package edu.internet2.middleware.grouper.app.azure;

import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.node.ArrayNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
import edu.internet2.middleware.grouper.Attribute;
import edu.internet2.middleware.grouper.app.loader.GrouperLoaderConfig;
import edu.internet2.middleware.grouper.app.loader.LoaderJobBean;
import edu.internet2.middleware.grouper.cfg.GrouperConfig;
import edu.internet2.middleware.grouper.ddl.DdlUtilsChangeDatabase;
import edu.internet2.middleware.grouper.ddl.DdlVersionBean;
import edu.internet2.middleware.grouper.ddl.GrouperDdlUtils;
import edu.internet2.middleware.grouper.ddl.GrouperTestDdl;
import edu.internet2.middleware.grouper.hibernate.HibernateSession;
import edu.internet2.middleware.grouper.internal.dao.QueryOptions;
import edu.internet2.middleware.grouper.internal.util.GrouperUuid;
import edu.internet2.middleware.grouper.j2ee.MockServiceHandler;
import edu.internet2.middleware.grouper.j2ee.MockServiceRequest;
import edu.internet2.middleware.grouper.j2ee.MockServiceResponse;
import edu.internet2.middleware.grouper.j2ee.MockServiceServlet;
import edu.internet2.middleware.grouper.util.GrouperUtil;
import edu.internet2.middleware.grouperClient.jdbc.GcDbAccess;
import edu.internet2.middleware.morphString.Morph;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.commons.lang.StringUtils;
import org.apache.ddlutils.model.Database;

/* loaded from: input_file:edu/internet2/middleware/grouper/app/azure/AzureMockServiceHandler.class */
public class AzureMockServiceHandler extends MockServiceHandler {
    public static final Set<String> doNotLogParameters = GrouperUtil.toSet("client_secret");
    public static final Set<String> doNotLogHeaders = GrouperUtil.toSet("authorization");
    private static boolean mockTablesThere = false;
    private static long lastDeleteMillis = -1;

    @Override // edu.internet2.middleware.grouper.j2ee.MockServiceHandler
    public Set<String> doNotLogParameters() {
        return doNotLogParameters;
    }

    @Override // edu.internet2.middleware.grouper.j2ee.MockServiceHandler
    public Set<String> doNotLogHeaders() {
        return doNotLogHeaders;
    }

    public static void ensureAzureMockTables() {
        try {
            new GcDbAccess().sql("select count(*) from mock_azure_group").select(Integer.TYPE);
            new GcDbAccess().sql("select count(*) from mock_azure_user").select(Integer.TYPE);
            new GcDbAccess().sql("select count(*) from mock_azure_auth").select(Integer.TYPE);
            new GcDbAccess().sql("select count(*) from mock_azure_membership").select(Integer.TYPE);
        } catch (Exception e) {
            GrouperDdlUtils.changeDatabase(GrouperTestDdl.V1.getObjectName(), new DdlUtilsChangeDatabase() { // from class: edu.internet2.middleware.grouper.app.azure.AzureMockServiceHandler.1
                @Override // edu.internet2.middleware.grouper.ddl.DdlUtilsChangeDatabase
                public void changeDatabase(DdlVersionBean ddlVersionBean) {
                    Database database = ddlVersionBean.getDatabase();
                    GrouperAzureGroup.createTableAzureGroup(ddlVersionBean, database);
                    GrouperAzureAuth.createTableAzureAuth(ddlVersionBean, database);
                    GrouperAzureUser.createTableAzureUser(ddlVersionBean, database);
                    GrouperAzureMembership.createTableAzureMembership(ddlVersionBean, database);
                }
            });
        }
    }

    public static void dropAzureMockTables() {
        MockServiceServlet.dropMockTable("mock_azure_membership");
        MockServiceServlet.dropMockTable("mock_azure_user");
        MockServiceServlet.dropMockTable("mock_azure_group");
        MockServiceServlet.dropMockTable("mock_azure_auth");
    }

