package org.forgerock.openidm.provisioner.openicf.impl;

import java.io.File;
import java.io.FileFilter;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.lang.reflect.UndeclaredThrowableException;
import java.net.MalformedURLException;
import java.net.URISyntaxException;
import java.net.URL;
import java.net.URLClassLoader;
import java.net.URLDecoder;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Vector;
import java.util.jar.JarEntry;
import java.util.jar.JarInputStream;
import org.forgerock.json.JsonPointer;
import org.forgerock.json.JsonValue;
import org.forgerock.json.JsonValueException;
import org.forgerock.json.crypto.JsonCryptoException;
import org.forgerock.json.resource.BadRequestException;
import org.forgerock.json.resource.InternalServerErrorException;
import org.forgerock.json.resource.NotFoundException;
import org.forgerock.json.resource.ResourceException;
import org.forgerock.json.resource.ServiceUnavailableException;
import org.forgerock.openicf.framework.ConnectorFramework;
import org.forgerock.openicf.framework.ConnectorFrameworkFactory;
import org.forgerock.openicf.framework.async.AsyncConnectorInfoManager;
import org.forgerock.openicf.framework.client.RemoteWSFrameworkConnectionInfo;
import org.forgerock.openicf.framework.local.AsyncLocalConnectorInfoManager;
import org.forgerock.openicf.framework.remote.LoadBalancingAlgorithmFactory;
import org.forgerock.openicf.framework.remote.ReferenceCountedObject;
import org.forgerock.openidm.config.enhanced.EnhancedConfig;
import org.forgerock.openidm.core.IdentityServer;
import org.forgerock.openidm.crypto.CryptoService;
import org.forgerock.openidm.metadata.MetaDataProvider;
import org.forgerock.openidm.metadata.MetaDataProviderCallback;
import org.forgerock.openidm.metadata.WaitForMetaData;
import org.forgerock.openidm.provisioner.ConnectorConfigurationHelper;
import org.forgerock.openidm.provisioner.openicf.ConnectorInfoProvider;
import org.forgerock.openidm.provisioner.openicf.ConnectorReference;
import org.forgerock.openidm.provisioner.openicf.commons.ConnectorUtil;
import org.forgerock.openidm.util.Utils;
import org.forgerock.util.Pair;
import org.forgerock.util.promise.Promise;
import org.forgerock.util.promise.Promises;
import org.forgerock.util.promise.ResultHandler;
import org.identityconnectors.common.CollectionUtil;
import org.identityconnectors.common.ConnectorKeyRange;
import org.identityconnectors.common.StringUtil;
import org.identityconnectors.common.Version;
import org.identityconnectors.common.VersionRange;
import org.identityconnectors.common.security.GuardedByteArray;
import org.identityconnectors.common.security.GuardedString;
import org.identityconnectors.framework.api.APIConfiguration;
import org.identityconnectors.framework.api.ConfigurationProperties;
import org.identityconnectors.framework.api.ConfigurationProperty;
import org.identityconnectors.framework.api.ConnectorFacade;
import org.identityconnectors.framework.api.ConnectorInfo;
import org.identityconnectors.framework.api.ConnectorInfoManager;
import org.identityconnectors.framework.api.RemoteFrameworkConnectionInfo;
import org.identityconnectors.framework.api.operations.SchemaApiOp;
import org.identityconnectors.framework.api.operations.TestApiOp;
import org.identityconnectors.framework.common.FrameworkUtil;
import org.identityconnectors.framework.common.exceptions.ConfigurationException;
import org.identityconnectors.framework.common.exceptions.InvalidCredentialException;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.component.ComponentException;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferenceCardinality;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.osgi.service.component.propertytypes.ServiceDescription;
import org.osgi.service.component.propertytypes.ServiceVendor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ServiceVendor("Open Identity Platform Community")
@ServiceDescription("OpenICF Connector Info Service")
@Component(name = ConnectorInfoProviderService.PID, configurationPolicy = ConfigurationPolicy.OPTIONAL, immediate = true, property = {"service.pid=org.forgerock.openidm.provisioner.openicf.connectorinfoprovider"})
/* loaded from: input_file:org/forgerock/openidm/provisioner/openicf/impl/ConnectorInfoProviderService.class */
public class ConnectorInfoProviderService implements ConnectorInfoProvider, MetaDataProvider, ConnectorConfigurationHelper {
    private static final Logger logger = LoggerFactory.getLogger(ConnectorInfoProviderService.class);
    public static final String DEFAULT_CONNECTORS_LOCATION = "connectors";
    public static final String PROPERTY_OPENICF_CONNECTOR_URL = "connectorsLocation";
    public static final String PID = "org.forgerock.openidm.provisioner.openicf.connectorinfoprovider";
    private static final String SYSTEM_TYPE_OPENICF = "openicf";
    ReferenceCountedObject<ConnectorFramework>.Reference connectorFramework = null;
    private final Map<String, AsyncConnectorInfoManager> remoteFrameworkConnectionInfo = new HashMap();
    private final Map<Pair<String, Integer>, String> remoteLegacyManagerCache = new HashMap();
    private List<URL> connectorURLs = null;
    private ClassLoader bundleParentClassLoader = null;
    private final MetaDataProviderCallback[] callback = new MetaDataProviderCallback[1];
    private boolean isOSGiServiceInstance = false;

