package com.sun.identity.federation.cli;

import com.iplanet.sso.SSOException;
import com.sun.identity.cli.AuthenticatedCommand;
import com.sun.identity.cli.CLIException;
import com.sun.identity.cli.ExitCodes;
import com.sun.identity.cli.RequestContext;
import com.sun.identity.federation.accountmgmt.FSAccountFedInfo;
import com.sun.identity.federation.accountmgmt.FSAccountFedInfoKey;
import com.sun.identity.federation.accountmgmt.FSAccountMgmtException;
import com.sun.identity.federation.accountmgmt.FSAccountUtils;
import com.sun.identity.federation.meta.IDFFMetaException;
import com.sun.identity.federation.meta.IDFFMetaManager;
import com.sun.identity.idm.AMIdentity;
import com.sun.identity.idm.IdRepoException;
import com.sun.identity.idm.IdUtils;
import com.sun.identity.saml.assertion.NameIdentifier;
import com.sun.identity.saml.common.SAMLException;
import com.sun.identity.saml2.assertion.AssertionFactory;
import com.sun.identity.saml2.assertion.NameID;
import com.sun.identity.saml2.common.NameIDInfo;
import com.sun.identity.saml2.common.NameIDInfoKey;
import com.sun.identity.saml2.common.SAML2Exception;
import com.sun.identity.saml2.meta.SAML2MetaException;
import com.sun.identity.saml2.meta.SAML2MetaManager;
import java.io.BufferedReader;
import java.io.FileReader;
import java.io.IOException;
import java.text.MessageFormat;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;

/* loaded from: input_file:com/sun/identity/federation/cli/ImportBulkFederationData.class */
public class ImportBulkFederationData extends AuthenticatedCommand {
    static final String ARGUMENT_METADATA = "metaalias";
    static final String ARGUMENT_BULK_DATA = "bulk-data-file";
    private String metaAlias;
    private String bulkFedData;
    private String spec;
    boolean isIDP;
    private String localEntityId;
    private String remoteEntityId;

    @Override // com.sun.identity.cli.AuthenticatedCommand, com.sun.identity.cli.CLICommandBase, com.sun.identity.cli.CLICommand
    public void handleRequest(RequestContext requestContext) throws CLIException {
        super.handleRequest(requestContext);
        ldapLogin();
        this.metaAlias = getStringOptionValue(ARGUMENT_METADATA);
        this.bulkFedData = getStringOptionValue(ARGUMENT_BULK_DATA);
        this.spec = FederationManager.getIDFFSubCommandSpecification(requestContext);
        String[] strArr = {this.metaAlias, this.bulkFedData, this.spec};
        writeLog(0, Level.INFO, "ATTEMPT_IMPORT_BULK_FED_DATA", strArr);
        try {
            if (this.spec.equals(FedCLIConstants.SAML2_SPECIFICATION)) {
                saml2GetRoleAndEntityId();
                HashMap hashMap = new HashMap();
                validateFile(hashMap);
                handleSAML2Request(hashMap);
                writeLog(0, Level.INFO, "SUCCEEDED_IMPORT_BULK_FED_DATA", strArr);
            } else {
                if (!this.spec.equals(FedCLIConstants.IDFF_SPECIFICATION)) {
                    throw new CLIException(getResourceString("unsupported-specification"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
                }
                idffGetRoleAndEntityId();
                HashMap hashMap2 = new HashMap();
                validateFile(hashMap2);
                handleIDFFRequest(hashMap2);
                writeLog(0, Level.INFO, "SUCCEEDED_IMPORT_BULK_FED_DATA", strArr);
            }
        } catch (CLIException e) {
            writeLog(1, Level.INFO, "FAILED_IMPORT_BULK_FED_DATA", this.metaAlias, this.bulkFedData, this.spec, e.getMessage());
            throw e;
        }
    }

    private void idffGetRoleAndEntityId() throws CLIException {
        try {
            IDFFMetaManager iDFFMetaManager = new IDFFMetaManager(this.ssoToken);
            String providerRoleByMetaAlias = iDFFMetaManager.getProviderRoleByMetaAlias(this.metaAlias);
            if (providerRoleByMetaAlias == null) {
                throw new CLIException(MessageFormat.format(getResourceString("import-bulk-federation-data-unknown-metaalias"), this.metaAlias), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
            }
            this.isIDP = providerRoleByMetaAlias.equals("IDP");
            this.localEntityId = iDFFMetaManager.getEntityIDByMetaAlias(this.metaAlias);
        } catch (IDFFMetaException e) {
            debugError("ImportBulkFederationData.idffGetRoleAndEntityId", e);
            throw new CLIException(MessageFormat.format(getResourceString("import-bulk-federation-data-unknown-metaalias"), this.metaAlias), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        }
    }