    @Override // edu.internet2.middleware.grouper.j2ee.MockServiceHandler
    public void handleRequest(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        if (!mockTablesThere) {
            ensureAzureMockTables();
        }
        mockTablesThere = true;
        if (GrouperUtil.length(mockServiceRequest.getPostMockNamePaths()) == 0) {
            throw new RuntimeException("Pass in a path!");
        }
        if (StringUtils.equals("GET", mockServiceRequest.getHttpServletRequest().getMethod())) {
            if ("groups".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 1 == mockServiceRequest.getPostMockNamePaths().length) {
                getGroups(mockServiceRequest, mockServiceResponse);
                return;
            }
            if ("groups".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 2 == mockServiceRequest.getPostMockNamePaths().length) {
                getGroup(mockServiceRequest, mockServiceResponse);
                return;
            }
            if ("groups".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 3 == mockServiceRequest.getPostMockNamePaths().length && GrouperConfig.LIST.equals(mockServiceRequest.getPostMockNamePaths()[2])) {
                getGroupMembers(mockServiceRequest, mockServiceResponse);
                return;
            }
            if ("users".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 1 == mockServiceRequest.getPostMockNamePaths().length) {
                getUsers(mockServiceRequest, mockServiceResponse);
                return;
            } else if ("users".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 2 == mockServiceRequest.getPostMockNamePaths().length) {
                getUser(mockServiceRequest, mockServiceResponse);
                return;
            }
        }
        if (StringUtils.equals("DELETE", mockServiceRequest.getHttpServletRequest().getMethod())) {
            if ("groups".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 2 == mockServiceRequest.getPostMockNamePaths().length) {
                deleteGroups(mockServiceRequest, mockServiceResponse);
                return;
            } else if ("groups".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 5 == mockServiceRequest.getPostMockNamePaths().length && GrouperConfig.LIST.equals(mockServiceRequest.getPostMockNamePaths()[2]) && "$ref".equals(mockServiceRequest.getPostMockNamePaths()[4])) {
                deleteMembership(mockServiceRequest, mockServiceResponse);
                return;
            }
        }
        if (StringUtils.equals("POST", mockServiceRequest.getHttpServletRequest().getMethod())) {
            if ("auth".equals(mockServiceRequest.getPostMockNamePaths()[0])) {
                postAuth(mockServiceRequest, mockServiceResponse);
                return;
            }
            if ("groups".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 1 == mockServiceRequest.getPostMockNamePaths().length) {
                postGroups(mockServiceRequest, mockServiceResponse);
                return;
            }
            if ("groups".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 4 == mockServiceRequest.getPostMockNamePaths().length && GrouperConfig.LIST.equals(mockServiceRequest.getPostMockNamePaths()[2]) && "$ref".equals(mockServiceRequest.getPostMockNamePaths()[3])) {
                postMembership(mockServiceRequest, mockServiceResponse);
                return;
            } else if ("users".equals(mockServiceRequest.getPostMockNamePaths()[0]) && 3 == mockServiceRequest.getPostMockNamePaths().length && "getMemberGroups".equals(mockServiceRequest.getPostMockNamePaths()[2])) {
                postUserGroups(mockServiceRequest, mockServiceResponse);
                return;
            }
        }
        if (!StringUtils.equals("PATCH", mockServiceRequest.getHttpServletRequest().getMethod()) || !"groups".equals(mockServiceRequest.getPostMockNamePaths()[0]) || 2 != mockServiceRequest.getPostMockNamePaths().length) {
            throw new RuntimeException("Not expecting request: '" + mockServiceRequest.getHttpServletRequest().getMethod() + "', '" + mockServiceRequest.getPostMockNamePath() + "'");
        }
        patchGroups(mockServiceRequest, mockServiceResponse);
    }

    public void checkAuthorization(MockServiceRequest mockServiceRequest) {
        String header = mockServiceRequest.getHttpServletRequest().getHeader("Authorization");
        if (!header.startsWith("Bearer ")) {
            throw new RuntimeException("Authorization token must start with 'Bearer '");
        }
        List list = HibernateSession.byHqlStatic().createQuery("from GrouperAzureAuth where accessToken = :theAccessToken").setString("theAccessToken", GrouperUtil.prefixOrSuffix(header, "Bearer ", false)).list(GrouperAzureAuth.class);
        if (GrouperUtil.length(list) != 1) {
            throw new RuntimeException("Invalid access token, not found!");
        }
        if (((GrouperAzureAuth) list.get(0)).getExpiresOnSeconds() < System.currentTimeMillis() / 1000) {
            throw new RuntimeException("Invalid access token, expired!");
        }
    }

    private void checkRequestContentType(MockServiceRequest mockServiceRequest) {
        if (!StringUtils.equals(mockServiceRequest.getHttpServletRequest().getContentType(), "application/json") && !StringUtils.startsWith(mockServiceRequest.getHttpServletRequest().getContentType(), "application/json;")) {
            throw new RuntimeException("Content type must be application/json");
        }
    }

