package com.mapr.security;

import com.mapr.baseutils.audit.AuditConstants;
import com.mapr.baseutils.utils.TTLCache;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.List;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;
import org.json.JSONArray;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/mapr/security/KeyCloakUserGroupHelper.class */
public class KeyCloakUserGroupHelper {
    private static KeyCloakUserGroupHelper instance;
    private static final Logger LOG = LoggerFactory.getLogger(KeyCloakUserGroupHelper.class);
    private String keyCloakUrl;
    private String keyCloakRealm;
    private String keyCloakClientId;
    private String keyCloakClientSecret;
    private int PAGE_SIZE;
    private TTLCache<String, Integer> usernameToUid;
    private TTLCache<Integer, String> uidToUsername;
    private TTLCache<String, List<Integer>> usernameToGids;
    private TTLCache<Integer, String> gidToGroupname;
    private TTLCache<String, Integer> groupnameToGid;

    public static KeyCloakUserGroupHelper getInstance(int i) {
        if (instance == null) {
            synchronized (KeyCloakUserGroupHelper.class) {
                if (instance == null) {
                    instance = new KeyCloakUserGroupHelper(i);
                }
            }
        }
        return instance;
    }

    public KeyCloakUserGroupHelper(int i) {
        this.keyCloakUrl = AuditConstants.EMPTY_STRING;
        this.keyCloakRealm = AuditConstants.EMPTY_STRING;
        this.keyCloakClientId = AuditConstants.EMPTY_STRING;
        this.keyCloakClientSecret = AuditConstants.EMPTY_STRING;
        this.PAGE_SIZE = 100;
        this.usernameToUid = new TTLCache<>(i);
        this.uidToUsername = new TTLCache<>(i);
        this.usernameToGids = new TTLCache<>(i);
        this.gidToGroupname = new TTLCache<>(i);
        this.groupnameToGid = new TTLCache<>(i);
    }

    public KeyCloakUserGroupHelper() {
        this.keyCloakUrl = AuditConstants.EMPTY_STRING;
        this.keyCloakRealm = AuditConstants.EMPTY_STRING;
        this.keyCloakClientId = AuditConstants.EMPTY_STRING;
        this.keyCloakClientSecret = AuditConstants.EMPTY_STRING;
        this.PAGE_SIZE = 100;
    }

    public void setKeyCloakUrlandRealm(String str) {
        String[] urlAndRealm = getUrlAndRealm(str, "/");
        if (urlAndRealm.length == 2) {
            this.keyCloakUrl = urlAndRealm[0];
            this.keyCloakRealm = urlAndRealm[1];
        }
    }

    public void setkeyCloakUrl(String str) {
        this.keyCloakUrl = str;
    }

    public String getkeyCloakUrl() {
        return this.keyCloakUrl;
    }

    public void setkeyCloakRealm(String str) {
        this.keyCloakRealm = str;
    }

    public String getkeyCloakRealm() {
        return this.keyCloakRealm;
    }

    public void setkeyCloakClientId(String str) {
        this.keyCloakClientId = str;
    }

    public String getkeyCloakClientId() {
        return this.keyCloakClientId;
    }

    public void setkeyCloakClientSecret(String str) {
        this.keyCloakClientSecret = str;
    }

    public String getkeyCloakClientSecret() {
        return this.keyCloakClientSecret;
    }

    public KeyCloakUserGroupHelper(String str, String str2, String str3) {
        this.keyCloakUrl = AuditConstants.EMPTY_STRING;
        this.keyCloakRealm = AuditConstants.EMPTY_STRING;
        this.keyCloakClientId = AuditConstants.EMPTY_STRING;
        this.keyCloakClientSecret = AuditConstants.EMPTY_STRING;
        this.PAGE_SIZE = 100;
        String[] urlAndRealm = getUrlAndRealm(str, "/");
        if (urlAndRealm.length == 2) {
            this.keyCloakUrl = urlAndRealm[0];
            this.keyCloakRealm = urlAndRealm[1];
        }
        this.keyCloakClientId = str2;
        this.keyCloakClientSecret = str3;
    }

    public String[] getUrlAndRealm(String str, String str2) {
        int lastIndexOf = str.lastIndexOf(str2);
        int i = -1;
        if (lastIndexOf != -1) {
            i = str.lastIndexOf(str2, lastIndexOf - 1);
        }
        return i == -1 ? new String[]{str} : new String[]{str.substring(0, i), str.substring(lastIndexOf + str2.length())};
    }

