package org.rajivprab.sava.login;

import java.io.IOException;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
import org.json.JSONArray;
import org.json.JSONObject;
import org.rajivprab.cava.IOUtilc;
import org.rajivprab.cava.Validatec;
import org.rajivprab.sava.rest.RestUtil;

/* loaded from: input_file:org/rajivprab/sava/login/Okta.class */
public class Okta {
    private static final Log log = LogFactory.getLog(Okta.class);
    private final String orgUrl;
    private final String apiToken;
    private final String groupID;

    @Deprecated
    public Okta(String str, String str2, String str3) {
        this.orgUrl = str;
        this.apiToken = str2;
        this.groupID = str3;
    }

    public OktaAccount createAccountWithNoEmail(String str, String str2) {
        return createAccount(str, getFakeLogin(str), str2);
    }

    public OktaAccount createAccount(String str, String str2, String str3) {
        return createAccount(str, str2, str3, str, "The Great");
    }

    public OktaAccount createAccount(String str, String str2) {
        return createAccount(str, str2, getUsername(str), "The Great");
    }

    public OktaAccount createAccount(String str, String str2, String str3, String str4) {
        return createAccount(getUsername(str), str, str2, str3, str4);
    }

    public OktaAccount createAccount(String str, String str2, String str3, String str4, String str5) {
        return createAccountRaw(str2.startsWith(new StringBuilder().append(str).append("@").toString()) ? str2 : getFakeLogin(str), str2, str3, str4, str5);
    }

    private OktaAccount createAccountRaw(String str, String str2, String str3, String str4, String str5) {
        Validatec.notEmpty("The field cannot be left blank", LoginException.class, new String[]{str, str2, str3, str4, str5});
        HttpResponse execute = execute(new HttpPost(UriBuilder.fromPath(this.orgUrl + "/api/v1/users").queryParam("activate", new Object[]{"false"}).build(new Object[0])), new JSONObject().put("profile", new JSONObject().put("email", str2).put("login", str).put("firstName", str4).put("lastName", str5)).put("groupIds", new JSONArray().put(this.groupID)).put("credentials", new JSONObject().put(RestUtil.PASSWORD_GRANT_TYPE, new JSONObject().put("value", str3)).put("recovery_question", new JSONObject().put("question", "Fill in the blank: Barack _____ won the Presidency in 2008").put("answer", "Obama"))));
        JSONObject jsonObject = getJsonObject(execute);
        switch (execute.getStatusLine().getStatusCode()) {
            case 200:
                OktaAccount parseCreateResponse = OktaAccount.parseCreateResponse(jsonObject);
                activate(parseCreateResponse.getOktaID());
                log.info("Created user: " + parseCreateResponse);
                return parseCreateResponse;
            case 400:
                throw new LoginException(jsonObject.getJSONArray("errorCauses").getJSONObject(0).getString("errorSummary"));
            default:
                throw new IllegalStateException("Response: " + execute + ", Body: " + jsonObject);
        }
    }

    public OktaAccount verifyAccount(String str, String str2) {
        HttpResponse execute = execute(new HttpPost(this.orgUrl + "/api/v1/authn"), new JSONObject().put("username", str).put(RestUtil.PASSWORD_GRANT_TYPE, str2));
        JSONObject jsonObject = getJsonObject(execute);
        switch (execute.getStatusLine().getStatusCode()) {
            case 200:
                return OktaAccount.parseVerifyResponse(jsonObject);
            case 400:
                throw new LoginException(jsonObject.getJSONArray("errorCauses").getJSONObject(0).getString("errorSummary"));
            case 401:
                Validatec.equals(jsonObject.getString("errorCode"), "E0000004");
                throw new LoginException(jsonObject.getString("errorSummary"));
            default:
                throw new LoginException(jsonObject.toString(2));
        }
    }

    public void resetPassword(String str) {
        Validatec.equals(Integer.valueOf(execute(new HttpPost(UriBuilder.fromPath(this.orgUrl + "/api/v1/users/" + getUser(str).getOktaID() + "/credentials/forgot_password").queryParam("sendEmail", new Object[]{"true"}).build(new Object[0]))).getStatusLine().getStatusCode()), Integer.valueOf(Response.Status.OK.getStatusCode()));
    }

