package com.identity4j.connector.office365;

import com.identity4j.connector.AbstractConnector;
import com.identity4j.connector.ConnectorCapability;
import com.identity4j.connector.ConnectorConfigurationParameters;
import com.identity4j.connector.exception.ConnectorException;
import com.identity4j.connector.exception.PrincipalAlreadyExistsException;
import com.identity4j.connector.exception.PrincipalNotFoundException;
import com.identity4j.connector.office365.entity.Group;
import com.identity4j.connector.office365.entity.Groups;
import com.identity4j.connector.office365.entity.User;
import com.identity4j.connector.office365.entity.Users;
import com.identity4j.connector.office365.services.Directory;
import com.identity4j.connector.principal.Identity;
import com.identity4j.connector.principal.Role;
import com.identity4j.util.CollectionUtil;
import com.identity4j.util.passwords.PasswordCharacteristics;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.NoSuchElementException;
import java.util.Set;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:com/identity4j/connector/office365/Office365Connector.class */
public class Office365Connector extends AbstractConnector {
    private Office365Configuration configuration;
    private Directory directory;
    private boolean isDeletePrivilege;
    private static final Log log = LogFactory.getLog(Office365Connector.class);
    static Set<ConnectorCapability> capabilities = new HashSet(Arrays.asList(ConnectorCapability.passwordChange, ConnectorCapability.passwordSet, ConnectorCapability.createUser, ConnectorCapability.deleteUser, ConnectorCapability.updateUser, ConnectorCapability.hasFullName, ConnectorCapability.hasEmail, ConnectorCapability.roles, ConnectorCapability.createRole, ConnectorCapability.deleteRole, ConnectorCapability.updateRole, ConnectorCapability.identities, ConnectorCapability.accountDisable));

    public Set<ConnectorCapability> getCapabilities() {
        return capabilities;
    }

    public boolean isOpen() {
        return this.directory != null;
    }

    public boolean isReadOnly() {
        return !this.isDeletePrivilege;
    }

    public PasswordCharacteristics getPasswordCharacteristics() {
        return Office365PasswordCharacteristics.getInstance();
    }

    public Iterator<Role> allRoles() throws ConnectorException {
        Groups all = this.directory.groups().all();
        ArrayList arrayList = new ArrayList();
        Iterator<Group> it = all.getGroups().iterator();
        while (it.hasNext()) {
            arrayList.add(Office365ModelConvertor.groupToRole(it.next()));
        }
        return arrayList.iterator();
    }

    public Role createRole(Role role) throws ConnectorException {
        if (isRolePresent(role.getPrincipalName())) {
            throw new PrincipalAlreadyExistsException("Principal contains conflicting properties which already exists, " + role.getPrincipalName());
        }
        return Office365ModelConvertor.groupToRole(this.directory.groups().save(Office365ModelConvertor.roleToGroup(role)));
    }

    public void updateRole(Role role) throws ConnectorException {
        if (isReadOnly()) {
            throw new ConnectorException("This directory is read only because the service account does not have sufficient privileges to perform all required operations");
        }
        this.directory.groups().update(Office365ModelConvertor.roleToGroup(role));
    }

    public void deleteRole(String str) throws ConnectorException {
        if (isReadOnly()) {
            throw new ConnectorException("This directory is read only because the service account does not have sufficient privileges to perform all required operations");
        }
        this.directory.groups().delete(getRoleByName(str).getGuid());
    }

    public Role getRoleByName(String str) throws PrincipalNotFoundException, ConnectorException {
        return Office365ModelConvertor.groupToRole(this.directory.groups().get(str));
    }

    public Iterator<Identity> allIdentities() throws ConnectorException {
        return new Iterator<Identity>() { // from class: com.identity4j.connector.office365.Office365Connector.1
            private Users users;
            private String nextLink;
            private Iterator<User> inner;
            private User current;
            private boolean eof;

            @Override // java.util.Iterator
            public boolean hasNext() {
                checkNext();
                return this.current != null;
            }

            @Override // java.util.Iterator
            public void remove() {
                throw new UnsupportedOperationException();
            }

            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.util.Iterator
            public Identity next() {
                checkNext();
                if (this.current == null) {
                    throw new NoSuchElementException();
                }
                try {
                    return Office365ModelConvertor.convertOffice365UserToOfficeIdentity(this.current);
                } finally {
                    this.current = null;
                }
            }

            private void checkNext() {
                if (this.current != null) {
                    return;
                }
                while (!this.eof) {
                    if (this.users == null) {
                        this.users = Office365Connector.this.directory.users().all(this.nextLink);
                        this.nextLink = this.users.getNextLink();
                        this.eof = this.nextLink == null;
                        this.inner = this.users.getUsers().iterator();
                    }
                    if (this.inner.hasNext()) {
                        break;
                    }
                    this.users = null;
                    this.inner = null;
                    if (this.nextLink == null) {
                        break;
                    }
                }
                if (this.inner == null || !this.inner.hasNext()) {
                    return;
                }
                this.current = this.inner.next();
            }
        };
    }

    public Identity getIdentityByName(String str) throws PrincipalNotFoundException, ConnectorException {
        return Office365ModelConvertor.convertOffice365UserToOfficeIdentity(this.directory.users().get(str));
    }

