package com.appiancorp.suite.cfg.adminconsole.migration;

import com.appian.logging.AppianLogger;
import com.appiancorp.common.config.ApplicationContextHolder;
import com.appiancorp.common.config.FatalConfigurationException;
import com.appiancorp.ix.binding.BindingServiceManager;
import com.appiancorp.security.auth.ldap.AppianLdapUtil;
import com.appiancorp.services.ServiceContextFactory;
import com.appiancorp.suite.cfg.LdapConfiguration;
import com.appiancorp.suite.cfg.adminconsole.administeredproperty.AdministeredProperty;
import com.appiancorp.suiteapi.common.ServiceLocator;
import com.appiancorp.suiteapi.common.exceptions.ErrorCode;
import com.appiancorp.suiteapi.encryption.EncryptionService;
import com.google.common.base.Strings;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:com/appiancorp/suite/cfg/adminconsole/migration/LdapMigration.class */
public class LdapMigration implements Runnable {
    private static final AppianLogger LOG = AppianLogger.getLogger(LdapMigration.class);
    private LdapConfiguration.LdapCustomPropertiesConfiguration ldapCustomConfiguration;
    public static final String SEARCH_BASE_PROPERTY_KEY = "searchBase";

    public LdapMigration(LdapConfiguration.LdapCustomPropertiesConfiguration ldapCustomPropertiesConfiguration) {
        this.ldapCustomConfiguration = ldapCustomPropertiesConfiguration;
    }

    @Override // java.lang.Runnable
    public void run() {
        LdapConfiguration ldapConfiguration = (LdapConfiguration) ApplicationContextHolder.getBean(LdapConfiguration.class);
        List<AdministeredProperty<?>> allSupportedProperties = ldapConfiguration.getAllSupportedProperties();
        LOG.info("Beginning LDAP property migration.");
        if (Boolean.FALSE.equals(Boolean.valueOf(this.ldapCustomConfiguration.getBoolean(LdapConfiguration.ENABLED.getName(), false)))) {
            LOG.info("conf.ldap.enabled was not found or set to false, LDAP migration will be marked as having run, but no properties will be migrated.");
            return;
        }
        String string = this.ldapCustomConfiguration.getString(LdapConfiguration.GROUP_UUID.getName(), null);
        if (!Strings.isNullOrEmpty(string)) {
            checkIfLdapGroupExists(string);
        }
        validateBaseDNSpecifiedOnlyOnce();
        validateBindAsUser();
        for (AdministeredProperty<?> administeredProperty : allSupportedProperties) {
            Object propertyValue = this.ldapCustomConfiguration.getPropertyValue(administeredProperty.getKey());
            if (propertyValue != null) {
                if (LdapConfiguration.BIND_PASSWORD.getName().equals(administeredProperty.getKey())) {
                    ldapConfiguration.getAdministeredConfiguration().setValueFromStringAsAdministrator(LdapConfiguration.BIND_PASSWORD, ((EncryptionService) ApplicationContextHolder.getBean(EncryptionService.class)).encrypt(propertyValue.toString()).getValue().toString());
                } else if (LdapConfiguration.SERVER_URL.getName().equals(administeredProperty.getKey())) {
                    migrateServerUrl(ldapConfiguration, propertyValue);
                } else {
                    administeredProperty.setValueFromStringAsAdministrator(toStringFromProperty(propertyValue));
                }
                LOG.info("Successfully migrated value of property conf.ldap." + administeredProperty + " to the Appian Administration Console. The property can be safely deleted from custom.properties now.");
            }
        }
        migrateSearchBaseToBaseDn(ldapConfiguration);
    }

    private void migrateSearchBaseToBaseDn(LdapConfiguration ldapConfiguration) {
        String stringFromProperty = toStringFromProperty(this.ldapCustomConfiguration.getPropertyValue(SEARCH_BASE_PROPERTY_KEY));
        if (StringUtils.isNotEmpty(stringFromProperty)) {
            String str = (String) ldapConfiguration.getAdministeredConfiguration().getValue(LdapConfiguration.BASE_DN);
            ldapConfiguration.getAdministeredConfiguration().setValueFromStringAsAdministrator(LdapConfiguration.BASE_DN, StringUtils.isEmpty(str) ? stringFromProperty : str + "," + stringFromProperty);
        }
    }

