package org.usergrid.management.cassandra;

import com.google.common.collect.BiMap;
import com.google.common.collect.HashBiMap;
import com.mongodb.util.TimeConstants;
import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.config.DefaultClientConfig;
import com.sun.jersey.api.json.JSONConfiguration;
import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.UUID;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.text.StrSubstitutor;
import org.apache.shiro.UnavailableSecurityManagerException;
import org.codehaus.jackson.util.MinimalPrettyPrinter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.usergrid.locking.Lock;
import org.usergrid.locking.LockHelper;
import org.usergrid.locking.LockManager;
import org.usergrid.management.AccountCreationProps;
import org.usergrid.management.ActivationState;
import org.usergrid.management.ApplicationInfo;
import org.usergrid.management.ManagementService;
import org.usergrid.management.OrganizationInfo;
import org.usergrid.management.OrganizationOwnerInfo;
import org.usergrid.management.UserInfo;
import org.usergrid.management.exceptions.DisabledAdminUserException;
import org.usergrid.management.exceptions.DisabledAppUserException;
import org.usergrid.management.exceptions.IncorrectPasswordException;
import org.usergrid.management.exceptions.ManagementException;
import org.usergrid.management.exceptions.UnableToLeaveOrganizationException;
import org.usergrid.management.exceptions.UnactivatedAdminUserException;
import org.usergrid.management.exceptions.UnactivatedAppUserException;
import org.usergrid.persistence.CredentialsInfo;
import org.usergrid.persistence.Entity;
import org.usergrid.persistence.EntityManager;
import org.usergrid.persistence.EntityManagerFactory;
import org.usergrid.persistence.EntityRef;
import org.usergrid.persistence.Identifier;
import org.usergrid.persistence.Query;
import org.usergrid.persistence.Results;
import org.usergrid.persistence.Schema;
import org.usergrid.persistence.SimpleEntityRef;
import org.usergrid.persistence.cassandra.CassandraService;
import org.usergrid.persistence.entities.Activity;
import org.usergrid.persistence.entities.Application;
import org.usergrid.persistence.entities.Group;
import org.usergrid.persistence.entities.User;
import org.usergrid.persistence.exceptions.DuplicateUniquePropertyExistsException;
import org.usergrid.persistence.exceptions.EntityNotFoundException;
import org.usergrid.security.AuthPrincipalInfo;
import org.usergrid.security.AuthPrincipalType;
import org.usergrid.security.crypto.EncryptionService;
import org.usergrid.security.oauth.AccessInfo;
import org.usergrid.security.oauth.ClientCredentialsInfo;
import org.usergrid.security.salt.SaltProvider;
import org.usergrid.security.shiro.PrincipalCredentialsToken;
import org.usergrid.security.shiro.credentials.ApplicationClientCredentials;
import org.usergrid.security.shiro.credentials.OrganizationClientCredentials;
import org.usergrid.security.shiro.principals.ApplicationPrincipal;
import org.usergrid.security.shiro.principals.OrganizationPrincipal;
import org.usergrid.security.shiro.utils.SubjectUtils;
import org.usergrid.security.tokens.TokenCategory;
import org.usergrid.security.tokens.TokenInfo;
import org.usergrid.security.tokens.TokenService;
import org.usergrid.security.tokens.exceptions.BadTokenException;
import org.usergrid.security.tokens.exceptions.TokenException;
import org.usergrid.services.ServiceAction;
import org.usergrid.services.ServiceManager;
import org.usergrid.services.ServiceManagerFactory;
import org.usergrid.services.ServiceParameter;
import org.usergrid.services.ServicePayload;
import org.usergrid.services.ServiceResults;
import org.usergrid.utils.ConversionUtils;
import org.usergrid.utils.JsonUtils;
import org.usergrid.utils.ListUtils;
import org.usergrid.utils.MailUtils;
import org.usergrid.utils.MapUtils;
import org.usergrid.utils.PasswordUtils;

/* JADX WARN: Classes with same name are omitted:
  input_file:usergrid-services-0.0.15.jar:org/usergrid/management/cassandra/ManagementServiceImpl.class
 */
/* loaded from: input_file:usergrid-standalone-0.0.15.jar:usergrid-services-0.0.15.jar:org/usergrid/management/cassandra/ManagementServiceImpl.class */
public class ManagementServiceImpl implements ManagementService {
    protected static final String USER_PIN = "pin";
    protected static final String USER_TOKEN = "secret";
    protected static final String USER_MONGO_PASSWORD = "mongo_pwd";
    protected static final String USER_PASSWORD = "password";
    private static final String TOKEN_TYPE_ACTIVATION = "activate";
    private static final String TOKEN_TYPE_PASSWORD_RESET = "resetpw";
    private static final String TOKEN_TYPE_CONFIRM = "confirm";
    public static final String MANAGEMENT_APPLICATION = "management";
    public static final String APPLICATION_INFO = "application_info";
    private static final Logger logger = LoggerFactory.getLogger(ManagementServiceImpl.class);
    public static final String OAUTH_SECRET_SALT = "super secret oauth value";
    protected ServiceManagerFactory smf;
    protected EntityManagerFactory emf;
    protected AccountCreationPropsImpl properties;
    protected LockManager lockManager;
    protected TokenService tokens;
    protected SaltProvider saltProvider;

    @Autowired
    protected MailUtils mailUtils;
    protected EncryptionService encryptionService;

    @Autowired
    public void setEntityManagerFactory(EntityManagerFactory entityManagerFactory) {
        logger.info("ManagementServiceImpl.setEntityManagerFactory");
        this.emf = entityManagerFactory;
    }

    @Autowired
    public void setProperties(Properties properties) {
        this.properties = new AccountCreationPropsImpl(properties);
    }

    @Autowired
    public void setTokenService(TokenService tokenService) {
        this.tokens = tokenService;
    }

    @Autowired
    public void setServiceManagerFactory(ServiceManagerFactory serviceManagerFactory) {
        this.smf = serviceManagerFactory;
    }

    public LockManager getLockManager() {
        return this.lockManager;
    }

    @Autowired
    public void setLockManager(LockManager lockManager) {
        this.lockManager = lockManager;
    }

    @Autowired
    public void setEncryptionService(EncryptionService encryptionService) {
        this.encryptionService = encryptionService;
    }

    @Override // org.usergrid.management.ManagementService
    public void setup() throws Exception {
        if (Boolean.parseBoolean(this.properties.getProperty(AccountCreationProps.PROPERTIES_SETUP_TEST_ACCOUNT))) {
            String property = this.properties.getProperty(AccountCreationProps.PROPERTIES_TEST_ACCOUNT_APP);
            String property2 = this.properties.getProperty(AccountCreationProps.PROPERTIES_TEST_ACCOUNT_ORGANIZATION);
            String property3 = this.properties.getProperty(AccountCreationProps.PROPERTIES_TEST_ACCOUNT_ADMIN_USER_USERNAME);
            String property4 = this.properties.getProperty(AccountCreationProps.PROPERTIES_TEST_ACCOUNT_ADMIN_USER_NAME);
            String property5 = this.properties.getProperty(AccountCreationProps.PROPERTIES_TEST_ACCOUNT_ADMIN_USER_EMAIL);
            String property6 = this.properties.getProperty(AccountCreationProps.PROPERTIES_TEST_ACCOUNT_ADMIN_USER_PASSWORD);
            if (ListUtils.anyNull(property, property2, property3, property4, property5, property6)) {
                logger.warn("Missing values for test app, check properties.  Skipping test app setup...");
                return;
            }
            createApplication(createOwnerAndOrganization(property2, property3, property4, property5, property6, true, false).getOrganization().getUuid(), property);
        } else {
            logger.warn("Test app creation disabled");
        }
        if (superuserEnabled()) {
            provisionSuperuser();
        }
    }

    public boolean superuserEnabled() {
        return Boolean.parseBoolean(this.properties.getProperty(AccountCreationProps.PROPERTIES_SYSADMIN_LOGIN_ALLOWED)) && !ListUtils.anyNull(this.properties.getProperty(AccountCreationProps.PROPERTIES_SYSADMIN_LOGIN_NAME), this.properties.getProperty(AccountCreationProps.PROPERTIES_SYSADMIN_LOGIN_EMAIL), this.properties.getProperty(AccountCreationProps.PROPERTIES_SYSADMIN_LOGIN_PASSWORD));
    }

    @Override // org.usergrid.management.ManagementService
    public void provisionSuperuser() throws Exception {
        boolean parseBoolean = Boolean.parseBoolean(this.properties.getProperty(AccountCreationProps.PROPERTIES_SYSADMIN_LOGIN_ALLOWED));
        String property = this.properties.getProperty(AccountCreationProps.PROPERTIES_SYSADMIN_LOGIN_NAME);
        String property2 = this.properties.getProperty(AccountCreationProps.PROPERTIES_SYSADMIN_LOGIN_EMAIL);
        String property3 = this.properties.getProperty(AccountCreationProps.PROPERTIES_SYSADMIN_LOGIN_PASSWORD);
        if (ListUtils.anyNull(property, property2, property3)) {
            logger.warn("Missing values for superuser account, check properties.  Skipping superuser account setup...");
            return;
        }
        UserInfo adminUserByUsername = getAdminUserByUsername(property);
        if (adminUserByUsername == null) {
            createAdminUser(property, "Super User", property2, property3, parseBoolean, !parseBoolean);
        } else {
            setAdminUserPassword(adminUserByUsername.getUuid(), property3);
        }
    }

    public String generateOAuthSecretKey(AuthPrincipalType authPrincipalType) {
        long currentTimeMillis = System.currentTimeMillis();
        ByteBuffer allocate = ByteBuffer.allocate(20);
        allocate.put(DigestUtils.sha(currentTimeMillis + OAUTH_SECRET_SALT + UUID.randomUUID()));
        return authPrincipalType.getBase64Prefix() + Base64.encodeBase64URLSafeString(allocate.array());
    }

    @Override // org.usergrid.management.ManagementService
    public void postOrganizationActivity(UUID uuid, final UserInfo userInfo, String str, final EntityRef entityRef, final String str2, final String str3, String str4, String str5) throws Exception {
        ServiceManager serviceManager = this.smf.getServiceManager(CassandraService.MANAGEMENT_APPLICATION_ID);
        HashMap hashMap = new HashMap();
        hashMap.put(Activity.PROPERTY_VERB, str);
        hashMap.put("category", "admin");
        if (str5 != null) {
            hashMap.put(Activity.PROPERTY_CONTENT, str5);
        }
        if (str4 != null) {
            hashMap.put("title", str4);
        }
        hashMap.put(Activity.PROPERTY_ACTOR, new HashMap<String, Object>() { // from class: org.usergrid.management.cassandra.ManagementServiceImpl.1
            {
                put(Activity.PROPERTY_DISPLAY_NAME, userInfo.getName());
                put(Activity.PROPERTY_OBJECT_TYPE, Activity.OBJECT_TYPE_PERSON);
                put(Activity.PROPERTY_ENTITY_TYPE, User.ENTITY_TYPE);
                put("uuid", userInfo.getUuid());
            }
        });
        hashMap.put(Activity.PROPERTY_OBJECT, new HashMap<String, Object>() { // from class: org.usergrid.management.cassandra.ManagementServiceImpl.2
            {
                put(Activity.PROPERTY_DISPLAY_NAME, str3);
                put(Activity.PROPERTY_OBJECT_TYPE, str2);
                put(Activity.PROPERTY_ENTITY_TYPE, entityRef.getType());
                put("uuid", entityRef.getUuid());
            }
        });
        serviceManager.newRequest(ServiceAction.POST, ServiceParameter.parameters("groups", uuid, Application.COLLECTION_ACTIVITIES), ServicePayload.payload(hashMap)).execute().getEntity();
    }

    @Override // org.usergrid.management.ManagementService
    public ServiceResults getOrganizationActivity(OrganizationInfo organizationInfo) throws Exception {
        return this.smf.getServiceManager(CassandraService.MANAGEMENT_APPLICATION_ID).newRequest(ServiceAction.GET, ServiceParameter.parameters("groups", organizationInfo.getUuid(), "feed")).execute();
    }

    @Override // org.usergrid.management.ManagementService
    public ServiceResults getOrganizationActivityForAdminUser(OrganizationInfo organizationInfo, UserInfo userInfo) throws Exception {
        return this.smf.getServiceManager(CassandraService.MANAGEMENT_APPLICATION_ID).newRequest(ServiceAction.GET, ServiceParameter.parameters("groups", organizationInfo.getUuid(), "users", userInfo.getUuid(), "feed")).execute();
    }

    @Override // org.usergrid.management.ManagementService
    public ServiceResults getAdminUserActivity(UserInfo userInfo) throws Exception {
        return this.smf.getServiceManager(CassandraService.MANAGEMENT_APPLICATION_ID).newRequest(ServiceAction.GET, ServiceParameter.parameters("users", userInfo.getUuid(), "feed")).execute();
    }

