package org.georchestra.security;

import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Maps;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.function.Predicate;
import java.util.stream.Collectors;
import lombok.NonNull;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.georchestra.commons.security.SecurityHeaders;
import org.georchestra.ds.users.UserSchema;
import org.springframework.util.StringUtils;

/* loaded from: input_file:WEB-INF/classes/org/georchestra/security/LdapHeaderMappings.class */
public class LdapHeaderMappings {
    protected static final Log logger = LogFactory.getLog(LdapHeaderMappings.class.getPackage().getName());
    static final Set<String> FORBIDDEN_PROPERTIES = ImmutableSet.of(UserSchema.USER_PASSWORD_KEY, "manager.userPassword", UserSchema.MEMBER_OF, "org.member", "org.seeAlso.jpegPhoto");
    private static final Set<String> USER_ATTRIBUTES = ImmutableSet.copyOf((Collection) Arrays.asList(UserSchema.TELEPHONE_KEY, "mail", UserSchema.POSTAL_ADDRESS_KEY, "description", "cn", "title", "objectClass", UserSchema.UID_KEY, UserSchema.GIVEN_NAME_KEY, UserSchema.SURNAME_KEY, UserSchema.NOTE_KEY, "georchestraObjectIdentifier"));
    private static final Set<String> MANAGER_ATTRIBUTES = ImmutableSet.copyOf((Collection) Arrays.asList("manager.uid", "manager.mail", "manager.givenName", "manager.description", "manager.sn", "manager.cn", "manager.objectClass"));
    private static final Set<String> ORGANIZATION_ATTRIBUTES = ImmutableSet.copyOf((Collection) Arrays.asList("org.ou", "org.description", "org.cn", "org.objectClass", "org.o", "org.seeAlso.labeledURI", "org.seeAlso.businessCategory", "org.seeAlso.postalAddress", "org.seeAlso.description", "org.seeAlso.knowledgeInformation", "org.seeAlso.objectClass", "org.seeAlso.o", "org.seeAlso.georchestraObjectIdentifier"));
    static final Set<String> ALL_VALID_ATTRIBUTES = ImmutableSet.builder().addAll((Iterable) USER_ATTRIBUTES).addAll((Iterable) MANAGER_ATTRIBUTES).addAll((Iterable) ORGANIZATION_ATTRIBUTES).build();
    static final Map<String, String> EMBEDDED_MAPPINGS = ImmutableMap.of(SecurityHeaders.SEC_ORG, "org.cn", SecurityHeaders.SEC_ORGNAME, "org.o");
    private HeaderMappings defaultMappings = HeaderMappings.valueOf(EMBEDDED_MAPPINGS);
    Map<String, HeaderMappings> serviceMappings = new HashMap();

    /* loaded from: input_file:WEB-INF/classes/org/georchestra/security/LdapHeaderMappings$HeaderMapping.class */
    public static final class HeaderMapping {

        @NonNull
        private final String headerName;

        @NonNull
        private final String ldapAttribute;

        @NonNull
        private final Encoding encoding;

        @NonNull
        private final String fullPropertyName;

        /* loaded from: input_file:WEB-INF/classes/org/georchestra/security/LdapHeaderMappings$HeaderMapping$Encoding.class */
        public enum Encoding {
            NONE,
            BASE64
        }

        public String encode(String... strArr) {
            if (this.encoding == Encoding.BASE64) {
                return SecurityHeaders.encodeBase64(strArr);
            }
            if (strArr == null) {
                return null;
            }
            return strArr.length == 1 ? strArr[0] : (String) Arrays.stream(strArr).collect(Collectors.joining(","));
        }

        static HeaderMapping valueOf(String str, String str2) {
            return new HeaderMapping(str, removePrefix(stripEncoding(str2)), getEncoding(str2), str2);
        }

        static String stripEncoding(String str) {
            int indexOf = str.indexOf(58);
            if (indexOf > -1) {
                str = str.substring(indexOf + 1);
            }
            return str;
        }

        static Encoding getEncoding(String str) {
            int indexOf = str.indexOf(58);
            if (indexOf <= -1) {
                return Encoding.NONE;
            }
            String substring = str.substring(0, indexOf);
            try {
                return Encoding.valueOf(substring.toUpperCase());
            } catch (IllegalArgumentException e) {
                throw new IllegalArgumentException("Invalid encoding '" + substring + "' for " + str + ". expected one of: " + ((String) Arrays.stream(Encoding.values()).map(encoding -> {
                    return encoding.toString().toLowerCase();
                }).collect(Collectors.joining(","))), e);
            }
        }

        private static String removePrefix(String str) {
            return str.startsWith("org.seeAlso.") ? str.substring("org.seeAlso.".length()) : str.startsWith("org.") ? str.substring("org.".length()) : str.startsWith("manager.") ? str.substring("manager.".length()) : str;
        }

