package ru.org.openam.idm;

import ch.qos.logback.classic.spi.CallerData;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.sun.identity.common.CaseInsensitiveHashMap;
import com.sun.identity.idm.AMIdentity;
import com.sun.identity.idm.AMIdentityRepository;
import com.sun.identity.idm.IdRepoException;
import com.sun.identity.idm.IdSearchControl;
import com.sun.identity.idm.IdSearchOpModifier;
import com.sun.identity.idm.IdSearchResults;
import com.sun.identity.idm.IdServicesFactory;
import com.sun.identity.idm.IdType;
import com.sun.identity.idm.remote.IdRemoteCachedServicesImpl;
import com.sun.identity.security.AdminTokenAction;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import org.apache.batik.css.parser.CSSLexicalUnit;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;

/* loaded from: input_file:WEB-INF/lib/web-14.8.2.1.jar:ru/org/openam/idm/Identity.class */
public abstract class Identity {
    public static String defaultRealm = "/clients";
    public AMIdentity identity;
    public String realm;
    private String field;
    public String key;

    public Identity(AMIdentity aMIdentity) {
        this.identity = null;
        this.realm = defaultRealm;
        this.field = "uid";
        this.identity = aMIdentity;
        this.realm = aMIdentity.getRealm();
    }

    public String GetUID() {
        return StringUtils.startsWith(this.key, "id=") ? this.key : this.key;
    }

    public Identity(String str, String str2, String str3) {
        this.identity = null;
        this.realm = defaultRealm;
        this.field = "uid";
        this.realm = str;
        this.field = str2;
        this.key = str3.replace("*", "").replace(CallerData.NA, "").replace(CSSLexicalUnit.UNIT_TEXT_PERCENTAGE, "");
    }

    public abstract boolean initIdentity(Boolean bool) throws SSOException, IdRepoException, UserNotFoundException;

    public String getAttr(String str) throws SSOException, IdRepoException {
        return getAttr(str, "");
    }

    public String getAttr(String str, String str2) throws SSOException, IdRepoException {
        try {
            initIdentity(false);
            Set attribute = this.identity.getAttribute(str);
            if (attribute == null || attribute.size() == 0) {
                return str2;
            }
            if (attribute.size() != 1) {
                return attribute.toString();
            }
            String str3 = (String) attribute.iterator().next();
            return str3 == null ? str2 : str3;
        } catch (UserNotFoundException e) {
            throw new IdRepoException(e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public IdSearchResults search(String str) throws SSOException, IdRepoException {
        AMIdentityRepository aMIdentityRepository = new AMIdentityRepository((SSOToken) AccessController.doPrivileged((PrivilegedAction) AdminTokenAction.getInstance()), this.realm);
        IdSearchControl idSearchControl = new IdSearchControl();
        idSearchControl.setAllReturnAttributes(false);
        idSearchControl.setReturnAttributes(new HashSet(Arrays.asList(getKeyField())));
        idSearchControl.setMaxResults(2);
        return aMIdentityRepository.searchIdentities(getIdType(), str, idSearchControl);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public IdSearchResults search(Map<String, String> map) throws SSOException, IdRepoException {
        if (getLogger().isDebugEnabled()) {
            getLogger().debug("search id=* AND {}", map);
        }
        AMIdentityRepository aMIdentityRepository = new AMIdentityRepository((SSOToken) AccessController.doPrivileged((PrivilegedAction) AdminTokenAction.getInstance()), this.realm);
        IdSearchControl idSearchControl = new IdSearchControl();
        idSearchControl.setAllReturnAttributes(false);
        idSearchControl.setReturnAttributes(new HashSet(Arrays.asList(getKeyField())));
        idSearchControl.setMaxResults(2);
        HashMap hashMap = new HashMap();
        for (String str : map.keySet()) {
            HashSet hashSet = new HashSet();
            hashSet.add(map.get(str));
            hashMap.put(str, hashSet);
        }
        idSearchControl.setSearchModifiers(IdSearchOpModifier.AND, hashMap);
        return aMIdentityRepository.searchIdentities(getIdType(), "*", idSearchControl);
    }

