package edu.internet2.middleware.grouper.ui.customUi;

import edu.internet2.middleware.grouper.Attribute;
import edu.internet2.middleware.grouper.Group;
import edu.internet2.middleware.grouper.GrouperSession;
import edu.internet2.middleware.grouper.SubjectFinder;
import edu.internet2.middleware.grouper.cfg.GrouperConfig;
import edu.internet2.middleware.grouper.misc.GrouperStartup;
import edu.internet2.middleware.grouper.util.GrouperUtil;
import edu.internet2.middleware.grouperClient.collections.MultiKey;
import edu.internet2.middleware.grouperClient.util.ExpirableCache;
import edu.internet2.middleware.morphString.Morph;
import edu.internet2.middleware.subject.Subject;
import edu.internet2.middleware.subject.SubjectUtils;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.TreeSet;
import net.sf.json.JSONArray;
import net.sf.json.JSONObject;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:edu/internet2/middleware/grouper/ui/customUi/CustomUiAzure.class */
public class CustomUiAzure extends CustomUiUserQueryBase {
    private static ExpirableCache<String, MultiKey> configKeyToExpiresOnAndBearerToken = new ExpirableCache<>(60);
    private static ExpirableCache<MultiKey, Map<String, Object>> azureUserCache = new ExpirableCache<>(1);

    public String retrieveBearerTokenForAzureConfigId(String str) {
        long nanoTime = System.nanoTime();
        MultiKey multiKey = (MultiKey) configKeyToExpiresOnAndBearerToken.get(str);
        if (multiKey != null) {
            long longValue = ((Long) multiKey.getKey(0)).longValue();
            String str2 = (String) multiKey.getKey(1);
            if (longValue * 1000 > System.currentTimeMillis()) {
                debugMapPut("azureCachedAccessToken", true);
                return Morph.decrypt(str2);
            }
        }
        try {
            try {
                HttpClient httpClient = new HttpClient();
                String str3 = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".loginEndpoint") + "/" + GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".DirectoryID") + "/oauth2/token";
                PostMethod postMethod = new PostMethod(str3);
                postMethod.addParameter("client_id", GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".client_id"));
                postMethod.addParameter("client_secret", Morph.decryptIfFile(GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".client_secret")));
                postMethod.addParameter("grant_type", "client_credentials");
                postMethod.addParameter("resource", GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".resource"));
                try {
                    int executeMethod = httpClient.executeMethod(postMethod);
                    String responseBodyAsString = postMethod.getResponseBodyAsString();
                    if (executeMethod != 200) {
                        throw new RuntimeException("Cant get access token from '" + str3 + "' " + responseBodyAsString);
                    }
                    JSONObject fromObject = JSONObject.fromObject(responseBodyAsString);
                    long longValue2 = GrouperUtil.longValue(fromObject.getString("expires_on"));
                    String string = fromObject.getString("access_token");
                    configKeyToExpiresOnAndBearerToken.put(str, new MultiKey(Long.valueOf(longValue2), Morph.encrypt(string)));
                    debugMapPut("azureTokenTookMillis", Long.valueOf((System.nanoTime() - nanoTime) / 1000000));
                    return string;
                } catch (Exception e) {
                    throw new RuntimeException("Error connecting to '" + str3 + "'", e);
                }
            } catch (RuntimeException e2) {
                debugMapPut("azureTokenError", GrouperUtil.getFullStackTrace(e2));
                throw e2;
            }
        } catch (Throwable th) {
            debugMapPut("azureTokenTookMillis", Long.valueOf((System.nanoTime() - nanoTime) / 1000000));
            throw th;
        }
    }

    public boolean hasAzureMembershipByGroup(String str, Group group, Subject subject) {
        return hasAzureMembershipByAzureGroupId(str, retrieveAzureGroupIdFromGroup(str, group), subject);
    }