        public String toString() {
            return String.format("%s=%s", this.headerName, this.fullPropertyName);
        }

        public HeaderMapping(@NonNull String str, @NonNull String str2, @NonNull Encoding encoding, @NonNull String str3) {
            if (str == null) {
                throw new NullPointerException("headerName is marked non-null but is null");
            }
            if (str2 == null) {
                throw new NullPointerException("ldapAttribute is marked non-null but is null");
            }
            if (encoding == null) {
                throw new NullPointerException("encoding is marked non-null but is null");
            }
            if (str3 == null) {
                throw new NullPointerException("fullPropertyName is marked non-null but is null");
            }
            this.headerName = str;
            this.ldapAttribute = str2;
            this.encoding = encoding;
            this.fullPropertyName = str3;
        }

        @NonNull
        public String getHeaderName() {
            return this.headerName;
        }

        @NonNull
        public String getLdapAttribute() {
            return this.ldapAttribute;
        }

        @NonNull
        public Encoding getEncoding() {
            return this.encoding;
        }

        @NonNull
        public String getFullPropertyName() {
            return this.fullPropertyName;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof HeaderMapping)) {
                return false;
            }
            HeaderMapping headerMapping = (HeaderMapping) obj;
            String headerName = getHeaderName();
            String headerName2 = headerMapping.getHeaderName();
            if (headerName == null) {
                if (headerName2 != null) {
                    return false;
                }
            } else if (!headerName.equals(headerName2)) {
                return false;
            }
            String ldapAttribute = getLdapAttribute();
            String ldapAttribute2 = headerMapping.getLdapAttribute();
            if (ldapAttribute == null) {
                if (ldapAttribute2 != null) {
                    return false;
                }
            } else if (!ldapAttribute.equals(ldapAttribute2)) {
                return false;
            }
            Encoding encoding = getEncoding();
            Encoding encoding2 = headerMapping.getEncoding();
            if (encoding == null) {
                if (encoding2 != null) {
                    return false;
                }
            } else if (!encoding.equals(encoding2)) {
                return false;
            }
            String fullPropertyName = getFullPropertyName();
            String fullPropertyName2 = headerMapping.getFullPropertyName();
            return fullPropertyName == null ? fullPropertyName2 == null : fullPropertyName.equals(fullPropertyName2);
        }

        public int hashCode() {
            String headerName = getHeaderName();
            int hashCode = (1 * 59) + (headerName == null ? 43 : headerName.hashCode());
            String ldapAttribute = getLdapAttribute();
            int hashCode2 = (hashCode * 59) + (ldapAttribute == null ? 43 : ldapAttribute.hashCode());
            Encoding encoding = getEncoding();
            int hashCode3 = (hashCode2 * 59) + (encoding == null ? 43 : encoding.hashCode());
            String fullPropertyName = getFullPropertyName();
            return (hashCode3 * 59) + (fullPropertyName == null ? 43 : fullPropertyName.hashCode());
        }
    }

    /* loaded from: input_file:WEB-INF/classes/org/georchestra/security/LdapHeaderMappings$HeaderMappings.class */
    public static final class HeaderMappings {
        private final List<HeaderMapping> userHeaders;
        private final List<HeaderMapping> userManagerHeaders;
        private final List<HeaderMapping> orgHeaders;
        private final List<HeaderMapping> orgExtensionHeaders;

        static HeaderMappings valueOf(Map<String, String> map) {
            return new HeaderMappings(valueOf(map, entry -> {
                return LdapHeaderMappings.isUserProperty(entry);
            }), valueOf(map, entry2 -> {
                return LdapHeaderMappings.isManagerProperty(entry2);
            }), valueOf(map, entry3 -> {
                return LdapHeaderMappings.isOrgProperty(entry3);
            }), valueOf(map, entry4 -> {
                return LdapHeaderMappings.isOrgExtProperty(entry4);
            }));
        }

        private static List<HeaderMapping> valueOf(Map<String, String> map, Predicate<Map.Entry<String, String>> predicate) {
            return (List) map.entrySet().stream().filter(predicate).map(HeaderMappings::toMapping).collect(ImmutableList.toImmutableList());
        }

        private static HeaderMapping toMapping(Map.Entry<String, String> entry) {
            return HeaderMapping.valueOf(entry.getKey(), entry.getValue());
        }

        public List<HeaderMapping> all() {
            ArrayList arrayList = new ArrayList(this.userHeaders);
            arrayList.addAll(this.userManagerHeaders);
            arrayList.addAll(this.orgHeaders);
            arrayList.addAll(this.orgExtensionHeaders);
            return arrayList;
        }