    public void dirty(Set<String> set) {
        if (IdServicesFactory.getDataStoreServices() instanceof IdRemoteCachedServicesImpl) {
            IdServicesFactory.getDataStoreServices().dirtyCache(this.identity.getUniversalId(), 4, true, true, set);
            if (getLogger().isDebugEnabled()) {
                getLogger().debug("dirty cache for [{}]", set);
            }
        }
    }

    public void save(Map<String, Object> map) throws Exception {
        if (map == null || map.size() == 0) {
            return;
        }
        initIdentity(false);
        CaseInsensitiveHashMap caseInsensitiveHashMap = new CaseInsensitiveHashMap();
        this.identity.getAttributes(map.keySet());
        for (String str : map.keySet()) {
            HashSet hashSet = new HashSet();
            if (map.get(str) == null) {
                hashSet = null;
            } else if (map.get(str) instanceof Set) {
                hashSet = (HashSet) map.get(str);
            } else {
                hashSet.add((String) map.get(str));
            }
            Set attribute = this.identity.getAttribute(str);
            if (attribute == null) {
                attribute = new HashSet();
            }
            if (!attribute.equals(hashSet) && (hashSet != null || attribute.size() != 0)) {
                caseInsensitiveHashMap.put(str, hashSet);
            }
        }
        makeCN(caseInsensitiveHashMap);
        if (caseInsensitiveHashMap.size() <= 0) {
            if (getLogger().isDebugEnabled()) {
                getLogger().debug("ignore - not changed: uid=({}) ({})", this.identity.getUniversalId(), map);
                return;
            }
            return;
        }
        OnBeforeSave(caseInsensitiveHashMap);
        HashSet hashSet2 = new HashSet();
        CaseInsensitiveHashMap caseInsensitiveHashMap2 = new CaseInsensitiveHashMap();
        for (String str2 : caseInsensitiveHashMap.keySet()) {
            if (caseInsensitiveHashMap.get(str2) == null) {
                hashSet2.add(str2);
            } else {
                caseInsensitiveHashMap2.put(str2, caseInsensitiveHashMap.get(str2));
            }
        }
        if (hashSet2.size() > 0) {
            this.identity.removeAttributes(hashSet2);
        }
        if (caseInsensitiveHashMap2.size() > 0) {
            this.identity.setAttributes(caseInsensitiveHashMap2);
        }
        this.identity.store();
        dirty(caseInsensitiveHashMap.keySet());
        OnAfterSave(caseInsensitiveHashMap);
    }

    public void save(String str, Object obj) throws Exception {
        CaseInsensitiveHashMap caseInsensitiveHashMap = new CaseInsensitiveHashMap();
        caseInsensitiveHashMap.put(str, obj);
        save(caseInsensitiveHashMap);
    }

    protected void OnBeforeSave(Map<String, Set<String>> map) {
        getLogger().info("save {}: ({})", toString(), map.toString());
    }

    protected void OnAfterSave(Map<String, Set<String>> map) {
    }

    protected abstract IdType getIdType();

    protected abstract Logger getLogger();

    protected abstract String getKeyField();

    protected abstract void makeCN(CaseInsensitiveHashMap caseInsensitiveHashMap) throws SSOException, IdRepoException;

    public void delete() throws SSOException, IdRepoException {
        AMIdentityRepository aMIdentityRepository = new AMIdentityRepository((SSOToken) AccessController.doPrivileged((PrivilegedAction) AdminTokenAction.getInstance()), this.realm);
        HashSet hashSet = new HashSet();
        hashSet.add(this.identity);
        getLogger().info("delete identity {}: cn=({})", toString(), getAttr("cn"));
        aMIdentityRepository.deleteIdentities(hashSet);
        this.identity = null;
    }
}