    public boolean hasAzureMembershipByAzureGroupId(String str, String str2, Subject subject) {
        long nanoTime = System.nanoTime();
        try {
            try {
                if (StringUtils.isBlank(str2)) {
                    throw new RuntimeException("azure group id is blank");
                }
                String retrieveBearerTokenForAzureConfigId = retrieveBearerTokenForAzureConfigId(str);
                String propertyValueStringRequired = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".graphEndpoint");
                String propertyValueStringRequired2 = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".graphVersion");
                String propertyValueStringRequired3 = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".subjectIdValueFormat");
                String propertyValueStringRequired4 = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".requireSubjectAttribute");
                if (!StringUtils.isBlank(propertyValueStringRequired4) && StringUtils.isBlank(subject.getAttributeValue(propertyValueStringRequired4))) {
                    return false;
                }
                String substituteExpressionLanguage = CustomUiUtil.substituteExpressionLanguage(propertyValueStringRequired3, null, null, null, subject, null);
                if (StringUtils.isBlank(substituteExpressionLanguage)) {
                    throw new RuntimeException("Cant find subject lookup value: '" + propertyValueStringRequired3 + "', " + SubjectUtils.subjectToString(subject));
                }
                String str3 = propertyValueStringRequired + "/" + propertyValueStringRequired2 + "/users/" + GrouperUtil.escapeUrlEncode(substituteExpressionLanguage) + "/memberOf?$filter=id%20eq%20'" + str2 + "'";
                debugMapPut("azureMemUrl", str3);
                GetMethod getMethod = new GetMethod(str3);
                HttpClient httpClient = new HttpClient();
                getMethod.addRequestHeader("Content-Type", "application/json");
                getMethod.addRequestHeader("Authorization", "Bearer " + retrieveBearerTokenForAzureConfigId);
                try {
                    int executeMethod = httpClient.executeMethod(getMethod);
                    String responseBodyAsString = getMethod.getResponseBodyAsString();
                    if (executeMethod == 404) {
                        debugMapPut("azureMemTookMillis", Long.valueOf((System.nanoTime() - nanoTime) / 1000000));
                        return false;
                    }
                    if (executeMethod != 200) {
                        throw new RuntimeException("Cant get group from '" + str3 + "' " + responseBodyAsString);
                    }
                    JSONObject fromObject = JSONObject.fromObject(responseBodyAsString);
                    JSONArray jSONArray = fromObject.has(Attribute.FIELD_VALUE) ? fromObject.getJSONArray(Attribute.FIELD_VALUE) : null;
                    if (jSONArray == null || jSONArray.size() < 1) {
                        debugMapPut("azureMemTookMillis", Long.valueOf((System.nanoTime() - nanoTime) / 1000000));
                        return false;
                    }
                    boolean equals = str2.equals(((JSONObject) jSONArray.get(0)).getString("id"));
                    debugMapPut("azureMemTookMillis", Long.valueOf((System.nanoTime() - nanoTime) / 1000000));
                    return equals;
                } catch (Exception e) {
                    throw new RuntimeException("Error connecting to '" + str3 + "'", e);
                }
            } catch (RuntimeException e2) {
                debugMapPut("azureMemError", GrouperUtil.getFullStackTrace(e2));
                throw e2;
            }
        } finally {
            debugMapPut("azureMemTookMillis", Long.valueOf((System.nanoTime() - nanoTime) / 1000000));
        }
    }

    public Map<String, Object> retrieveAzureUserOrFromCache(String str, Subject subject) {
        if (subject == null) {
            throw new RuntimeException("subject is null");
        }
        MultiKey multiKey = new MultiKey(subject.getSourceId(), subject.getId());
        Map<String, Object> map = (Map) azureUserCache.get(multiKey);
        if (map == null) {
            map = retrieveAzureUser(str, subject);
            if (map == null) {
                map = new HashMap();
            }
            azureUserCache.put(multiKey, map);
        }
        return map;
    }

