package com.liferay.saml.opensaml.integration.internal.resolver;

import com.liferay.petra.string.StringBundler;
import com.liferay.portal.kernel.bean.BeanPropertiesUtil;
import com.liferay.portal.kernel.configuration.Filter;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.model.Group;
import com.liferay.portal.kernel.model.User;
import com.liferay.portal.kernel.model.UserGroupGroupRole;
import com.liferay.portal.kernel.model.UserGroupRole;
import com.liferay.portal.kernel.service.GroupLocalService;
import com.liferay.portal.kernel.service.RoleLocalService;
import com.liferay.portal.kernel.service.UserGroupGroupRoleLocalService;
import com.liferay.portal.kernel.service.UserGroupRoleLocalService;
import com.liferay.portal.kernel.util.GetterUtil;
import com.liferay.portal.kernel.util.PropsUtil;
import com.liferay.portal.kernel.util.StringUtil;
import com.liferay.saml.opensaml.integration.internal.metadata.MetadataManager;
import com.liferay.saml.opensaml.integration.resolver.AttributeResolver;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Stream;
import org.opensaml.saml.common.xml.SAMLConstants;
import org.opensaml.saml.saml2.core.Attribute;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;

@Component(immediate = true, property = {"service.ranking:Integer=-2147483648"}, service = {AttributeResolver.class})
/* loaded from: input_file:com/liferay/saml/opensaml/integration/internal/resolver/DefaultAttributeResolver.class */
public class DefaultAttributeResolver implements AttributeResolver {
    private static final String _SALESFORCE_ENTITY_ID = "https://saml.salesforce.com";
    private static final Log _log = LogFactoryUtil.getLog(DefaultAttributeResolver.class);
    private GroupLocalService _groupLocalService;
    private MetadataManager _metadataManager;
    private RoleLocalService _roleLocalService;
    private UserGroupGroupRoleLocalService _userGroupGroupRoleLocalService;
    private UserGroupRoleLocalService _userGroupRoleLocalService;

    @Override // com.liferay.saml.opensaml.integration.resolver.AttributeResolver
    public void resolve(User user, AttributeResolver.AttributeResolverSAMLContext attributeResolverSAMLContext, AttributeResolver.AttributePublisher attributePublisher) {
        String resolvePeerEntityId = attributeResolverSAMLContext.resolvePeerEntityId();
        boolean isAttributesNamespaceEnabled = this._metadataManager.isAttributesNamespaceEnabled(resolvePeerEntityId);
        for (String str : getAttributeNames(resolvePeerEntityId)) {
            if (str.startsWith("expando:")) {
                _addExpandoAttribute(user, attributePublisher, str.substring(8), isAttributesNamespaceEnabled);
            } else if (str.equals("groups")) {
                _addGroupsAttribute(user, attributePublisher, isAttributesNamespaceEnabled);
            } else if (str.startsWith("map:")) {
                _addMapAttribute(user, attributePublisher, str.substring(4), isAttributesNamespaceEnabled);
            } else if (str.equals("organizations")) {
                _addOrganizationsAttribute(user, attributePublisher, isAttributesNamespaceEnabled);
            } else if (str.equals("organizationRoles")) {
                _addOrganizationRolesAttribute(user, attributePublisher, isAttributesNamespaceEnabled);
            } else if (str.equals("roles")) {
                _addRolesAttribute(user, attributePublisher, isAttributesNamespaceEnabled);
            } else if (str.startsWith("static:")) {
                _addStaticAttribute(attributePublisher, str.substring(7), isAttributesNamespaceEnabled);
            } else if (str.equals("siteRoles") || str.equals("userGroupRoles")) {
                _addSiteRolesAttribute(user, attributePublisher, str, isAttributesNamespaceEnabled);
            } else if (str.equals("userGroups")) {
                _addUserGroupsAttribute(user, attributePublisher, isAttributesNamespaceEnabled);
            } else {
                _addUserAttribute(user, attributePublisher, str, isAttributesNamespaceEnabled);
            }
        }
        if (_isPeerSalesForce(resolvePeerEntityId)) {
            _addSalesForceAttributes(attributeResolverSAMLContext, attributePublisher);
        }
    }

    @Reference(unbind = "-")
    public void setGroupLocalService(GroupLocalService groupLocalService) {
        this._groupLocalService = groupLocalService;
    }

    @Reference(unbind = "-")
    public void setMetadataManager(MetadataManager metadataManager) {
        this._metadataManager = metadataManager;
    }

    @Reference(unbind = "-")
    public void setRoleLocalService(RoleLocalService roleLocalService) {
        this._roleLocalService = roleLocalService;
    }