    @Override // org.usergrid.management.ManagementService
    public OrganizationOwnerInfo createOwnerAndOrganization(String str, String str2, String str3, String str4, String str5) throws Exception {
        return createOwnerAndOrganization(str, str2, str3, str4, str5, (newAdminUsersNeedSysAdminApproval() || newOrganizationsNeedSysAdminApproval()) ? false : true, newAdminUsersRequireConfirmation(), null);
    }

    @Override // org.usergrid.management.ManagementService
    public OrganizationOwnerInfo createOwnerAndOrganization(String str, String str2, String str3, String str4, String str5, boolean z, boolean z2) throws Exception {
        return createOwnerAndOrganization(str, str2, str3, str4, str5, z, z2, null);
    }

    @Override // org.usergrid.management.ManagementService
    public OrganizationOwnerInfo createOwnerAndOrganization(String str, String str2, String str3, String str4, String str5, boolean z, boolean z2, Map<String, Object> map) throws Exception {
        Lock uniqueUpdateLock = LockHelper.getUniqueUpdateLock(this.lockManager, CassandraService.MANAGEMENT_APPLICATION_ID, str, "groups", "path");
        Lock uniqueUpdateLock2 = LockHelper.getUniqueUpdateLock(this.lockManager, CassandraService.MANAGEMENT_APPLICATION_ID, str2, "users", "username");
        Lock uniqueUpdateLock3 = LockHelper.getUniqueUpdateLock(this.lockManager, CassandraService.MANAGEMENT_APPLICATION_ID, str4, "users", "email");
        try {
            uniqueUpdateLock.lock();
            uniqueUpdateLock2.lock();
            uniqueUpdateLock3.lock();
            if (!this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).isPropertyValueUniqueForEntity("group", "path", str)) {
                throw new DuplicateUniquePropertyExistsException("group", "path", str);
            }
            if (!validateAdminInfo(str2, str3, str4, str5)) {
                return null;
            }
            UserInfo createAdminUserInternal = areActivationChecksDisabled() ? createAdminUserInternal(str2, str3, str4, str5, true, false, map) : createAdminUserInternal(str2, str3, str4, str5, z, z2, map);
            OrganizationInfo createOrganizationInternal = createOrganizationInternal(str, createAdminUserInternal, true);
            uniqueUpdateLock3.unlock();
            uniqueUpdateLock2.unlock();
            uniqueUpdateLock.unlock();
            return new OrganizationOwnerInfo(createAdminUserInternal, createOrganizationInternal);
        } finally {
            uniqueUpdateLock3.unlock();
            uniqueUpdateLock2.unlock();
            uniqueUpdateLock.unlock();
        }
    }

    private OrganizationInfo createOrganizationInternal(String str, UserInfo userInfo, boolean z) throws Exception {
        if (str == null || userInfo == null) {
            return null;
        }
        EntityManager entityManager = this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID);
        Group group = new Group();
        group.setPath(str);
        Group group2 = (Group) entityManager.create(group);
        entityManager.addToCollection(group2, "users", new SimpleEntityRef(User.ENTITY_TYPE, userInfo.getUuid()));
        writeUserToken(CassandraService.MANAGEMENT_APPLICATION_ID, group2, this.encryptionService.plainTextCredentials(generateOAuthSecretKey(AuthPrincipalType.ORGANIZATION), userInfo.getUuid(), CassandraService.MANAGEMENT_APPLICATION_ID));
        OrganizationInfo organizationInfo = new OrganizationInfo(group2.getUuid(), str);
        postOrganizationActivity(organizationInfo.getUuid(), userInfo, "create", group2, "Organization", organizationInfo.getName(), "<a href=\"mailto:" + userInfo.getEmail() + "\">" + userInfo.getName() + " (" + userInfo.getEmail() + ")</a> created a new organization account named " + str, null);
        startOrganizationActivationFlow(organizationInfo);
        return organizationInfo;
    }

    @Override // org.usergrid.management.ManagementService
    public OrganizationInfo createOrganization(String str, UserInfo userInfo, boolean z) throws Exception {
        if (str == null || userInfo == null) {
            return null;
        }
        if (this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).isPropertyValueUniqueForEntity("group", "path", str)) {
            return createOrganizationInternal(str, userInfo, z);
        }
        throw new DuplicateUniquePropertyExistsException("group", "path", str);
    }

    @Override // org.usergrid.management.ManagementService
    public OrganizationInfo importOrganization(UUID uuid, OrganizationInfo organizationInfo, Map<String, Object> map) throws Exception {
        if (map == null) {
            map = new HashMap();
        }
        String str = null;
        if (organizationInfo != null) {
            str = organizationInfo.getName();
        }
        if (str == null) {
            str = (String) map.get("path");
        }
        if (str == null) {
            str = (String) map.get("name");
        }
        if (str == null) {
            return null;
        }
        if (uuid == null && organizationInfo != null) {
            uuid = organizationInfo.getUuid();
        }
        if (uuid == null) {
            uuid = ConversionUtils.uuid(map.get("uuid"));
        }
        if (uuid == null) {
            return null;
        }
        EntityManager entityManager = this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID);
        map.put("path", str);
        map.put("secret", generateOAuthSecretKey(AuthPrincipalType.ORGANIZATION));
        return new OrganizationInfo(entityManager.create(uuid, "group", map).getUuid(), str);
    }

    @Override // org.usergrid.management.ManagementService
    public UUID importApplication(UUID uuid, Application application) throws Exception {
        OrganizationInfo organizationByUuid = getOrganizationByUuid(uuid);
        UUID importApplication = this.emf.importApplication(organizationByUuid.getName(), application.getUuid(), application.getName(), application.getProperties());
        EntityManager entityManager = this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID);
        this.properties.setProperty("name", buildAppName(application.getName(), organizationByUuid));
        writeUserToken(CassandraService.MANAGEMENT_APPLICATION_ID, entityManager.create(importApplication, APPLICATION_INFO, application.getProperties()), this.encryptionService.plainTextCredentials(generateOAuthSecretKey(AuthPrincipalType.APPLICATION), null, importApplication));
        addApplicationToOrganization(uuid, importApplication);
        return importApplication;
    }

    private String buildAppName(String str, OrganizationInfo organizationInfo) {
        return str.contains("/") ? str : organizationInfo.getName() + "/" + str;
    }

    @Override // org.usergrid.management.ManagementService
    public List<OrganizationInfo> getOrganizations(UUID uuid, int i) throws Exception {
        HashBiMap create = HashBiMap.create();
        EntityManager entityManager = this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID);
        Results collection = entityManager.getCollection(entityManager.getApplicationRef(), "groups", uuid, i, Results.Level.ALL_PROPERTIES, false);
        ArrayList arrayList = new ArrayList(collection.size());
        for (Entity entity : collection.getEntities()) {
            String str = (String) entity.getProperty("path");
            if (create.containsValue(str)) {
                str = str + "DUPLICATE";
            }
            arrayList.add(new OrganizationInfo(entity.getUuid(), str));
            create.put(entity.getUuid(), str);
        }
        return arrayList;
    }

    @Override // org.usergrid.management.ManagementService
    public BiMap<UUID, String> getOrganizations() throws Exception {
        return buildOrgBiMap(getOrganizations(null, 10000));
    }

    private BiMap<UUID, String> buildOrgBiMap(List<OrganizationInfo> list) {
        HashBiMap create = HashBiMap.create();
        for (OrganizationInfo organizationInfo : list) {
            create.put(organizationInfo.getUuid(), organizationInfo.getName());
        }
        return create;
    }

    @Override // org.usergrid.management.ManagementService
    public OrganizationInfo getOrganizationInfoFromAccessToken(String str) throws Exception {
        Entity entityFromAccessToken = getEntityFromAccessToken(str, null, AuthPrincipalType.ORGANIZATION);
        if (entityFromAccessToken == null) {
            return null;
        }
        return new OrganizationInfo(entityFromAccessToken.getProperties());
    }

    @Override // org.usergrid.management.ManagementService
    public OrganizationInfo getOrganizationByName(String str) throws Exception {
        EntityRef alias;
        if (str == null || (alias = this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).getAlias("group", str)) == null) {
            return null;
        }
        return getOrganizationByUuid(alias.getUuid());
    }

    @Override // org.usergrid.management.ManagementService
    public OrganizationInfo getOrganizationByUuid(UUID uuid) throws Exception {
        Entity entity = this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).get(new SimpleEntityRef("group", uuid));
        if (entity == null) {
            return null;
        }
        return new OrganizationInfo(entity.getProperties());
    }

    @Override // org.usergrid.management.ManagementService
    public OrganizationInfo getOrganizationByIdentifier(Identifier identifier) throws Exception {
        if (identifier.isUUID()) {
            return getOrganizationByUuid(identifier.getUUID());
        }
        if (identifier.isName()) {
            return getOrganizationByName(identifier.getName());
        }
        return null;
    }

    public void postUserActivity(UserInfo userInfo, String str, EntityRef entityRef, String str2, String str3, String str4, String str5) throws Exception {
        ServiceManager serviceManager = this.smf.getServiceManager(CassandraService.MANAGEMENT_APPLICATION_ID);
        HashMap hashMap = new HashMap();
        hashMap.put(Activity.PROPERTY_VERB, str);
        hashMap.put("category", "admin");
        if (str5 != null) {
            hashMap.put(Activity.PROPERTY_CONTENT, str5);
        }
        if (str4 != null) {
            hashMap.put("title", str4);
        }
        hashMap.put(Activity.PROPERTY_ACTOR, userInfo.getUuid());
        hashMap.put(Activity.PROPERTY_ACTOR_NAME, userInfo.getName());
        hashMap.put(Activity.PROPERTY_OBJECT, entityRef.getUuid());
        hashMap.put(Activity.PROPERTY_OBJECT_ENTITY_TYPE, entityRef.getType());
        hashMap.put(Activity.PROPERTY_OBJECT_TYPE, str2);
        hashMap.put(Activity.PROPERTY_OBJECT_NAME, str3);
        serviceManager.newRequest(ServiceAction.POST, ServiceParameter.parameters("users", userInfo.getUuid(), Application.COLLECTION_ACTIVITIES), ServicePayload.payload(hashMap)).execute().getEntity();
    }

    @Override // org.usergrid.management.ManagementService
    public ServiceResults getAdminUserActivities(UserInfo userInfo) throws Exception {
        return this.smf.getServiceManager(CassandraService.MANAGEMENT_APPLICATION_ID).newRequest(ServiceAction.GET, ServiceParameter.parameters("users", userInfo.getUuid(), "feed")).execute();
    }

    private UserInfo doCreateAdmin(User user, CredentialsInfo credentialsInfo, CredentialsInfo credentialsInfo2) throws Exception {
        writeUserToken(CassandraService.MANAGEMENT_APPLICATION_ID, user, this.encryptionService.plainTextCredentials(generateOAuthSecretKey(AuthPrincipalType.ADMIN_USER), user.getUuid(), CassandraService.MANAGEMENT_APPLICATION_ID));
        writeUserPassword(CassandraService.MANAGEMENT_APPLICATION_ID, user, credentialsInfo);
        writeUserMongoPassword(CassandraService.MANAGEMENT_APPLICATION_ID, user, credentialsInfo2);
        UserInfo userInfo = new UserInfo(CassandraService.MANAGEMENT_APPLICATION_ID, user.getUuid(), user.getUsername(), user.getName(), user.getEmail(), user.getActivated().booleanValue(), user.getDisabled().booleanValue(), user.getDynamicProperties());
        if (!user.getEmail().equals(this.properties.getProperty(AccountCreationProps.PROPERTIES_SYSADMIN_LOGIN_EMAIL))) {
            startAdminUserActivationFlow(userInfo);
        }
        return userInfo;
    }

    @Override // org.usergrid.management.ManagementService
    public UserInfo createAdminFromPrexistingPassword(User user, CredentialsInfo credentialsInfo) throws Exception {
        return doCreateAdmin(user, credentialsInfo, this.encryptionService.plainTextCredentials(PasswordUtils.mongoPassword(user.getUsername(), ""), user.getUuid(), CassandraService.MANAGEMENT_APPLICATION_ID));
    }

    @Override // org.usergrid.management.ManagementService
    public UserInfo createAdminFrom(User user, String str) throws Exception {
        return doCreateAdmin(user, this.encryptionService.defaultEncryptedCredentials(str, user.getUuid(), CassandraService.MANAGEMENT_APPLICATION_ID), this.encryptionService.plainTextCredentials(PasswordUtils.mongoPassword(user.getUsername(), str), user.getUuid(), CassandraService.MANAGEMENT_APPLICATION_ID));
    }

    @Override // org.usergrid.management.ManagementService
    public UserInfo createAdminUser(String str, String str2, String str3, String str4, boolean z, boolean z2) throws Exception {
        return createAdminUser(str, str2, str3, str4, z, z2, null);
    }