    private void migrateServerUrl(LdapConfiguration ldapConfiguration, Object obj) {
        String[] split = toStringFromProperty(obj).split(" ");
        if (split.length > 1) {
            LOG.warn("Multiple LDAP Server URLs detected, only the first will be migrated: " + split[0]);
        }
        String str = split[0];
        try {
            String parseBaseDnFromServerUrl = AppianLdapUtil.parseBaseDnFromServerUrl(str);
            ldapConfiguration.getAdministeredConfiguration().setValueFromStringAsAdministrator(LdapConfiguration.SERVER_URL, str.replace(parseBaseDnFromServerUrl, ""));
            if (StringUtils.isNotEmpty(parseBaseDnFromServerUrl)) {
                ldapConfiguration.getAdministeredConfiguration().setValueFromStringAsAdministrator(LdapConfiguration.BASE_DN, parseBaseDnFromServerUrl);
            }
        } catch (Exception e) {
            throw new FatalConfigurationException(ErrorCode.MIGRATION_FAILED_LDAP, new Object[]{"Server URL or Base DN values in custom.properties are not valid. This is not valid for configuration. No Server URLs or Base DN will be migrated from custom.properties."});
        }
    }

    private void validateBindAsUser() {
        if (Objects.isNull(this.ldapCustomConfiguration.getPropertyValue(LdapConfiguration.BIND_AS_USER.getName()))) {
            throw new FatalConfigurationException(ErrorCode.MIGRATION_FAILED_LDAP_MISSING_REQUIRED_PROPERTY, new Object[]{LdapConfiguration.BIND_AS_USER.getName()});
        }
    }

    private String toStringFromProperty(Object obj) {
        if (obj == null) {
            return "";
        }
        String obj2 = obj.toString();
        if (obj instanceof List) {
            obj2 = (String) ((List) obj).stream().map(str -> {
                return str.replace(",", "\\,");
            }).collect(Collectors.joining(","));
        }
        return obj2;
    }

    private void validateBaseDNSpecifiedOnlyOnce() {
        String stringFromProperty = toStringFromProperty(this.ldapCustomConfiguration.getPropertyValue(LdapConfiguration.BASE_DN.getName()));
        String stringFromProperty2 = toStringFromProperty(this.ldapCustomConfiguration.getPropertyValue(LdapConfiguration.SERVER_URL.getName()));
        if (StringUtils.isEmpty(stringFromProperty2)) {
            throw new FatalConfigurationException(ErrorCode.MIGRATION_FAILED_LDAP_MISSING_REQUIRED_PROPERTY, new Object[]{LdapConfiguration.SERVER_URL.getName()});
        }
        try {
            String parseBaseDnFromServerUrl = AppianLdapUtil.parseBaseDnFromServerUrl(stringFromProperty2.split(" ")[0]);
            if (StringUtils.isNotEmpty(stringFromProperty) && StringUtils.isNotEmpty(parseBaseDnFromServerUrl)) {
                throw new FatalConfigurationException(ErrorCode.MIGRATION_FAILED_LDAP_DUPLICATE_BASEDN, new Object[0]);
            }
        } catch (Exception e) {
            throw new FatalConfigurationException(ErrorCode.MIGRATION_FAILED_LDAP, new Object[]{"Server URL or Base DN values in custom.properties are not valid. This is not valid for configuration. No Server URLs or Base DN will be migrated from custom.properties."});
        }
    }

    private void checkIfLdapGroupExists(String str) {
        Object[] objArr = (Object[]) new BindingServiceManager(ServiceLocator.getServiceManager(), ServiceContextFactory.getAdministratorServiceContext()).getBindingService("group").find(Collections.singletonMap("group", new Object[]{str})).get("group");
        if (objArr == null || objArr.length == 0 || objArr[0] == null) {
            throw new FatalConfigurationException(ErrorCode.MIGRATION_FAILED_LDAP, new Object[]{str});
        }
    }
}