    @Reference(unbind = "-")
    public void setUserGroupGroupRoleLocalService(UserGroupGroupRoleLocalService userGroupGroupRoleLocalService) {
        this._userGroupGroupRoleLocalService = userGroupGroupRoleLocalService;
    }

    @Reference(unbind = "-")
    public void setUserGroupRoleLocalService(UserGroupRoleLocalService userGroupRoleLocalService) {
        this._userGroupRoleLocalService = userGroupRoleLocalService;
    }

    protected String[] getAttributeNames(String str) {
        return this._metadataManager.getAttributeNames(str);
    }

    private void _addExpandoAttribute(User user, AttributeResolver.AttributePublisher attributePublisher, String str, boolean z) {
        Serializable attribute = user.getExpandoBridge().getAttribute(str, false);
        if (attribute == null) {
            attribute = "";
        }
        if (z) {
            attributePublisher.publish("urn:liferay:user:expando:" + str, Attribute.URI_REFERENCE, attributePublisher.buildString(attribute.toString()));
        } else {
            attributePublisher.publish(str, Attribute.UNSPECIFIED, attributePublisher.buildString(attribute.toString()));
        }
    }

    private void _addGroupsAttribute(User user, AttributeResolver.AttributePublisher attributePublisher, boolean z) {
        String str;
        String str2;
        try {
            List groups = user.getGroups();
            if (groups.isEmpty()) {
                return;
            }
            if (z) {
                str = "urn:liferay:groups";
                str2 = Attribute.URI_REFERENCE;
            } else {
                str = "groups";
                str2 = Attribute.UNSPECIFIED;
            }
            Stream map = groups.stream().map((v0) -> {
                return v0.getName();
            });
            attributePublisher.getClass();
            attributePublisher.publish(str, str2, (AttributeResolver.AttributePublisher.AttributeValue[]) map.map(attributePublisher::buildString).toArray(i -> {
                return new AttributeResolver.AttributePublisher.AttributeValue[i];
            }));
        } catch (Exception e) {
            String concat = StringBundler.concat(new Object[]{"Unable to get groups for user ", Long.valueOf(user.getUserId()), ": ", e.getMessage()});
            if (_log.isDebugEnabled()) {
                _log.debug(concat, e);
            } else {
                _log.error(concat);
            }
        }
    }

    private void _addMapAttribute(User user, AttributeResolver.AttributePublisher attributePublisher, String str, boolean z) {
        if (str.indexOf("=") <= 0) {
            return;
        }
        String[] split = StringUtil.split(str, "=");
        if (split.length > 2) {
            return;
        }
        String string = BeanPropertiesUtil.getString(user, split[1]);
        if (z) {
            attributePublisher.publish(split[0], Attribute.URI_REFERENCE, attributePublisher.buildString(string));
        } else {
            attributePublisher.publish(split[0], Attribute.UNSPECIFIED, attributePublisher.buildString(string));
        }
    }

    private void _addOrganizationRolesAttribute(User user, AttributeResolver.AttributePublisher attributePublisher, boolean z) {
        String str;
        String str2;
        try {
            List<UserGroupRole> userGroupRoles = this._userGroupRoleLocalService.getUserGroupRoles(user.getUserId());
            HashMap hashMap = new HashMap();
            for (UserGroupRole userGroupRole : userGroupRoles) {
                if (userGroupRole.getRole().getType() == 3) {
                    ((Set) hashMap.computeIfAbsent(userGroupRole.getGroup().getName(), str3 -> {
                        return new HashSet();
                    })).add(userGroupRole.getRole());
                }
            }
            for (Map.Entry entry : hashMap.entrySet()) {
                String str4 = (String) entry.getKey();
                if (z) {
                    str = "urn:liferay:organizationRole:" + str4;
                    str2 = Attribute.URI_REFERENCE;
                } else {
                    str = "organizationRole:" + str4;
                    str2 = Attribute.UNSPECIFIED;
                }
                Stream map = ((Set) entry.getValue()).stream().map((v0) -> {
                    return v0.getName();
                });
                attributePublisher.getClass();
                attributePublisher.publish(str, str2, (AttributeResolver.AttributePublisher.AttributeValue[]) map.map(attributePublisher::buildString).toArray(i -> {
                    return new AttributeResolver.AttributePublisher.AttributeValue[i];
                }));
            }
        } catch (Exception e) {
            String concat = StringBundler.concat(new Object[]{"Unable to get organization roles for user ", Long.valueOf(user.getUserId()), ": ", e.getMessage()});
            if (_log.isDebugEnabled()) {
                _log.debug(concat, e);
            } else {
                _log.error(concat);
            }
        }
    }