    public int getUserId(String str) {
        Integer num = this.usernameToUid.get(str);
        if (num != null) {
            LOG.debug("Found entry in usernameToUid cache");
            LOG.debug("UID is :" + num);
            return num.intValue();
        }
        try {
            LOG.debug("User name is {}, Other variables are url {}, realm {}, clientid {}, clientsecret {}", new Object[]{str, this.keyCloakUrl, this.keyCloakRealm, this.keyCloakClientId, this.keyCloakClientSecret});
            String fetchTokenFromKeycloak = fetchTokenFromKeycloak();
            LOG.debug("token is :" + fetchTokenFromKeycloak);
            String attr = getAttr(fetchUsingQuery(AuditConstants.USERNAME, str, fetchTokenFromKeycloak), AuditConstants.UID);
            LOG.debug("UID is :" + attr);
            int intValue = Integer.valueOf(attr).intValue();
            this.usernameToUid.put(str, Integer.valueOf(intValue));
            return intValue;
        } catch (Exception e) {
            LOG.error("User not found with username {} " + e.getMessage(), str);
            return -2;
        }
    }

    public int[] getGroups(String str) {
        List<Integer> list = this.usernameToGids.get(str);
        if (list != null) {
            LOG.debug("Found entry in usernameToGids cache");
            int[] array = list.stream().mapToInt((v0) -> {
                return v0.intValue();
            }).toArray();
            LOG.debug("Gids are :" + array);
            return array;
        }
        try {
            String fetchTokenFromKeycloak = fetchTokenFromKeycloak();
            LOG.debug("token is :" + fetchTokenFromKeycloak);
            List<Integer> extractKeyCloakGid = extractKeyCloakGid(fetchGroupsUsingKeyCloakUid(getValue(fetchUsingQuery(AuditConstants.USERNAME, str, fetchTokenFromKeycloak), "id"), fetchTokenFromKeycloak));
            if (extractKeyCloakGid.size() > 0) {
                this.usernameToGids.put(str, extractKeyCloakGid);
            }
            int[] array2 = extractKeyCloakGid.stream().mapToInt((v0) -> {
                return v0.intValue();
            }).toArray();
            LOG.debug("Gids are :" + array2);
            return array2;
        } catch (Exception e) {
            LOG.error("Groups not found for username " + str + " Got exception: " + e.getMessage());
            return null;
        }
    }

    public static int[] convertStringToIntArray(String str) {
        JSONArray jSONArray = new JSONArray(str);
        int[] iArr = new int[jSONArray.length()];
        for (int i = 0; i < jSONArray.length(); i++) {
            iArr[i] = Integer.parseInt(jSONArray.getString(i));
        }
        return iArr;
    }

    public int getGroupId(String str) {
        Integer num = this.groupnameToGid.get(str);
        if (num != null) {
            LOG.debug("Found entry in groupnameToGid cache");
            LOG.debug("GID is :" + num);
            return num.intValue();
        }
        try {
            String fetchTokenFromKeycloak = fetchTokenFromKeycloak();
            Integer valueOf = Integer.valueOf(getAttrFromObject(fetchGroupUsingId(getValue(fetchGroupUsingQuery(str, fetchTokenFromKeycloak), "id"), fetchTokenFromKeycloak), "gidNumber"));
            this.groupnameToGid.put(str, valueOf);
            LOG.debug("GID is :" + valueOf);
            return valueOf.intValue();
        } catch (Exception e) {
            LOG.error("Group Not found with groupname: " + str + "Got Exception: " + e.getMessage());
            return -1;
        }
    }

    public String getUsername(int i) {
        String str = this.uidToUsername.get(Integer.valueOf(i));
        if (str != null) {
            LOG.debug("Found entry in uidToUsername cache");
            LOG.debug("Username is :" + str);
            return str;
        }
        try {
            String value = getValue(fetchUsingQuery(AuditConstants.UID, String.valueOf(i), fetchTokenFromKeycloak()), AuditConstants.USERNAME);
            if (value.length() > 0) {
                this.uidToUsername.put(Integer.valueOf(i), value);
            }
            LOG.debug("Username is :" + value);
            return value;
        } catch (Exception e) {
            LOG.error("User Not found with uid " + i + " Got Exception:" + e.getMessage());
            return AuditConstants.EMPTY_STRING;
        }
    }