    @Reference(service = ConnectorFrameworkFactory.class, cardinality = ReferenceCardinality.MANDATORY, policy = ReferencePolicy.DYNAMIC)
    protected volatile ConnectorFrameworkFactory connectorFrameworkFactory = null;

    @Reference
    protected CryptoService cryptoService;

    @Reference(policy = ReferencePolicy.DYNAMIC)
    private volatile EnhancedConfig enhancedConfig;

    @Activate
    public void activate(ComponentContext componentContext) {
        logger.trace("Activating Service with configuration {}", componentContext.getProperties());
        JsonValue configurationAsJson = this.enhancedConfig.getConfigurationAsJson(componentContext);
        try {
            this.connectorFrameworkFactory.setDefaultConnectorBundleParentClassLoader(getBundleParentClassLoader());
        } catch (IllegalStateException e) {
            logger.trace("connectorFrameworkFactory has been acquired  before");
        }
        this.connectorFramework = this.connectorFrameworkFactory.acquire();
        try {
            initialiseLocalManager(configurationAsJson.get(PROPERTY_OPENICF_CONNECTOR_URL).defaultTo(DEFAULT_CONNECTORS_LOCATION).asString());
            JsonValue jsonValue = null;
            try {
                jsonValue = configurationAsJson.get(ConnectorUtil.OPENICF_REMOTE_CONNECTOR_SERVERS).expect(List.class);
                if (!jsonValue.isNull()) {
                    initialiseRemoteManager(jsonValue);
                }
                JsonValue jsonValue2 = null;
                try {
                    jsonValue2 = configurationAsJson.get(ConnectorUtil.OPENICF_REMOTE_CONNECTOR_GROUPS).expect(List.class);
                    if (jsonValue2.isNotNull()) {
                        initialiseGroups(jsonValue2);
                    }
                    this.isOSGiServiceInstance = true;
                    logger.info("ConnectorInfoProviderService with OpenICF {} is activated.", FrameworkUtil.getFrameworkVersion());
                } catch (JsonValueException e2) {
                    logger.error("Invalid configuration remoteConnectorServersGroups must be list or null. {}", jsonValue2, e2);
                    throw new ComponentException("Invalid configuration, service can not be started", e2);
                }
            } catch (JsonValueException e3) {
                logger.error("Invalid configuration remoteConnectorHosts must be list or null. {}", jsonValue, e3);
                throw new ComponentException("Invalid configuration, service can not be started", e3);
            }
        } catch (JsonValueException e4) {
            logger.error("Invalid configuration {}", configurationAsJson.getObject(), e4);
            throw new ComponentException("Invalid configuration, service can not be started", e4);
        }
    }

    protected void initialiseRemoteManager(JsonValue jsonValue) throws JsonValueException {
        logger.debug("Initialising remote managers");
        Iterator it = jsonValue.iterator();
        while (it.hasNext()) {
            JsonValue jsonValue2 = (JsonValue) it.next();
            try {
                RemoteFrameworkConnectionInfo remoteFrameworkConnectionInfo = ConnectorUtil.getRemoteFrameworkConnectionInfo(jsonValue2.expect(Map.class));
                String asString = jsonValue2.get("name").required().asString();
                if (StringUtil.isNotBlank(asString)) {
                    if (jsonValue2.expect(Map.class).isDefined("protocol") && "websocket".equalsIgnoreCase(jsonValue2.get("protocol").asString())) {
                        logger.debug("Initialising {} with websocket", asString);
                        this.remoteFrameworkConnectionInfo.put(asString, ((ConnectorFramework) this.connectorFramework.get()).getRemoteManager(RemoteWSFrameworkConnectionInfo.newBuilderFrom(remoteFrameworkConnectionInfo).build()));
                    } else {
                        logger.debug("Initialising {}", asString);
                        this.remoteFrameworkConnectionInfo.put(asString, ((ConnectorFramework) this.connectorFramework.get()).getRemoteManager(remoteFrameworkConnectionInfo));
                    }
                    this.remoteLegacyManagerCache.put(Pair.of(remoteFrameworkConnectionInfo.getHost().toLowerCase(Locale.ENGLISH), Integer.valueOf(remoteFrameworkConnectionInfo.getPort())), asString);
                } else {
                    logger.error("RemoteFrameworkConnectionInfo has no name");
                }
            } catch (IllegalArgumentException e) {
                logger.error("RemoteFrameworkConnectionInfo can not be read", e);
            }
        }
    }