    public void postGroups(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        checkAuthorization(mockServiceRequest);
        checkRequestContentType(mockServiceRequest);
        JsonNode jsonJacksonNode = GrouperUtil.jsonJacksonNode(mockServiceRequest.getRequestBody());
        GrouperUtil.assertion(GrouperUtil.length(GrouperUtil.jsonJacksonGetString(jsonJacksonNode, "displayName")) > 0, "displayName is required");
        GrouperUtil.assertion(GrouperUtil.length(GrouperUtil.jsonJacksonGetString(jsonJacksonNode, "displayName")) <= 256, "displayName must be less than 256");
        GrouperUtil.assertion(GrouperUtil.length(GrouperUtil.jsonJacksonGetString(jsonJacksonNode, "description")) <= 1024, "description must be less than 1024");
        GrouperUtil.assertion(GrouperUtil.jsonJacksonGetBoolean(jsonJacksonNode, "mailEnabled") != null, "mailEnabled is required");
        GrouperUtil.assertion(GrouperUtil.length(GrouperUtil.jsonJacksonGetString(jsonJacksonNode, "mailNickname")) > 0, "mailNickname is required");
        GrouperUtil.assertion(GrouperUtil.length(GrouperUtil.jsonJacksonGetString(jsonJacksonNode, "mailNickname")) <= 64, "displayName must be less than 64");
        GrouperUtil.assertion(GrouperUtil.jsonJacksonGetBoolean(jsonJacksonNode, "securityEnabled") != null, "securityEnabled is required");
        String jsonJacksonGetString = GrouperUtil.jsonJacksonGetString(jsonJacksonNode, "visibility");
        if (jsonJacksonGetString != null) {
            GrouperUtil.assertion(GrouperUtil.toSet("Private", GrouperAzureGroup.defaultVisibility, "HiddenMembership", GrouperAzureGroup.defaultVisibility).contains(jsonJacksonGetString), "visibility must be one of: 'Private', 'Public', 'HiddenMembership', 'Public', but was: '" + jsonJacksonGetString + "'");
        }
        GrouperUtil.assertion(GrouperUtil.length(GrouperUtil.jsonJacksonGetString(jsonJacksonNode, "id")) == 0, "id is forbidden");
        GrouperAzureGroup fromJson = GrouperAzureGroup.fromJson(jsonJacksonNode);
        fromJson.setId(GrouperUuid.getUuid());
        HibernateSession.byObjectStatic().save(fromJson);
        ObjectNode json = fromJson.toJson(null);
        mockServiceResponse.setResponseCode(201);
        mockServiceResponse.setContentType("application/json");
        mockServiceResponse.setResponseBody(GrouperUtil.jsonJacksonToString(json));
    }

    public void getGroups(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        List list;
        checkAuthorization(mockServiceRequest);
        checkRequestContentType(mockServiceRequest);
        String parameter = mockServiceRequest.getHttpServletRequest().getParameter("$filter");
        if (StringUtils.isBlank(parameter)) {
            list = HibernateSession.byHqlStatic().createQuery("from GrouperAzureGroup").list(GrouperAzureGroup.class);
        } else {
            Matcher matcher = Pattern.compile("^([^\\s]+)\\s+eq\\s+'(.+)'$").matcher(parameter);
            GrouperUtil.assertion(matcher.matches(), "doesnt match regex '" + parameter + "'");
            String group = matcher.group(1);
            String group2 = matcher.group(2);
            GrouperUtil.assertion(group.matches("^[a-zA-Z0-9]+$"), "field must be alphanumeric '" + group + "'");
            list = HibernateSession.byHqlStatic().createQuery("from GrouperAzureGroup where " + group + " = :theValue").setString("theValue", group2).list(GrouperAzureGroup.class);
        }
        ObjectNode jsonJacksonNode = GrouperUtil.jsonJacksonNode();
        ArrayNode jsonJacksonArrayNode = GrouperUtil.jsonJacksonArrayNode();
        jsonJacksonNode.put("@odata.context", GrouperUtil.stripLastSlashIfExists(GrouperLoaderConfig.retrieveConfig().propertyValueString("grouper.azureConnector.azure1.resourceEndpoint")) + "/$metadata#groups");
        Set<String> set = null;
        String parameter2 = mockServiceRequest.getHttpServletRequest().getParameter("$select");
        if (!StringUtils.isBlank(parameter2)) {
            set = GrouperUtil.toSet(GrouperUtil.split(parameter2, ","));
        }
        Iterator it = list.iterator();
        while (it.hasNext()) {
            jsonJacksonArrayNode.add(((GrouperAzureGroup) it.next()).toJson(set));
        }
        jsonJacksonNode.set(Attribute.FIELD_VALUE, jsonJacksonArrayNode);
        mockServiceResponse.setResponseCode(200);
        mockServiceResponse.setContentType("application/json");
        mockServiceResponse.setResponseBody(GrouperUtil.jsonJacksonToString(jsonJacksonNode));
    }

    public void getGroup(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        checkAuthorization(mockServiceRequest);
        checkRequestContentType(mockServiceRequest);
        String str = mockServiceRequest.getPostMockNamePaths()[1];
        GrouperUtil.assertion(GrouperUtil.length(str) > 0, "id is required");
        List list = HibernateSession.byHqlStatic().createQuery("from GrouperAzureGroup where id = :theId").setString("theId", str).list(GrouperAzureGroup.class);
        if (GrouperUtil.length(list) != 1) {
            if (GrouperUtil.length(list) != 0) {
                throw new RuntimeException("groupsById: " + GrouperUtil.length(list) + ", id: " + str);
            }
            mockServiceResponse.setResponseCode(404);
            return;
        }
        mockServiceResponse.setResponseCode(200);
        Set<String> set = null;
        String parameter = mockServiceRequest.getHttpServletRequest().getParameter("$select");
        if (!StringUtils.isBlank(parameter)) {
            set = GrouperUtil.toSet(GrouperUtil.split(parameter, ","));
        }
        mockServiceResponse.setContentType("application/json");
        mockServiceResponse.setResponseBody(GrouperUtil.jsonJacksonToString(((GrouperAzureGroup) list.get(0)).toJson(set)));
    }