    public String getGroupname(int i) {
        String str = this.gidToGroupname.get(Integer.valueOf(i));
        if (str != null) {
            LOG.debug("Found entry in gidToGroupname cache");
            LOG.debug("Groupname is :" + str);
            return str;
        }
        try {
            fetchAllGroups(fetchTokenFromKeycloak());
            String orDefault = this.gidToGroupname.getOrDefault(Integer.valueOf(i), AuditConstants.EMPTY_STRING);
            if (orDefault.length() > 0) {
                this.gidToGroupname.put(Integer.valueOf(i), orDefault);
            }
            return orDefault;
        } catch (Exception e) {
            LOG.error(String.format("Group Not found with gid {} Got Exception:", Integer.valueOf(i)) + e.getMessage());
            return AuditConstants.EMPTY_STRING;
        }
    }

    private void fetchAllGroups(String str) throws Exception {
        CloseableHttpClient createDefault = HttpClients.createDefault();
        int i = 0;
        while (true) {
            int i2 = i;
            String format = String.format(this.keyCloakUrl + "/admin/realms/" + this.keyCloakRealm + "/groups?first=" + i2 + "&max=" + this.PAGE_SIZE, new Object[0]);
            HttpGet httpGet = new HttpGet(format);
            httpGet.setHeader("Authorization", "Bearer " + str);
            CloseableHttpResponse execute = createDefault.execute(httpGet);
            try {
                LOG.debug("Response Code " + execute.getStatusLine().getStatusCode() + "URL" + format);
                if (execute.getStatusLine().getStatusCode() != 200) {
                    if (execute != null) {
                        execute.close();
                        return;
                    }
                    return;
                }
                JSONArray jSONArray = new JSONArray(EntityUtils.toString(execute.getEntity(), "UTF-8"));
                if (jSONArray.length() == 0) {
                    if (execute != null) {
                        execute.close();
                        return;
                    }
                    return;
                } else {
                    processGroups(jSONArray, str);
                    if (execute != null) {
                        execute.close();
                    }
                    i = i2 + this.PAGE_SIZE;
                }
            } catch (Throwable th) {
                if (execute != null) {
                    try {
                        execute.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        }
    }

    private void processGroups(JSONArray jSONArray, String str) {
        for (int i = 0; i < jSONArray.length(); i++) {
            try {
                JSONObject jSONObject = jSONArray.getJSONObject(i);
                this.gidToGroupname.put(Integer.valueOf(getAttrFromObject(fetchGroupUsingId(jSONObject.getString("id"), str), "gidNumber")), jSONObject.getString("name"));
            } catch (Exception e) {
                LOG.error("Exception while queryin groups " + e.getMessage());
                return;
            }
        }
    }

    public String[] getGroupInfo(String str) {
        return new String[]{"aa", "bb"};
    }

    private String getValue(String str, String str2) {
        return new JSONArray(str).getJSONObject(0).getString(str2);
    }

    private String getAttr(String str, String str2) {
        return new JSONArray(str).getJSONObject(0).getJSONObject("attributes").getJSONArray(str2).getString(0);
    }

    private List<Integer> extractKeyCloakGid(String str) {
        try {
            ArrayList arrayList = new ArrayList();
            JSONArray jSONArray = new JSONArray(str);
            for (int i = 0; i < jSONArray.length(); i++) {
                arrayList.add(Integer.valueOf(getGroupId(jSONArray.getJSONObject(i).getString("name"))));
            }
            return arrayList;
        } catch (Exception e) {
            LOG.error("Exception while queryin groups " + e.getMessage());
            return null;
        }
    }

    private String getAttrFromObject(String str, String str2) {
        String string = new JSONObject(str).getJSONObject("attributes").getJSONArray(str2).getString(0);
        LOG.debug(string);
        return string;
    }

    private String getAttrList(String str, String str2) {
        return new JSONArray(str).getJSONObject(0).getJSONObject("attributes").getJSONArray(str2).toString();
    }