    @Override // org.usergrid.management.ManagementService
    public UserInfo createAdminUser(String str, String str2, String str3, String str4, boolean z, boolean z2, Map<String, Object> map) throws Exception {
        if (validateAdminInfo(str, str2, str3, str4)) {
            return createAdminUserInternal(str, str2, str3, str4, z, z2, map);
        }
        return null;
    }

    private boolean validateAdminInfo(String str, String str2, String str3, String str4) throws Exception {
        if (str3 == null) {
            return false;
        }
        if (str == null) {
            str = str3;
        }
        if (str2 == null) {
        }
        EntityManager entityManager = this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID);
        if (!entityManager.isPropertyValueUniqueForEntity(User.ENTITY_TYPE, "username", str)) {
            throw new DuplicateUniquePropertyExistsException(User.ENTITY_TYPE, "username", str);
        }
        if (entityManager.isPropertyValueUniqueForEntity(User.ENTITY_TYPE, "email", str3)) {
            return true;
        }
        throw new DuplicateUniquePropertyExistsException(User.ENTITY_TYPE, "email", str3);
    }

    private UserInfo createAdminUserInternal(String str, String str2, String str3, String str4, boolean z, boolean z2, Map<String, Object> map) throws Exception {
        if (StringUtils.isBlank(str4)) {
            str4 = Base64.encodeBase64URLSafeString(ConversionUtils.bytes(UUID.randomUUID()));
        }
        if (str == null) {
            str = str3;
        }
        if (str2 == null) {
            str2 = str3;
        }
        EntityManager entityManager = this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID);
        User user = new User();
        user.setUsername(str);
        user.setName(str2);
        user.setEmail(str3);
        user.setActivated(Boolean.valueOf(z));
        user.setConfirmed(Boolean.valueOf(!newAdminUsersRequireConfirmation()));
        user.setDisabled(Boolean.valueOf(z2));
        if (map != null) {
            map.remove("password");
            user.setProperties(map);
        }
        return createAdminFrom((User) entityManager.create(user), str4);
    }

    public UserInfo getUserInfo(UUID uuid, Entity entity) {
        if (entity == null) {
            return null;
        }
        return new UserInfo(uuid, entity.getUuid(), (String) entity.getProperty("username"), entity.getName(), (String) entity.getProperty("email"), ConversionUtils.getBoolean(entity.getProperty(Schema.PROPERTY_ACTIVATED)), ConversionUtils.getBoolean(entity.getProperty("disabled")), entity.getDynamicProperties());
    }

    public UserInfo getUserInfo(UUID uuid, Map<String, Object> map) {
        if (map == null) {
            return null;
        }
        return new UserInfo(uuid, map);
    }

    @Override // org.usergrid.management.ManagementService
    public List<UserInfo> getAdminUsersForOrganization(UUID uuid) throws Exception {
        if (uuid == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        Iterator<Entity> it = this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).getCollection(new SimpleEntityRef("group", uuid), "users", null, 10000, Results.Level.ALL_PROPERTIES, false).getEntities().iterator();
        while (it.hasNext()) {
            arrayList.add(getUserInfo(CassandraService.MANAGEMENT_APPLICATION_ID, it.next()));
        }
        return arrayList;
    }

    @Override // org.usergrid.management.ManagementService
    public UserInfo updateAdminUser(UserInfo userInfo, String str, String str2, String str3) throws Exception {
        Lock uniqueUpdateLock = LockHelper.getUniqueUpdateLock(this.lockManager, CassandraService.MANAGEMENT_APPLICATION_ID, str, "users", "username");
        Lock uniqueUpdateLock2 = LockHelper.getUniqueUpdateLock(this.lockManager, CassandraService.MANAGEMENT_APPLICATION_ID, str3, "users", "email");
        try {
            uniqueUpdateLock.lock();
            uniqueUpdateLock2.lock();
            EntityManager entityManager = this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID);
            if (!StringUtils.isBlank(str)) {
                entityManager.setProperty(new SimpleEntityRef(User.ENTITY_TYPE, userInfo.getUuid()), "username", str);
            }
            if (!StringUtils.isBlank(str2)) {
                entityManager.setProperty(new SimpleEntityRef(User.ENTITY_TYPE, userInfo.getUuid()), "name", str2);
            }
            if (!StringUtils.isBlank(str3)) {
                entityManager.setProperty(new SimpleEntityRef(User.ENTITY_TYPE, userInfo.getUuid()), "email", str3);
            }
            UserInfo adminUserByUuid = getAdminUserByUuid(userInfo.getUuid());
            uniqueUpdateLock2.unlock();
            uniqueUpdateLock.unlock();
            return adminUserByUuid;
        } catch (Throwable th) {
            uniqueUpdateLock2.unlock();
            uniqueUpdateLock.unlock();
            throw th;
        }
    }

    public User getAdminUserEntityByEmail(String str) throws Exception {
        if (str == null) {
            return null;
        }
        return getUserEntityByIdentifier(CassandraService.MANAGEMENT_APPLICATION_ID, Identifier.fromEmail(str));
    }

    @Override // org.usergrid.management.ManagementService
    public UserInfo getAdminUserByEmail(String str) throws Exception {
        if (str == null) {
            return null;
        }
        return getUserInfo(CassandraService.MANAGEMENT_APPLICATION_ID, getUserEntityByIdentifier(CassandraService.MANAGEMENT_APPLICATION_ID, Identifier.fromEmail(str)));
    }

    public User getUserEntityByIdentifier(UUID uuid, Identifier identifier) throws Exception {
        EntityManager entityManager = this.emf.getEntityManager(uuid);
        return (User) entityManager.get(entityManager.getUserByIdentifier(identifier), User.class);
    }

    @Override // org.usergrid.management.ManagementService
    public UserInfo getAdminUserByUsername(String str) throws Exception {
        if (str == null) {
            return null;
        }
        return getUserInfo(CassandraService.MANAGEMENT_APPLICATION_ID, getUserEntityByIdentifier(CassandraService.MANAGEMENT_APPLICATION_ID, Identifier.fromName(str)));
    }

    @Override // org.usergrid.management.ManagementService
    public User getAdminUserEntityByUuid(UUID uuid) throws Exception {
        if (uuid == null) {
            return null;
        }
        return getUserEntityByIdentifier(CassandraService.MANAGEMENT_APPLICATION_ID, Identifier.fromUUID(uuid));
    }

    @Override // org.usergrid.management.ManagementService
    public UserInfo getAdminUserByUuid(UUID uuid) throws Exception {
        return getUserInfo(CassandraService.MANAGEMENT_APPLICATION_ID, getUserEntityByIdentifier(CassandraService.MANAGEMENT_APPLICATION_ID, Identifier.fromUUID(uuid)));
    }

    @Override // org.usergrid.management.ManagementService
    public User getAdminUserEntityByIdentifier(Identifier identifier) throws Exception {
        return getUserEntityByIdentifier(CassandraService.MANAGEMENT_APPLICATION_ID, identifier);
    }

    @Override // org.usergrid.management.ManagementService
    public UserInfo getAdminUserByIdentifier(Identifier identifier) throws Exception {
        if (identifier.isUUID()) {
            return getAdminUserByUuid(identifier.getUUID());
        }
        if (identifier.isName()) {
            return getAdminUserByUsername(identifier.getName());
        }
        if (identifier.isEmail()) {
            return getAdminUserByEmail(identifier.getEmail());
        }
        return null;
    }

    public User findUserEntity(UUID uuid, String str) {
        User user = null;
        try {
            User userEntityByIdentifier = getUserEntityByIdentifier(uuid, Identifier.fromUUID(UUID.fromString(str)));
            if (userEntityByIdentifier != null) {
                user = (User) userEntityByIdentifier.toTypedEntity();
                logger.info("Found user {} as a UUID", str);
            }
        } catch (Exception e) {
            logger.error("Unable to get user " + str + " as a UUID, trying username...");
        }
        if (user != null) {
            return user;
        }
        try {
            User userEntityByIdentifier2 = getUserEntityByIdentifier(uuid, Identifier.fromEmail(str));
            if (userEntityByIdentifier2 != null) {
                user = (User) userEntityByIdentifier2.toTypedEntity();
                logger.info("Found user {} as an email address", str);
            }
        } catch (Exception e2) {
            logger.error("Unable to get user " + str + " as an email address, trying username");
        }
        if (user != null) {
            return user;
        }
        try {
            User userEntityByIdentifier3 = getUserEntityByIdentifier(uuid, Identifier.fromName(str));
            if (userEntityByIdentifier3 != null) {
                user = (User) userEntityByIdentifier3.toTypedEntity();
                logger.info("Found user {} as a username", str);
            }
        } catch (Exception e3) {
            logger.error("Unable to get user " + str + " as a username, failed...");
        }
        if (user != null) {
            return user;
        }
        return null;
    }

    @Override // org.usergrid.management.ManagementService
    public UserInfo findAdminUser(String str) {
        return getUserInfo(CassandraService.MANAGEMENT_APPLICATION_ID, findUserEntity(CassandraService.MANAGEMENT_APPLICATION_ID, str));
    }

    @Override // org.usergrid.management.ManagementService
    public void setAdminUserPassword(UUID uuid, String str, String str2) throws Exception {
        if (uuid == null || str == null || str2 == null) {
            return;
        }
        if (verify(CassandraService.MANAGEMENT_APPLICATION_ID, ((User) this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).get(uuid, User.class)).getUuid(), str)) {
            setAdminUserPassword(uuid, str2);
        } else {
            logger.info("Old password doesn't match");
            throw new IncorrectPasswordException("Old password does not match");
        }
    }

    @Override // org.usergrid.management.ManagementService
    public void setAdminUserPassword(UUID uuid, String str) throws Exception {
        if (uuid == null || str == null) {
            return;
        }
        User user = (User) this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).get(uuid, User.class);
        writeUserPassword(CassandraService.MANAGEMENT_APPLICATION_ID, user, this.encryptionService.defaultEncryptedCredentials(str, user.getUuid(), CassandraService.MANAGEMENT_APPLICATION_ID));
        writeUserMongoPassword(CassandraService.MANAGEMENT_APPLICATION_ID, user, this.encryptionService.plainTextCredentials(PasswordUtils.mongoPassword((String) user.getProperty("username"), str), user.getUuid(), CassandraService.MANAGEMENT_APPLICATION_ID));
    }

    @Override // org.usergrid.management.ManagementService
    public boolean verifyAdminUserPassword(UUID uuid, String str) throws Exception {
        if (uuid == null || str == null) {
            return false;
        }
        return verify(CassandraService.MANAGEMENT_APPLICATION_ID, ((User) this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).get(uuid, User.class)).getUuid(), str);
    }

    @Override // org.usergrid.management.ManagementService
    public UserInfo verifyAdminUserPasswordCredentials(String str, String str2) throws Exception {
        User findUserEntity = findUserEntity(CassandraService.MANAGEMENT_APPLICATION_ID, str);
        if (findUserEntity == null) {
            return null;
        }
        if (!verify(CassandraService.MANAGEMENT_APPLICATION_ID, findUserEntity.getUuid(), str2)) {
            logger.info("password compare fail for {}", str);
            return null;
        }
        UserInfo userInfo = getUserInfo(CassandraService.MANAGEMENT_APPLICATION_ID, findUserEntity);
        if (!userInfo.isActivated()) {
            throw new UnactivatedAdminUserException();
        }
        if (userInfo.isDisabled()) {
            throw new DisabledAdminUserException();
        }
        return userInfo;
    }