    protected void initialiseGroups(JsonValue jsonValue) throws JsonValueException {
        logger.debug("Initialising remote connector groups");
        Iterator it = jsonValue.iterator();
        while (it.hasNext()) {
            JsonValue jsonValue2 = (JsonValue) it.next();
            try {
                LoadBalancingAlgorithmFactory loadBalancingInfo = ConnectorUtil.getLoadBalancingInfo(jsonValue2.expect(Map.class), this.remoteFrameworkConnectionInfo);
                String asString = jsonValue2.get("name").required().asString();
                logger.debug("Initialising {}", asString);
                this.remoteFrameworkConnectionInfo.put(asString, ((ConnectorFramework) this.connectorFramework.get()).getRemoteManager(loadBalancingInfo));
            } catch (IllegalArgumentException e) {
                logger.error("RemoteFrameworkConnectionInfo can not be read", e);
            }
        }
    }

    protected void initialiseLocalManager(String str) {
        try {
            String decode = URLDecoder.decode(str, "UTF-8");
            logger.debug("Using connectors from [{}]", decode);
            File fileForInstallPath = IdentityServer.getFileForInstallPath(decode);
            if (!fileForInstallPath.exists()) {
                String absolutePath = fileForInstallPath.getAbsolutePath();
                if (!absolutePath.endsWith(File.separator)) {
                    fileForInstallPath = new File(absolutePath.concat(File.separator));
                }
            }
            if (fileForInstallPath.exists()) {
                try {
                    logger.debug("Looking for connectors in {} directory.", fileForInstallPath.getAbsoluteFile().toURI().toURL());
                    AsyncLocalConnectorInfoManager localManager = ((ConnectorFramework) this.connectorFramework.get()).getLocalManager();
                    Iterator<URL> it = getConnectorURLs(fileForInstallPath.getAbsoluteFile().toURI().toURL()).iterator();
                    while (it.hasNext()) {
                        localManager.addConnectorBundle(new URL[]{it.next()});
                    }
                } catch (MalformedURLException e) {
                    logger.error("How can this happen?", e);
                }
            } else {
                logger.error("Configuration area [{}] does not exist. Unable to load connectors.", fileForInstallPath.getAbsolutePath());
            }
        } catch (UnsupportedEncodingException e2) {
            throw new UndeclaredThrowableException(e2);
        } catch (Exception e3) {
            logger.error("LocalManager initialisation for {} failed.", str, e3);
            throw new ComponentException("LocalManager initialisation failed.", e3);
        }
    }

    @Deactivate
    public void deactivate(ComponentContext componentContext) {
        logger.trace("Deactivating Component: {}", componentContext.getProperties().get("component.name"));
        this.remoteFrameworkConnectionInfo.clear();
        this.remoteLegacyManagerCache.clear();
        this.connectorFramework.release();
        logger.info("ConnectorInfoProviderService is deactivated.");
    }

    public String getProvisionerType() {
        return SYSTEM_TYPE_OPENICF;
    }

    private boolean isGenerateConnectorCoreConfig(JsonValue jsonValue) {
        return !jsonValue.get(ConnectorUtil.OPENICF_CONNECTOR_REF).isNull() && jsonValue.get(ConnectorUtil.OPENICF_CONFIGURATION_PROPERTIES).isNull();
    }

    private boolean isGenerateFullConfig(JsonValue jsonValue) {
        return (jsonValue.get(ConnectorUtil.OPENICF_CONNECTOR_REF).isNull() || jsonValue.get(ConnectorUtil.OPENICF_CONFIGURATION_PROPERTIES).isNull()) ? false : true;
    }

    public JsonValue getAvailableConnectors() throws ResourceException {
        try {
            return JsonValue.json(JsonValue.object(new Map.Entry[]{JsonValue.field(ConnectorUtil.OPENICF_CONNECTOR_REF, listAllConnectorInfo())}));
        } catch (JsonValueException e) {
            throw new BadRequestException(e.getMessage(), e);
        }
    }