    public void deleteIdentity(String str) throws ConnectorException {
        if (isReadOnly()) {
            throw new ConnectorException("This directory is read only because the service account does not have sufficient privileges to perform all required operations");
        }
        this.directory.users().delete(str);
    }

    public Identity createIdentity(Identity identity, char[] cArr) throws ConnectorException {
        User covertOfficeIdentityToOffice365User = Office365ModelConvertor.covertOfficeIdentityToOffice365User(identity);
        List<Group> groups = covertOfficeIdentityToOffice365User.getGroups();
        covertOfficeIdentityToOffice365User.setGroups(null);
        covertOfficeIdentityToOffice365User.getPasswordProfile().setForceChangePasswordNextLogin(false);
        covertOfficeIdentityToOffice365User.getPasswordProfile().setPassword(new String(cArr));
        Office365Identity convertOffice365UserToOfficeIdentity = Office365ModelConvertor.convertOffice365UserToOfficeIdentity(this.directory.users().save(covertOfficeIdentityToOffice365User));
        Iterator<Group> it = groups.iterator();
        while (it.hasNext()) {
            this.directory.groups().addUserToGroup(convertOffice365UserToOfficeIdentity.getGuid(), it.next().getObjectId());
        }
        convertOffice365UserToOfficeIdentity.setRoles(identity.getRoles());
        return convertOffice365UserToOfficeIdentity;
    }

    public void updateIdentity(Identity identity) throws ConnectorException {
        if (isReadOnly()) {
            throw new ConnectorException("This directory is read only because the service account does not have sufficient privileges to perform all required operations");
        }
        User covertOfficeIdentityToOffice365User = Office365ModelConvertor.covertOfficeIdentityToOffice365User(identity);
        covertOfficeIdentityToOffice365User.setGroups(null);
        this.directory.users().update(covertOfficeIdentityToOffice365User);
        adjustAdditionRemovalOfRoleOnIdentityUpdate(identity);
    }

    public void disableIdentity(Identity identity) {
        identitySuspensionHelper(identity, true);
        identity.getAccountStatus().setDisabled(true);
    }

    public void enableIdentity(Identity identity) {
        identitySuspensionHelper(identity, false);
        identity.getAccountStatus().setDisabled(false);
    }

    protected boolean areCredentialsValid(Identity identity, char[] cArr) throws ConnectorException {
        return this.directory.users().areCredentialsValid(identity, cArr);
    }

    protected void setPassword(Identity identity, char[] cArr, boolean z) throws ConnectorException {
        User user = new User();
        user.getPasswordProfile().setPassword(new String(cArr));
        user.getPasswordProfile().setForceChangePasswordNextLogin(Boolean.valueOf(z));
        user.setObjectId(identity.getGuid());
        this.directory.users().update(user);
    }

    private void identitySuspensionHelper(Identity identity, boolean z) {
        User user = new User();
        user.setAccountEnabled(Boolean.valueOf(!z));
        user.setObjectId(identity.getGuid());
        this.directory.users().update(user);
    }

    protected void onOpen(ConnectorConfigurationParameters connectorConfigurationParameters) throws ConnectorException {
        this.configuration = (Office365Configuration) connectorConfigurationParameters;
        this.directory = Directory.getInstance();
        log.info("Directory instance created.");
        try {
            this.directory.init(this.configuration);
            this.isDeletePrivilege = this.directory.users().isDeletePrivilege(this.configuration.getAppPrincipalObjectId(), this.configuration.getAppDeletePrincipalRole());
            log.info("Delete privilege found as " + this.isDeletePrivilege);
        } catch (IOException e) {
            throw new ConnectorException(e.getMessage(), e);
        }
    }

    private void adjustAdditionRemovalOfRoleOnIdentityUpdate(Identity identity) {
        try {
            HashSet hashSet = new HashSet(Arrays.asList(getIdentityByName(identity.getPrincipalName()).getRoles()));
            HashSet hashSet2 = new HashSet(Arrays.asList(identity.getRoles()));
            Collection objectsNotPresentInProbeCollection = CollectionUtil.objectsNotPresentInProbeCollection(hashSet2, hashSet);
            Collection objectsNotPresentInProbeCollection2 = CollectionUtil.objectsNotPresentInProbeCollection(hashSet, hashSet2);
            Iterator it = objectsNotPresentInProbeCollection.iterator();
            while (it.hasNext()) {
                addRoleToUser(((Role) it.next()).getGuid(), identity.getGuid());
            }
            Iterator it2 = objectsNotPresentInProbeCollection2.iterator();
            while (it2.hasNext()) {
                removeRoleFromUser(((Role) it2.next()).getGuid(), identity.getGuid());
            }
        } catch (Exception e) {
            log.error("Problem in adjusting roles " + e.getMessage(), e);
            throw new ConnectorException(e.getMessage(), e);
        }
    }

    private void removeRoleFromUser(String str, String str2) {
        this.directory.groups().removeUserFromGroup(str2, str);
    }

    private void addRoleToUser(String str, String str2) {
        this.directory.groups().addUserToGroup(str2, str);
    }

    private boolean isRolePresent(String str) {
        Iterator<Role> allRoles = allRoles();
        while (allRoles.hasNext()) {
            if (allRoles.next().getPrincipalName().equals(str)) {
                return true;
            }
        }
        return false;
    }
}