    @Override // org.usergrid.management.ManagementService
    public UserInfo verifyMongoCredentials(String str, String str2, String str3) throws Exception {
        User findUserEntity = findUserEntity(CassandraService.MANAGEMENT_APPLICATION_ID, str);
        if (findUserEntity == null) {
            return null;
        }
        String secret = readUserMongoPassword(CassandraService.MANAGEMENT_APPLICATION_ID, findUserEntity.getUuid()).getSecret();
        if (secret == null) {
            throw new IncorrectPasswordException("Your mongo password has not be set");
        }
        if (!DigestUtils.md5Hex(str2 + findUserEntity.getProperty("username") + secret).equalsIgnoreCase(str3)) {
            throw new IncorrectPasswordException();
        }
        UserInfo userInfo = new UserInfo(CassandraService.MANAGEMENT_APPLICATION_ID, findUserEntity.getProperties());
        if (!userInfo.isActivated()) {
            throw new UnactivatedAdminUserException();
        }
        if (userInfo.isDisabled()) {
            throw new DisabledAdminUserException();
        }
        return userInfo;
    }

    public String getTokenForPrincipal(TokenCategory tokenCategory, String str, UUID uuid, AuthPrincipalType authPrincipalType, UUID uuid2, long j) throws Exception {
        if (ListUtils.anyNull(tokenCategory, uuid, authPrincipalType, uuid2)) {
            return null;
        }
        return this.tokens.createToken(tokenCategory, str, new AuthPrincipalInfo(authPrincipalType, uuid2, uuid), null, j);
    }

    public void revokeTokensForPrincipal(AuthPrincipalType authPrincipalType, UUID uuid, UUID uuid2) throws Exception {
        if (ListUtils.anyNull(uuid, authPrincipalType, uuid2)) {
            throw new IllegalArgumentException("applicationId, principal_type and id are required");
        }
        this.tokens.removeTokens(new AuthPrincipalInfo(authPrincipalType, uuid2, uuid));
    }

    public AuthPrincipalInfo getPrincipalFromAccessToken(String str, String str2, AuthPrincipalType authPrincipalType) throws Exception {
        AuthPrincipalInfo principal;
        TokenInfo tokenInfo = this.tokens.getTokenInfo(str);
        if (tokenInfo == null) {
            return null;
        }
        if ((str2 != null && !str2.equals(tokenInfo.getType())) || (principal = tokenInfo.getPrincipal()) == null) {
            return null;
        }
        if (authPrincipalType == null || authPrincipalType.equals(principal.getType())) {
            return principal;
        }
        return null;
    }

    public Entity getEntityFromAccessToken(String str, String str2, AuthPrincipalType authPrincipalType) throws Exception {
        AuthPrincipalInfo principalFromAccessToken = getPrincipalFromAccessToken(str, str2, authPrincipalType);
        if (principalFromAccessToken == null) {
            return null;
        }
        return getEntityFromPrincipal(principalFromAccessToken);
    }

    public Entity getEntityFromPrincipal(AuthPrincipalInfo authPrincipalInfo) throws Exception {
        return this.emf.getEntityManager(authPrincipalInfo.getApplicationId() != null ? authPrincipalInfo.getApplicationId() : CassandraService.MANAGEMENT_APPLICATION_ID).get(authPrincipalInfo.getUuid());
    }

    @Override // org.usergrid.management.ManagementService
    public String getAccessTokenForAdminUser(UUID uuid, long j) throws Exception {
        return getTokenForPrincipal(TokenCategory.ACCESS, null, CassandraService.MANAGEMENT_APPLICATION_ID, AuthPrincipalType.ADMIN_USER, uuid, j);
    }

    @Override // org.usergrid.management.ManagementService
    public void revokeAccessTokensForAdminUser(UUID uuid) throws Exception {
        revokeTokensForPrincipal(AuthPrincipalType.ADMIN_USER, CassandraService.MANAGEMENT_APPLICATION_ID, uuid);
    }

    @Override // org.usergrid.management.ManagementService
    public void revokeAccessTokenForAdminUser(UUID uuid, String str) throws Exception {
        if (ListUtils.anyNull(uuid, str)) {
            throw new IllegalArgumentException("token is required");
        }
        if (!getAdminUserEntityFromAccessToken(str).getUuid().equals(uuid)) {
            throw new TokenException("Could not match token : " + str);
        }
        this.tokens.revokeToken(str);
    }

    @Override // org.usergrid.management.ManagementService
    public Entity getAdminUserEntityFromAccessToken(String str) throws Exception {
        return getEntityFromAccessToken(str, null, AuthPrincipalType.ADMIN_USER);
    }

    @Override // org.usergrid.management.ManagementService
    public UserInfo getAdminUserInfoFromAccessToken(String str) throws Exception {
        return new UserInfo(CassandraService.MANAGEMENT_APPLICATION_ID, getAdminUserEntityFromAccessToken(str).getProperties());
    }

    @Override // org.usergrid.management.ManagementService
    public BiMap<UUID, String> getOrganizationsForAdminUser(UUID uuid) throws Exception {
        if (uuid == null) {
            return null;
        }
        HashBiMap create = HashBiMap.create();
        for (Entity entity : this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).getCollection(new SimpleEntityRef(User.ENTITY_TYPE, uuid), "groups", null, 10000, Results.Level.ALL_PROPERTIES, false).getEntities()) {
            String str = (String) entity.getProperty("path");
            if (str != null) {
                str = str.toLowerCase();
            }
            create.put(entity.getUuid(), str);
        }
        return create;
    }

    @Override // org.usergrid.management.ManagementService
    public Map<String, Object> getAdminUserOrganizationData(UUID uuid) throws Exception {
        return getAdminUserOrganizationData(getAdminUserByUuid(uuid));
    }

    @Override // org.usergrid.management.ManagementService
    public Map<String, Object> getAdminUserOrganizationData(UserInfo userInfo) throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.putAll(JsonUtils.toJsonMap(userInfo));
        HashMap hashMap2 = new HashMap();
        hashMap.put("organizations", hashMap2);
        boolean parseBoolean = Boolean.parseBoolean(this.properties.getProperty(AccountCreationProps.PROPERTIES_SYSADMIN_LOGIN_ALLOWED));
        String property = this.properties.getProperty(AccountCreationProps.PROPERTIES_SYSADMIN_LOGIN_NAME);
        for (Map.Entry<UUID, String> entry : ((parseBoolean && property != null && property.equals(userInfo.getUsername())) ? buildOrgBiMap(getOrganizations(null, 10)) : getOrganizationsForAdminUser(userInfo.getUuid())).entrySet()) {
            HashMap hashMap3 = new HashMap();
            hashMap2.put(entry.getValue(), hashMap3);
            hashMap3.put("name", entry.getValue());
            hashMap3.put("uuid", entry.getKey());
            hashMap3.put("applications", getApplicationsForOrganization(entry.getKey()).inverse());
            List<UserInfo> adminUsersForOrganization = getAdminUsersForOrganization(entry.getKey());
            HashMap hashMap4 = new HashMap();
            for (UserInfo userInfo2 : adminUsersForOrganization) {
                hashMap4.put(userInfo2.getUsername(), userInfo2);
            }
            hashMap3.put("users", hashMap4);
        }
        return hashMap;
    }

    @Override // org.usergrid.management.ManagementService
    public Map<String, Object> getOrganizationData(OrganizationInfo organizationInfo) throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.putAll(JsonUtils.toJsonMap(organizationInfo));
        hashMap.put("applications", getApplicationsForOrganization(organizationInfo.getUuid()).inverse());
        List<UserInfo> adminUsersForOrganization = getAdminUsersForOrganization(organizationInfo.getUuid());
        HashMap hashMap2 = new HashMap();
        for (UserInfo userInfo : adminUsersForOrganization) {
            hashMap2.put(userInfo.getUsername(), userInfo);
        }
        hashMap.put("users", hashMap2);
        return hashMap;
    }

    @Override // org.usergrid.management.ManagementService
    public void addAdminUserToOrganization(UserInfo userInfo, OrganizationInfo organizationInfo, boolean z) throws Exception {
        if (userInfo == null || organizationInfo == null) {
            return;
        }
        this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).addToCollection(new SimpleEntityRef("group", organizationInfo.getUuid()), "users", new SimpleEntityRef(User.ENTITY_TYPE, userInfo.getUuid()));
        if (z) {
            sendAdminUserInvitedEmail(userInfo, organizationInfo);
        }
    }

    @Override // org.usergrid.management.ManagementService
    public void removeAdminUserFromOrganization(UUID uuid, UUID uuid2) throws Exception {
        if (uuid == null || uuid2 == null) {
            return;
        }
        EntityManager entityManager = this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID);
        try {
            if (entityManager.getCollection(new SimpleEntityRef("group", uuid2), "users", null, 2, Results.Level.IDS, false).size() <= 1) {
                throw new Exception();
            }
            entityManager.removeFromCollection(new SimpleEntityRef("group", uuid2), "users", new SimpleEntityRef(User.ENTITY_TYPE, uuid));
        } catch (Exception e) {
            throw new UnableToLeaveOrganizationException("Organizations must have at least one member.");
        }
    }

    @Override // org.usergrid.management.ManagementService
    public ApplicationInfo createApplication(UUID uuid, String str) throws Exception {
        return createApplication(uuid, str, null);
    }

    @Override // org.usergrid.management.ManagementService
    public ApplicationInfo createApplication(UUID uuid, String str, Map<String, Object> map) throws Exception {
        if (uuid == null || str == null) {
            return null;
        }
        if (map == null) {
            map = new HashMap();
        }
        OrganizationInfo organizationByUuid = getOrganizationByUuid(uuid);
        UUID createApplication = this.emf.createApplication(organizationByUuid.getName(), str, map);
        EntityManager entityManager = this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID);
        map.put("name", buildAppName(str, organizationByUuid));
        Entity create = entityManager.create(createApplication, APPLICATION_INFO, map);
        writeUserToken(CassandraService.MANAGEMENT_APPLICATION_ID, create, this.encryptionService.plainTextCredentials(generateOAuthSecretKey(AuthPrincipalType.APPLICATION), null, CassandraService.MANAGEMENT_APPLICATION_ID));
        addApplicationToOrganization(uuid, createApplication);
        UserInfo userInfo = null;
        try {
            userInfo = SubjectUtils.getUser();
        } catch (UnavailableSecurityManagerException e) {
        }
        if (userInfo != null && userInfo.isAdminUser()) {
            postOrganizationActivity(uuid, userInfo, "create", create, "Application", str, "<a href=\"mailto:" + userInfo.getEmail() + "\">" + userInfo.getName() + " (" + userInfo.getEmail() + ")</a> created a new application named " + str, null);
        }
        return new ApplicationInfo(createApplication, create.getName());
    }

    @Override // org.usergrid.management.ManagementService
    public OrganizationInfo getOrganizationForApplication(UUID uuid) throws Exception {
        Entity entity;
        if (uuid == null || (entity = this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).getConnectingEntities(uuid, "owns", "group", Results.Level.ALL_PROPERTIES).getEntity()) == null) {
            return null;
        }
        return new OrganizationInfo(entity.getUuid(), (String) entity.getProperty("path"));
    }

    @Override // org.usergrid.management.ManagementService
    public BiMap<UUID, String> getApplicationsForOrganization(UUID uuid) throws Exception {
        if (uuid == null) {
            return null;
        }
        HashBiMap create = HashBiMap.create();
        Results connectedEntities = this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).getConnectedEntities(uuid, "owns", APPLICATION_INFO, Results.Level.ALL_PROPERTIES);
        if (!connectedEntities.isEmpty()) {
            for (Entity entity : connectedEntities.getEntities()) {
                String name = entity.getName();
                if (name != null) {
                    name = name.toLowerCase();
                }
                create.put(entity.getUuid(), name);
            }
        }
        return create;
    }

    @Override // org.usergrid.management.ManagementService
    public BiMap<UUID, String> getApplicationsForOrganizations(Set<UUID> set) throws Exception {
        if (set == null) {
            return null;
        }
        HashBiMap create = HashBiMap.create();
        Iterator<UUID> it = set.iterator();
        while (it.hasNext()) {
            create.putAll(getApplicationsForOrganization(it.next()));
        }
        return create;
    }

    @Override // org.usergrid.management.ManagementService
    public UUID addApplicationToOrganization(UUID uuid, UUID uuid2) throws Exception {
        if (uuid == null || uuid2 == null) {
            return null;
        }
        this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).createConnection(new SimpleEntityRef("group", uuid), "owns", new SimpleEntityRef(APPLICATION_INFO, uuid2));
        return uuid2;
    }

    @Override // org.usergrid.management.ManagementService
    public void deleteOrganizationApplication(UUID uuid, UUID uuid2) throws Exception {
    }

    @Override // org.usergrid.management.ManagementService
    public void removeOrganizationApplication(UUID uuid, UUID uuid2) throws Exception {
    }

    @Override // org.usergrid.management.ManagementService
    public ApplicationInfo getApplicationInfo(String str) throws Exception {
        UUID lookupApplication;
        if (str == null || (lookupApplication = this.emf.lookupApplication(str)) == null) {
            return null;
        }
        return new ApplicationInfo(lookupApplication, str.toLowerCase());
    }

    @Override // org.usergrid.management.ManagementService
    public ApplicationInfo getApplicationInfo(UUID uuid) throws Exception {
        Entity entity;
        if (uuid == null || (entity = this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).get(uuid)) == null) {
            return null;
        }
        return new ApplicationInfo(uuid, entity.getName());
    }

    @Override // org.usergrid.management.ManagementService
    public ApplicationInfo getApplicationInfo(Identifier identifier) throws Exception {
        if (identifier == null) {
            return null;
        }
        if (identifier.isUUID()) {
            return getApplicationInfo(identifier.getUUID());
        }
        if (identifier.isName()) {
            return getApplicationInfo(identifier.getName());
        }
        return null;
    }

    @Override // org.usergrid.management.ManagementService
    public ApplicationInfo getApplicationInfoFromAccessToken(String str) throws Exception {
        Entity entityFromAccessToken = getEntityFromAccessToken(str, null, AuthPrincipalType.APPLICATION);
        if (entityFromAccessToken == null) {
            throw new TokenException("Could not find an entity for that access token: " + str);
        }
        return new ApplicationInfo(entityFromAccessToken.getProperties());
    }

