package org.kuali.coeus.sys.impl.auth;

import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.function.Function;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.kuali.coeus.sys.framework.auth.AuthUser;
import org.kuali.coeus.sys.framework.auth.CoreGroupsService;
import org.kuali.coeus.sys.framework.auth.CoreUserPushService;
import org.kuali.coeus.sys.framework.auth.CoreUsersPushStatus;
import org.kuali.coeus.sys.framework.rest.AuthServiceRestUtilService;
import org.kuali.coeus.sys.framework.rest.RestServiceConstants;
import org.kuali.rice.core.api.config.property.ConfigurationService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.client.HttpClientErrorException;
import org.springframework.web.client.HttpServerErrorException;
import org.springframework.web.client.RestClientException;
import org.springframework.web.client.RestOperations;

/* loaded from: input_file:org/kuali/coeus/sys/impl/auth/AbstractCoreUserPushService.class */
public abstract class AbstractCoreUserPushService<T> implements CoreUserPushService {
    private static final String INCLUDE_INACTIVE_PARAM = "includeInactive";
    private static final String FIELDS_PARAM = "fields";
    private static final List<String> FIELDS_VALUES = List.of((Object[]) new String[]{"id", "schoolId", "name", "username", "email", "phone", "role", "firstName", "lastName", "password", "impersonatedBy", "displayName", "groupId", "active"});
    private static final Logger LOG = LogManager.getLogger(AbstractCoreUserPushService.class);
    private static final String AUTH_USER_PUSH_USE_DEV_PASSWORD = "auth.user.push.use.dev.password";
    private static final String AUTH_USER_PUSH_DEV_PASSWORD = "auth.user.push.dev.password";

    @Autowired
    @Qualifier("restOperations")
    private RestOperations restOperations;

    @Autowired
    @Qualifier("authServiceRestUtilService")
    private AuthServiceRestUtilService authServiceRestUtilService;

    @Autowired
    @Qualifier("kualiConfigurationService")
    private ConfigurationService configurationService;

    @Autowired
    @Qualifier("coreGroupsService")
    private CoreGroupsService coreGroupsService;

    @Autowired
    @Qualifier("coreStreamingService")
    private CoreStreamingService coreStreamingService;

    protected abstract List<T> getAllPeople();

    protected abstract AuthUser generateAuthUserFromPerson(T t, Map<String, String> map);

    protected abstract boolean validUserToPush(T t);

    @Override // org.kuali.coeus.sys.framework.auth.CoreUserPushService
    public CoreUsersPushStatus pushAllUsers() {
        return pushAllUsers(() -> {
            return true;
        });
    }

    @Override // org.kuali.coeus.sys.framework.auth.CoreUserPushService
    public CoreUsersPushStatus pushAllUsers(Supplier<Boolean> supplier) {
        CoreUsersPushStatus coreUsersPushStatus = new CoreUsersPushStatus();
        Map map = (Map) this.coreGroupsService.getAllGroups().filter(groupDto -> {
            return StringUtils.isNotBlank(this.coreGroupsService.getUnitNumberForGroup(groupDto));
        }).collect(Collectors.toMap(groupDto2 -> {
            return this.coreGroupsService.getUnitNumberForGroup(groupDto2);
        }, (v0) -> {
            return v0.getId();
        }));
        LOG.info("Found {} groups for {}", Integer.valueOf(map.size()), getClass().getSimpleName());
        Map map2 = (Map) getAllPeople().stream().filter(this::validUserToPush).map(obj -> {
            return generateAuthUserFromPerson(obj, map);
        }).collect(Collectors.toMap((v0) -> {
            return v0.getUsername();
        }, Function.identity(), (authUser, authUser2) -> {
            return authUser;
        }));
        LOG.info("Syncing {} users to auth service for {}", Integer.valueOf(map2.size()), getClass().getSimpleName());
        coreUsersPushStatus.setNumberOfUsers(map2.size());
        getAllAuthServiceUsers().takeWhile(authUser3 -> {
            return ((Boolean) supplier.get()).booleanValue();
        }).forEach(authUser4 -> {
            AuthUser authUser4 = (AuthUser) map2.remove(authUser4.getUsername());
            try {
                if (authUser4 == null) {
                    coreUsersPushStatus.addNumberNotFoundLocally();
                } else if (!authUser4.isActive() && authUser4.isActive()) {
                    disableUserInAuthService(authUser4);
                    coreUsersPushStatus.addNumberRemoved();
                } else if (authUser4.equals(authUser4)) {
                    coreUsersPushStatus.addNumberSame();
                } else {
                    authUser4.setRole(authUser4.getRole());
                    updateUserInAuthService(authUser4, authUser4.getId());
                    coreUsersPushStatus.addNumberUpdated();
                }
            } catch (Exception e) {
                String str = "Error disabling or updating user " + authUser4.getUsername() + ":" + authUser4.getSchoolId() + " to auth service";
                coreUsersPushStatus.getErrors().put(authUser4.getSchoolId(), str);
                LOG.error(str, e);
            } catch (HttpClientErrorException | HttpServerErrorException e2) {
                String str2 = "Error disabling or updating user " + authUser4.getUsername() + ":" + authUser4.getSchoolId() + " to auth service - " + e2.getMessage() + " -- " + e2.getResponseBodyAsString();
                coreUsersPushStatus.getErrors().put(authUser4.getSchoolId(), str2);
                LOG.error(str2);
            }
        });
        map2.values().stream().takeWhile(authUser5 -> {
            return ((Boolean) supplier.get()).booleanValue();
        }).forEach(authUser6 -> {
            try {
                addUserToAuthService(authUser6, getOrGenerateUserPassword(authUser6));
                coreUsersPushStatus.addNumberAdded();
            } catch (Exception e) {
                String str = "Error adding user " + authUser6.getUsername() + ":" + authUser6.getSchoolId() + " to auth service";
                coreUsersPushStatus.getErrors().put(authUser6.getSchoolId(), str);
                LOG.error(str, e);
            } catch (HttpClientErrorException | HttpServerErrorException e2) {
                String str2 = "Error adding user " + authUser6.getUsername() + ":" + authUser6.getSchoolId() + " to auth service - " + e2.getMessage() + " -- " + e2.getResponseBodyAsString();
                coreUsersPushStatus.getErrors().put(authUser6.getSchoolId(), str2);
                LOG.error(str2);
            }
        });
        StringBuilder sb = new StringBuilder();
        sb.append("Auth Service Bulk Push: Users Found: ").append(Integer.valueOf(coreUsersPushStatus.getNumberOfUsers()).toString()).append(", Users Added: ").append(Integer.valueOf(coreUsersPushStatus.getNumberAdded()).toString()).append(", Users Not found locally: ").append(Integer.valueOf(coreUsersPushStatus.getNumberNotFoundLocally()).toString()).append(", Users Updated: ").append(Integer.valueOf(coreUsersPushStatus.getNumberUpdated()).toString()).append(", Users Deleted: ").append(Integer.valueOf(coreUsersPushStatus.getNumberRemoved()).toString()).append(", Users Errored: ").append(Integer.valueOf(coreUsersPushStatus.getErrors().size()).toString());
        LOG.info(sb.toString());
        return coreUsersPushStatus;
    }