    public Map<String, Object> retrieveAzureUserLicenseDetails(String str, Subject subject) {
        long nanoTime = System.nanoTime();
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("userFound", false);
        linkedHashMap.put("servicePlans", null);
        try {
            try {
                if (subject == null) {
                    throw new RuntimeException("subject is null");
                }
                String retrieveBearerTokenForAzureConfigId = retrieveBearerTokenForAzureConfigId(str);
                String propertyValueStringRequired = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".graphEndpoint");
                String propertyValueStringRequired2 = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".graphVersion");
                String propertyValueStringRequired3 = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".subjectIdValueFormat");
                String propertyValueStringRequired4 = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".requireSubjectAttribute");
                if (!StringUtils.isBlank(propertyValueStringRequired4) && StringUtils.isBlank(subject.getAttributeValue(propertyValueStringRequired4))) {
                    debugMapPut("subjectAttribute_" + propertyValueStringRequired4, "blank");
                    debugMapPut("azureLicenseDetailsTookMillis", Long.valueOf((System.nanoTime() - nanoTime) / 1000000));
                    return linkedHashMap;
                }
                String substituteExpressionLanguage = CustomUiUtil.substituteExpressionLanguage(propertyValueStringRequired3, null, null, null, subject, null);
                if (StringUtils.isBlank(substituteExpressionLanguage)) {
                    throw new RuntimeException("Cant find subject lookup value: '" + propertyValueStringRequired3 + "', " + SubjectUtils.subjectToString(subject));
                }
                String str2 = propertyValueStringRequired + "/" + propertyValueStringRequired2 + "/users/" + GrouperUtil.escapeUrlEncode(substituteExpressionLanguage) + "/licenseDetails";
                debugMapPut("azureMemUrl", str2);
                GetMethod getMethod = new GetMethod(str2);
                HttpClient httpClient = new HttpClient();
                getMethod.addRequestHeader("Content-Type", "application/json");
                getMethod.addRequestHeader("Authorization", "Bearer " + retrieveBearerTokenForAzureConfigId);
                try {
                    int executeMethod = httpClient.executeMethod(getMethod);
                    String responseBodyAsString = getMethod.getResponseBodyAsString();
                    linkedHashMap.put("userFound", Boolean.valueOf(executeMethod == 200));
                    if (executeMethod == 404) {
                        return linkedHashMap;
                    }
                    if (executeMethod != 200) {
                        throw new RuntimeException("Cant get user license details from '" + str2 + "' " + responseBodyAsString);
                    }
                    JSONObject fromObject = JSONObject.fromObject(responseBodyAsString);
                    TreeSet treeSet = new TreeSet();
                    linkedHashMap.put("servicePlans", treeSet);
                    JSONArray jSONArray = fromObject.containsKey(Attribute.FIELD_VALUE) ? fromObject.getJSONArray(Attribute.FIELD_VALUE) : new JSONArray();
                    for (int i = 0; i < jSONArray.size(); i++) {
                        JSONObject jSONObject = jSONArray.getJSONObject(i);
                        JSONArray jSONArray2 = (jSONObject == null || !jSONObject.containsKey("servicePlans")) ? new JSONArray() : jSONObject.getJSONArray("servicePlans");
                        for (int i2 = 0; i2 < jSONArray2.size(); i2++) {
                            JSONObject jSONObject2 = jSONArray2.getJSONObject(i2);
                            if ("Success".equals(jSONObject2.getString("provisioningStatus"))) {
                                treeSet.add(jSONObject2.getString("servicePlanName"));
                            }
                        }
                        linkedHashMap.put("servicePlansString", GrouperUtil.join(treeSet.iterator(), ", "));
                    }
                    debugMapPut("azureLicenseDetailsTookMillis", Long.valueOf((System.nanoTime() - nanoTime) / 1000000));
                    return linkedHashMap;
                } catch (Exception e) {
                    throw new RuntimeException("Error connecting to '" + str2 + "'", e);
                }
            } catch (RuntimeException e2) {
                debugMapPut("azureLicenseDetailsError", GrouperUtil.getFullStackTrace(e2));
                throw e2;
            }
        } finally {
            debugMapPut("azureLicenseDetailsTookMillis", Long.valueOf((System.nanoTime() - nanoTime) / 1000000));
        }
    }