    public void postAuth(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        String parameter = mockServiceRequest.getHttpServletRequest().getParameter("client_id");
        if (StringUtils.isBlank(parameter)) {
            throw new RuntimeException("client_id is required!");
        }
        Pattern compile = Pattern.compile("^grouper\\.azureConnector\\.([^.]+)\\.clientId$");
        String str = null;
        Iterator it = GrouperLoaderConfig.retrieveConfig().propertyNames().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            String str2 = (String) it.next();
            Matcher matcher = compile.matcher(str2);
            if (matcher.matches() && StringUtils.equals(GrouperLoaderConfig.retrieveConfig().propertyValueString(str2), parameter)) {
                str = matcher.group(1);
                break;
            }
        }
        if (StringUtils.isBlank(str)) {
            throw new RuntimeException("Cant find client id!");
        }
        if (!StringUtils.equals(Morph.decryptIfFile(GrouperLoaderConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".clientSecret")), mockServiceRequest.getHttpServletRequest().getParameter("client_secret"))) {
            throw new RuntimeException("Cant find client secret!");
        }
        String propertyValueStringRequired = GrouperLoaderConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".tenantId");
        if (4 != mockServiceRequest.getPostMockNamePaths().length || !StringUtils.equals(propertyValueStringRequired, mockServiceRequest.getPostMockNamePaths()[1]) || !StringUtils.equals("oauth2", mockServiceRequest.getPostMockNamePaths()[2]) || !StringUtils.equals("token", mockServiceRequest.getPostMockNamePaths()[3])) {
            throw new RuntimeException("Invalid request! expecting: auth/<tenantId>/oauth2/token");
        }
        if (!StringUtils.equals("client_credentials", mockServiceRequest.getHttpServletRequest().getParameter("grant_type"))) {
            throw new RuntimeException("Invalid request! client_credentials must equal 'grant_type'");
        }
        String propertyValueStringRequired2 = GrouperLoaderConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".resource");
        String parameter2 = mockServiceRequest.getHttpServletRequest().getParameter("resource");
        if (StringUtils.isBlank(propertyValueStringRequired2) || !StringUtils.equals(propertyValueStringRequired2, parameter2)) {
            throw new RuntimeException("Invalid request! resource: '" + parameter2 + "' must equal '" + propertyValueStringRequired2 + "'");
        }
        mockServiceResponse.setResponseCode(200);
        ObjectNode jsonJacksonNode = GrouperUtil.jsonJacksonNode();
        long currentTimeMillis = (System.currentTimeMillis() / 1000) + 60;
        jsonJacksonNode.put("expires_on", currentTimeMillis);
        String uuid = GrouperUuid.getUuid();
        GrouperAzureAuth grouperAzureAuth = new GrouperAzureAuth();
        grouperAzureAuth.setConfigId(str);
        grouperAzureAuth.setAccessToken(uuid);
        grouperAzureAuth.setExpiresOnSeconds(currentTimeMillis);
        HibernateSession.byObjectStatic().save(grouperAzureAuth);
        jsonJacksonNode.put("access_token", uuid);
        mockServiceResponse.setContentType("application/json");
        mockServiceResponse.setResponseBody(GrouperUtil.jsonJacksonToString(jsonJacksonNode));
        if (System.currentTimeMillis() - lastDeleteMillis > 3600000) {
            lastDeleteMillis = System.currentTimeMillis();
            int executeUpdateInt = HibernateSession.byHqlStatic().createQuery("delete from GrouperAzureAuth where expiresOnSeconds < :theExpiresOnSeconds").setLong("theExpiresOnSeconds", Long.valueOf((System.currentTimeMillis() / 1000) - 3600)).executeUpdateInt();
            if (executeUpdateInt > 0) {
                mockServiceRequest.getDebugMap().put("accessTokensDeleted", Integer.valueOf(executeUpdateInt));
            }
        }
    }

    public void deleteGroups(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        checkAuthorization(mockServiceRequest);
        checkRequestContentType(mockServiceRequest);
        String str = mockServiceRequest.getPostMockNamePaths()[1];
        GrouperUtil.assertion(GrouperUtil.length(str) > 0, "id is required");
        mockServiceRequest.getDebugMap().put("membershipsDeleted", Integer.valueOf(HibernateSession.byHqlStatic().createQuery("delete from GrouperAzureMembership where groupId = :theId").setString("theId", str).executeUpdateInt()));
        int executeUpdateInt = HibernateSession.byHqlStatic().createQuery("delete from GrouperAzureGroup where id = :theId").setString("theId", str).executeUpdateInt();
        if (executeUpdateInt == 1) {
            mockServiceResponse.setResponseCode(204);
        } else {
            if (executeUpdateInt != 0) {
                throw new RuntimeException("groupsDeleted: " + executeUpdateInt);
            }
            mockServiceResponse.setResponseCode(404);
        }
    }