    public JsonValue generateConnectorCoreConfig(JsonValue jsonValue) throws ResourceException {
        if (!isGenerateConnectorCoreConfig(jsonValue)) {
            return new JsonValue(new HashMap());
        }
        try {
            ConnectorReference connectorReference = ConnectorUtil.getConnectorReference(jsonValue);
            ConnectorInfo findConnectorInfo = findConnectorInfo(connectorReference);
            if (null == findConnectorInfo) {
                throw new NotFoundException("Connector not found: " + connectorReference.getConnectorKey());
            }
            return ConnectorUtil.createSystemConfigurationFromAPIConfiguration(findConnectorInfo.createDefaultAPIConfiguration(), jsonValue.copy(), this.cryptoService);
        } catch (JsonValueException e) {
            throw new BadRequestException(e.getMessage(), e);
        } catch (JsonCryptoException e2) {
            throw new InternalServerErrorException(e2);
        } catch (IllegalArgumentException e3) {
            throw new BadRequestException(e3.getMessage(), e3);
        }
    }

    public JsonValue generateConnectorFullConfig(JsonValue jsonValue) throws ResourceException {
        if (!isGenerateFullConfig(jsonValue)) {
            return new JsonValue(new HashMap());
        }
        try {
            ConnectorReference connectorReference = ConnectorUtil.getConnectorReference(jsonValue);
            ConnectorInfo findConnectorInfo = findConnectorInfo(connectorReference);
            if (null == findConnectorInfo) {
                throw new NotFoundException("Connector not found: " + connectorReference.getConnectorKey());
            }
            APIConfiguration createDefaultAPIConfiguration = findConnectorInfo.createDefaultAPIConfiguration();
            ConnectorUtil.configureDefaultAPIConfiguration(jsonValue, createDefaultAPIConfiguration, this.cryptoService);
            return new JsonValue(createSystemConfiguration(connectorReference, createDefaultAPIConfiguration));
        } catch (IllegalArgumentException e) {
            throw new BadRequestException(e.getMessage(), e);
        } catch (JsonValueException e2) {
            throw new BadRequestException(e2.getMessage(), e2);
        }
    }

    public Map<String, Object> test(JsonValue jsonValue) throws ResourceException {
        JsonValue json = JsonValue.json(JsonValue.object(new Map.Entry[0]));
        json.put("ok", false);
        json.put("name", jsonValue.get("name").required().asString());
        jsonValue.get(ConnectorUtil.OPENICF_CONNECTOR_REF).required();
        jsonValue.get(ConnectorUtil.OPENICF_CONFIGURATION_PROPERTIES).required();
        try {
            ConnectorReference connectorReference = ConnectorUtil.getConnectorReference(jsonValue);
            ConnectorInfo findConnectorInfo = findConnectorInfo(connectorReference);
            if (null != findConnectorInfo) {
                APIConfiguration createDefaultAPIConfiguration = findConnectorInfo.createDefaultAPIConfiguration();
                ConnectorUtil.configureDefaultAPIConfiguration(jsonValue, createDefaultAPIConfiguration, this.cryptoService);
                ConnectorFacade newInstance = ((ConnectorFramework) this.connectorFramework.get()).newInstance(createDefaultAPIConfiguration);
                if (newInstance.getSupportedOperations().contains(TestApiOp.class)) {
                    try {
                        newInstance.test();
                        json.put("ok", true);
                    } catch (UnsupportedOperationException e) {
                        json.put("reason", "TEST UnsupportedOperation");
                        json.put("ok", true);
                    } catch (Exception e2) {
                        json.put("error", e2.toString());
                    }
                } else {
                    json.put("reason", "OpenICF connector of " + connectorReference + " does not support test.");
                    json.put("ok", true);
                }
            } else if (connectorReference.getConnectorLocation().equals(ConnectorReference.ConnectorLocation.LOCAL)) {
                json.put("error", "OpenICF ConnectorInfo can not be loaded for " + connectorReference + " from #LOCAL");
            } else {
                json.put("error", "OpenICF ConnectorInfo for " + connectorReference + " is not available yet.");
            }
            return json.asMap();
        } catch (JsonValueException e3) {
            json.put("error", "OpenICF Provisioner Service jsonConfiguration has errors: " + e3.getMessage());
            return json.asMap();
        }
    }

    @Override // org.forgerock.openidm.provisioner.openicf.ConnectorInfoProvider
    public ConnectorInfo findConnectorInfo(ConnectorReference connectorReference) {
        return getConnectorInfo(connectorReference, getConnectorInfoManager(connectorReference));
    }