    public Map<String, Object> retrieveAzureUser(String str, Subject subject) {
        long nanoTime = System.nanoTime();
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("userFound", false);
        linkedHashMap.put("accountEnabled", false);
        linkedHashMap.put("showInAddressList", false);
        try {
            try {
                if (subject == null) {
                    throw new RuntimeException("subject is null");
                }
                String retrieveBearerTokenForAzureConfigId = retrieveBearerTokenForAzureConfigId(str);
                String propertyValueStringRequired = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".graphEndpoint");
                String propertyValueStringRequired2 = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".graphVersion");
                String propertyValueStringRequired3 = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".subjectIdValueFormat");
                String propertyValueStringRequired4 = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".requireSubjectAttribute");
                if (!StringUtils.isBlank(propertyValueStringRequired4) && StringUtils.isBlank(subject.getAttributeValue(propertyValueStringRequired4))) {
                    debugMapPut("subjectAttribute_" + propertyValueStringRequired4, "blank");
                    debugMapPut("azureUserTookMillis", Long.valueOf((System.nanoTime() - nanoTime) / 1000000));
                    return linkedHashMap;
                }
                String substituteExpressionLanguage = CustomUiUtil.substituteExpressionLanguage(propertyValueStringRequired3, null, null, null, subject, null);
                if (StringUtils.isBlank(substituteExpressionLanguage)) {
                    throw new RuntimeException("Cant find subject lookup value: '" + propertyValueStringRequired3 + "', " + SubjectUtils.subjectToString(subject));
                }
                String str2 = propertyValueStringRequired + "/" + propertyValueStringRequired2 + "/users/" + GrouperUtil.escapeUrlEncode(substituteExpressionLanguage) + "?$select=accountEnabled,mail,onPremisesImmutableId,onPremisesLastSyncDateTime,onPremisesSamAccountName,proxyAddresses,showInAddressList,userPrincipalName,userType";
                debugMapPut("azureMemUrl", str2);
                GetMethod getMethod = new GetMethod(str2);
                HttpClient httpClient = new HttpClient();
                getMethod.addRequestHeader("Content-Type", "application/json");
                getMethod.addRequestHeader("Authorization", "Bearer " + retrieveBearerTokenForAzureConfigId);
                try {
                    int executeMethod = httpClient.executeMethod(getMethod);
                    String responseBodyAsString = getMethod.getResponseBodyAsString();
                    linkedHashMap.put("userFound", Boolean.valueOf(executeMethod == 200));
                    if (executeMethod == 404) {
                        return linkedHashMap;
                    }
                    if (executeMethod != 200) {
                        throw new RuntimeException("Cant get user from '" + str2 + "' " + responseBodyAsString);
                    }
                    JSONObject fromObject = JSONObject.fromObject(responseBodyAsString);
                    linkedHashMap.put("accountEnabled", Boolean.valueOf(fromObject.containsKey("accountEnabled") ? fromObject.getBoolean("accountEnabled") : false));
                    linkedHashMap.put("mail", fromObject.getString("mail"));
                    linkedHashMap.put("onPremisesImmutableId", fromObject.getString("onPremisesImmutableId"));
                    linkedHashMap.put("onPremisesLastSyncDateTime", fromObject.getString("onPremisesLastSyncDateTime"));
                    linkedHashMap.put("onPremisesSamAccountName", fromObject.getString("onPremisesSamAccountName"));
                    TreeSet treeSet = new TreeSet();
                    linkedHashMap.put("proxyAddresses", treeSet);
                    JSONArray jSONArray = fromObject.containsKey("proxyAddresses") ? fromObject.getJSONArray("proxyAddresses") : new JSONArray();
                    for (int i = 0; i < jSONArray.size(); i++) {
                        String string = jSONArray.getString(i);
                        if (string.toLowerCase().startsWith("smtp:")) {
                            treeSet.add(string.substring("smtp:".length(), string.length()));
                        }
                    }
                    linkedHashMap.put("proxyAddressesString", GrouperUtil.join(treeSet.iterator(), ", "));
                    linkedHashMap.put("showInAddressList", Boolean.valueOf(fromObject.getBoolean("showInAddressList")));
                    linkedHashMap.put("userPrincipalName", fromObject.getString("userPrincipalName"));
                    linkedHashMap.put("userType", fromObject.getString("userType"));
                    StringBuilder sb = new StringBuilder();
                    sb.append("accountEnabled: ").append(linkedHashMap.get("accountEnabled")).append(", mail: ").append(linkedHashMap.get("mail")).append(", onPremisesImmutableId: ").append(linkedHashMap.get("onPremisesImmutableId")).append(", onPremisesLastSyncDateTime: ").append(linkedHashMap.get("onPremisesLastSyncDateTime")).append(", onPremisesSamAccountName: ").append(linkedHashMap.get("onPremisesSamAccountName")).append(", proxyAddresses: (").append(linkedHashMap.get("proxyAddressesString")).append("), showInAddressList: ").append(linkedHashMap.get("showInAddressList")).append(", userPrincipalName: ").append(linkedHashMap.get("userPrincipalName")).append(", userType: ").append(linkedHashMap.get("userType"));
                    linkedHashMap.put("summary", sb.toString());
                    debugMapPut("azureUserTookMillis", Long.valueOf((System.nanoTime() - nanoTime) / 1000000));
                    Map<String, Object> retrieveAzureUserLicenseDetails = retrieveAzureUserLicenseDetails(str, subject);
                    if (retrieveAzureUserLicenseDetails != null) {
                        linkedHashMap.put("servicePlans", retrieveAzureUserLicenseDetails.get("servicePlans"));
                        linkedHashMap.put("servicePlansString", retrieveAzureUserLicenseDetails.get("servicePlansString"));
                        linkedHashMap.put("summary", (((String) linkedHashMap.get("summary")) + ", servicePlans: " + retrieveAzureUserLicenseDetails.get("servicePlansString")).toString());
                    }
                    return linkedHashMap;
                } catch (Exception e) {
                    throw new RuntimeException("Error connecting to '" + str2 + "'", e);
                }
            } catch (RuntimeException e2) {
                debugMapPut("azureUserError", GrouperUtil.getFullStackTrace(e2));
                throw e2;
            }
        } finally {
            debugMapPut("azureUserTookMillis", Long.valueOf((System.nanoTime() - nanoTime) / 1000000));
        }
    }