    public void getUsers(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        List list;
        checkAuthorization(mockServiceRequest);
        checkRequestContentType(mockServiceRequest);
        String parameter = mockServiceRequest.getHttpServletRequest().getParameter("$filter");
        if (StringUtils.isBlank(parameter)) {
            list = HibernateSession.byHqlStatic().createQuery("from GrouperAzureUser").list(GrouperAzureUser.class);
        } else {
            Matcher matcher = Pattern.compile("^([^\\s]+)\\s+eq\\s+'(.+)'$").matcher(parameter);
            GrouperUtil.assertion(matcher.matches(), "doesnt match regex '" + parameter + "'");
            String group = matcher.group(1);
            String group2 = matcher.group(2);
            GrouperUtil.assertion(group.matches("^[a-zA-Z0-9]+$"), "field must be alphanumeric '" + group + "'");
            list = HibernateSession.byHqlStatic().createQuery("from GrouperAzureUser where " + group + " = :theValue").setString("theValue", group2).list(GrouperAzureUser.class);
        }
        ObjectNode jsonJacksonNode = GrouperUtil.jsonJacksonNode();
        ArrayNode jsonJacksonArrayNode = GrouperUtil.jsonJacksonArrayNode();
        Set<String> set = null;
        String parameter2 = mockServiceRequest.getHttpServletRequest().getParameter("$select");
        if (!StringUtils.isBlank(parameter2)) {
            set = GrouperUtil.toSet(GrouperUtil.split(parameter2, ","));
        }
        Iterator it = list.iterator();
        while (it.hasNext()) {
            jsonJacksonArrayNode.add(((GrouperAzureUser) it.next()).toJson(set));
        }
        jsonJacksonNode.set(Attribute.FIELD_VALUE, jsonJacksonArrayNode);
        mockServiceResponse.setResponseCode(200);
        mockServiceResponse.setContentType("application/json");
        mockServiceResponse.setResponseBody(GrouperUtil.jsonJacksonToString(jsonJacksonNode));
    }

    public void getUser(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        checkAuthorization(mockServiceRequest);
        checkRequestContentType(mockServiceRequest);
        String str = mockServiceRequest.getPostMockNamePaths()[1];
        GrouperUtil.assertion(GrouperUtil.length(str) > 0, "id is required");
        List list = HibernateSession.byHqlStatic().createQuery("from GrouperAzureUser where id = :theId or userPrincipalName = :theId2").setString("theId", str).setString("theId2", str).list(GrouperAzureUser.class);
        if (GrouperUtil.length(list) != 1) {
            if (GrouperUtil.length(list) != 0) {
                throw new RuntimeException("usersById: " + GrouperUtil.length(list) + ", id: " + str);
            }
            mockServiceResponse.setResponseCode(404);
            return;
        }
        mockServiceResponse.setResponseCode(200);
        Set<String> set = null;
        String parameter = mockServiceRequest.getHttpServletRequest().getParameter("$select");
        if (!StringUtils.isBlank(parameter)) {
            set = GrouperUtil.toSet(GrouperUtil.split(parameter, ","));
        }
        mockServiceResponse.setContentType("application/json");
        mockServiceResponse.setResponseBody(GrouperUtil.jsonJacksonToString(((GrouperAzureUser) list.get(0)).toJson(set)));
    }