    @Override // org.usergrid.management.ManagementService
    public ServiceResults getApplicationMetadata(UUID uuid) throws Exception {
        if (uuid == null) {
            return ServiceResults.genericServiceResults();
        }
        EntityManager entityManager = this.emf.getEntityManager(uuid);
        Results fromEntity = Results.fromEntity(entityManager.get(entityManager.getApplicationRef()));
        Map<String, Object> applicationCollectionMetadata = entityManager.getApplicationCollectionMetadata();
        if (applicationCollectionMetadata.size() > 0) {
            fromEntity.setMetadata(entityManager.getApplicationRef().getUuid(), "collections", applicationCollectionMetadata);
        }
        return ServiceResults.genericServiceResults(fromEntity);
    }

    public String getSecret(UUID uuid, AuthPrincipalType authPrincipalType, UUID uuid2) throws Exception {
        if (AuthPrincipalType.ORGANIZATION.equals(authPrincipalType) || AuthPrincipalType.APPLICATION.equals(authPrincipalType)) {
            return CredentialsInfo.getCredentialsSecret(readUserToken(AuthPrincipalType.APPLICATION_USER.equals(authPrincipalType) ? uuid : CassandraService.MANAGEMENT_APPLICATION_ID, uuid2));
        }
        if (AuthPrincipalType.ADMIN_USER.equals(authPrincipalType) || AuthPrincipalType.APPLICATION_USER.equals(authPrincipalType)) {
            return CredentialsInfo.getCredentialsSecret(readUserPasswordCredentials(uuid, uuid2));
        }
        throw new IllegalArgumentException("Must specify an admin user, organization or application principal");
    }

    @Override // org.usergrid.management.ManagementService
    public String getClientIdForOrganization(UUID uuid) {
        return ClientCredentialsInfo.getClientIdForTypeAndUuid(AuthPrincipalType.ORGANIZATION, uuid);
    }

    @Override // org.usergrid.management.ManagementService
    public String getClientSecretForOrganization(UUID uuid) throws Exception {
        return getSecret(CassandraService.MANAGEMENT_APPLICATION_ID, AuthPrincipalType.ORGANIZATION, uuid);
    }

    @Override // org.usergrid.management.ManagementService
    public String getClientIdForApplication(UUID uuid) {
        return ClientCredentialsInfo.getClientIdForTypeAndUuid(AuthPrincipalType.APPLICATION, uuid);
    }

    @Override // org.usergrid.management.ManagementService
    public String getClientSecretForApplication(UUID uuid) throws Exception {
        return getSecret(CassandraService.MANAGEMENT_APPLICATION_ID, AuthPrincipalType.APPLICATION, uuid);
    }

    public String newSecretKey(AuthPrincipalType authPrincipalType, UUID uuid) throws Exception {
        String generateOAuthSecretKey = generateOAuthSecretKey(authPrincipalType);
        writeUserToken(CassandraService.MANAGEMENT_APPLICATION_ID, new SimpleEntityRef(authPrincipalType.getEntityType(), uuid), this.encryptionService.plainTextCredentials(generateOAuthSecretKey, uuid, CassandraService.MANAGEMENT_APPLICATION_ID));
        return generateOAuthSecretKey;
    }

    @Override // org.usergrid.management.ManagementService
    public String newClientSecretForOrganization(UUID uuid) throws Exception {
        return newSecretKey(AuthPrincipalType.ORGANIZATION, uuid);
    }

    @Override // org.usergrid.management.ManagementService
    public String newClientSecretForApplication(UUID uuid) throws Exception {
        return newSecretKey(AuthPrincipalType.APPLICATION, uuid);
    }

    @Override // org.usergrid.management.ManagementService
    public AccessInfo authorizeClient(String str, String str2, long j) throws Exception {
        UUID uUIDFromClientId;
        AuthPrincipalType typeFromClientId;
        if (str == null || str2 == null || (uUIDFromClientId = ClientCredentialsInfo.getUUIDFromClientId(str)) == null || (typeFromClientId = ClientCredentialsInfo.getTypeFromClientId(str)) == null) {
            return null;
        }
        AccessInfo accessInfo = null;
        if (str2.equals(getSecret(CassandraService.MANAGEMENT_APPLICATION_ID, typeFromClientId, uUIDFromClientId))) {
            if (typeFromClientId.equals(AuthPrincipalType.APPLICATION)) {
                accessInfo = new AccessInfo().withExpiresIn(TimeConstants.S_HOUR).withAccessToken(getTokenForPrincipal(TokenCategory.ACCESS, null, CassandraService.MANAGEMENT_APPLICATION_ID, typeFromClientId, uUIDFromClientId, j)).withProperty("application", getApplicationInfo(uUIDFromClientId).getId());
            } else if (typeFromClientId.equals(AuthPrincipalType.ORGANIZATION)) {
                accessInfo = new AccessInfo().withExpiresIn(TimeConstants.S_HOUR).withAccessToken(getTokenForPrincipal(TokenCategory.ACCESS, null, CassandraService.MANAGEMENT_APPLICATION_ID, typeFromClientId, uUIDFromClientId, j)).withProperty("organization", getOrganizationData(getOrganizationByUuid(uUIDFromClientId)));
            }
        }
        return accessInfo;
    }

    @Override // org.usergrid.management.ManagementService
    public PrincipalCredentialsToken getPrincipalCredentialsTokenForClientCredentials(String str, String str2) throws Exception {
        UUID uUIDFromClientId;
        AuthPrincipalType typeFromClientId;
        if (str == null || str2 == null || (uUIDFromClientId = ClientCredentialsInfo.getUUIDFromClientId(str)) == null || (typeFromClientId = ClientCredentialsInfo.getTypeFromClientId(str)) == null) {
            return null;
        }
        PrincipalCredentialsToken principalCredentialsToken = null;
        if (str2.equals(getSecret(CassandraService.MANAGEMENT_APPLICATION_ID, typeFromClientId, uUIDFromClientId))) {
            if (typeFromClientId.equals(AuthPrincipalType.APPLICATION)) {
                principalCredentialsToken = new PrincipalCredentialsToken(new ApplicationPrincipal(getApplicationInfo(uUIDFromClientId)), new ApplicationClientCredentials(str, str2));
            } else if (typeFromClientId.equals(AuthPrincipalType.ORGANIZATION)) {
                principalCredentialsToken = new PrincipalCredentialsToken(new OrganizationPrincipal(getOrganizationByUuid(uUIDFromClientId)), new OrganizationClientCredentials(str, str2));
            }
        }
        return principalCredentialsToken;
    }

    public AccessInfo authorizeAppUser(String str, String str2, String str3) throws Exception {
        return null;
    }

    @Override // org.usergrid.management.ManagementService
    public String getPasswordResetTokenForAdminUser(UUID uuid, long j) throws Exception {
        return getTokenForPrincipal(TokenCategory.EMAIL, TOKEN_TYPE_PASSWORD_RESET, CassandraService.MANAGEMENT_APPLICATION_ID, AuthPrincipalType.ADMIN_USER, uuid, j);
    }

    @Override // org.usergrid.management.ManagementService
    public boolean checkPasswordResetTokenForAdminUser(UUID uuid, String str) throws Exception {
        AuthPrincipalInfo authPrincipalInfo = null;
        try {
            authPrincipalInfo = getPrincipalFromAccessToken(str, TOKEN_TYPE_PASSWORD_RESET, AuthPrincipalType.ADMIN_USER);
        } catch (Exception e) {
            logger.error("Unable to verify token", (Throwable) e);
        }
        return authPrincipalInfo != null && uuid.equals(authPrincipalInfo.getUuid());
    }

    @Override // org.usergrid.management.ManagementService
    public String getActivationTokenForAdminUser(UUID uuid, long j) throws Exception {
        return getTokenForPrincipal(TokenCategory.EMAIL, TOKEN_TYPE_ACTIVATION, CassandraService.MANAGEMENT_APPLICATION_ID, AuthPrincipalType.ADMIN_USER, uuid, j);
    }

    @Override // org.usergrid.management.ManagementService
    public String getConfirmationTokenForAdminUser(UUID uuid, long j) throws Exception {
        return getTokenForPrincipal(TokenCategory.EMAIL, TOKEN_TYPE_CONFIRM, CassandraService.MANAGEMENT_APPLICATION_ID, AuthPrincipalType.ADMIN_USER, uuid, j);
    }

    @Override // org.usergrid.management.ManagementService
    public void activateAdminUser(UUID uuid) throws Exception {
        this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).setProperty(new SimpleEntityRef(User.ENTITY_TYPE, uuid), Schema.PROPERTY_ACTIVATED, true);
    }

    @Override // org.usergrid.management.ManagementService
    public User deactivateUser(UUID uuid, UUID uuid2) throws Exception {
        EntityManager entityManager = this.emf.getEntityManager(uuid);
        User user = (User) entityManager.get(uuid2, User.class);
        if (user == null) {
            throw new ManagementException(String.format("User with id %s does not exist in app %s", uuid2, uuid));
        }
        user.setActivated(false);
        user.setDeactivated(Long.valueOf(System.currentTimeMillis()));
        entityManager.update(user);
        revokeAccessTokensForAppUser(uuid, uuid2);
        return user;
    }

    @Override // org.usergrid.management.ManagementService
    public boolean isAdminUserActivated(UUID uuid) throws Exception {
        return Boolean.TRUE.equals(this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).getProperty(new SimpleEntityRef(User.ENTITY_TYPE, uuid), Schema.PROPERTY_ACTIVATED));
    }

    @Override // org.usergrid.management.ManagementService
    public void confirmAdminUser(UUID uuid) throws Exception {
        this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).setProperty(new SimpleEntityRef(User.ENTITY_TYPE, uuid), "confirmed", true);
    }

    @Override // org.usergrid.management.ManagementService
    public void unconfirmAdminUser(UUID uuid) throws Exception {
        this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).setProperty(new SimpleEntityRef(User.ENTITY_TYPE, uuid), "confirmed", false);
    }

    @Override // org.usergrid.management.ManagementService
    public boolean isAdminUserConfirmed(UUID uuid) throws Exception {
        return Boolean.TRUE.equals(this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).getProperty(new SimpleEntityRef(User.ENTITY_TYPE, uuid), "confirmed"));
    }

    @Override // org.usergrid.management.ManagementService
    public void enableAdminUser(UUID uuid) throws Exception {
        this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).setProperty(new SimpleEntityRef(User.ENTITY_TYPE, uuid), "disabled", false);
    }

    @Override // org.usergrid.management.ManagementService
    public void disableAdminUser(UUID uuid) throws Exception {
        this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).setProperty(new SimpleEntityRef(User.ENTITY_TYPE, uuid), "disabled", true);
        revokeAccessTokensForAdminUser(uuid);
    }

    @Override // org.usergrid.management.ManagementService
    public boolean isAdminUserEnabled(UUID uuid) throws Exception {
        return !Boolean.TRUE.equals(this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).getProperty(new SimpleEntityRef(User.ENTITY_TYPE, uuid), "disabled"));
    }

    private String emailMsg(Map<String, String> map, String str) {
        return new StrSubstitutor(map).replace(this.properties.getProperty(str));
    }

    private String appendEmailFooter(String str) {
        return str + "\n" + this.properties.getProperty(AccountCreationProps.PROPERTIES_EMAIL_FOOTER);
    }

    @Override // org.usergrid.management.ManagementService
    public void startAdminUserPasswordResetFlow(UserInfo userInfo) throws Exception {
        sendHtmlMail(this.properties, userInfo.getDisplayEmailAddress(), this.properties.getProperty(AccountCreationProps.PROPERTIES_MAILER_EMAIL), "Password Reset", appendEmailFooter(emailMsg(MapUtils.hashMap("reset_url", String.format(this.properties.getProperty(AccountCreationProps.PROPERTIES_ADMIN_RESETPW_URL), userInfo.getUuid().toString()) + "?token=" + getPasswordResetTokenForAdminUser(userInfo.getUuid(), 0L)), AccountCreationProps.PROPERTIES_EMAIL_ADMIN_PASSWORD_RESET)));
    }

    @Override // org.usergrid.management.ManagementService
    public String getActivationTokenForOrganization(UUID uuid, long j) throws Exception {
        return getTokenForPrincipal(TokenCategory.EMAIL, TOKEN_TYPE_ACTIVATION, CassandraService.MANAGEMENT_APPLICATION_ID, AuthPrincipalType.ORGANIZATION, uuid, j);
    }

