package com.atlassian.plugins.authentication.sso.web.usercontext.impl.jit;

import com.atlassian.annotations.VisibleForTesting;
import com.atlassian.crowd.embedded.api.Directory;
import com.atlassian.crowd.embedded.api.User;
import com.atlassian.crowd.exception.DirectoryNotFoundException;
import com.atlassian.crowd.exception.OperationFailedException;
import com.atlassian.crowd.exception.UserNotFoundException;
import com.atlassian.crowd.manager.directory.DirectoryManager;
import com.atlassian.crowd.search.EntityDescriptor;
import com.atlassian.crowd.search.builder.QueryBuilder;
import com.atlassian.crowd.search.builder.Restriction;
import com.atlassian.crowd.search.query.entity.EntityQuery;
import com.atlassian.crowd.search.query.entity.restriction.PropertyUtils;
import com.atlassian.plugin.spring.scanner.annotation.imports.ComponentImport;
import com.atlassian.plugins.authentication.sso.web.usercontext.impl.jit.mapping.JitUserData;
import com.google.common.base.Preconditions;
import java.util.List;
import java.util.Optional;
import javax.inject.Inject;
import javax.inject.Named;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Named
/* loaded from: input_file:com/atlassian/plugins/authentication/sso/web/usercontext/impl/jit/JitUserFinder.class */
public class JitUserFinder {
    private static final Logger log = LoggerFactory.getLogger(JitUserFinder.class);
    private final DirectoryManager directoryManager;

    @Inject
    public JitUserFinder(@ComponentImport DirectoryManager directoryManager) {
        this.directoryManager = directoryManager;
    }

    @VisibleForTesting
    public Optional<JitCrowdUser> findUserInternally(JitUserData jitUserData, List<Directory> list) {
        Preconditions.checkArgument(!list.isEmpty(), "There must be at least one active internal directory");
        Optional<JitCrowdUser> userByIdentityProviderId = getUserByIdentityProviderId(jitUserData.getIdentityProviderId(), list);
        return userByIdentityProviderId.isPresent() ? userByIdentityProviderId : findUserInInternalDirectoryByName(jitUserData, list);
    }

    private Optional<JitCrowdUser> findUserInInternalDirectoryByName(JitUserData jitUserData, List<Directory> list) {
        log.debug("Will search for user [{}] in directories [{}]", jitUserData.getUsername(), list);
        for (Directory directory : list) {
            try {
                return Optional.of(new JitCrowdUser((String) null, (User) this.directoryManager.findUserByName(directory.getId().longValue(), jitUserData.getUsername())));
            } catch (UserNotFoundException e) {
                log.debug("User [{}] not found in directory [{}]", jitUserData.getUsername(), directory.getId());
            } catch (DirectoryNotFoundException | OperationFailedException e2) {
                log.error("Searching for user [{}] in directory [{}] failed", new Object[]{jitUserData.getUsername(), directory.getId(), e2});
            }
        }
        log.debug("User [{}] was not found in any active internal directory", jitUserData.getUsername());
        return Optional.empty();
    }

    private Optional<JitCrowdUser> getUserByIdentityProviderId(String str, List<Directory> list) {
        List searchUsers;
        EntityQuery<User> createQueryForUserByIdpId = createQueryForUserByIdpId(str);
        log.debug("Will search for user with IdP id [{}] in directories [{}]", str, list);
        for (Directory directory : list) {
            try {
                searchUsers = this.directoryManager.searchUsers(directory.getId().longValue(), createQueryForUserByIdpId);
            } catch (DirectoryNotFoundException | OperationFailedException e) {
                log.error("Searching for user by IdP id [{}] in directory [{}] failed", new Object[]{str, directory.getId(), e});
            }
            if (searchUsers.iterator().hasNext()) {
                return Optional.of(new JitCrowdUser((String) null, (User) searchUsers.iterator().next()));
            }
            continue;
        }
        log.debug("User with IdP id [{}] was not found in any active internal directory", str);
        return Optional.empty();
    }

    private EntityQuery<User> createQueryForUserByIdpId(String str) {
        return QueryBuilder.queryFor(User.class, EntityDescriptor.user()).with(Restriction.on(PropertyUtils.ofTypeString(JitCrowdUser.IDENTITY_PROVIDER_ID_ATTRIBUTE_KEY)).exactlyMatching(str)).returningAtMost(1);
    }
}