    private void _addOrganizationsAttribute(User user, AttributeResolver.AttributePublisher attributePublisher, boolean z) {
        String str;
        String str2;
        try {
            List organizations = user.getOrganizations();
            if (organizations.isEmpty()) {
                return;
            }
            if (z) {
                str = "urn:liferay:organizations";
                str2 = Attribute.URI_REFERENCE;
            } else {
                str = "organizations";
                str2 = Attribute.UNSPECIFIED;
            }
            Stream map = organizations.stream().map((v0) -> {
                return v0.getName();
            });
            attributePublisher.getClass();
            attributePublisher.publish(str, str2, (AttributeResolver.AttributePublisher.AttributeValue[]) map.map(attributePublisher::buildString).toArray(i -> {
                return new AttributeResolver.AttributePublisher.AttributeValue[i];
            }));
        } catch (Exception e) {
            String concat = StringBundler.concat(new Object[]{"Unable to get organizations for user ", Long.valueOf(user.getUserId()), ": ", e.getMessage()});
            if (_log.isDebugEnabled()) {
                _log.debug(concat, e);
            } else {
                _log.error(concat);
            }
        }
    }

    private void _addRolesAttribute(User user, AttributeResolver.AttributePublisher attributePublisher, boolean z) {
        String str;
        String str2;
        try {
            List roles = user.getRoles();
            List groups = user.getGroups();
            List organizations = user.getOrganizations();
            List userGroups = user.getUserGroups();
            List userGroupsRelatedGroups = this._groupLocalService.getUserGroupsRelatedGroups(userGroups);
            List<Group> emptyList = Collections.emptyList();
            if (!organizations.isEmpty()) {
                emptyList = this._groupLocalService.getOrganizationsRelatedGroups(organizations);
                for (Group group : emptyList) {
                    if (!userGroupsRelatedGroups.contains(group)) {
                        userGroupsRelatedGroups.add(group);
                    }
                }
            }
            ArrayList<Group> arrayList = new ArrayList();
            arrayList.addAll(groups);
            arrayList.addAll(userGroupsRelatedGroups);
            arrayList.addAll(emptyList);
            arrayList.addAll(this._groupLocalService.getOrganizationsGroups(organizations));
            arrayList.addAll(this._groupLocalService.getUserGroupsGroups(userGroups));
            HashSet hashSet = new HashSet();
            hashSet.addAll(roles);
            for (Group group2 : arrayList) {
                if (this._roleLocalService.hasGroupRoles(group2.getGroupId())) {
                    hashSet.addAll(this._roleLocalService.getGroupRoles(group2.getGroupId()));
                }
            }
            if (hashSet.isEmpty()) {
                return;
            }
            if (z) {
                str = "urn:liferay:roles";
                str2 = Attribute.URI_REFERENCE;
            } else {
                str = "roles";
                str2 = Attribute.UNSPECIFIED;
            }
            Stream map = hashSet.stream().map((v0) -> {
                return v0.getName();
            });
            attributePublisher.getClass();
            attributePublisher.publish(str, str2, (AttributeResolver.AttributePublisher.AttributeValue[]) map.map(attributePublisher::buildString).toArray(i -> {
                return new AttributeResolver.AttributePublisher.AttributeValue[i];
            }));
        } catch (Exception e) {
            String concat = StringBundler.concat(new Object[]{"Unable to get roles for user  ", Long.valueOf(user.getUserId()), ": ", e.getMessage()});
            if (_log.isDebugEnabled()) {
                _log.debug(concat, e);
            } else {
                _log.error(concat);
            }
        }
    }

    private void _addSalesForceAttributes(AttributeResolver.AttributeResolverSAMLContext attributeResolverSAMLContext, AttributeResolver.AttributePublisher attributePublisher) {
        attributePublisher.publish("logoutURL", Attribute.UNSPECIFIED, attributePublisher.buildString(GetterUtil.getString(PropsUtil.get("saml.idp.metadata.salesforce.logout.url"))));
        String string = GetterUtil.getString(PropsUtil.get("saml.idp.metadata.salesforce.sso.start.page"));
        List<String> resolveSsoServicesLocationForBinding = attributeResolverSAMLContext.resolveSsoServicesLocationForBinding(SAMLConstants.SAML2_POST_BINDING_URI);
        if (!resolveSsoServicesLocationForBinding.isEmpty()) {
            string = resolveSsoServicesLocationForBinding.get(0);
        }
        attributePublisher.publish("ssoStartPage", Attribute.UNSPECIFIED, attributePublisher.buildString(string));
    }