    @Override // org.forgerock.openidm.provisioner.openicf.ConnectorInfoProvider
    public Promise<ConnectorInfo, RuntimeException> findConnectorInfoAsync(ConnectorReference connectorReference) {
        AsyncConnectorInfoManager connectorInfoManager = getConnectorInfoManager(connectorReference);
        return null != connectorInfoManager ? connectorInfoManager.findConnectorInfoAsync(ConnectorKeyRange.newBuilder().setBundleName(connectorReference.getConnectorKey().getBundleName()).setBundleVersion(connectorReference.getConnectorKey().getBundleVersion()).setConnectorName(connectorReference.getConnectorKey().getConnectorName()).build()) : Promises.newExceptionPromise(new ConfigurationException("Unknown ConnectorInfoManager"));
    }

    @Override // org.forgerock.openidm.provisioner.openicf.ConnectorInfoProvider
    public ConnectorFacade createConnectorFacade(APIConfiguration aPIConfiguration) {
        if (aPIConfiguration != null) {
            return ((ConnectorFramework) this.connectorFramework.get()).newInstance(aPIConfiguration);
        }
        return null;
    }

    private AsyncConnectorInfoManager getConnectorInfoManager(ConnectorReference connectorReference) {
        AsyncLocalConnectorInfoManager asyncLocalConnectorInfoManager = null;
        switch (connectorReference.getConnectorLocation()) {
            case LOCAL:
                asyncLocalConnectorInfoManager = ((ConnectorFramework) this.connectorFramework.get()).getLocalManager();
                break;
            case OSGI:
                asyncLocalConnectorInfoManager = ((ConnectorFramework) this.connectorFramework.get()).isOSGiEnabled() ? ((ConnectorFramework) this.connectorFramework.get()).getOSGiConnectorInfoManager() : null;
                break;
            case REMOTE:
                asyncLocalConnectorInfoManager = (AsyncConnectorInfoManager) this.remoteFrameworkConnectionInfo.get(connectorReference.getConnectorHost());
                break;
        }
        return asyncLocalConnectorInfoManager;
    }

    private ConnectorInfo getConnectorInfo(ConnectorReference connectorReference, ConnectorInfoManager connectorInfoManager) {
        ConnectorInfo connectorInfo = null;
        if (null != connectorInfoManager) {
            try {
                if (connectorReference.getConnectorKey().getBundleVersion().indexOf(44) > 1) {
                    VersionRange parse = VersionRange.parse(connectorReference.getConnectorKey().getBundleVersion());
                    Version version = null;
                    for (ConnectorInfo connectorInfo2 : connectorInfoManager.getConnectorInfos()) {
                        if (connectorReference.getConnectorKey().getBundleName().equals(connectorInfo2.getConnectorKey().getBundleName()) && connectorReference.getConnectorKey().getConnectorName().equals(connectorInfo2.getConnectorKey().getConnectorName())) {
                            Version parse2 = Version.parse(connectorInfo2.getConnectorKey().getBundleVersion());
                            if (parse.isInRange(parse2)) {
                                logger.trace("Version {} is in range of {}", connectorInfo2.getConnectorKey().getBundleVersion(), connectorReference.getConnectorKey().getBundleVersion());
                                if (null == version || parse2.compareTo(version) > 0) {
                                    connectorInfo = connectorInfo2;
                                    version = parse2;
                                }
                            }
                        }
                    }
                } else {
                    connectorInfo = connectorInfoManager.findConnectorInfo(connectorReference.getConnectorKey());
                }
            } catch (Exception e) {
                logger.error("Can not find ConnectorInfo for {}", connectorReference, e);
            }
        }
        return connectorInfo;
    }

    @Override // org.forgerock.openidm.provisioner.openicf.ConnectorInfoProvider
    public List<ConnectorInfo> getAllConnectorInfo() {
        ConnectorFramework connectorFramework = (ConnectorFramework) this.connectorFramework.get();
        ArrayList arrayList = new ArrayList(connectorFramework.getLocalManager().getConnectorInfos());
        if (connectorFramework.isOSGiEnabled()) {
            arrayList.addAll(connectorFramework.getOSGiConnectorInfoManager().getConnectorInfos());
        }
        for (AsyncConnectorInfoManager asyncConnectorInfoManager : this.remoteFrameworkConnectionInfo.values()) {
            try {
                arrayList.addAll(asyncConnectorInfoManager.getConnectorInfos());
            } catch (Exception e) {
                logger.error("Remote Connector Server is not available for {}", asyncConnectorInfoManager, e);
            }
        }
        return Collections.unmodifiableList(arrayList);
    }

