package net.bluemind.cli.auth.provider;

import java.io.FileReader;
import java.nio.file.Path;
import java.util.Optional;
import java.util.Properties;
import net.bluemind.cli.cmd.api.CliContext;
import net.bluemind.cli.cmd.api.CliException;
import net.bluemind.cli.cmd.api.ICmdLet;
import net.bluemind.cli.cmd.api.ICmdLetRegistration;
import net.bluemind.cli.utils.CliUtils;
import net.bluemind.core.container.model.ItemValue;
import net.bluemind.domain.api.Domain;
import net.bluemind.domain.api.IDomains;
import net.bluemind.system.api.ExternalSystem;
import net.bluemind.system.api.IExternalSystem;
import picocli.CommandLine;

@CommandLine.Command(name = "openid-register-provider", description = {"Register an OpenID provider system"})
/* loaded from: input_file:net/bluemind/cli/auth/provider/RegisterExternalSystemCommand.class */
public class RegisterExternalSystemCommand implements ICmdLet, Runnable {
    private CliContext ctx;
    private CliUtils cliUtils;

    @CommandLine.Option(required = true, names = {"--domain"}, description = {"Domain"})
    public String domain;

    @CommandLine.ArgGroup(exclusive = true, multiplicity = "1")
    private Scope scope;

    /* loaded from: input_file:net/bluemind/cli/auth/provider/RegisterExternalSystemCommand$ProviderParameters.class */
    private class ProviderParameters {
        public final String identifier;
        public final String authEndpoint;
        public final String tokenEndpoint;
        public final String clientId;
        public final String clientSecret;

        public ProviderParameters(String str, String str2, String str3, String str4, String str5) {
            this.identifier = str;
            this.authEndpoint = str2;
            this.tokenEndpoint = str3;
            this.clientId = str4;
            this.clientSecret = str5;
        }
    }

    /* loaded from: input_file:net/bluemind/cli/auth/provider/RegisterExternalSystemCommand$Reg.class */
    public static class Reg implements ICmdLetRegistration {
        public Optional<String> group() {
            return Optional.of("auth-provider");
        }

        public Class<? extends ICmdLet> commandClass() {
            return RegisterExternalSystemCommand.class;
        }
    }

    /* loaded from: input_file:net/bluemind/cli/auth/provider/RegisterExternalSystemCommand$Scope.class */
    private static class Scope {

        @CommandLine.ArgGroup(exclusive = false)
        ScopeCmd cmd;

        @CommandLine.ArgGroup(exclusive = false)
        ScopeFile file;

        private Scope() {
        }
    }

    /* loaded from: input_file:net/bluemind/cli/auth/provider/RegisterExternalSystemCommand$ScopeCmd.class */
    private static class ScopeCmd {

        @CommandLine.Option(required = true, names = {"--identifier"}, description = {"External system identifier"})
        public String identifier;

        @CommandLine.Option(required = true, names = {"--auth-endpoint"}, description = {"Open ID Connect auth endpoint"})
        public String authEndpoint;

        @CommandLine.Option(required = true, names = {"--token-endpoint"}, description = {"Open ID Connect token endpoint"})
        public String tokenEndpoint;

        @CommandLine.Option(required = true, names = {"--client-id"}, description = {"Application client ID"})
        public String clientId;

        @CommandLine.Option(required = true, names = {"--client-secret"}, description = {"Application client secret"})
        public String clientSecret;

        private ScopeCmd() {
        }
    }

    /* loaded from: input_file:net/bluemind/cli/auth/provider/RegisterExternalSystemCommand$ScopeFile.class */
    private static class ScopeFile {

        @CommandLine.Option(required = true, names = {"--file"}, description = {"Import from file (ignores all other parameters)"})
        public Path config;

        private ScopeFile() {
        }
    }

    @Override // java.lang.Runnable
    public void run() {
        ItemValue itemValue = (ItemValue) this.cliUtils.getDomain(this.domain).orElseThrow(() -> {
            return new CliException(String.format("Domain '%s' not found", this.domain));
        });
        ProviderParameters providerParameters = (ProviderParameters) Optional.ofNullable(this.scope.cmd).map(scopeCmd -> {
            return new ProviderParameters(scopeCmd.identifier, scopeCmd.authEndpoint, scopeCmd.tokenEndpoint, scopeCmd.clientId, scopeCmd.clientSecret);
        }).orElseGet(this::providerParametersFromFile);
        ExternalSystem externalSystem = ((IExternalSystem) this.ctx.adminApi().instance(IExternalSystem.class, new String[0])).getExternalSystem(providerParameters.identifier);
        if (externalSystem == null) {
            throw new CliException("External system " + providerParameters.identifier + " does not exist");
        }
        if (!externalSystem.authKind.name().startsWith("OPEN_ID")) {
            throw new CliException("External system " + providerParameters.identifier + " does not support OpenID");
        }
        String str = providerParameters.identifier + "_endpoint";
        String str2 = providerParameters.identifier + "_appid";
        String str3 = providerParameters.identifier + "_secret";
        String str4 = providerParameters.identifier + "_tokenendpoint";
        ((Domain) itemValue.value).properties.put(str, providerParameters.authEndpoint);
        ((Domain) itemValue.value).properties.put(str2, providerParameters.clientId);
        ((Domain) itemValue.value).properties.put(str3, providerParameters.clientSecret);
        ((Domain) itemValue.value).properties.put(str4, providerParameters.tokenEndpoint);
        ((IDomains) this.ctx.adminApi().instance(IDomains.class, new String[0])).update(itemValue.uid, (Domain) itemValue.value);
        this.ctx.info("Configuration saved for system {} on domain {}", new Object[]{providerParameters.identifier, this.domain});
    }

    private ProviderParameters providerParametersFromFile() {
        this.ctx.info("Importing config from file {}", new Object[]{this.scope.file.config});
        try {
            Properties properties = new Properties();
            properties.load(new FileReader(this.scope.file.config.toFile()));
            ProviderParameters providerParameters = new ProviderParameters(properties.getProperty("identifier"), properties.getProperty("auth-endpoint"), properties.getProperty("token-endpoint"), properties.getProperty("client-id"), properties.getProperty("client-secret"));
            this.ctx.info("Domain: {}", new Object[]{this.domain});
            this.ctx.info("Identifier: {}", new Object[]{providerParameters.identifier});
            this.ctx.info("Auth endpoint: {}", new Object[]{providerParameters.authEndpoint});
            this.ctx.info("Token endpoint: {}", new Object[]{providerParameters.tokenEndpoint});
            this.ctx.info("Client Id: {}", new Object[]{providerParameters.clientId});
            this.ctx.info("Client secret: {}", new Object[]{providerParameters.clientSecret});
            return providerParameters;
        } catch (Exception e) {
            throw new CliException(e);
        }
    }

    public Runnable forContext(CliContext cliContext) {
        this.ctx = cliContext;
        this.cliUtils = new CliUtils(cliContext);
        return this;
    }
}