    @Override // org.usergrid.management.ManagementService
    public void startOrganizationActivationFlow(OrganizationInfo organizationInfo) throws Exception {
        try {
            String str = String.format(this.properties.getProperty(AccountCreationProps.PROPERTIES_ORGANIZATION_ACTIVATION_URL), organizationInfo.getUuid().toString()) + "?token=" + getActivationTokenForOrganization(organizationInfo.getUuid(), 0L);
            String str2 = null;
            for (UserInfo userInfo : getAdminUsersForOrganization(organizationInfo.getUuid())) {
                str2 = str2 == null ? userInfo.getHTMLDisplayEmailAddress() : str2 + ", " + userInfo.getHTMLDisplayEmailAddress();
            }
            if (newOrganizationsNeedSysAdminApproval()) {
                sendHtmlMail(this.properties, this.properties.getProperty(AccountCreationProps.PROPERTIES_SYSADMIN_EMAIL), this.properties.getProperty(AccountCreationProps.PROPERTIES_MAILER_EMAIL), "Request For Organization Account Activation " + organizationInfo.getName(), appendEmailFooter(emailMsg(MapUtils.hashMap("organization_name", organizationInfo.getName()).map("activation_url", str).map("organization_owners", str2), AccountCreationProps.PROPERTIES_EMAIL_SYSADMIN_ORGANIZATION_ACTIVATION)));
                sendOrganizationEmail(organizationInfo, "Organization Account Confirmed", emailMsg(MapUtils.hashMap("organization_name", organizationInfo.getName()), AccountCreationProps.PROPERTIES_EMAIL_ORGANIZATION_CONFIRMED_AWAITING_ACTIVATION));
            } else if (this.properties.newOrganizationsRequireConfirmation()) {
                sendOrganizationEmail(organizationInfo, "Organization Account Confirmation", emailMsg(MapUtils.hashMap("organization_name", organizationInfo.getName()).map("confirmation_url", str), AccountCreationProps.PROPERTIES_EMAIL_ORGANIZATION_CONFIRMATION));
                sendSysAdminNewOrganizationActivatedNotificationEmail(organizationInfo);
            } else {
                activateOrganization(organizationInfo, false);
                sendSysAdminNewOrganizationActivatedNotificationEmail(organizationInfo);
            }
        } catch (Exception e) {
            logger.error("Unable to send activation emails to " + organizationInfo.getName(), (Throwable) e);
        }
    }

    @Override // org.usergrid.management.ManagementService
    public ActivationState handleActivationTokenForOrganization(UUID uuid, String str) throws Exception {
        AuthPrincipalInfo principalFromAccessToken = getPrincipalFromAccessToken(str, TOKEN_TYPE_ACTIVATION, AuthPrincipalType.ORGANIZATION);
        if (principalFromAccessToken == null || !uuid.equals(principalFromAccessToken.getUuid())) {
            return ActivationState.UNKNOWN;
        }
        OrganizationInfo organizationByUuid = getOrganizationByUuid(uuid);
        sendOrganizationActivatedEmail(organizationByUuid);
        sendSysAdminNewOrganizationActivatedNotificationEmail(organizationByUuid);
        activateOrganization(organizationByUuid, false);
        return ActivationState.ACTIVATED;
    }

    public void sendOrganizationActivatedEmail(OrganizationInfo organizationInfo) throws Exception {
        sendOrganizationEmail(organizationInfo, "Organization Account Activated: " + organizationInfo.getName(), emailMsg(MapUtils.hashMap("organization_name", organizationInfo.getName()), AccountCreationProps.PROPERTIES_EMAIL_ORGANIZATION_ACTIVATED));
    }

    public void sendSysAdminNewOrganizationActivatedNotificationEmail(OrganizationInfo organizationInfo) throws Exception {
        if (this.properties.notifySysAdminOfNewOrganizations()) {
            String str = null;
            for (UserInfo userInfo : getAdminUsersForOrganization(organizationInfo.getUuid())) {
                str = str == null ? userInfo.getHTMLDisplayEmailAddress() : str + ", " + userInfo.getHTMLDisplayEmailAddress();
            }
            sendHtmlMail(this.properties, this.properties.getProperty(AccountCreationProps.PROPERTIES_SYSADMIN_EMAIL), this.properties.getProperty(AccountCreationProps.PROPERTIES_MAILER_EMAIL), "Organization Account Activated " + organizationInfo.getName(), appendEmailFooter(emailMsg(MapUtils.hashMap("organization_name", organizationInfo.getName()).map("organization_owners", str), AccountCreationProps.PROPERTIES_EMAIL_SYSADMIN_ORGANIZATION_ACTIVATED)));
        }
    }

    @Override // org.usergrid.management.ManagementService
    public void sendOrganizationEmail(OrganizationInfo organizationInfo, String str, String str2) throws Exception {
        Iterator<UserInfo> it = getAdminUsersForOrganization(organizationInfo.getUuid()).iterator();
        while (it.hasNext()) {
            sendHtmlMail(this.properties, it.next().getDisplayEmailAddress(), this.properties.getProperty(AccountCreationProps.PROPERTIES_MAILER_EMAIL), str, appendEmailFooter(str2));
        }
    }

    @Override // org.usergrid.management.ManagementService
    public void startAdminUserActivationFlow(UserInfo userInfo) throws Exception {
        if (userInfo.isActivated()) {
            sendAdminUserActivatedEmail(userInfo);
            sendSysAdminNewAdminActivatedNotificationEmail(userInfo);
        } else if (newAdminUsersRequireConfirmation()) {
            sendAdminUserConfirmationEmail(userInfo);
        } else if (newAdminUsersNeedSysAdminApproval()) {
            sendSysAdminRequestAdminActivationEmail(userInfo);
        } else {
            activateAdminUser(userInfo.getUuid());
        }
    }

    @Override // org.usergrid.management.ManagementService
    public ActivationState handleConfirmationTokenForAdminUser(UUID uuid, String str) throws Exception {
        AuthPrincipalInfo principalFromAccessToken = getPrincipalFromAccessToken(str, TOKEN_TYPE_CONFIRM, AuthPrincipalType.ADMIN_USER);
        if (principalFromAccessToken == null || !uuid.equals(principalFromAccessToken.getUuid())) {
            return ActivationState.UNKNOWN;
        }
        UserInfo adminUserByUuid = getAdminUserByUuid(principalFromAccessToken.getUuid());
        confirmAdminUser(adminUserByUuid.getUuid());
        if (newAdminUsersNeedSysAdminApproval()) {
            sendAdminUserConfirmedAwaitingActivationEmail(adminUserByUuid);
            sendSysAdminRequestAdminActivationEmail(adminUserByUuid);
            return ActivationState.CONFIRMED_AWAITING_ACTIVATION;
        }
        activateAdminUser(principalFromAccessToken.getUuid());
        sendAdminUserActivatedEmail(adminUserByUuid);
        sendSysAdminNewAdminActivatedNotificationEmail(adminUserByUuid);
        return ActivationState.ACTIVATED;
    }

    @Override // org.usergrid.management.ManagementService
    public ActivationState handleActivationTokenForAdminUser(UUID uuid, String str) throws Exception {
        AuthPrincipalInfo principalFromAccessToken = getPrincipalFromAccessToken(str, TOKEN_TYPE_ACTIVATION, AuthPrincipalType.ADMIN_USER);
        if (principalFromAccessToken == null || !uuid.equals(principalFromAccessToken.getUuid())) {
            return ActivationState.UNKNOWN;
        }
        activateAdminUser(principalFromAccessToken.getUuid());
        UserInfo adminUserByUuid = getAdminUserByUuid(principalFromAccessToken.getUuid());
        sendAdminUserActivatedEmail(adminUserByUuid);
        sendSysAdminNewAdminActivatedNotificationEmail(adminUserByUuid);
        return ActivationState.ACTIVATED;
    }

    public void sendAdminUserConfirmationEmail(UserInfo userInfo) throws Exception {
        sendAdminUserEmail(userInfo, "User Account Confirmation: " + userInfo.getEmail(), emailMsg(MapUtils.hashMap("user_email", userInfo.getEmail()).map("confirmation_url", String.format(this.properties.getProperty(AccountCreationProps.PROPERTIES_ADMIN_CONFIRMATION_URL), userInfo.getUuid().toString()) + "?token=" + getConfirmationTokenForAdminUser(userInfo.getUuid(), 0L)), AccountCreationProps.PROPERTIES_EMAIL_ADMIN_CONFIRMATION));
    }

    public void sendSysAdminRequestAdminActivationEmail(UserInfo userInfo) throws Exception {
        sendHtmlMail(this.properties, this.properties.getProperty(AccountCreationProps.PROPERTIES_SYSADMIN_EMAIL), this.properties.getProperty(AccountCreationProps.PROPERTIES_MAILER_EMAIL), "Request For Admin User Account Activation " + userInfo.getEmail(), appendEmailFooter(emailMsg(MapUtils.hashMap("user_email", userInfo.getEmail()).map("activation_url", String.format(this.properties.getProperty(AccountCreationProps.PROPERTIES_ADMIN_ACTIVATION_URL), userInfo.getUuid().toString()) + "?token=" + getActivationTokenForAdminUser(userInfo.getUuid(), 0L)), AccountCreationProps.PROPERTIES_EMAIL_SYSADMIN_ADMIN_ACTIVATION)));
    }

    public void sendSysAdminNewAdminActivatedNotificationEmail(UserInfo userInfo) throws Exception {
        if (this.properties.notifySysAdminOfNewAdminUsers()) {
            sendHtmlMail(this.properties, this.properties.getProperty(AccountCreationProps.PROPERTIES_SYSADMIN_EMAIL), this.properties.getProperty(AccountCreationProps.PROPERTIES_MAILER_EMAIL), "Admin User Account Activated " + userInfo.getEmail(), appendEmailFooter(emailMsg(MapUtils.hashMap("user_email", userInfo.getEmail()), AccountCreationProps.PROPERTIES_EMAIL_SYSADMIN_ADMIN_ACTIVATED)));
        }
    }

    public void sendAdminUserConfirmedAwaitingActivationEmail(UserInfo userInfo) throws Exception {
        sendAdminUserEmail(userInfo, "User Account Confirmed", this.properties.getProperty(AccountCreationProps.PROPERTIES_EMAIL_ADMIN_CONFIRMED_AWAITING_ACTIVATION));
    }

    public void sendAdminUserActivatedEmail(UserInfo userInfo) throws Exception {
        if (this.properties.notifyAdminOfActivation()) {
            sendAdminUserEmail(userInfo, "User Account Activated", this.properties.getProperty(AccountCreationProps.PROPERTIES_EMAIL_ADMIN_ACTIVATED));
        }
    }

    public void sendAdminUserInvitedEmail(UserInfo userInfo, OrganizationInfo organizationInfo) throws Exception {
        sendAdminUserEmail(userInfo, "User Invited To Organization", emailMsg(MapUtils.hashMap("organization_name", organizationInfo.getName()), AccountCreationProps.PROPERTIES_EMAIL_ADMIN_INVITED));
    }

    @Override // org.usergrid.management.ManagementService
    public void sendAdminUserEmail(UserInfo userInfo, String str, String str2) throws Exception {
        sendHtmlMail(this.properties, userInfo.getDisplayEmailAddress(), this.properties.getProperty(AccountCreationProps.PROPERTIES_MAILER_EMAIL), str, appendEmailFooter(str2));
    }

    @Override // org.usergrid.management.ManagementService
    public void activateOrganization(OrganizationInfo organizationInfo) throws Exception {
        activateOrganization(organizationInfo, true);
    }

    private void activateOrganization(OrganizationInfo organizationInfo, boolean z) throws Exception {
        this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).setProperty(new SimpleEntityRef("group", organizationInfo.getUuid()), Schema.PROPERTY_ACTIVATED, true);
        for (UserInfo userInfo : getAdminUsersForOrganization(organizationInfo.getUuid())) {
            if (!userInfo.isActivated()) {
                activateAdminUser(userInfo.getUuid());
            }
        }
        if (z) {
            startOrganizationActivationFlow(organizationInfo);
        }
    }

    @Override // org.usergrid.management.ManagementService
    public void deactivateOrganization(UUID uuid) throws Exception {
        this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).setProperty(new SimpleEntityRef("group", uuid), Schema.PROPERTY_ACTIVATED, false);
    }

    @Override // org.usergrid.management.ManagementService
    public boolean isOrganizationActivated(UUID uuid) throws Exception {
        return Boolean.TRUE.equals(this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).getProperty(new SimpleEntityRef("group", uuid), Schema.PROPERTY_ACTIVATED));
    }

    @Override // org.usergrid.management.ManagementService
    public void enableOrganization(UUID uuid) throws Exception {
        this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).setProperty(new SimpleEntityRef("group", uuid), "disabled", false);
    }

    @Override // org.usergrid.management.ManagementService
    public void disableOrganization(UUID uuid) throws Exception {
        this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).setProperty(new SimpleEntityRef("group", uuid), "disabled", true);
    }

    @Override // org.usergrid.management.ManagementService
    public boolean isOrganizationEnabled(UUID uuid) throws Exception {
        return !Boolean.TRUE.equals(this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).getProperty(new SimpleEntityRef("group", uuid), "disabled"));
    }