    public void patchGroups(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        checkAuthorization(mockServiceRequest);
        checkRequestContentType(mockServiceRequest);
        JsonNode jsonJacksonNode = GrouperUtil.jsonJacksonNode(mockServiceRequest.getRequestBody());
        if (jsonJacksonNode.has("members@odata.bind")) {
            patchMemberships(mockServiceRequest, mockServiceResponse, jsonJacksonNode);
            return;
        }
        String str = mockServiceRequest.getPostMockNamePaths()[1];
        mockServiceRequest.getDebugMap().put("groupId", str);
        List list = HibernateSession.byHqlStatic().createQuery("from GrouperAzureGroup where id = :theId").setString("theId", str).list(GrouperAzureGroup.class);
        if (GrouperUtil.length(list) == 0) {
            mockServiceRequest.getDebugMap().put("cantFindGroup", true);
            mockServiceResponse.setResponseCode(404);
            return;
        }
        if (GrouperUtil.length(list) > 1) {
            throw new RuntimeException("Found multiple matched groups! " + GrouperUtil.length(list));
        }
        GrouperAzureGroup grouperAzureGroup = (GrouperAzureGroup) list.get(0);
        if (jsonJacksonNode.has("description")) {
            grouperAzureGroup.setDescription(GrouperUtil.jsonJacksonGetString(jsonJacksonNode, "description"));
        }
        if (jsonJacksonNode.has("displayName")) {
            grouperAzureGroup.setDisplayName(GrouperUtil.jsonJacksonGetString(jsonJacksonNode, "displayName"));
        }
        if (jsonJacksonNode.has(LoaderJobBean.FIELD_GROUP_TYPES)) {
            ArrayNode arrayNode = jsonJacksonNode.get(LoaderJobBean.FIELD_GROUP_TYPES);
            HashSet hashSet = new HashSet();
            for (int i = 0; i < arrayNode.size(); i++) {
                hashSet.add(arrayNode.get(i).asText());
            }
            grouperAzureGroup.setGroupTypeMailEnabled(Boolean.valueOf(hashSet.contains("MailEnabled")));
            grouperAzureGroup.setGroupTypeMailEnabledSecurity(Boolean.valueOf(hashSet.contains("MailEnabledSecurity")));
            grouperAzureGroup.setGroupTypeSecurity(Boolean.valueOf(hashSet.contains("Security")));
            grouperAzureGroup.setGroupTypeUnified(Boolean.valueOf(hashSet.contains("Unified")));
        }
        if (jsonJacksonNode.has("id")) {
            throw new RuntimeException("Cant update the id field!");
        }
        if (jsonJacksonNode.has("mailEnabled")) {
            grouperAzureGroup.setMailEnabled(GrouperUtil.jsonJacksonGetBoolean(jsonJacksonNode, "mailEnabled"));
        }
        if (jsonJacksonNode.has("mailNickname")) {
            grouperAzureGroup.setMailNickname(GrouperUtil.jsonJacksonGetString(jsonJacksonNode, "mailNickname"));
        }
        if (jsonJacksonNode.has("securityEnabled")) {
            grouperAzureGroup.setSecurityEnabled(GrouperUtil.jsonJacksonGetBoolean(jsonJacksonNode, "securityEnabled"));
        }
        if (jsonJacksonNode.has("visibility")) {
            grouperAzureGroup.setVisibilityDb(GrouperUtil.jsonJacksonGetString(jsonJacksonNode, "visibility"));
        }
        HibernateSession.byObjectStatic().saveOrUpdate(grouperAzureGroup);
        mockServiceResponse.setResponseCode(204);
        mockServiceResponse.setContentType("application/json");
    }

    public void patchMemberships(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse, JsonNode jsonNode) {
        GrouperUtil.assertion(jsonNode.has("members@odata.bind"), "members@odata.bind is required");
        ArrayNode arrayNode = jsonNode.get("members@odata.bind");
        GrouperUtil.assertion(arrayNode.size() > 0, "members@odata.bind needs elements");
        mockServiceRequest.getDebugMap().put(GrouperConfig.LIST, Integer.valueOf(arrayNode.size()));
        int min = Math.min(20, GrouperLoaderConfig.retrieveConfig().propertyValueInt("azureMembershipPagingSize", 20));
        GrouperUtil.assertion(arrayNode.size() <= min, "members@odata.bind cannot be more than " + min);
        String str = mockServiceRequest.getPostMockNamePaths()[1];
        mockServiceRequest.getDebugMap().put("groupId", str);
        if (GrouperUtil.length(HibernateSession.byHqlStatic().createQuery("from GrouperAzureGroup where id = :theId").setString("theId", str).list(GrouperAzureGroup.class)) == 0) {
            mockServiceRequest.getDebugMap().put("cantFindGroup", true);
            mockServiceResponse.setResponseCode(404);
            return;
        }
        int i = 204;
        String propertyValueString = GrouperLoaderConfig.retrieveConfig().propertyValueString("grouper.azureConnector.azure1.resourceEndpoint");
        for (int i2 = 0; i2 < arrayNode.size(); i2++) {
            String asText = arrayNode.get(i2).asText();
            GrouperUtil.assertion(asText.startsWith(GrouperUtil.stripLastSlashIfExists(propertyValueString) + "/directoryObjects/"), "@odata.id must start with " + GrouperUtil.stripLastSlashIfExists(propertyValueString) + "/directoryObjects/");
            String prefixOrSuffix = GrouperUtil.prefixOrSuffix(asText, GrouperUtil.stripLastSlashIfExists(propertyValueString) + "/directoryObjects/", false);
            if (GrouperUtil.length(HibernateSession.byHqlStatic().createQuery("from GrouperAzureMembership where groupId = :theGroupId and userId = :theUserId").setString("theGroupId", str).setString("theUserId", prefixOrSuffix).list(GrouperAzureMembership.class)) > 0) {
                i = 400;
            } else if (GrouperUtil.length(HibernateSession.byHqlStatic().createQuery("from GrouperAzureUser where id = :theId").setString("theId", prefixOrSuffix).list(GrouperAzureUser.class)) == 0) {
                mockServiceRequest.getDebugMap().put("cantFindUser", true);
                i = 404;
            } else {
                GrouperAzureMembership grouperAzureMembership = new GrouperAzureMembership();
                grouperAzureMembership.setId(GrouperUuid.getUuid());
                grouperAzureMembership.setGroupId(str);
                grouperAzureMembership.setUserId(prefixOrSuffix);
                HibernateSession.byObjectStatic().save(grouperAzureMembership);
            }
        }
        mockServiceResponse.setResponseCode(i);
    }

