package com.appiancorp.security.auth.saml;

import com.appiancorp.core.expr.portable.string.Strings;
import com.appiancorp.security.auth.AutoSyncUserData;
import com.appiancorp.suite.cfg.SamlConfiguration;
import java.util.Optional;
import java.util.Set;
import org.opensaml.saml.saml2.core.Assertion;

/* loaded from: input_file:com/appiancorp/security/auth/saml/SamlAutoSyncUserData.class */
public class SamlAutoSyncUserData implements AutoSyncUserData {
    private boolean createUser;
    private boolean syncUserGroups;
    private boolean syncUserAttributes;
    private final String username;
    private Optional<String> firstName;
    private Optional<String> lastName;
    private Optional<String> emailAddress;
    private Optional<Set<String>> groups;
    private Optional<String> nicknameAttribute;
    private Optional<String> homePhoneAttribute;
    private Optional<String> mobilePhoneAttribute;
    private Optional<String> officePhoneAttribute;
    private Optional<String> address1Attribute;
    private Optional<String> address2Attribute;
    private Optional<String> address3Attribute;
    private Optional<String> cityAttribute;
    private Optional<String> stateAttribute;
    private Optional<String> zipCodeAttribute;
    private Optional<String> countryAttribute;
    private Optional<String> customField1Attribute;
    private Optional<String> customField2Attribute;
    private Optional<String> customField3Attribute;
    private Optional<String> customField4Attribute;
    private Optional<String> customField5Attribute;
    private Optional<String> customField6Attribute;
    private Optional<String> customField7Attribute;
    private Optional<String> customField8Attribute;
    private Optional<String> customField9Attribute;
    private Optional<String> customField10Attribute;

    public SamlAutoSyncUserData(SamlConfiguration samlConfiguration, Assertion assertion) throws AutoSyncUserData.UserDataMissingException {
        this.firstName = Optional.empty();
        this.lastName = Optional.empty();
        this.emailAddress = Optional.empty();
        this.groups = Optional.empty();
        this.nicknameAttribute = Optional.empty();
        this.homePhoneAttribute = Optional.empty();
        this.mobilePhoneAttribute = Optional.empty();
        this.officePhoneAttribute = Optional.empty();
        this.address1Attribute = Optional.empty();
        this.address2Attribute = Optional.empty();
        this.address3Attribute = Optional.empty();
        this.cityAttribute = Optional.empty();
        this.stateAttribute = Optional.empty();
        this.zipCodeAttribute = Optional.empty();
        this.countryAttribute = Optional.empty();
        this.customField1Attribute = Optional.empty();
        this.customField2Attribute = Optional.empty();
        this.customField3Attribute = Optional.empty();
        this.customField4Attribute = Optional.empty();
        this.customField5Attribute = Optional.empty();
        this.customField6Attribute = Optional.empty();
        this.customField7Attribute = Optional.empty();
        this.customField8Attribute = Optional.empty();
        this.customField9Attribute = Optional.empty();
        this.customField10Attribute = Optional.empty();
        this.username = extractUsername(samlConfiguration, assertion);
        if (samlConfiguration.isAutoCreateUsersEnabled() || samlConfiguration.isAutoSyncUsersEnabled()) {
            boolean isAutoCreateUsersEnabled = samlConfiguration.isAutoCreateUsersEnabled();
            this.createUser = isAutoCreateUsersEnabled;
            this.firstName = getAttribute(samlConfiguration.getFirstnameAttribute(), assertion, isAutoCreateUsersEnabled);
            this.lastName = getAttribute(samlConfiguration.getLastnameAttribute(), assertion, isAutoCreateUsersEnabled);
            this.emailAddress = getAttribute(samlConfiguration.getEmailAttribute(), assertion, isAutoCreateUsersEnabled);
            this.syncUserAttributes = samlConfiguration.isAutoSyncUsersEnabled();
            this.nicknameAttribute = getAttribute(samlConfiguration.getNicknameAttribute(), assertion, false);
            this.homePhoneAttribute = getAttribute(samlConfiguration.getHomePhoneAttribute(), assertion, false);
            this.mobilePhoneAttribute = getAttribute(samlConfiguration.getMobilePhoneAttribute(), assertion, false);
            this.officePhoneAttribute = getAttribute(samlConfiguration.getOfficePhoneAttribute(), assertion, false);
            this.address1Attribute = getAttribute(samlConfiguration.getAddress1Attribute(), assertion, false);
            this.address2Attribute = getAttribute(samlConfiguration.getAddress2Attribute(), assertion, false);
            this.address3Attribute = getAttribute(samlConfiguration.getAddress3Attribute(), assertion, false);
            this.cityAttribute = getAttribute(samlConfiguration.getCityAttribute(), assertion, false);
            this.stateAttribute = getAttribute(samlConfiguration.getStateAttribute(), assertion, false);
            this.zipCodeAttribute = getAttribute(samlConfiguration.getZipCodeAttribute(), assertion, false);
            this.countryAttribute = getAttribute(samlConfiguration.getCountryAttribute(), assertion, false);
            this.customField1Attribute = getAttribute(samlConfiguration.getCustomField1Attribute(), assertion, false);
            this.customField2Attribute = getAttribute(samlConfiguration.getCustomField2Attribute(), assertion, false);
            this.customField3Attribute = getAttribute(samlConfiguration.getCustomField3Attribute(), assertion, false);
            this.customField4Attribute = getAttribute(samlConfiguration.getCustomField4Attribute(), assertion, false);
            this.customField5Attribute = getAttribute(samlConfiguration.getCustomField5Attribute(), assertion, false);
            this.customField6Attribute = getAttribute(samlConfiguration.getCustomField6Attribute(), assertion, false);
            this.customField7Attribute = getAttribute(samlConfiguration.getCustomField7Attribute(), assertion, false);
            this.customField8Attribute = getAttribute(samlConfiguration.getCustomField8Attribute(), assertion, false);
            this.customField9Attribute = getAttribute(samlConfiguration.getCustomField9Attribute(), assertion, false);
            this.customField10Attribute = getAttribute(samlConfiguration.getCustomField10Attribute(), assertion, false);
        }
        if (samlConfiguration.isAutoSyncUserGroupsEnabled()) {
            this.groups = getMultiValueAttribute(samlConfiguration.getGroupNamesAttribute(), assertion, false);
            this.syncUserGroups = true;
        }
    }