    private void _addSiteRolesAttribute(User user, AttributeResolver.AttributePublisher attributePublisher, String str, boolean z) {
        String str2;
        String str3;
        try {
            List<UserGroupRole> userGroupRoles = this._userGroupRoleLocalService.getUserGroupRoles(user.getUserId());
            HashMap hashMap = new HashMap();
            for (UserGroupRole userGroupRole : userGroupRoles) {
                if (userGroupRole.getRole().getType() != 3 || str.equals("userGroupRoles")) {
                    ((Set) hashMap.computeIfAbsent(userGroupRole.getGroup().getName(), str4 -> {
                        return new HashSet();
                    })).add(userGroupRole.getRole());
                }
            }
            for (UserGroupGroupRole userGroupGroupRole : this._userGroupGroupRoleLocalService.getUserGroupGroupRolesByUser(user.getUserId())) {
                ((Set) hashMap.computeIfAbsent(userGroupGroupRole.getGroup().getName(), str5 -> {
                    return new HashSet();
                })).add(userGroupGroupRole.getRole());
            }
            for (Map.Entry entry : hashMap.entrySet()) {
                String str6 = (String) entry.getKey();
                if (z) {
                    str2 = str.equals("siteRoles") ? "urn:liferay:siteRole:" + str6 : "urn:liferay:userGroupRole:" + str6;
                    str3 = Attribute.URI_REFERENCE;
                } else {
                    str2 = str.equals("siteRoles") ? "siteRole:" + str6 : "userGroupRole:" + str6;
                    str3 = Attribute.UNSPECIFIED;
                }
                Stream map = ((Set) entry.getValue()).stream().map((v0) -> {
                    return v0.getName();
                });
                attributePublisher.getClass();
                attributePublisher.publish(str2, str3, (AttributeResolver.AttributePublisher.AttributeValue[]) map.map(attributePublisher::buildString).toArray(i -> {
                    return new AttributeResolver.AttributePublisher.AttributeValue[i];
                }));
            }
        } catch (Exception e) {
            String concat = StringBundler.concat(new Object[]{"Unable to get user group roles for user ", Long.valueOf(user.getUserId()), ": ", e.getMessage()});
            if (_log.isDebugEnabled()) {
                _log.debug(concat, e);
            } else {
                _log.error(concat);
            }
        }
    }

    private void _addStaticAttribute(AttributeResolver.AttributePublisher attributePublisher, String str, boolean z) {
        String str2 = "";
        if (str.indexOf(61) > 0) {
            String[] split = StringUtil.split(str, "=");
            str = split[0];
            str2 = split[1];
            if (split.length > 2) {
                for (int i = 2; i < split.length; i++) {
                    str2 = StringBundler.concat(new String[]{str2, "=", split[i]});
                }
            }
        }
        attributePublisher.publish(str, z ? Attribute.URI_REFERENCE : Attribute.UNSPECIFIED, attributePublisher.buildString(str2));
    }

    private void _addUserAttribute(User user, AttributeResolver.AttributePublisher attributePublisher, String str, boolean z) {
        Serializable serializable = (Serializable) BeanPropertiesUtil.getObject(user, str);
        if (z) {
            attributePublisher.publish("urn:liferay:user:" + str, Attribute.URI_REFERENCE, attributePublisher.buildString(serializable.toString()));
        } else {
            attributePublisher.publish(str, Attribute.UNSPECIFIED, attributePublisher.buildString(serializable.toString()));
        }
    }

    private void _addUserGroupsAttribute(User user, AttributeResolver.AttributePublisher attributePublisher, boolean z) {
        String str;
        String str2;
        try {
            List userGroups = user.getUserGroups();
            if (userGroups.isEmpty()) {
                return;
            }
            if (z) {
                str = "urn:liferay:userGroups";
                str2 = Attribute.URI_REFERENCE;
            } else {
                str = "userGroups";
                str2 = Attribute.UNSPECIFIED;
            }
            Stream map = userGroups.stream().map((v0) -> {
                return v0.getName();
            });
            attributePublisher.getClass();
            attributePublisher.publish(str, str2, (AttributeResolver.AttributePublisher.AttributeValue[]) map.map(attributePublisher::buildString).toArray(i -> {
                return new AttributeResolver.AttributePublisher.AttributeValue[i];
            }));
        } catch (Exception e) {
            String concat = StringBundler.concat(new Object[]{"Unable to get user groups for user ", Long.valueOf(user.getUserId()), ": ", e.getMessage()});
            if (_log.isDebugEnabled()) {
                _log.debug(concat, e);
            } else {
                _log.error(concat);
            }
        }
    }

    private boolean _isPeerSalesForce(String str) {
        if (str.equals(_SALESFORCE_ENTITY_ID)) {
            return true;
        }
        return GetterUtil.getBoolean(PropsUtil.get("saml.idp.metadata.salesforce.attributes.enabled", new Filter(str)));
    }
}