    public void postMembership(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        checkAuthorization(mockServiceRequest);
        checkRequestContentType(mockServiceRequest);
        JsonNode jsonJacksonNode = GrouperUtil.jsonJacksonNode(mockServiceRequest.getRequestBody());
        GrouperUtil.assertion(GrouperUtil.length(GrouperUtil.jsonJacksonGetString(jsonJacksonNode, "@odata.id")) > 0, "@odata.id is required");
        String str = GrouperUtil.stripLastSlashIfExists(GrouperLoaderConfig.retrieveConfig().propertyValueString("grouper.azureConnector.azure1.resourceEndpoint")) + "/directoryObjects/";
        GrouperUtil.assertion(GrouperUtil.jsonJacksonGetString(jsonJacksonNode, "@odata.id").startsWith(str), "@odata.id must start with " + str);
        String prefixOrSuffix = GrouperUtil.prefixOrSuffix(GrouperUtil.jsonJacksonGetString(jsonJacksonNode, "@odata.id"), str, false);
        mockServiceRequest.getDebugMap().put("userId", prefixOrSuffix);
        String str2 = mockServiceRequest.getPostMockNamePaths()[1];
        mockServiceRequest.getDebugMap().put("groupId", str2);
        if (GrouperUtil.length(HibernateSession.byHqlStatic().createQuery("from GrouperAzureMembership where groupId = :theGroupId and userId = :theUserId").setString("theGroupId", str2).setString("theUserId", prefixOrSuffix).list(GrouperAzureMembership.class)) > 0) {
            mockServiceResponse.setResponseCode(400);
            return;
        }
        if (GrouperUtil.length(HibernateSession.byHqlStatic().createQuery("from GrouperAzureGroup where id = :theId").setString("theId", str2).list(GrouperAzureGroup.class)) == 0) {
            mockServiceRequest.getDebugMap().put("cantFindGroup", true);
            mockServiceResponse.setResponseCode(404);
        } else {
            if (GrouperUtil.length(HibernateSession.byHqlStatic().createQuery("from GrouperAzureUser where id = :theId").setString("theId", prefixOrSuffix).list(GrouperAzureUser.class)) == 0) {
                mockServiceRequest.getDebugMap().put("cantFindUser", true);
                mockServiceResponse.setResponseCode(404);
                return;
            }
            GrouperAzureMembership grouperAzureMembership = new GrouperAzureMembership();
            grouperAzureMembership.setId(GrouperUuid.getUuid());
            grouperAzureMembership.setGroupId(str2);
            grouperAzureMembership.setUserId(prefixOrSuffix);
            HibernateSession.byObjectStatic().save(grouperAzureMembership);
            mockServiceResponse.setResponseCode(204);
        }
    }

    public void deleteMembership(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        checkAuthorization(mockServiceRequest);
        String str = mockServiceRequest.getPostMockNamePaths()[3];
        GrouperUtil.assertion(GrouperUtil.length(str) > 0, "userId is required");
        mockServiceRequest.getDebugMap().put("userId", str);
        String str2 = mockServiceRequest.getPostMockNamePaths()[1];
        GrouperUtil.assertion(GrouperUtil.length(str2) > 0, "userId is required");
        mockServiceRequest.getDebugMap().put("groupId", str2);
        if (HibernateSession.byHqlStatic().createQuery("delete from GrouperAzureMembership where groupId = :theGroupId and userId = :theUserId").setString("theGroupId", str2).setString("theUserId", str).executeUpdateInt() > 0) {
            mockServiceResponse.setResponseCode(204);
            return;
        }
        if (GrouperUtil.length(HibernateSession.byHqlStatic().createQuery("from GrouperAzureGroup where id = :theId").setString("theId", str2).list(GrouperAzureGroup.class)) == 0) {
            mockServiceRequest.getDebugMap().put("cantFindGroup", true);
        }
        if (GrouperUtil.length(HibernateSession.byHqlStatic().createQuery("from GrouperAzureUser where id = :theId").setString("theId", str).list(GrouperAzureUser.class)) == 0) {
            mockServiceRequest.getDebugMap().put("cantFindUser", true);
        }
        mockServiceRequest.getDebugMap().put("cantFindMembership", true);
        mockServiceResponse.setResponseCode(404);
    }

