package org.broadleafcommerce.openadmin.server.security.service;

import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.annotation.Resource;
import org.apache.commons.lang.StringUtils;
import org.broadleafcommerce.common.security.BroadleafExternalAuthenticationUserDetails;
import org.broadleafcommerce.openadmin.server.security.domain.AdminPermission;
import org.broadleafcommerce.openadmin.server.security.domain.AdminRole;
import org.broadleafcommerce.openadmin.server.security.domain.AdminUser;
import org.broadleafcommerce.openadmin.server.security.domain.AdminUserImpl;
import org.broadleafcommerce.openadmin.server.security.external.AdminExternalLoginExtensionHandler;
import org.broadleafcommerce.openadmin.server.security.external.AdminExternalLoginUserExtensionManager;
import org.broadleafcommerce.openadmin.web.rulebuilder.grouping.GroupingTranslator;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.stereotype.Service;

@Service("blAdminUserProvisioningService")
/* loaded from: input_file:org/broadleafcommerce/openadmin/server/security/service/AdminUserProvisioningServiceImpl.class */
public class AdminUserProvisioningServiceImpl implements AdminUserProvisioningService {

    @Resource(name = "blAdminSecurityService")
    protected AdminSecurityService securityService;

    @Resource(name = "blAdminExternalLoginExtensionManager")
    protected AdminExternalLoginUserExtensionManager adminExternalLoginExtensionManager;
    protected Map<String, String[]> roleNameSubstitutions;

    @Override // org.broadleafcommerce.openadmin.server.security.service.AdminUserProvisioningService
    public AdminUserDetails provisionAdminUser(BroadleafExternalAuthenticationUserDetails broadleafExternalAuthenticationUserDetails) {
        HashSet hashSet = new HashSet();
        if (this.roleNameSubstitutions == null || this.roleNameSubstitutions.isEmpty()) {
            Iterator it = broadleafExternalAuthenticationUserDetails.getAuthorities().iterator();
            while (it.hasNext()) {
                hashSet.add(((GrantedAuthority) it.next()).getAuthority());
            }
        } else {
            for (GrantedAuthority grantedAuthority : broadleafExternalAuthenticationUserDetails.getAuthorities()) {
                if (this.roleNameSubstitutions.containsKey(grantedAuthority.getAuthority())) {
                    for (String str : this.roleNameSubstitutions.get(grantedAuthority.getAuthority())) {
                        hashSet.add(str.trim());
                    }
                } else {
                    hashSet.add(grantedAuthority.getAuthority());
                }
            }
        }
        HashSet hashSet2 = new HashSet();
        for (String str2 : AdminSecurityService.DEFAULT_PERMISSIONS) {
            hashSet2.add(new SimpleGrantedAuthority(str2));
        }
        HashSet hashSet3 = new HashSet();
        List<AdminRole> readAllAdminRoles = this.securityService.readAllAdminRoles();
        if (readAllAdminRoles != null) {
            for (AdminRole adminRole : readAllAdminRoles) {
                if (hashSet.contains(adminRole.getName())) {
                    hashSet3.add(adminRole);
                    Set<AdminPermission> allPermissions = adminRole.getAllPermissions();
                    if (allPermissions != null && !allPermissions.isEmpty()) {
                        for (AdminPermission adminPermission : allPermissions) {
                            if (adminPermission.isFriendly().booleanValue()) {
                                Iterator<AdminPermission> it2 = adminPermission.getAllChildPermissions().iterator();
                                while (it2.hasNext()) {
                                    hashSet2.add(new SimpleGrantedAuthority(it2.next().getName()));
                                }
                            } else {
                                hashSet2.add(new SimpleGrantedAuthority(adminPermission.getName()));
                            }
                        }
                    }
                }
            }
        }
        AdminUser readAdminUserByUserName = this.securityService.readAdminUserByUserName(broadleafExternalAuthenticationUserDetails.getUsername());
        if (readAdminUserByUserName == null) {
            readAdminUserByUserName = new AdminUserImpl();
            readAdminUserByUserName.setLogin(broadleafExternalAuthenticationUserDetails.getUsername());
        }
        if (StringUtils.isNotBlank(broadleafExternalAuthenticationUserDetails.getEmail())) {
            readAdminUserByUserName.setEmail(broadleafExternalAuthenticationUserDetails.getEmail());
        }
        StringBuilder sb = new StringBuilder();
        if (StringUtils.isNotBlank(broadleafExternalAuthenticationUserDetails.getFirstName())) {
            sb.append(broadleafExternalAuthenticationUserDetails.getFirstName()).append(GroupingTranslator.SPACECHAR);
        }
        if (StringUtils.isNotBlank(broadleafExternalAuthenticationUserDetails.getLastName())) {
            sb.append(broadleafExternalAuthenticationUserDetails.getLastName());
        }
        String sb2 = sb.toString();
        if (StringUtils.isNotBlank(sb2)) {
            readAdminUserByUserName.setName(sb2);
        } else {
            readAdminUserByUserName.setName(broadleafExternalAuthenticationUserDetails.getUsername());
        }
        Set<AdminRole> allRoles = readAdminUserByUserName.getAllRoles();
        if (allRoles != null) {
            allRoles.clear();
        } else {
            allRoles = new HashSet();
            readAdminUserByUserName.setAllRoles(allRoles);
        }
        if (readAllAdminRoles != null) {
            Iterator<AdminRole> it3 = readAllAdminRoles.iterator();
            while (it3.hasNext()) {
                allRoles.add(it3.next());
            }
        }
        ((AdminExternalLoginExtensionHandler) this.adminExternalLoginExtensionManager.getProxy()).performAdditionalAuthenticationTasks(readAdminUserByUserName, broadleafExternalAuthenticationUserDetails);
        return new AdminUserDetails(this.securityService.saveAdminUser(readAdminUserByUserName).getId(), broadleafExternalAuthenticationUserDetails.getUsername(), "", true, true, true, true, hashSet2);
    }

    public void setRoleNameSubstitutions(Map<String, String[]> map) {
        this.roleNameSubstitutions = map;
    }
}