    @Override // org.usergrid.management.ManagementService
    public boolean checkPasswordResetTokenForAppUser(UUID uuid, UUID uuid2, String str) throws Exception {
        AuthPrincipalInfo authPrincipalInfo = null;
        try {
            authPrincipalInfo = getPrincipalFromAccessToken(str, TOKEN_TYPE_PASSWORD_RESET, AuthPrincipalType.APPLICATION_USER);
        } catch (Exception e) {
            logger.error("Unable to verify token", (Throwable) e);
        }
        return authPrincipalInfo != null && uuid2.equals(authPrincipalInfo.getUuid());
    }

    @Override // org.usergrid.management.ManagementService
    public String getAccessTokenForAppUser(UUID uuid, UUID uuid2, long j) throws Exception {
        return getTokenForPrincipal(TokenCategory.ACCESS, null, uuid, AuthPrincipalType.APPLICATION_USER, uuid2, j);
    }

    @Override // org.usergrid.management.ManagementService
    public void revokeAccessTokensForAppUser(UUID uuid, UUID uuid2) throws Exception {
        revokeTokensForPrincipal(AuthPrincipalType.APPLICATION_USER, uuid, uuid2);
    }

    @Override // org.usergrid.management.ManagementService
    public void revokeAccessTokenForAppUser(String str) throws Exception {
        if (ListUtils.anyNull(str)) {
            throw new IllegalArgumentException("token is required");
        }
        if (getAppUserFromAccessToken(str) == null) {
            throw new TokenException("Could not match token : " + str);
        }
        this.tokens.revokeToken(str);
    }

    @Override // org.usergrid.management.ManagementService
    public UserInfo getAppUserFromAccessToken(String str) throws Exception {
        UUID applicationId;
        User appUserByIdentifier;
        AuthPrincipalInfo principalFromAccessToken = getPrincipalFromAccessToken(str, null, AuthPrincipalType.APPLICATION_USER);
        if (principalFromAccessToken == null || (applicationId = principalFromAccessToken.getApplicationId()) == null || (appUserByIdentifier = getAppUserByIdentifier(applicationId, Identifier.fromUUID(principalFromAccessToken.getUuid()))) == null) {
            return null;
        }
        return new UserInfo(applicationId, appUserByIdentifier.getProperties());
    }

    @Override // org.usergrid.management.ManagementService
    public User getAppUserByIdentifier(UUID uuid, Identifier identifier) throws Exception {
        EntityManager entityManager = this.emf.getEntityManager(uuid);
        return (User) entityManager.get(entityManager.getUserByIdentifier(identifier), User.class);
    }

    @Override // org.usergrid.management.ManagementService
    public void startAppUserPasswordResetFlow(UUID uuid, User user) throws Exception {
        sendHtmlMail(this.properties, user.getDisplayEmailAddress(), this.properties.getProperty(AccountCreationProps.PROPERTIES_MAILER_EMAIL), "Password Reset", appendEmailFooter(emailMsg(MapUtils.hashMap("reset_url", buildUserAppUrl(uuid, this.properties.getProperty(AccountCreationProps.PROPERTIES_USER_RESETPW_URL), user, getPasswordResetTokenForAppUser(uuid, user.getUuid()))), AccountCreationProps.PROPERTIES_EMAIL_USER_PASSWORD_RESET)));
    }

    @Override // org.usergrid.management.ManagementService
    public boolean newAppUsersNeedAdminApproval(UUID uuid) throws Exception {
        Boolean bool = (Boolean) this.emf.getEntityManager(uuid).getProperty(new SimpleEntityRef("application", uuid), "registration_requires_admin_approval");
        if (bool != null) {
            return bool.booleanValue();
        }
        return false;
    }

    @Override // org.usergrid.management.ManagementService
    public boolean newAppUsersRequireConfirmation(UUID uuid) throws Exception {
        Boolean bool = (Boolean) this.emf.getEntityManager(uuid).getProperty(new SimpleEntityRef("application", uuid), "registration_requires_email_confirmation");
        if (bool != null) {
            return bool.booleanValue();
        }
        return false;
    }

    public boolean notifyAdminOfNewAppUsers(UUID uuid) throws Exception {
        Boolean bool = (Boolean) this.emf.getEntityManager(uuid).getProperty(new SimpleEntityRef("application", uuid), "notify_admin_of_new_users");
        if (bool != null) {
            return bool.booleanValue();
        }
        return false;
    }

    @Override // org.usergrid.management.ManagementService
    public void startAppUserActivationFlow(UUID uuid, User user) throws Exception {
        if (newAppUsersRequireConfirmation(uuid)) {
            sendAppUserConfirmationEmail(uuid, user);
        } else if (newAppUsersNeedAdminApproval(uuid)) {
            sendAdminRequestAppUserActivationEmail(uuid, user);
        } else {
            sendAppUserActivatedEmail(uuid, user);
            sendAdminNewAppUserActivatedNotificationEmail(uuid, user);
        }
    }

    @Override // org.usergrid.management.ManagementService
    public ActivationState handleConfirmationTokenForAppUser(UUID uuid, UUID uuid2, String str) throws Exception {
        AuthPrincipalInfo principalFromAccessToken = getPrincipalFromAccessToken(str, TOKEN_TYPE_CONFIRM, AuthPrincipalType.APPLICATION_USER);
        if (principalFromAccessToken == null || !uuid2.equals(principalFromAccessToken.getUuid())) {
            return ActivationState.UNKNOWN;
        }
        User user = (User) this.emf.getEntityManager(uuid).get(uuid2, User.class);
        confirmAppUser(uuid, user.getUuid());
        if (newAppUsersNeedAdminApproval(uuid)) {
            sendAppUserConfirmedAwaitingActivationEmail(uuid, user);
            sendAdminRequestAppUserActivationEmail(uuid, user);
            return ActivationState.CONFIRMED_AWAITING_ACTIVATION;
        }
        activateAppUser(uuid, principalFromAccessToken.getUuid());
        sendAppUserActivatedEmail(uuid, user);
        sendAdminNewAppUserActivatedNotificationEmail(uuid, user);
        return ActivationState.ACTIVATED;
    }

    @Override // org.usergrid.management.ManagementService
    public ActivationState handleActivationTokenForAppUser(UUID uuid, UUID uuid2, String str) throws Exception {
        AuthPrincipalInfo principalFromAccessToken = getPrincipalFromAccessToken(str, TOKEN_TYPE_ACTIVATION, AuthPrincipalType.APPLICATION_USER);
        if (principalFromAccessToken == null || !uuid2.equals(principalFromAccessToken.getUuid())) {
            return ActivationState.UNKNOWN;
        }
        activateAppUser(uuid, principalFromAccessToken.getUuid());
        User user = (User) this.emf.getEntityManager(uuid).get(uuid2, User.class);
        sendAppUserActivatedEmail(uuid, user);
        sendAdminNewAppUserActivatedNotificationEmail(uuid, user);
        return ActivationState.ACTIVATED;
    }

    public void sendAppUserConfirmationEmail(UUID uuid, User user) throws Exception {
        sendAppUserEmail(user, "User Account Confirmation: " + user.getEmail(), emailMsg(MapUtils.hashMap("confirmation_url", buildUserAppUrl(uuid, this.properties.getProperty(AccountCreationProps.PROPERTIES_USER_CONFIRMATION_URL), user, getConfirmationTokenForAppUser(uuid, user.getUuid()))), AccountCreationProps.PROPERTIES_EMAIL_USER_CONFIRMATION));
    }

    private String buildUserAppUrl(UUID uuid, String str, User user, String str2) throws Exception {
        return String.format(str, getOrganizationForApplication(uuid).getName(), org.usergrid.utils.StringUtils.stringOrSubstringAfterFirst(getApplicationInfo(uuid).getName(), '/'), user.getUuid().toString()) + "?token=" + str2;
    }

    public void sendAdminRequestAppUserActivationEmail(UUID uuid, User user) throws Exception {
        String buildUserAppUrl = buildUserAppUrl(uuid, this.properties.getProperty(AccountCreationProps.PROPERTIES_USER_ACTIVATION_URL), user, getActivationTokenForAppUser(uuid, user.getUuid()));
        OrganizationInfo organizationForApplication = getOrganizationForApplication(uuid);
        sendOrganizationEmail(organizationForApplication, "Request For User Account Activation " + user.getEmail(), emailMsg(MapUtils.hashMap("organization_name", organizationForApplication.getName()).map("activation_url", buildUserAppUrl), AccountCreationProps.PROPERTIES_EMAIL_ADMIN_USER_ACTIVATION));
    }

    public void sendAdminNewAppUserActivatedNotificationEmail(UUID uuid, User user) throws Exception {
        if (notifyAdminOfNewAppUsers(uuid)) {
            OrganizationInfo organizationForApplication = getOrganizationForApplication(uuid);
            sendOrganizationEmail(organizationForApplication, "New User Account Activated " + user.getEmail(), emailMsg(MapUtils.hashMap("organization_name", organizationForApplication.getName()), AccountCreationProps.PROPERTIES_EMAIL_ADMIN_USER_ACTIVATION));
        }
    }

    public void sendAppUserConfirmedAwaitingActivationEmail(UUID uuid, User user) throws Exception {
        sendAppUserEmail(user, "User Account Confirmed", this.properties.getProperty(AccountCreationProps.PROPERTIES_EMAIL_USER_CONFIRMED_AWAITING_ACTIVATION));
    }

    public void sendAppUserActivatedEmail(UUID uuid, User user) throws Exception {
        sendAppUserEmail(user, "User Account Activated", this.properties.getProperty(AccountCreationProps.PROPERTIES_EMAIL_USER_ACTIVATED));
    }

    @Override // org.usergrid.management.ManagementService
    public void activateAppUser(UUID uuid, UUID uuid2) throws Exception {
        this.emf.getEntityManager(uuid).setProperty(new SimpleEntityRef(User.ENTITY_TYPE, uuid2), Schema.PROPERTY_ACTIVATED, true);
    }

    public void confirmAppUser(UUID uuid, UUID uuid2) throws Exception {
        this.emf.getEntityManager(uuid).setProperty(new SimpleEntityRef(User.ENTITY_TYPE, uuid2), "confirmed", true);
    }

    @Override // org.usergrid.management.ManagementService
    public void setAppUserPassword(UUID uuid, UUID uuid2, String str) throws Exception {
        if (uuid2 == null || str == null) {
            return;
        }
        User user = (User) this.emf.getEntityManager(uuid).get(uuid2, User.class);
        writeUserPassword(uuid, user, this.encryptionService.defaultEncryptedCredentials(str, user.getUuid(), uuid));
    }

    @Override // org.usergrid.management.ManagementService
    public void setAppUserPassword(UUID uuid, UUID uuid2, String str, String str2) throws Exception {
        if (uuid2 == null) {
            throw new IllegalArgumentException("userId is required");
        }
        if (str == null || str2 == null) {
            throw new IllegalArgumentException("oldpassword and newpassword are both required");
        }
        if (!verify(uuid, ((User) this.emf.getEntityManager(uuid).get(uuid2, User.class)).getUuid(), str)) {
            throw new IncorrectPasswordException("Old password does not match");
        }
        setAppUserPassword(uuid, uuid2, str2);
    }

    @Override // org.usergrid.management.ManagementService
    public User verifyAppUserPasswordCredentials(UUID uuid, String str, String str2) throws Exception {
        User findUserEntity = findUserEntity(uuid, str);
        if (findUserEntity == null || !verify(uuid, findUserEntity.getUuid(), str2)) {
            return null;
        }
        if (!findUserEntity.activated()) {
            throw new UnactivatedAppUserException();
        }
        if (findUserEntity.disabled()) {
            throw new DisabledAppUserException();
        }
        return findUserEntity;
    }

    public String getPasswordResetTokenForAppUser(UUID uuid, UUID uuid2) throws Exception {
        return getTokenForPrincipal(TokenCategory.EMAIL, TOKEN_TYPE_PASSWORD_RESET, uuid, AuthPrincipalType.APPLICATION_USER, uuid2, 0L);
    }

    public void sendAppUserEmail(User user, String str, String str2) throws Exception {
        sendHtmlMail(this.properties, user.getDisplayEmailAddress(), this.properties.getProperty(AccountCreationProps.PROPERTIES_MAILER_EMAIL), str, appendEmailFooter(str2));
    }

    public String getActivationTokenForAppUser(UUID uuid, UUID uuid2) throws Exception {
        return getTokenForPrincipal(TokenCategory.EMAIL, TOKEN_TYPE_ACTIVATION, uuid, AuthPrincipalType.APPLICATION_USER, uuid2, 0L);
    }

    public String getConfirmationTokenForAppUser(UUID uuid, UUID uuid2) throws Exception {
        return getTokenForPrincipal(TokenCategory.EMAIL, TOKEN_TYPE_CONFIRM, uuid, AuthPrincipalType.APPLICATION_USER, uuid2, 0L);
    }