    private List<Map<String, Object>> listAllConnectorInfo() {
        ConnectorFramework connectorFramework = (ConnectorFramework) this.connectorFramework.get();
        ArrayList arrayList = new ArrayList();
        for (ConnectorInfo connectorInfo : connectorFramework.getLocalManager().getConnectorInfos()) {
            Map<String, Object> connectorKey = ConnectorUtil.getConnectorKey(connectorInfo.getConnectorKey());
            connectorKey.put("displayName", connectorInfo.getConnectorDisplayName());
            arrayList.add(connectorKey);
        }
        if (connectorFramework.isOSGiEnabled()) {
            for (ConnectorInfo connectorInfo2 : connectorFramework.getOSGiConnectorInfoManager().getConnectorInfos()) {
                Map<String, Object> connectorKey2 = ConnectorUtil.getConnectorKey(connectorInfo2.getConnectorKey());
                connectorKey2.put("displayName", connectorInfo2.getConnectorDisplayName());
                connectorKey2.put(ConnectorUtil.OPENICF_CONNECTOR_HOST_REF, ConnectorReference.OSGI_SERVICE_CONNECTOR_MANAGER);
                arrayList.add(connectorKey2);
            }
        }
        for (Map.Entry<String, AsyncConnectorInfoManager> entry : this.remoteFrameworkConnectionInfo.entrySet()) {
            try {
                for (ConnectorInfo connectorInfo3 : entry.getValue().getConnectorInfos()) {
                    Map<String, Object> connectorKey3 = ConnectorUtil.getConnectorKey(connectorInfo3.getConnectorKey());
                    connectorKey3.put("displayName", connectorInfo3.getConnectorDisplayName());
                    connectorKey3.put(ConnectorUtil.OPENICF_CONNECTOR_HOST_REF, entry.getKey());
                    arrayList.add(connectorKey3);
                }
            } catch (Exception e) {
                logger.error("Remote Connector Server is not available for {}", entry, e);
            }
        }
        return Collections.unmodifiableList(arrayList);
    }

    @Override // org.forgerock.openidm.provisioner.openicf.ConnectorInfoProvider
    public void testConnector(APIConfiguration aPIConfiguration) throws ResourceException {
        try {
            ConnectorFacade newInstance = ((ConnectorFramework) this.connectorFramework.get()).newInstance(aPIConfiguration);
            if (null != newInstance) {
                TestApiOp operation = newInstance.getOperation(TestApiOp.class);
                if (null == operation) {
                    return;
                } else {
                    operation.test();
                }
            }
            throw new ServiceUnavailableException("ConnectorFacade can not be initialised");
        } catch (Exception e) {
            throw Utils.adapt(e);
        }
    }

    @Override // org.forgerock.openidm.provisioner.openicf.ConnectorInfoProvider
    public JsonValue createSystemConfiguration(ConnectorReference connectorReference, APIConfiguration aPIConfiguration) throws ResourceException {
        ConnectorFacade newInstance = ((ConnectorFramework) this.connectorFramework.get()).newInstance(aPIConfiguration);
        if (null == newInstance) {
            throw new UnsupportedOperationException("ConnectorFacade can not be initialised");
        }
        JsonValue jsonValue = new JsonValue(new LinkedHashMap());
        ConnectorUtil.setConnectorReference(connectorReference, jsonValue);
        try {
            ConnectorUtil.createSystemConfigurationFromAPIConfiguration(aPIConfiguration, jsonValue, this.cryptoService);
            if (newInstance.getSupportedOperations().contains(TestApiOp.class)) {
                newInstance.test();
            }
            setSchema(newInstance, jsonValue);
            return jsonValue;
        } catch (JsonCryptoException e) {
            logger.debug("Error decrypting configuration", e);
            throw new InternalServerErrorException(e);
        }
    }

    private void setSchema(ConnectorFacade connectorFacade, JsonValue jsonValue) {
        try {
            if (connectorFacade.getSupportedOperations().contains(SchemaApiOp.class)) {
                ConnectorUtil.setObjectAndOperationConfiguration(connectorFacade.schema(), jsonValue);
            }
        } catch (InvalidCredentialException e) {
            logger.debug("Could not connect to retrieve resource schema. Provisioner creation is incomplete.", e);
        }
    }

