package com.xwiki.azureoauth.internal;

import com.xpn.xwiki.XWiki;
import com.xpn.xwiki.XWikiContext;
import com.xpn.xwiki.XWikiException;
import com.xpn.xwiki.doc.XWikiDocument;
import com.xpn.xwiki.objects.BaseObject;
import com.xwiki.azureoauth.configuration.AzureOldConfiguration;
import com.xwiki.azureoauth.configuration.EntraIDConfiguration;
import com.xwiki.azureoauth.internal.configuration.DefaultEntraIDConfiguration;
import com.xwiki.azureoauth.internal.oldConfiguration.OldAzureOAuthConfiguration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Provider;
import javax.inject.Singleton;
import org.slf4j.Logger;
import org.xwiki.component.annotation.Component;
import org.xwiki.configuration.ConfigurationSaveException;
import org.xwiki.extension.repository.InstalledExtensionRepository;
import org.xwiki.model.reference.DocumentReferenceResolver;
import org.xwiki.query.QueryException;
import org.xwiki.query.QueryManager;
import org.xwiki.stability.Unstable;
import org.xwiki.wiki.descriptor.WikiDescriptorManager;

@Singleton
@Component(roles = {AzureADOIDCMigrator.class})
@Unstable
/* loaded from: input_file:com/xwiki/azureoauth/internal/AzureADOIDCMigrator.class */
public class AzureADOIDCMigrator {
    private static final String INVALID_VERSION = "/2.0";
    private static final String VALID_VERSION = "/v2.0";
    private static final String ISSUER = "issuer";
    private static final String BASE_ENDPOINT = "https://login.microsoftonline.com/%s/oauth2/v2.0/%s";

    @Inject
    @Named(OldAzureOAuthConfiguration.HINT)
    private Provider<AzureOldConfiguration> identityOAuthConfigurationProvider;

    @Inject
    @Named("default")
    private Provider<EntraIDConfiguration> entraIDConfigurationProvider;

    @Inject
    private WikiDescriptorManager wikiManager;

    @Inject
    private InstalledExtensionRepository installedRepository;

    @Inject
    private QueryManager queryManager;

    @Inject
    private Provider<XWikiContext> wikiContextProvider;

    @Inject
    @Named("current")
    private DocumentReferenceResolver<String> documentReferenceResolver;

    @Inject
    private Logger logger;

    @Inject
    private Provider<XWikiContext> xcontextProvider;

    public void initializeOIDCConfiguration() throws ConfigurationSaveException {
        if (getXWiki() != null) {
            EntraIDConfiguration entraIDConfiguration = (EntraIDConfiguration) this.entraIDConfigurationProvider.get();
            Map<String, Object> generateNewConfiguration = generateNewConfiguration();
            if (entraIDConfiguration.getTenantID().isEmpty()) {
                entraIDConfiguration.setEntraIDConfiguration(getTenantIdConfiguration());
                generateNewConfiguration.putAll(getEndpoints(((AzureOldConfiguration) this.identityOAuthConfigurationProvider.get()).getTenantID()));
                this.logger.info("Successfully set Entra ID configuration.");
            }
            if (generateNewConfiguration.isEmpty()) {
                return;
            }
            entraIDConfiguration.setOIDCConfiguration(generateNewConfiguration);
            this.logger.info("Successfully set OIDC configuration.");
        }
    }

    public void refactorOIDCIssuer() throws QueryException, XWikiException {
        XWiki xWiki = getXWiki();
        if (xWiki != null) {
            Iterator it = this.queryManager.createQuery(", BaseObject as obj where doc.fullName = obj.name and obj.className = :className", "hql").setWiki(this.wikiManager.getCurrentWikiId()).bindValue("className", DefaultEntraIDConfiguration.OIDC_USER_CLASS).execute().iterator();
            while (it.hasNext()) {
                XWikiDocument document = xWiki.getDocument(this.documentReferenceResolver.resolve((String) it.next(), new Object[0]), (XWikiContext) this.xcontextProvider.get());
                BaseObject xObject = document.getXObject(this.documentReferenceResolver.resolve(DefaultEntraIDConfiguration.OIDC_USER_CLASS, new Object[0]));
                String formString = xObject.getField(ISSUER).toFormString();
                if (formString.endsWith(INVALID_VERSION)) {
                    xObject.set(ISSUER, formString.substring(0, formString.lastIndexOf(INVALID_VERSION)) + "/v2.0", (XWikiContext) this.xcontextProvider.get());
                    xWiki.saveDocument(document, "Refactored OIDC issuer to the right format used by Entra ID.", (XWikiContext) this.xcontextProvider.get());
                }
            }
        }
    }

    public Map<String, Object> getEndpoints(String str) {
        return Map.of("authorizationEndpoint", String.format(BASE_ENDPOINT, str, "authorize"), "tokenEndpoint", String.format(BASE_ENDPOINT, str, "token"), "logoutEndpoint", String.format(BASE_ENDPOINT, str, "logout"));
    }

    private XWiki getXWiki() {
        XWikiContext xWikiContext = (XWikiContext) this.xcontextProvider.get();
        if (xWikiContext != null) {
            return xWikiContext.getWiki();
        }
        return null;
    }

    private Map<String, Object> generateNewConfiguration() {
        HashMap hashMap = new HashMap();
        EntraIDConfiguration entraIDConfiguration = (EntraIDConfiguration) this.entraIDConfigurationProvider.get();
        AzureOldConfiguration azureOldConfiguration = (AzureOldConfiguration) this.identityOAuthConfigurationProvider.get();
        if (entraIDConfiguration.getScope().isEmpty()) {
            hashMap.put("scope", azureOldConfiguration.getScope());
        }
        if (entraIDConfiguration.getClientID().isEmpty()) {
            hashMap.put("clientId", azureOldConfiguration.getClientID());
        }
        if (entraIDConfiguration.getSecret().isEmpty()) {
            hashMap.put("clientSecret", azureOldConfiguration.getSecret());
        }
        return hashMap;
    }

    private Map<String, Object> getTenantIdConfiguration() {
        return Map.of("tenantId", ((AzureOldConfiguration) this.identityOAuthConfigurationProvider.get()).getTenantID());
    }
}