    public String retrieveAzureGroupIdFromGroup(String str, Group group) {
        long nanoTime = System.nanoTime();
        try {
            try {
                String retrieveBearerTokenForAzureConfigId = retrieveBearerTokenForAzureConfigId(str);
                String propertyValueStringRequired = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".graphEndpoint");
                String propertyValueStringRequired2 = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".graphVersion");
                String propertyValueStringRequired3 = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".groupLookupAttribute");
                String propertyValueStringRequired4 = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".groupLookupValueFormat");
                String substituteExpressionLanguage = CustomUiUtil.substituteExpressionLanguage(propertyValueStringRequired4, group, null, null, null, null);
                if (StringUtils.isBlank(substituteExpressionLanguage)) {
                    throw new RuntimeException("Cant find group lookup value: '" + propertyValueStringRequired4 + "', " + group);
                }
                String str2 = propertyValueStringRequired + "/" + propertyValueStringRequired2 + "/groups?$filter=" + propertyValueStringRequired3 + "%20eq%20'" + substituteExpressionLanguage + "'";
                debugMapPut("azureGroupUrl", str2);
                GetMethod getMethod = new GetMethod(str2);
                HttpClient httpClient = new HttpClient();
                getMethod.addRequestHeader("Content-Type", "application/json");
                getMethod.addRequestHeader("Authorization", "Bearer " + retrieveBearerTokenForAzureConfigId);
                try {
                    int executeMethod = httpClient.executeMethod(getMethod);
                    String responseBodyAsString = getMethod.getResponseBodyAsString();
                    if (executeMethod != 200) {
                        throw new RuntimeException("Cant get group from '" + str2 + "' " + responseBodyAsString);
                    }
                    if (executeMethod == 200) {
                        JSONObject fromObject = JSONObject.fromObject(responseBodyAsString);
                        JSONArray jSONArray = fromObject.has(Attribute.FIELD_VALUE) ? fromObject.getJSONArray(Attribute.FIELD_VALUE) : null;
                        if (jSONArray != null && jSONArray.size() == 1) {
                            String string = ((JSONObject) jSONArray.get(0)).getString("id");
                            debugMapPut("azureGroupTookMillis", Long.valueOf((System.nanoTime() - nanoTime) / 1000000));
                            return string;
                        }
                    } else if (executeMethod == 404) {
                        System.out.println("No");
                    } else {
                        System.out.println("Error! " + responseBodyAsString);
                    }
                    throw new RuntimeException("Cant find group in azure: " + group + ", " + str2);
                } catch (Exception e) {
                    throw new RuntimeException("Error connecting to '" + str2 + "'", e);
                }
            } catch (RuntimeException e2) {
                debugMapPut("azureGroupError", GrouperUtil.getFullStackTrace(e2));
                throw e2;
            }
        } catch (Throwable th) {
            debugMapPut("azureGroupTookMillis", Long.valueOf((System.nanoTime() - nanoTime) / 1000000));
            throw th;
        }
    }

    public static void main(String[] strArr) throws Exception {
        GrouperStartup.startup();
        GrouperSession.startRootSession();
        Subject findById = SubjectFinder.findById("10021368", true);
        new CustomUiAzure().retrieveAzureUserOrFromCache("pennAzure", findById);
        System.out.println(GrouperUtil.mapToString(new CustomUiAzure().retrieveAzureUserOrFromCache("pennAzure", findById)));
    }
}
