {}: {}", new Object[]{prismObject, e.getMessage(), e});
            }
        }
        if (prismObject2 == null) {
            return null;
        }
        return prismObject2;
    }

    public UserDetails loadUserByUsername(String str) throws UsernameNotFoundException {
        try {
            return getPrincipal(str);
        } catch (ObjectNotFoundException e) {
            throw new UsernameNotFoundException(e.getMessage(), e);
        } catch (SchemaException e2) {
            throw new IllegalArgumentException(e2.getMessage(), e2);
        }
    }
}