        Map<String, String> toMap() {
            HashMap hashMap = new HashMap();
            getUserHeaders().forEach(headerMapping -> {
                hashMap.put(headerMapping.getHeaderName(), headerMapping.getFullPropertyName());
            });
            getOrgHeaders().forEach(headerMapping2 -> {
                hashMap.put(headerMapping2.getHeaderName(), headerMapping2.getFullPropertyName());
            });
            getOrgExtensionHeaders().forEach(headerMapping3 -> {
                hashMap.put(headerMapping3.getHeaderName(), headerMapping3.getFullPropertyName());
            });
            getUserManagerHeaders().forEach(headerMapping4 -> {
                hashMap.put(headerMapping4.getHeaderName(), headerMapping4.getFullPropertyName());
            });
            return hashMap;
        }

        public HeaderMappings(List<HeaderMapping> list, List<HeaderMapping> list2, List<HeaderMapping> list3, List<HeaderMapping> list4) {
            this.userHeaders = list;
            this.userManagerHeaders = list2;
            this.orgHeaders = list3;
            this.orgExtensionHeaders = list4;
        }

        public List<HeaderMapping> getUserHeaders() {
            return this.userHeaders;
        }

        public List<HeaderMapping> getUserManagerHeaders() {
            return this.userManagerHeaders;
        }

        public List<HeaderMapping> getOrgHeaders() {
            return this.orgHeaders;
        }

        public List<HeaderMapping> getOrgExtensionHeaders() {
            return this.orgExtensionHeaders;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof HeaderMappings)) {
                return false;
            }
            HeaderMappings headerMappings = (HeaderMappings) obj;
            List<HeaderMapping> userHeaders = getUserHeaders();
            List<HeaderMapping> userHeaders2 = headerMappings.getUserHeaders();
            if (userHeaders == null) {
                if (userHeaders2 != null) {
                    return false;
                }
            } else if (!userHeaders.equals(userHeaders2)) {
                return false;
            }
            List<HeaderMapping> userManagerHeaders = getUserManagerHeaders();
            List<HeaderMapping> userManagerHeaders2 = headerMappings.getUserManagerHeaders();
            if (userManagerHeaders == null) {
                if (userManagerHeaders2 != null) {
                    return false;
                }
            } else if (!userManagerHeaders.equals(userManagerHeaders2)) {
                return false;
            }
            List<HeaderMapping> orgHeaders = getOrgHeaders();
            List<HeaderMapping> orgHeaders2 = headerMappings.getOrgHeaders();
            if (orgHeaders == null) {
                if (orgHeaders2 != null) {
                    return false;
                }
            } else if (!orgHeaders.equals(orgHeaders2)) {
                return false;
            }
            List<HeaderMapping> orgExtensionHeaders = getOrgExtensionHeaders();
            List<HeaderMapping> orgExtensionHeaders2 = headerMappings.getOrgExtensionHeaders();
            return orgExtensionHeaders == null ? orgExtensionHeaders2 == null : orgExtensionHeaders.equals(orgExtensionHeaders2);
        }

        public int hashCode() {
            List<HeaderMapping> userHeaders = getUserHeaders();
            int hashCode = (1 * 59) + (userHeaders == null ? 43 : userHeaders.hashCode());
            List<HeaderMapping> userManagerHeaders = getUserManagerHeaders();
            int hashCode2 = (hashCode * 59) + (userManagerHeaders == null ? 43 : userManagerHeaders.hashCode());
            List<HeaderMapping> orgHeaders = getOrgHeaders();
            int hashCode3 = (hashCode2 * 59) + (orgHeaders == null ? 43 : orgHeaders.hashCode());
            List<HeaderMapping> orgExtensionHeaders = getOrgExtensionHeaders();
            return (hashCode3 * 59) + (orgExtensionHeaders == null ? 43 : orgExtensionHeaders.hashCode());
        }

        public String toString() {
            return "LdapHeaderMappings.HeaderMappings(userHeaders=" + getUserHeaders() + ", userManagerHeaders=" + getUserManagerHeaders() + ", orgHeaders=" + getOrgHeaders() + ", orgExtensionHeaders=" + getOrgExtensionHeaders() + ")";
        }
    }

    public void loadFrom(Map<String, String> map) {
        Map<String, String> filterKeys = Maps.filterKeys(map, this::includeConfigProp);
        Map<String, String> loadDefaultMappings = loadDefaultMappings(filterKeys);
        Map<String, Map<String, String>> loadPerServiceMappings = loadPerServiceMappings(filterKeys, loadDefaultMappings);
        this.defaultMappings = HeaderMappings.valueOf(loadDefaultMappings);
        this.serviceMappings = new HashMap();
        loadPerServiceMappings.forEach((str, map2) -> {
            this.serviceMappings.put(str, HeaderMappings.valueOf(map2));
        });
    }