    public List<JsonPointer> getPropertiesToEncrypt(String str, String str2, JsonValue jsonValue) throws WaitForMetaData {
        ArrayList arrayList = null;
        if (null != str && null != jsonValue) {
            if (PID.equals(str)) {
                try {
                    JsonValue expect = jsonValue.get(ConnectorUtil.OPENICF_REMOTE_CONNECTOR_SERVERS).expect(List.class);
                    if (!expect.isNull()) {
                        arrayList = new ArrayList(expect.size());
                        Iterator it = expect.iterator();
                        while (it.hasNext()) {
                            arrayList.add(((JsonValue) it.next()).get(ConnectorUtil.OPENICF_KEY).getPointer());
                        }
                    }
                } catch (JsonValueException e) {
                    logger.error("Invalid configuration remoteConnectorHosts must be list or null.", e);
                }
            } else if (OpenICFProvisionerService.PID.equals(str)) {
                if (!this.isOSGiServiceInstance) {
                    throw new WaitForMetaData("Wait for the MetaDataProvider service newBuilder");
                }
                try {
                    ConnectorReference connectorReference = ConnectorUtil.getConnectorReference(jsonValue);
                    ConnectorInfo findConnectorInfo = findConnectorInfo(connectorReference);
                    if (null == findConnectorInfo) {
                        AsyncConnectorInfoManager connectorInfoManager = getConnectorInfoManager(connectorReference);
                        if (connectorInfoManager == null) {
                            throw new WaitForMetaData("ConnectorInfo is not available");
                        }
                        connectorInfoManager.findConnectorInfoAsync(ConnectorKeyRange.newBuilder().setBundleName(connectorReference.getConnectorKey().getBundleName()).setBundleVersion(connectorReference.getConnectorKey().getBundleVersion()).setConnectorName(connectorReference.getConnectorKey().getConnectorName()).build()).thenOnResult(new ResultHandler<ConnectorInfo>() { // from class: org.forgerock.openidm.provisioner.openicf.impl.ConnectorInfoProviderService.1
                            public void handleResult(ConnectorInfo connectorInfo) {
                                ConnectorInfoProviderService.this.callback[0].refresh();
                            }
                        });
                        throw new WaitForMetaData("ConnectorInfo is not available");
                    }
                    ConfigurationProperties configurationProperties = findConnectorInfo.createDefaultAPIConfiguration().getConfigurationProperties();
                    if (null == configurationProperties) {
                        throw new WaitForMetaData(str);
                    }
                    JsonPointer jsonPointer = new JsonPointer(ConnectorUtil.OPENICF_CONFIGURATION_PROPERTIES);
                    arrayList = new ArrayList(configurationProperties.getPropertyNames().size());
                    for (String str3 : configurationProperties.getPropertyNames()) {
                        ConfigurationProperty property = configurationProperties.getProperty(str3);
                        if (property.isConfidential() || property.getType().equals(GuardedString.class) || property.getType().equals(GuardedByteArray.class)) {
                            arrayList.add(jsonPointer.child(str3));
                        }
                    }
                } catch (RuntimeException e2) {
                    logger.error("Failed to parse the config of {}-{}: {}", new Object[]{str, str2, e2.getMessage()}, e2);
                    throw e2;
                }
            }
        }
        return arrayList;
    }

    private ClassLoader getBundleParentClassLoader() {
        if (null == this.bundleParentClassLoader) {
            ArrayList arrayList = null;
            File fileForInstallPath = IdentityServer.getFileForInstallPath("classes/");
            if (fileForInstallPath.isDirectory()) {
                arrayList = new ArrayList();
                arrayList.add(fileForInstallPath);
            } else {
                logger.trace("BundleParentClassLoader does not use classes from {}", fileForInstallPath.getAbsolutePath());
            }
            File fileForInstallPath2 = IdentityServer.getFileForInstallPath("lib");
            if (fileForInstallPath2.isDirectory()) {
                File[] listFiles = fileForInstallPath2.listFiles(new FileFilter() { // from class: org.forgerock.openidm.provisioner.openicf.impl.ConnectorInfoProviderService.2
                    @Override // java.io.FileFilter
                    public boolean accept(File file) {
                        return file.getName().endsWith(".jar");
                    }
                });
                for (File file : listFiles) {
                    if (null == arrayList) {
                        arrayList = new ArrayList(listFiles.length);
                    }
                    arrayList.add(file);
                }
            } else {
                logger.trace("BundleParentClassLoader does not use lib from {}", fileForInstallPath2.getAbsolutePath());
            }
            if (null != arrayList) {
                URL[] urlArr = new URL[arrayList.size()];
                for (int i = 0; i < urlArr.length; i++) {
                    try {
                        urlArr[i] = ((File) arrayList.get(i)).toURI().toURL();
                        logger.trace("Add URL to bundle parent classloader: {}", urlArr[i]);
                    } catch (MalformedURLException e) {
                        if (logger.isDebugEnabled()) {
                            logger.error("Failed toURL on File: {}", ((File) arrayList.get(i)).getAbsolutePath(), e);
                        }
                    }
                }
                this.bundleParentClassLoader = new URLClassLoader(urlArr, FrameworkUtil.class.getClassLoader());
            } else {
                this.bundleParentClassLoader = FrameworkUtil.class.getClassLoader();
            }
        }
        return this.bundleParentClassLoader;
    }