    private void saml2GetRoleAndEntityId() throws CLIException {
        try {
            SAML2MetaManager sAML2MetaManager = new SAML2MetaManager(this.ssoToken);
            String roleByMetaAlias = sAML2MetaManager.getRoleByMetaAlias(this.metaAlias);
            if (roleByMetaAlias.equals("UNKNOWN")) {
                throw new CLIException(MessageFormat.format(getResourceString("import-bulk-federation-data-unknown-metaalias"), this.metaAlias), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
            }
            this.isIDP = roleByMetaAlias.equals("IDPRole");
            this.localEntityId = sAML2MetaManager.getEntityByMetaAlias(this.metaAlias);
        } catch (SAML2MetaException e) {
            debugError("ImportBulkFederationData.idffGetRoleAndEntityId", e);
            throw new CLIException(MessageFormat.format(getResourceString("import-bulk-federation-data-unknown-metaalias"), this.metaAlias), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        }
    }

    private void handleSAML2Request(Map map) throws CLIException {
        for (Map.Entry entry : map.entrySet()) {
            saml2FederateUser((String) entry.getKey(), (String) entry.getValue());
        }
        getOutputWriter().printlnMessage(getResourceString("import-bulk-federation-data-succeeded"));
    }

    private void handleIDFFRequest(Map map) throws CLIException {
        for (Map.Entry entry : map.entrySet()) {
            idffFederateUser((String) entry.getKey(), (String) entry.getValue());
        }
        getOutputWriter().printlnMessage(getResourceString("import-bulk-federation-data-succeeded"));
    }

    private void validateFile(Map map) throws CLIException {
        BufferedReader bufferedReader = null;
        try {
            try {
                BufferedReader bufferedReader2 = new BufferedReader(new FileReader(this.bulkFedData));
                String localEntityId = getLocalEntityId(bufferedReader2.readLine());
                matchEntityId(bufferedReader2.readLine(), this.localEntityId);
                matchRole(bufferedReader2.readLine(), this.isIDP);
                validateSpec(bufferedReader2.readLine());
                for (String readLine = bufferedReader2.readLine(); readLine != null; readLine = bufferedReader2.readLine()) {
                    String trim = readLine.trim();
                    int length = trim.length();
                    if (length > 0) {
                        int indexOf = trim.indexOf(124);
                        if (indexOf == -1 || indexOf == 0 || indexOf == length - 1) {
                            throw new CLIException(MessageFormat.format(getResourceString("import-bulk-federation-data-incorrect-data-format"), trim), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
                        }
                        map.put(trim.substring(0, indexOf), trim.substring(indexOf + 1));
                    }
                }
                this.remoteEntityId = localEntityId;
                if (bufferedReader2 != null) {
                    try {
                        bufferedReader2.close();
                    } catch (IOException e) {
                    }
                }
            } catch (IOException e2) {
                throw new CLIException(e2.getMessage(), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    bufferedReader.close();
                } catch (IOException e3) {
                }
            }
            throw th;
        }
    }

    private String getLocalEntityId(String str) throws CLIException {
        if (str == null || !str.startsWith("#local:")) {
            throw new CLIException(getResourceString("import-bulk-federation-data-incorrect-file-format"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        }
        return str.substring("#local:".length());
    }

    private void matchEntityId(String str, String str2) throws CLIException {
        if (str == null || !str.startsWith("#remote:")) {
            throw new CLIException(getResourceString("import-bulk-federation-data-incorrect-file-format"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        }
        String substring = str.substring("#remote:".length());
        if (!str2.equals(substring)) {
            throw new CLIException(MessageFormat.format(getResourceString("import-bulk-federation-data-incorrect-entity-id"), substring), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        }
    }

    private void matchRole(String str, boolean z) throws CLIException {
        if (str == null || !str.startsWith("#role:")) {
            throw new CLIException(getResourceString("import-bulk-federation-data-incorrect-file-format"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        }
        if (z == str.substring("#role:".length()).equals("IDP")) {
            throw new CLIException(getResourceString("import-bulk-federation-data-incorrect-role"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        }
    }

    private void validateSpec(String str) throws CLIException {
        if (str == null || !str.startsWith("#specification:")) {
            throw new CLIException(getResourceString("import-bulk-federation-data-incorrect-file-format"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        }
        if (!this.spec.equals(str.substring("#specification:".length()))) {
            throw new CLIException(getResourceString("import-bulk-federation-data-incorrect-spec"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        }
    }