    OktaAccount getUser(String str) {
        HttpResponse execute = execute(new HttpGet(UriBuilder.fromPath(this.orgUrl + "/api/v1/users/" + str).build(new Object[0])));
        JSONObject jsonObject = getJsonObject(execute);
        switch (execute.getStatusLine().getStatusCode()) {
            case 200:
                return OktaAccount.parseGetUserResponse(jsonObject);
            case 404:
                Validatec.equals(jsonObject.getString("errorCode"), "E0000007");
                throw new LoginException(jsonObject.getString("errorSummary") + ". Try using your username, and not your email address.");
            default:
                throw new LoginException(jsonObject.toString(2));
        }
    }

    JSONArray listGroups() {
        HttpResponse execute = execute(new HttpGet(UriBuilder.fromPath(this.orgUrl + "/api/v1/groups").build(new Object[0])));
        Validatec.equals(Integer.valueOf(execute.getStatusLine().getStatusCode()), Integer.valueOf(Response.Status.OK.getStatusCode()));
        return new JSONArray(getResponseString(execute));
    }

    static String getFakeLogin(String str) {
        Validatec.notEmpty("The field cannot be left blank", LoginException.class, new String[]{str});
        Validatec.isTrue(!str.contains("@"), "User name cannot contain '@'", LoginException.class);
        return str + "@emailnotprovided.local";
    }

    private JSONObject activate(String str) {
        HttpResponse execute = execute(new HttpPost(UriBuilder.fromPath(this.orgUrl + "/api/v1/users/" + str + "/lifecycle/activate").queryParam("sendEmail", new Object[]{"false"}).build(new Object[0])));
        Validatec.equals(Integer.valueOf(execute.getStatusLine().getStatusCode()), Integer.valueOf(Response.Status.OK.getStatusCode()));
        return getJsonObject(execute);
    }

    private JSONObject assignToApplication(String str, String str2, String str3, String str4) {
        HttpResponse execute = execute(new HttpPost(UriBuilder.fromPath(this.orgUrl + "/api/v1/apps/" + str4 + "/users").build(new Object[0])), new JSONObject().put("id", str).put("scope", "USER").put("credentials", new JSONObject().put(RestUtil.PASSWORD_GRANT_TYPE, new JSONObject().put("value", str3)).put("userName", str2)));
        JSONObject jsonObject = getJsonObject(execute);
        Validatec.equals(Integer.valueOf(execute.getStatusLine().getStatusCode()), Integer.valueOf(Response.Status.OK.getStatusCode()), "Response: " + execute + ", Body: " + jsonObject);
        return jsonObject;
    }

    private HttpResponse execute(HttpUriRequest httpUriRequest) {
        try {
            addHeaders(httpUriRequest);
            return HttpClients.createDefault().execute(httpUriRequest);
        } catch (IOException e) {
            throw new IOUtilc.IoException(e);
        }
    }

    private HttpResponse execute(HttpPost httpPost, JSONObject jSONObject) {
        try {
            addHeaders(httpPost);
            httpPost.setEntity(new StringEntity(jSONObject.toString()));
            return HttpClients.createDefault().execute(httpPost);
        } catch (IOException e) {
            throw new IOUtilc.IoException(e);
        }
    }

    private void addHeaders(HttpUriRequest httpUriRequest) {
        httpUriRequest.addHeader("Content-Type", "application/json");
        httpUriRequest.addHeader("Accept", "application/json");
        httpUriRequest.addHeader(RestUtil.AUTHORIZATION_HEADER, "SSWS " + this.apiToken);
        log.info("Request: " + httpUriRequest);
    }

    private static JSONObject getJsonObject(HttpResponse httpResponse) {
        return new JSONObject(getResponseString(httpResponse));
    }

    private static String getResponseString(HttpResponse httpResponse) {
        try {
            String entityUtils = EntityUtils.toString(httpResponse.getEntity());
            log.info("Response: " + httpResponse);
            log.info("ResponseString: " + entityUtils);
            return entityUtils;
        } catch (IOException e) {
            throw new IOUtilc.IoException(e);
        }
    }

    private static String getUsername(String str) {
        Validatec.matches(str, ".+\\@.+\\..+", "Invalid email: " + str);
        return str.split("@")[0];
    }
}