    private List<URL> getConnectorURLs(URL... urlArr) {
        if (null == this.connectorURLs) {
            ArrayList arrayList = new ArrayList();
            for (URL url : urlArr) {
                try {
                    Vector<URL> vector = null;
                    if ("file".equals(url.getProtocol())) {
                        File file = new File(url.toURI());
                        if (file.isDirectory()) {
                            File[] listFiles = file.listFiles(new FileFilter() { // from class: org.forgerock.openidm.provisioner.openicf.impl.ConnectorInfoProviderService.3
                                @Override // java.io.FileFilter
                                public boolean accept(File file2) {
                                    return (file2.isDirectory() && new File(file2.getPath(), "META-INF/MANIFEST.MF").isFile()) || file2.getName().endsWith(".jar");
                                }
                            });
                            vector = new Vector<>(listFiles.length);
                            for (File file2 : listFiles) {
                                String name = file2.getName();
                                logger.trace("Load Connector Bundle: {}", name);
                                vector.add(new URL(url, name));
                            }
                        }
                    } else if ("jar".equals(url.getProtocol()) || "wsjar".equals(url.getProtocol())) {
                        vector = getJarFileListing(url, "^META-INF/connectors/(.*).jar$");
                    } else {
                        logger.info("Local connector support disabled.  No support for bundle URLs with protocol {}", url.getProtocol());
                    }
                    if (vector == null || vector.size() == 0) {
                        logger.info("No local connector bundles found within {}", url);
                    }
                    if (null != vector) {
                        arrayList.addAll(vector);
                    }
                } catch (IOException e) {
                    logger.error("XXX", e);
                } catch (URISyntaxException e2) {
                    logger.error("URL newBuilder does not comply with RFC 2396", e2);
                }
            }
            if (logger.isDebugEnabled()) {
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    logger.debug("Connector URL: {}", (URL) it.next());
                }
            }
            this.connectorURLs = CollectionUtil.newReadOnlyList(arrayList);
        }
        return this.connectorURLs;
    }

    private static Vector<URL> getJarFileListing(URL url, String str) {
        JarEntry nextJarEntry;
        Vector<URL> vector = new Vector<>();
        if (url == null) {
            return vector;
        }
        try {
            JarInputStream jarInputStream = new JarInputStream(new FileInputStream(url.getPath().substring(5, url.getPath().indexOf("!"))));
            do {
                nextJarEntry = jarInputStream.getNextJarEntry();
                if (nextJarEntry != null) {
                    String name = nextJarEntry.getName();
                    if (str == null || name.matches(str)) {
                        vector.add(new URL(url, name.replace(DEFAULT_CONNECTORS_LOCATION, "")));
                    }
                }
            } while (nextJarEntry != null);
            jarInputStream.close();
            return vector;
        } catch (IOException e) {
            throw new RuntimeException("Unable to get Jar input stream from '" + url + "'", e);
        }
    }

    public void setCallback(MetaDataProviderCallback metaDataProviderCallback) {
        this.callback[0] = metaDataProviderCallback;
    }

    protected void bindConnectorFrameworkFactory(ConnectorFrameworkFactory connectorFrameworkFactory) {
        this.connectorFrameworkFactory = connectorFrameworkFactory;
    }

    protected void unbindConnectorFrameworkFactory(ConnectorFrameworkFactory connectorFrameworkFactory) {
        if (this.connectorFrameworkFactory == connectorFrameworkFactory) {
            this.connectorFrameworkFactory = null;
        }
    }

    protected void bindCryptoService(CryptoService cryptoService) {
        this.cryptoService = cryptoService;
    }

    protected void unbindCryptoService(CryptoService cryptoService) {
        if (this.cryptoService == cryptoService) {
            this.cryptoService = null;
        }
    }

    protected void bindEnhancedConfig(EnhancedConfig enhancedConfig) {
        this.enhancedConfig = enhancedConfig;
    }

    protected void unbindEnhancedConfig(EnhancedConfig enhancedConfig) {
        if (this.enhancedConfig == enhancedConfig) {
            this.enhancedConfig = null;
        }
    }
}