    private String extractUsername(SamlConfiguration samlConfiguration, Assertion assertion) throws AutoSyncUserData.UserDataMissingException {
        String usernameFromAssertion = samlConfiguration.getUsernameFromAssertion(assertion);
        if (samlConfiguration.useUsernameAttribute() && usernameFromAssertion == null) {
            throw new AutoSyncUserData.UserDataMissingException("User data attribute named " + samlConfiguration.getUsernameAttribute() + " is missing from the received SAML assertion.");
        }
        if (usernameFromAssertion == null) {
            throw new AutoSyncUserData.UserDataMissingException("Username in the subject of received SAML assertion is missing.");
        }
        if (samlConfiguration.alsoAllowLowercaseUsername()) {
            usernameFromAssertion = usernameFromAssertion.toLowerCase();
        }
        return usernameFromAssertion;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public boolean createUser() {
        return this.createUser;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public boolean syncUserAttributes() {
        return this.syncUserAttributes;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public boolean syncUserGroups() {
        return this.syncUserGroups;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public String getUsername() {
        return this.username;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getFirstName() {
        return this.firstName;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getLastName() {
        return this.lastName;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getEmailAddress() {
        return this.emailAddress;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getNickname() {
        return this.nicknameAttribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getHomePhone() {
        return this.homePhoneAttribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getMobilePhone() {
        return this.mobilePhoneAttribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getOfficePhone() {
        return this.officePhoneAttribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getAddress1() {
        return this.address1Attribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getAddress2() {
        return this.address2Attribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getAddress3() {
        return this.address3Attribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getCity() {
        return this.cityAttribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getState() {
        return this.stateAttribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getZipCode() {
        return this.zipCodeAttribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getCountry() {
        return this.countryAttribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getCustomField1() {
        return this.customField1Attribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getCustomField2() {
        return this.customField2Attribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getCustomField3() {
        return this.customField3Attribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getCustomField4() {
        return this.customField4Attribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getCustomField5() {
        return this.customField5Attribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getCustomField6() {
        return this.customField6Attribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getCustomField7() {
        return this.customField7Attribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getCustomField8() {
        return this.customField8Attribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getCustomField9() {
        return this.customField9Attribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<String> getCustomField10() {
        return this.customField10Attribute;
    }

    @Override // com.appiancorp.security.auth.AutoSyncUserData
    public Optional<Set<String>> getGroups() {
        return this.groups;
    }

    private Optional<String> getAttribute(String str, Assertion assertion, boolean z) throws AutoSyncUserData.UserDataMissingException {
        try {
            Optional<String> empty = Optional.empty();
            if (!Strings.isNullOrEmpty(str)) {
                empty = SamlAttributeRetriever.getAttributeValue(str, assertion);
            }
            if (z) {
                empty.orElseThrow(() -> {
                    return new AutoSyncUserData.UserDataMissingException("User data attribute named " + str + " is missing from the received SAML assertion.");
                });
            }
            return empty;
        } catch (Exception e) {
            throw new AutoSyncUserData.UserDataMissingException("User data attribute named " + str + " is missing from the received SAML assertion.", e);
        }
    }

    private Optional<Set<String>> getMultiValueAttribute(String str, Assertion assertion, boolean z) throws AutoSyncUserData.UserDataMissingException {
        try {
            Optional<Set<String>> empty = Optional.empty();
            if (!Strings.isNullOrEmpty(str)) {
                empty = SamlAttributeRetriever.getAttributeValues(str, assertion);
            }
            if (z) {
                empty.orElseThrow(() -> {
                    return new AutoSyncUserData.UserDataMissingException("User data attribute named " + str + " is missing from the received SAML assertion.");
                });
            }
            return empty;
        } catch (Exception e) {
            throw new AutoSyncUserData.UserDataMissingException("User data attribute named " + str + " is missing from the received SAML assertion.", e);
        }
    }
}