    private void idffFederateUser(String str, String str2) throws CLIException {
        try {
            AMIdentity identity = IdUtils.getIdentity(getAdminSSOToken(), str);
            FSAccountFedInfoKey fSAccountFedInfoKey = !this.isIDP ? new FSAccountFedInfoKey(this.localEntityId, str2) : new FSAccountFedInfoKey(this.remoteEntityId, str2);
            FSAccountFedInfo fSAccountFedInfo = this.isIDP ? new FSAccountFedInfo(this.remoteEntityId, new NameIdentifier(str2, this.remoteEntityId, "urn:liberty:iff:nameid:federated"), 0, false) : new FSAccountFedInfo(this.remoteEntityId, new NameIdentifier(str2, this.localEntityId, "urn:liberty:iff:nameid:federated"), 1, false);
            Map attributes = identity.getAttributes(BulkFederation.idffUserAttributesFed);
            Set set = (Set) attributes.get("iplanet-am-user-federation-info-key");
            if (set == null || set.isEmpty()) {
                set = new HashSet(2);
                attributes.put("iplanet-am-user-federation-info-key", set);
            }
            set.add(FSAccountUtils.objectToKeyString(fSAccountFedInfoKey));
            Set set2 = (Set) attributes.get("iplanet-am-user-federation-info");
            if (set2 == null || set2.isEmpty()) {
                set2 = new HashSet(2);
                attributes.put("iplanet-am-user-federation-info", set2);
            }
            set2.add(FSAccountUtils.objectToInfoString(fSAccountFedInfo));
            identity.setAttributes(attributes);
            identity.store();
        } catch (IdRepoException e) {
            debugError("ImportBulkFederationData.idffFederateUser", e);
            getOutputWriter().printlnError(e.getMessage());
        } catch (SAMLException e2) {
            debugError("ImportBulkFederationData.idffFederateUser", e2);
            throw new CLIException(MessageFormat.format(getResourceString("bulk-federation-cannot-federate"), str), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        } catch (SSOException e3) {
            debugError("ImportBulkFederationData.idffFederateUser", e3);
            getOutputWriter().printlnError(e3.getMessage());
        } catch (FSAccountMgmtException e4) {
            debugError("ImportBulkFederationData.idffFederateUser", e4);
            throw new CLIException(MessageFormat.format(getResourceString("import-bulk-federation-data-cannot-federate"), str), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        }
    }

    private void saml2FederateUser(String str, String str2) throws CLIException {
        try {
            AMIdentity identity = IdUtils.getIdentity(getAdminSSOToken(), str);
            NameID createNameID = AssertionFactory.getInstance().createNameID();
            createNameID.setFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
            if (this.isIDP) {
                createNameID.setNameQualifier(this.localEntityId);
                createNameID.setSPNameQualifier(this.remoteEntityId);
            } else {
                createNameID.setNameQualifier(this.remoteEntityId);
                createNameID.setSPNameQualifier(this.localEntityId);
            }
            createNameID.setValue(str2);
            String str3 = this.isIDP ? "IDPRole" : "SPRole";
            NameIDInfoKey nameIDInfoKey = new NameIDInfoKey(str2, this.localEntityId, this.remoteEntityId);
            NameIDInfo nameIDInfo = new NameIDInfo(this.localEntityId, this.remoteEntityId, createNameID, str3, true);
            Map attributes = identity.getAttributes(BulkFederation.saml2UserAttributesFed);
            Set set = (Set) attributes.get("iplanet-am-user-federation-info-key");
            if (set == null || set.isEmpty()) {
                set = new HashSet(2);
                attributes.put("sun-fm-saml2-nameid-infokey", set);
            }
            set.add(nameIDInfoKey.toValueString());
            Set set2 = (Set) attributes.get("iplanet-am-user-federation-info");
            if (set2 == null || set2.isEmpty()) {
                set2 = new HashSet(2);
                attributes.put("sun-fm-saml2-nameid-info", set2);
            }
            set2.add(nameIDInfo.toValueString());
            identity.setAttributes(attributes);
            identity.store();
        } catch (IdRepoException e) {
            debugError("ImportBulkFederationData.idffFederateUser", e);
            getOutputWriter().printlnError(e.getMessage());
        } catch (SSOException e2) {
            debugError("ImportBulkFederationData.idffFederateUser", e2);
            getOutputWriter().printlnError(e2.getMessage());
        } catch (SAML2Exception e3) {
            debugError("ImportBulkFederationData.idffFederateUser", e3);
            throw new CLIException(MessageFormat.format(getResourceString("import-bulk-federation-data-cannot-federate"), str), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
        }
    }
}