    public void getGroupMembers(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        checkAuthorization(mockServiceRequest);
        checkRequestContentType(mockServiceRequest);
        String str = mockServiceRequest.getPostMockNamePaths()[1];
        GrouperUtil.assertion(GrouperUtil.length(str) > 0, "id is required");
        GrouperUtil.assertion("id".equals(mockServiceRequest.getHttpServletRequest().getParameter("$select")), "$select must equal 'id'");
        int min = Math.min(Math.min(GrouperUtil.intValue(mockServiceRequest.getHttpServletRequest().getParameter("$top"), 100), 100), GrouperLoaderConfig.retrieveConfig().propertyValueInt("azureGetMembershipPagingSize", 100));
        mockServiceRequest.getDebugMap().put("pageSize", Integer.valueOf(min));
        String parameter = mockServiceRequest.getHttpServletRequest().getParameter("$skiptoken");
        mockServiceRequest.getDebugMap().put("skipToken", parameter);
        List<GrouperAzureMembership> list = StringUtils.isBlank(parameter) ? HibernateSession.byHqlStatic().createQuery("from GrouperAzureMembership where groupId = :theGroupId").setString("theGroupId", str).options(QueryOptions.create("userId", true, 1, Integer.valueOf(min + 1))).list(GrouperAzureMembership.class) : HibernateSession.byHqlStatic().createQuery("from GrouperAzureMembership where groupId = :theGroupId and userId > :skipToken").setString("theGroupId", str).setString("skipToken", parameter).options(QueryOptions.create("userId", true, 1, Integer.valueOf(min + 1))).list(GrouperAzureMembership.class);
        mockServiceRequest.getDebugMap().put("resultSize", Integer.valueOf(GrouperUtil.length(list)));
        mockServiceResponse.setContentType("application/json");
        ObjectNode jsonJacksonNode = GrouperUtil.jsonJacksonNode();
        if (GrouperUtil.length(list) == min + 1) {
            list.remove(list.size() - 1);
            String str2 = GrouperUtil.stripLastSlashIfExists(GrouperLoaderConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector.azure1.resourceEndpoint")) + "/groups/" + GrouperUtil.escapeUrlEncode(str) + "/members?$skiptoken=" + GrouperUtil.escapeUrlEncode(((GrouperAzureMembership) list.get(list.size() - 1)).getUserId()) + "&$top=" + min + "&$select=id";
            mockServiceRequest.getDebugMap().put("odataNextLink", str2);
            jsonJacksonNode.put("@odata.nextLink", str2);
        }
        jsonJacksonNode.put("@odata.context", GrouperUtil.stripLastSlashIfExists(GrouperLoaderConfig.retrieveConfig().propertyValueString("grouper.azureConnector.azure1.resourceEndpoint")) + "/$metadata#directoryObjects");
        mockServiceResponse.setResponseCode(200);
        if (GrouperUtil.length(list) > 0) {
            ArrayNode jsonJacksonArrayNode = GrouperUtil.jsonJacksonArrayNode();
            for (GrouperAzureMembership grouperAzureMembership : list) {
                ObjectNode jsonJacksonNode2 = GrouperUtil.jsonJacksonNode();
                jsonJacksonNode2.put("id", grouperAzureMembership.getUserId());
                jsonJacksonArrayNode.add(jsonJacksonNode2);
            }
            jsonJacksonNode.set(Attribute.FIELD_VALUE, jsonJacksonArrayNode);
        }
        mockServiceResponse.setResponseBody(GrouperUtil.jsonJacksonToString(jsonJacksonNode));
    }

    public void postUserGroups(MockServiceRequest mockServiceRequest, MockServiceResponse mockServiceResponse) {
        checkAuthorization(mockServiceRequest);
        String str = mockServiceRequest.getPostMockNamePaths()[1];
        GrouperUtil.assertion(GrouperUtil.length(str) > 0, "userId is required");
        List list = HibernateSession.byHqlStatic().createQuery("from GrouperAzureUser where id = :theId or userPrincipalName = :theId2").setString("theId", str).setString("theId2", str).list(GrouperAzureUser.class);
        if (GrouperUtil.length(list) != 1) {
            if (GrouperUtil.length(list) != 0) {
                throw new RuntimeException("usersById: " + GrouperUtil.length(list) + ", id: " + str);
            }
            mockServiceResponse.setResponseCode(404);
            return;
        }
        mockServiceResponse.setResponseCode(200);
        List list2 = HibernateSession.byHqlStatic().createQuery("from GrouperAzureMembership where userId = :theUserId").setString("theUserId", str).options(QueryOptions.create("userId", true, 1, Integer.valueOf(GrouperLoaderConfig.retrieveConfig().propertyValueInt("azureGetUserGroupsMax", 2046)))).list(GrouperAzureMembership.class);
        mockServiceResponse.setContentType("application/json");
        ObjectNode jsonJacksonNode = GrouperUtil.jsonJacksonNode();
        if (GrouperUtil.length(list2) > 0) {
            ArrayNode jsonJacksonArrayNode = GrouperUtil.jsonJacksonArrayNode();
            Iterator it = list2.iterator();
            while (it.hasNext()) {
                jsonJacksonArrayNode.add(((GrouperAzureMembership) it.next()).getGroupId());
            }
            jsonJacksonNode.set(Attribute.FIELD_VALUE, jsonJacksonArrayNode);
        }
        mockServiceResponse.setResponseBody(GrouperUtil.jsonJacksonToString(jsonJacksonNode));
    }
}
