package com.resolution.atlasplugins.samlsso.jira;

import com.atlassian.application.api.ApplicationKey;
import com.atlassian.crowd.embedded.api.CrowdDirectoryService;
import com.atlassian.crowd.embedded.api.CrowdService;
import com.atlassian.event.api.EventPublisher;
import com.atlassian.jira.application.ApplicationKeys;
import com.atlassian.jira.bc.license.JiraLicenseService;
import com.atlassian.jira.license.LicenseDetails;
import com.atlassian.jira.security.groups.GroupManager;
import com.atlassian.jira.user.ApplicationUser;
import com.atlassian.jira.user.util.UserManager;
import com.atlassian.jira.user.util.UserUtil;
import com.atlassian.sal.api.ApplicationProperties;
import com.resolution.atlasplugins.samlsso.AbstractSamlSsoService;
import com.resolution.atlasplugins.samlsso.AuthenticatorHook;
import com.resolution.atlasplugins.samlsso.Defaults;
import com.resolution.atlasplugins.samlsso.SamlSsoService;
import com.resolution.atlasplugins.samlsso.UserPreparationException;
import com.resolution.atlasplugins.samlsso.cluster.ClusterNotificator;
import com.resolution.atlasplugins.samlsso.configuration.PluginConfiguration;
import com.resolution.atlasplugins.samlsso.jira.compatibility.UserModificator;
import com.resolution.atlasplugins.samlsso.jira.compatibility.UserModificatorException;
import com.resolution.samlprocessor.SAMLResponseContent;
import java.util.Iterator;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/resolution/atlasplugins/samlsso/jira/JIRASamlSsoService.class */
public class JIRASamlSsoService extends AbstractSamlSsoService implements SamlSsoService {
    private static final Logger logger = LoggerFactory.getLogger(JIRASamlSsoService.class);
    private boolean serviceDesk;
    private final boolean jira7;
    private UserManager userManager;
    private final UserModificator userModificator;
    private final CrowdService crowdService;

    public JIRASamlSsoService(PluginConfiguration pluginConfiguration, ApplicationProperties applicationProperties, EventPublisher eventPublisher, CrowdService crowdService, CrowdDirectoryService crowdDirectoryService, AuthenticatorHook authenticatorHook, ClusterNotificator clusterNotificator, JiraLicenseService jiraLicenseService, UserManager userManager, UserUtil userUtil, GroupManager groupManager, UserModificator userModificator) {
        super(pluginConfiguration, applicationProperties, eventPublisher, crowdService, crowdDirectoryService, authenticatorHook, clusterNotificator);
        this.serviceDesk = false;
        this.crowdService = crowdService;
        String version = applicationProperties.getVersion();
        logger.debug("JIRA Version is {}", version);
        this.jira7 = version.startsWith("7");
        this.userManager = userManager;
        this.userModificator = userModificator;
        try {
            Iterator it = jiraLicenseService.getLicenses().iterator();
            while (it.hasNext()) {
                for (ApplicationKey applicationKey : ((LicenseDetails) it.next()).getLicensedApplications().getKeys()) {
                    logger.debug("Application key {}", applicationKey);
                    if (applicationKey.equals(ApplicationKeys.SERVICE_DESK)) {
                        this.serviceDesk = true;
                        logger.debug("This is a JIRA Service Desk application");
                    }
                }
            }
        } catch (Throwable th) {
            logger.info("{} occured with message {}. This usually happens in JIRA 6 and can be ignored.", th.getClass().getName(), th.getMessage());
        }
    }

    @Override // com.resolution.atlasplugins.samlsso.AbstractSamlSsoService, com.resolution.atlasplugins.samlsso.SamlSsoService
    public String getLoginPageUrl() {
        return getRelativeBaseUrl() + "/login.jsp?nosso";
    }

    @Override // com.resolution.atlasplugins.samlsso.SamlSsoService
    public String getAbsoluteLoginPageUrl() {
        return getAbsoluteBaseUrl() + "/login.jsp?nosso";
    }

    @Override // com.resolution.atlasplugins.samlsso.AbstractSamlSsoService, com.resolution.atlasplugins.samlsso.SamlSsoService
    public boolean isJira7() {
        return this.jira7;
    }

    @Override // com.resolution.atlasplugins.samlsso.AbstractSamlSsoService, com.resolution.atlasplugins.samlsso.SamlSsoService
    public boolean isJiraServiceDesk() {
        return this.serviceDesk;
    }

    @Override // com.resolution.atlasplugins.samlsso.AbstractSamlSsoService, com.resolution.atlasplugins.samlsso.SamlSsoService
    public String getRedirectUrlForLogin(HttpServletRequest httpServletRequest) {
        return super.getRedirectUrlForLogin(httpServletRequest, "/login.jsp");
    }

    @Override // com.resolution.atlasplugins.samlsso.AbstractSamlSsoService, com.resolution.atlasplugins.samlsso.SamlSsoService
    public String getRedirectUrlForLogout(HttpServletRequest httpServletRequest) {
        if (httpServletRequest.getServletPath().contains("/secure/Logout!default.jspa")) {
            return getRelativeBaseUrl() + Defaults.SSO_LOGOUT_URL;
        }
        return null;
    }

    @Override // com.resolution.atlasplugins.samlsso.AbstractSamlSsoService, com.resolution.atlasplugins.samlsso.SamlSsoService
    public boolean prepareUser(SAMLResponseContent sAMLResponseContent, boolean z, boolean z2) throws UserPreparationException {
        boolean z3;
        if (!sAMLResponseContent.isUpdateUser()) {
            logger.debug("User update is not enabled");
            return false;
        }
        boolean z4 = false;
        boolean isUpdateExisting = sAMLResponseContent.isUpdateExisting();
        String userid = sAMLResponseContent.getUserid();
        ApplicationUser userByName = this.userManager.getUserByName(userid);
        if (userByName == null) {
            logger.info("Creating user {}", userid);
            try {
                userByName = this.userModificator.createUser(userid, sAMLResponseContent.getFullName(), sAMLResponseContent.getEmailAddress());
                z4 = true;
                z3 = true;
            } catch (UserModificatorException e) {
                throw new UserPreparationException(e);
            }
        } else {
            z3 = this.crowdService.getUserWithAttributes(userid).getValue(UserModificator.SAMLSSOATTRIBUTEKEY) != null;
        }
        if (z3 || isUpdateExisting) {
            if (!userByName.isActive()) {
                logger.info("Activating user {}", userid);
                try {
                    z4 = this.userModificator.enableUser(userByName);
                } catch (UserModificatorException e2) {
                    throw new UserPreparationException(e2);
                }
            }
            try {
                z4 = z4 || this.userModificator.updateUser(userByName, sAMLResponseContent.getFullName(), sAMLResponseContent.getEmailAddress());
                if (z) {
                    try {
                        z4 = z4 || this.userModificator.updateUserGroups(userByName, z2 ? sAMLResponseContent.getSdCustomerGroups() : sAMLResponseContent.getGroups(), sAMLResponseContent.isRemoveFromGroups() && z3);
                    } catch (UserModificatorException e3) {
                        throw new UserPreparationException(e3);
                    }
                } else {
                    logger.debug("updateGroups is false, not updating user groups");
                }
            } catch (UserModificatorException e4) {
                throw new UserPreparationException(e4);
            }
        } else {
            logger.debug("User {} has not been created by us and updating existing users is disabled, leaving untouched", userid);
        }
        return z4;
    }
}