    protected String getOrGenerateUserPassword(AuthUser authUser) {
        return useDevPassword() ? getDevPassword() : UUID.randomUUID().toString();
    }

    protected boolean useDevPassword() {
        return this.configurationService.getPropertyValueAsBoolean(AUTH_USER_PUSH_USE_DEV_PASSWORD);
    }

    protected String getDevPassword() {
        return this.configurationService.getPropertyValueAsString(AUTH_USER_PUSH_DEV_PASSWORD);
    }

    protected Stream<AuthUser> getAllAuthServiceUsers() {
        return getCoreStreamingService().streamAll(getUsersApiUrl(), Map.of(INCLUDE_INACTIVE_PARAM, Boolean.TRUE, "fields", FIELDS_VALUES), AuthUser.class);
    }

    protected void addUserToAuthService(AuthUser authUser, String str) {
        authUser.setPassword(str);
        ResponseEntity exchange = this.restOperations.exchange(getUsersApiUrl(), HttpMethod.POST, new HttpEntity(authUser, this.authServiceRestUtilService.getAuthServiceStyleHttpHeadersForUser()), String.class, new Object[0]);
        if (exchange.getStatusCode() != HttpStatus.CREATED) {
            String str2 = (String) exchange.getBody();
            throw new RestClientException(str2 != null ? str2 : "Failed to create user in auth service: " + authUser.getUsername() + ":" + authUser.getSchoolId());
        }
    }

    protected void updateUserInAuthService(AuthUser authUser, String str) {
        ResponseEntity exchange = this.restOperations.exchange(getUsersApiUrl() + str, HttpMethod.PUT, new HttpEntity(authUser, this.authServiceRestUtilService.getAuthServiceStyleHttpHeadersForUser()), String.class, new Object[0]);
        if (exchange.getStatusCode() != HttpStatus.OK) {
            String str2 = (String) exchange.getBody();
            throw new RestClientException(str2 != null ? str2 : "Failed to update user in auth service: " + authUser.getUsername() + ":" + authUser.getSchoolId());
        }
    }

    protected void disableUserInAuthService(AuthUser authUser) {
        authUser.setActive(false);
        ResponseEntity exchange = this.restOperations.exchange(getUsersApiUrl() + authUser.getId(), HttpMethod.PUT, new HttpEntity(authUser, this.authServiceRestUtilService.getAuthServiceStyleHttpHeadersForUser()), String.class, new Object[0]);
        if (exchange.getStatusCode() != HttpStatus.OK) {
            String str = (String) exchange.getBody();
            throw new RestClientException(str != null ? str : "Failed to disable user in auth service: " + authUser.getUsername() + ":" + authUser.getSchoolId());
        }
    }

    protected String getUsersApiUrl() {
        return this.configurationService.getPropertyValueAsString(RestServiceConstants.Configuration.AUTH_USERS_URL) + "/";
    }

    public AuthServiceRestUtilService getAuthServiceRestUtilService() {
        return this.authServiceRestUtilService;
    }

    public void setAuthServiceRestUtilService(AuthServiceRestUtilService authServiceRestUtilService) {
        this.authServiceRestUtilService = authServiceRestUtilService;
    }

    public RestOperations getRestOperations() {
        return this.restOperations;
    }

    public void setRestOperations(RestOperations restOperations) {
        this.restOperations = restOperations;
    }

    public ConfigurationService getConfigurationService() {
        return this.configurationService;
    }

    public void setConfigurationService(ConfigurationService configurationService) {
        this.configurationService = configurationService;
    }

    public CoreGroupsService getCoreGroupsService() {
        return this.coreGroupsService;
    }

    public void setCoreGroupsService(CoreGroupsService coreGroupsService) {
        this.coreGroupsService = coreGroupsService;
    }

    public CoreStreamingService getCoreStreamingService() {
        return this.coreStreamingService;
    }

    public void setCoreStreamingService(CoreStreamingService coreStreamingService) {
        this.coreStreamingService = coreStreamingService;
    }
}