    private String fetchTokenFromKeycloak() throws IOException, NoSuchAlgorithmException, KeyManagementException {
        CloseableHttpClient createDefault = HttpClients.createDefault();
        HttpPost httpPost = new HttpPost(this.keyCloakUrl + "/realms/" + this.keyCloakRealm + "/protocol/openid-connect/token");
        ArrayList arrayList = new ArrayList();
        arrayList.add(new BasicNameValuePair("grant_type", "client_credentials"));
        arrayList.add(new BasicNameValuePair("client_id", this.keyCloakClientId));
        arrayList.add(new BasicNameValuePair("client_secret", this.keyCloakClientSecret));
        httpPost.setEntity(new UrlEncodedFormEntity(arrayList));
        CloseableHttpResponse execute = createDefault.execute(httpPost);
        try {
            if (execute.getStatusLine().getStatusCode() != 200) {
                if (execute != null) {
                    execute.close();
                }
                return AuditConstants.EMPTY_STRING;
            }
            String string = new JSONObject(EntityUtils.toString(execute.getEntity(), "UTF-8")).getString("access_token");
            if (execute != null) {
                execute.close();
            }
            return string;
        } catch (Throwable th) {
            if (execute != null) {
                try {
                    execute.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private String fetchGroupsUsingKeyCloakUid(String str, String str2) throws IOException, NoSuchAlgorithmException, KeyManagementException {
        CloseableHttpClient createDefault = HttpClients.createDefault();
        String format = String.format(this.keyCloakUrl + "/admin/realms/" + this.keyCloakRealm + "/users/%s/groups", str);
        HttpGet httpGet = new HttpGet(format);
        httpGet.setHeader("Authorization", "Bearer " + str2);
        CloseableHttpResponse execute = createDefault.execute(httpGet);
        try {
            LOG.debug("Response Code " + execute.getStatusLine().getStatusCode() + "URL" + format);
            if (execute.getStatusLine().getStatusCode() != 200) {
                if (execute != null) {
                    execute.close();
                }
                return AuditConstants.EMPTY_STRING;
            }
            String entityUtils = EntityUtils.toString(execute.getEntity(), "UTF-8");
            if (execute != null) {
                execute.close();
            }
            return entityUtils;
        } catch (Throwable th) {
            if (execute != null) {
                try {
                    execute.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private String fetchUsingQuery(String str, String str2, String str3) throws IOException, NoSuchAlgorithmException, KeyManagementException {
        CloseableHttpClient createDefault = HttpClients.createDefault();
        String format = String.format(this.keyCloakUrl + "/admin/realms/" + this.keyCloakRealm + "/users?q=%s:" + str2, str);
        HttpGet httpGet = new HttpGet(format);
        httpGet.setHeader("Authorization", "Bearer " + str3);
        CloseableHttpResponse execute = createDefault.execute(httpGet);
        try {
            LOG.debug("Response Code " + execute.getStatusLine().getStatusCode() + "URL" + format);
            if (execute.getStatusLine().getStatusCode() != 200) {
                if (execute != null) {
                    execute.close();
                }
                return AuditConstants.EMPTY_STRING;
            }
            String entityUtils = EntityUtils.toString(execute.getEntity(), "UTF-8");
            if (execute != null) {
                execute.close();
            }
            return entityUtils;
        } catch (Throwable th) {
            if (execute != null) {
                try {
                    execute.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private String fetchGroupUsingQuery(String str, String str2) throws IOException, NoSuchAlgorithmException, KeyManagementException {
        CloseableHttpClient createDefault = HttpClients.createDefault();
        String format = String.format(this.keyCloakUrl + "/admin/realms/" + this.keyCloakRealm + "/groups?search=%s", str);
        HttpGet httpGet = new HttpGet(format);
        httpGet.setHeader("Authorization", "Bearer " + str2);
        CloseableHttpResponse execute = createDefault.execute(httpGet);
        try {
            LOG.debug("Response Code " + execute.getStatusLine().getStatusCode() + "URL" + format);
            if (execute.getStatusLine().getStatusCode() != 200) {
                if (execute != null) {
                    execute.close();
                }
                return AuditConstants.EMPTY_STRING;
            }
            String entityUtils = EntityUtils.toString(execute.getEntity(), "UTF-8");
            if (execute != null) {
                execute.close();
            }
            return entityUtils;
        } catch (Throwable th) {
            if (execute != null) {
                try {
                    execute.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private String fetchGroupUsingId(String str, String str2) throws IOException, NoSuchAlgorithmException, KeyManagementException {
        CloseableHttpClient createDefault = HttpClients.createDefault();
        String format = String.format(this.keyCloakUrl + "/admin/realms/" + this.keyCloakRealm + "/groups/%s", str);
        HttpGet httpGet = new HttpGet(format);
        httpGet.setHeader("Authorization", "Bearer " + str2);
        CloseableHttpResponse execute = createDefault.execute(httpGet);
        try {
            LOG.debug("Response Code " + execute.getStatusLine().getStatusCode() + "URL" + format);
            if (execute.getStatusLine().getStatusCode() != 200) {
                if (execute != null) {
                    execute.close();
                }
                return AuditConstants.EMPTY_STRING;
            }
            String entityUtils = EntityUtils.toString(execute.getEntity(), "UTF-8");
            if (execute != null) {
                execute.close();
            }
            return entityUtils;
        } catch (Throwable th) {
            if (execute != null) {
                try {
                    execute.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }
}