    private boolean includeConfigProp(String str) {
        return (str == null || str.contains("send-json-sec-user") || str.contains("send-json-sec-organization")) ? false : true;
    }

    public HeaderMappings getDefaultMappings() {
        return this.defaultMappings;
    }

    public HeaderMappings getMappings(@NonNull String str) {
        if (str == null) {
            throw new NullPointerException("targetServiceName is marked non-null but is null");
        }
        HeaderMappings headerMappings = this.serviceMappings.get(str);
        return null == headerMappings ? getDefaultMappings() : headerMappings;
    }

    private Map<String, String> loadDefaultMappings(Map<String, String> map) {
        HashMap hashMap = new HashMap(EMBEDDED_MAPPINGS);
        hashMap.forEach((str, str2) -> {
            logger.info(String.format("Added embedded header mapping %s=%s", str, str2));
        });
        map.entrySet().stream().filter(LdapHeaderMappings::isGlobalHeader).map(LdapHeaderMappings::validateTargetProperty).forEach(entry -> {
            String str3 = (String) entry.getKey();
            String str4 = (String) entry.getValue();
            logger.info(String.format("Loaded default header mapping %s=%s", str3, str4));
            hashMap.put(str3, str4);
        });
        return hashMap;
    }

    private Map<String, Map<String, String>> loadPerServiceMappings(Map<String, String> map, Map<String, String> map2) {
        HashMap hashMap = new HashMap();
        map.entrySet().stream().filter(LdapHeaderMappings::isServiceSpecificHeader).map(LdapHeaderMappings::validateTargetProperty).forEach(entry -> {
            int indexOf = ((String) entry.getKey()).indexOf(46);
            String substring = ((String) entry.getKey()).substring(0, indexOf);
            String substring2 = ((String) entry.getKey()).substring(indexOf + 1);
            String str = (String) entry.getValue();
            Map map3 = (Map) hashMap.computeIfAbsent(substring, str2 -> {
                return new HashMap(map2);
            });
            map3.put(substring2, str);
            if (!map2.containsKey(substring2)) {
                logger.info(String.format("Loaded header mapping for service %s: %s=%s", substring, substring2, str));
                return;
            }
            String str3 = (String) map2.get(substring2);
            if (str3.equals(str)) {
                return;
            }
            logger.info(String.format("Loaded header mapping for service %s: %s=%s, overrides default header %s=%s", substring, substring2, map3.get(substring2), substring2, str3));
        });
        return hashMap;
    }

    static Map.Entry<String, String> validateTargetProperty(Map.Entry<String, String> entry) {
        String str = null;
        String key = entry.getKey();
        if (StringUtils.hasLength(entry.getValue())) {
            String stripEncoding = HeaderMapping.stripEncoding(entry.getValue());
            if (!StringUtils.hasLength(stripEncoding)) {
                str = String.format("No target attribute is defined for header '%s'.", key);
            } else if (FORBIDDEN_PROPERTIES.contains(stripEncoding)) {
                str = String.format("Target attribute '%s' configured for header '%s' is forbidden.", stripEncoding, key);
            } else if (!ALL_VALID_ATTRIBUTES.contains(stripEncoding)) {
                str = String.format("Target attribute '%s' configured for header '%s' does not exist.", stripEncoding, key);
            }
        } else {
            str = String.format("No target attribute is defined for header '%s'.", key);
        }
        if (str == null) {
            return entry;
        }
        logger.error(str);
        throw new IllegalArgumentException(str);
    }

    static boolean isGlobalHeader(Map.Entry<String, String> entry) {
        return entry.getKey().indexOf(46) == -1;
    }

    static boolean isServiceSpecificHeader(Map.Entry<String, String> entry) {
        if (isGlobalHeader(entry)) {
            return false;
        }
        String key = entry.getKey();
        if (key.indexOf(46) < 1 || key.indexOf(46) != key.lastIndexOf(46)) {
            throw new IllegalArgumentException("Invalid header name, expected '<header-name>' or '<service>.<header-name>', got '" + key + "'");
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean isUserProperty(Map.Entry<String, String> entry) {
        return entry.getValue().indexOf(46) == -1;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean isManagerProperty(Map.Entry<String, String> entry) {
        return HeaderMapping.stripEncoding(entry.getValue()).startsWith("manager.");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean isOrgProperty(Map.Entry<String, String> entry) {
        return !isOrgExtProperty(entry) && HeaderMapping.stripEncoding(entry.getValue()).startsWith("org.");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean isOrgExtProperty(Map.Entry<String, String> entry) {
        return HeaderMapping.stripEncoding(entry.getValue()).startsWith("org.seeAlso.");
    }
}