    @Override // org.usergrid.management.ManagementService
    public void setAppUserPin(UUID uuid, UUID uuid2, String str) throws Exception {
        if (uuid2 == null || str == null) {
            return;
        }
        writeUserPin(uuid, new SimpleEntityRef(User.ENTITY_TYPE, uuid2), this.encryptionService.plainTextCredentials(str, uuid2, uuid));
    }

    @Override // org.usergrid.management.ManagementService
    public void sendAppUserPin(UUID uuid, UUID uuid2) throws Exception {
        User user = (User) this.emf.getEntityManager(uuid).get(uuid2, User.class);
        if (user == null || user.getEmail() == null) {
            return;
        }
        sendHtmlMail(this.properties, user.getDisplayEmailAddress(), this.properties.getProperty(AccountCreationProps.PROPERTIES_MAILER_EMAIL), "Your app pin", appendEmailFooter(emailMsg(MapUtils.hashMap(USER_PIN, CredentialsInfo.getCredentialsSecret(readUserPin(uuid, uuid2))), AccountCreationProps.PROPERTIES_EMAIL_USER_PIN_REQUEST)));
    }

    @Override // org.usergrid.management.ManagementService
    public User verifyAppUserPinCredentials(UUID uuid, String str, String str2) throws Exception {
        User findUserEntity = findUserEntity(uuid, str);
        if (findUserEntity != null && str2.equals(CredentialsInfo.getCredentialsSecret(readUserPin(uuid, findUserEntity.getUuid())))) {
            return findUserEntity;
        }
        return null;
    }

    @Override // org.usergrid.management.ManagementService
    public void countAdminUserAction(UserInfo userInfo, String str) throws Exception {
        this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).incrementAggregateCounters(userInfo.getUuid(), null, null, "admin_logins", 1L);
    }

    @Override // org.usergrid.management.ManagementService
    public User getOrCreateUserForFacebookAccessToken(UUID uuid, String str) throws Exception {
        DefaultClientConfig defaultClientConfig = new DefaultClientConfig();
        defaultClientConfig.getFeatures().put(JSONConfiguration.FEATURE_POJO_MAPPING, Boolean.TRUE);
        Map map = (Map) Client.create(defaultClientConfig).resource("https://graph.facebook.com/me").queryParam("access_token", str).accept("application/json").get(Map.class);
        String str2 = (String) map.get("id");
        String str3 = (String) map.get("name");
        String str4 = (String) map.get("email");
        if (logger.isDebugEnabled()) {
            logger.debug(JsonUtils.mapToFormattedJsonString(map));
        }
        if (uuid == null) {
            return null;
        }
        User user = null;
        if (map == null || ListUtils.anyNull(str2, str3)) {
            throw new BadTokenException("Unable to confirm Facebook access token");
        }
        EntityManager entityManager = this.emf.getEntityManager(uuid);
        Results searchCollection = entityManager.searchCollection(entityManager.getApplicationRef(), "users", Query.findForProperty("facebook.id", str2));
        if (searchCollection.size() > 1) {
            logger.error("Multiple users for FB ID: " + str2);
            throw new BadTokenException("multiple users with same Facebook ID");
        }
        if (searchCollection.size() < 1) {
            LinkedHashMap linkedHashMap = new LinkedHashMap();
            linkedHashMap.put("facebook", map);
            linkedHashMap.put("username", "fb_" + str2);
            linkedHashMap.put("name", str3);
            linkedHashMap.put(Schema.PROPERTY_PICTURE, "http://graph.facebook.com/" + str2 + "/picture");
            if (str4 != null) {
                user = getAppUserByIdentifier(uuid, Identifier.fromEmail(str4));
                if (user != null) {
                    linkedHashMap.remove("username");
                    linkedHashMap.remove("name");
                    entityManager.updateProperties(user, linkedHashMap);
                    user.setProperty("modified", linkedHashMap.get("modified"));
                } else {
                    linkedHashMap.put("email", str4);
                }
            }
            if (user == null) {
                linkedHashMap.put(Schema.PROPERTY_ACTIVATED, true);
                user = (User) entityManager.create(User.ENTITY_TYPE, User.class, linkedHashMap);
            }
        } else {
            user = (User) searchCollection.getEntity().toTypedEntity();
            LinkedHashMap linkedHashMap2 = new LinkedHashMap();
            linkedHashMap2.put("facebook", map);
            linkedHashMap2.put(Schema.PROPERTY_PICTURE, "http://graph.facebook.com/" + str2 + "/picture");
            entityManager.updateProperties(user, linkedHashMap2);
            user.setProperty("modified", linkedHashMap2.get("modified"));
            user.setProperty("facebook", map);
            user.setProperty(Schema.PROPERTY_PICTURE, "http://graph.facebook.com/" + str2 + "/picture");
        }
        return user;
    }

    @Override // org.usergrid.management.ManagementService
    public User getOrCreateUserForFoursquareAccessToken(UUID uuid, String str) throws Exception {
        String str2;
        User user;
        DefaultClientConfig defaultClientConfig = new DefaultClientConfig();
        defaultClientConfig.getFeatures().put(JSONConfiguration.FEATURE_POJO_MAPPING, Boolean.TRUE);
        Map map = (Map) ((Map) ((Map) Client.create(defaultClientConfig).resource("https://api.foursquare.com/v2/users/self").queryParam("oauth_token", str).queryParam("v", "20120623").accept("application/json").get(Map.class)).get("response")).get(User.ENTITY_TYPE);
        String str3 = (String) map.get("id");
        String str4 = (String) map.get("id");
        String str5 = (String) ((Map) map.get("contact")).get("email");
        String str6 = (String) ((Map) map.get("photo")).get("suffix");
        new String("");
        Map map2 = (Map) ((Map) ((Map) ((ArrayList) ((Map) map.get("checkins")).get("items")).get(0)).get("venue")).get("location");
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("latitude", (Double) map2.get("lat"));
        linkedHashMap.put("longitude", (Double) map2.get("lng"));
        System.out.println(JsonUtils.mapToFormattedJsonString(linkedHashMap));
        try {
            str2 = ((String) map.get("firstName")) + MinimalPrettyPrinter.DEFAULT_ROOT_VALUE_SEPARATOR + ((String) map.get("lastName"));
        } catch (NullPointerException e) {
            str2 = (String) map.get("firstName");
        }
        if (uuid == null) {
            return null;
        }
        if (map == null || ListUtils.anyNull(str3, str2)) {
            throw new BadTokenException("Unable to confirm Foursquare access token");
        }
        EntityManager entityManager = this.emf.getEntityManager(uuid);
        Results searchCollection = entityManager.searchCollection(entityManager.getApplicationRef(), "users", Query.findForProperty("foursquare.id", str3));
        if (searchCollection.size() > 1) {
            logger.error("Multiple users for FQ ID: " + str3);
            throw new BadTokenException("multiple users with same Foursquare ID");
        }
        if (searchCollection.size() < 1) {
            LinkedHashMap linkedHashMap2 = new LinkedHashMap();
            linkedHashMap2.put("foursquare", map);
            linkedHashMap2.put("username", str4 != null ? str4 : "fq_" + str3);
            linkedHashMap2.put("name", str2);
            if (str5 != null) {
                linkedHashMap2.put("email", str5);
            }
            linkedHashMap2.put(Schema.PROPERTY_PICTURE, "https://is0.4sqi.net/userpix_thumbs" + str6);
            linkedHashMap2.put(Schema.PROPERTY_ACTIVATED, true);
            linkedHashMap2.put("location", linkedHashMap);
            user = (User) entityManager.create(User.ENTITY_TYPE, User.class, linkedHashMap2);
        } else {
            user = (User) searchCollection.getEntity().toTypedEntity();
            LinkedHashMap linkedHashMap3 = new LinkedHashMap();
            linkedHashMap3.put("foursquare", map);
            linkedHashMap3.put(Schema.PROPERTY_PICTURE, "https://is0.4sqi.net/userpix_thumbs" + str6);
            linkedHashMap3.put("location", linkedHashMap);
            entityManager.updateProperties(user, linkedHashMap3);
            user.setProperty("foursquare", map);
            user.setProperty(Schema.PROPERTY_PICTURE, "https://is0.4sqi.net/userpix_thumbs" + str6);
            user.setProperty("location", linkedHashMap);
        }
        return user;
    }

    @Override // org.usergrid.management.ManagementService
    public void setOrganizationProps(UUID uuid, Map<String, Object> map) throws Exception {
        EntityManager entityManager = this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID);
        Group group = (Group) entityManager.get(uuid, Group.class);
        if (group == null) {
            throw new EntityNotFoundException(String.format("Could not find organization with id {}", uuid));
        }
        group.setProperties(map);
        entityManager.update(group);
    }

    @Override // org.usergrid.management.ManagementService
    public Group getOrganizationProps(UUID uuid) throws Exception {
        return (Group) this.emf.getEntityManager(CassandraService.MANAGEMENT_APPLICATION_ID).get(uuid, Group.class);
    }

    protected void writeUserPassword(UUID uuid, EntityRef entityRef, CredentialsInfo credentialsInfo) throws Exception {
        writeCreds(uuid, entityRef, credentialsInfo, "password");
    }

    protected CredentialsInfo readUserPasswordCredentials(UUID uuid, UUID uuid2) throws Exception {
        return readCreds(uuid, uuid2, "password");
    }

    protected void writeUserToken(UUID uuid, EntityRef entityRef, CredentialsInfo credentialsInfo) throws Exception {
        writeCreds(uuid, entityRef, credentialsInfo, "secret");
    }

    protected CredentialsInfo readUserToken(UUID uuid, UUID uuid2) throws Exception {
        return readCreds(uuid, uuid2, "secret");
    }

    protected void writeUserMongoPassword(UUID uuid, EntityRef entityRef, CredentialsInfo credentialsInfo) throws Exception {
        writeCreds(uuid, entityRef, credentialsInfo, USER_MONGO_PASSWORD);
    }

    protected CredentialsInfo readUserMongoPassword(UUID uuid, UUID uuid2) throws Exception {
        return readCreds(uuid, uuid2, USER_MONGO_PASSWORD);
    }

    protected void writeUserPin(UUID uuid, EntityRef entityRef, CredentialsInfo credentialsInfo) throws Exception {
        writeCreds(uuid, entityRef, credentialsInfo, USER_PIN);
    }

    protected CredentialsInfo readUserPin(UUID uuid, UUID uuid2) throws Exception {
        return readCreds(uuid, uuid2, USER_PIN);
    }

    private void writeCreds(UUID uuid, EntityRef entityRef, CredentialsInfo credentialsInfo, String str) throws Exception {
        this.emf.getEntityManager(uuid).addToDictionary(entityRef, Schema.DICTIONARY_CREDENTIALS, str, credentialsInfo);
    }

    private CredentialsInfo readCreds(UUID uuid, UUID uuid2, String str) throws Exception {
        EntityManager entityManager = this.emf.getEntityManager(uuid);
        return (CredentialsInfo) entityManager.getDictionaryElementValue(entityManager.get(uuid2), Schema.DICTIONARY_CREDENTIALS, str);
    }

    @Override // org.usergrid.management.ManagementService
    public boolean newAdminUsersNeedSysAdminApproval() {
        return this.properties.newAdminUsersNeedSysAdminApproval();
    }

    @Override // org.usergrid.management.ManagementService
    public boolean newAdminUsersRequireConfirmation() {
        return this.properties.newAdminUsersRequireConfirmation();
    }

    @Override // org.usergrid.management.ManagementService
    public boolean newOrganizationsNeedSysAdminApproval() {
        return this.properties.newOrganizationsNeedSysAdminApproval();
    }

    private boolean areActivationChecksDisabled() {
        return (newOrganizationsNeedSysAdminApproval() || this.properties.newOrganizationsRequireConfirmation() || newAdminUsersNeedSysAdminApproval() || newAdminUsersRequireConfirmation()) ? false : true;
    }

    private void sendHtmlMail(AccountCreationProps accountCreationProps, String str, String str2, String str3, String str4) {
        this.mailUtils.sendHtmlMail(accountCreationProps.getMailProperties(), str, str2, str3, str4);
    }

    public AccountCreationProps getAccountCreationProps() {
        return this.properties;
    }

    private boolean verify(UUID uuid, UUID uuid2, String str) throws Exception {
        CredentialsInfo readUserPasswordCredentials = readUserPasswordCredentials(uuid, uuid2);
        if (readUserPasswordCredentials == null) {
            return false;
        }
        return this.encryptionService.verify(str, readUserPasswordCredentials, uuid2, uuid);
    }

    public SaltProvider getSaltProvider() {
        return this.saltProvider;
    }

    public void setSaltProvider(SaltProvider saltProvider) {
        this.saltProvider = saltProvider;
    }
}
