package com.parablu.bluvault.udc.controller;

import com.parablu.bluvault.ah.service.AuditHistoryService;
import com.parablu.bluvault.udc.service.AADManagementService;
import com.parablu.bluvault.udc.service.UserManagementService;
import com.parablu.cloud.security.service.LicenseService;
import com.parablu.cloud.security.to.CloudLicenseTo;
import com.parablu.helper.exceptions.UserLimitReachedException;
import com.parablu.mail.service.CloudMailService;
import com.parablu.paracloud.constant.PCActionTypes;
import com.parablu.paracloud.constant.PCHelperConstant;
import com.parablu.paracloud.element.AADAuthorizationTokenElement;
import com.parablu.paracloud.element.AADCredentialsElement;
import com.parablu.paracloud.element.AADUserElement;
import com.parablu.paracloud.element.AADUserNamesList;
import com.parablu.paracloud.element.AADUsersListElement;
import com.parablu.paracloud.element.EmailProps;
import com.parablu.paracloud.element.EmailRecipent;
import com.parablu.paracloud.util.DateUtil;
import com.parablu.pcbd.dao.PortalPropertiesDao;
import com.parablu.pcbd.domain.Cloud;
import com.parablu.pcbd.domain.CloudCustomisableDetails;
import com.parablu.pcbd.domain.MigrationStatus;
import com.parablu.pcbd.domain.User;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.util.CollectionUtils;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;

@Controller
/* loaded from: input_file:com/parablu/bluvault/udc/controller/AADManagementController.class */
public class AADManagementController extends BaseController {
    private static Logger logger = LogManager.getLogger(AADManagementController.class);
    private static final String EXCEPTION = " Exception  :";
    private static final String MIGRATION = "MIGRATION";

    @Autowired
    private AADManagementService aadManagementService;

    @Autowired
    private UserManagementService userManagementService;

    @Autowired
    private CloudMailService cloudMailService;

    @Autowired
    private LicenseService licenseService;

    @Autowired
    private AuditHistoryService auditHistoryService;

    @Resource
    private PortalPropertiesDao portalPropertiesDao;

    @RequestMapping(value = {"versions/{versionNumber}/clouds/{cloudName}/load/all/"}, method = {RequestMethod.GET})
    public ModelAndView loadAllAADCredentials(@PathVariable("cloudName") String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        logger.debug("versions/{versionNumber}/clouds/{cloudName}/load/all/");
        try {
            CloudLicenseTo validateLicense = this.licenseService.validateLicense(str);
            if (!checkLicense(validateLicense, httpServletResponse)) {
                return null;
            }
            ModelAndView modelAndView = new ModelAndView();
            String cloudName = validateLicense.getCloud().getCloudName();
            int cloudId = validateLicense.getCloud().getCloudId();
            String header = httpServletRequest.getHeader("token");
            if (StringUtils.isEmpty(httpServletRequest.getHeader("isInternalCall")) && !performAuthorization(cloudId, cloudName, header, new User(), httpServletResponse)) {
                return null;
            }
            if (!isAADEnabled(validateLicense.getCloud().getCloudCustomisableDetails())) {
                httpServletResponse.setStatus(443);
                return null;
            }
            List<AADCredentialsElement> allAADCredentials = this.aadManagementService.getAllAADCredentials(cloudId);
            if (CollectionUtils.isEmpty(allAADCredentials)) {
                httpServletResponse.setStatus(204);
                return null;
            }
            logger.debug(".........................." + allAADCredentials.size());
            modelAndView.addObject(allAADCredentials);
            return modelAndView;
        } catch (Exception e) {
            logger.trace(EXCEPTION + e);
            logger.error(EXCEPTION + e.getMessage());
            httpServletResponse.setStatus(500);
            return null;
        }
    }

    @RequestMapping(value = {"versions/{versionNumber}/clouds/{cloudName}/aadUser/{userName}/"}, method = {RequestMethod.GET})
    public ModelAndView checkAADUserCredentials(@PathVariable("cloudName") String str, @PathVariable("userName") String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        logger.debug("calling versions/{versionNumber}/clouds/{cloudName}/aadUser/{userName}/");
        try {
            CloudLicenseTo validateLicense = this.licenseService.validateLicense(str);
            if (!checkLicense(validateLicense, httpServletResponse)) {
                return null;
            }
            ModelAndView modelAndView = new ModelAndView();
            String cloudName = validateLicense.getCloud().getCloudName();
            int cloudId = validateLicense.getCloud().getCloudId();
            String header = httpServletRequest.getHeader("token");
            if (StringUtils.isEmpty(httpServletRequest.getHeader("isInternalCall")) && !performAuthorization(cloudId, cloudName, header, new User(), httpServletResponse)) {
                return null;
            }
            if (!isAADEnabled(validateLicense.getCloud().getCloudCustomisableDetails())) {
                httpServletResponse.setStatus(443);
                return null;
            }
            String tenantIdForGraphAADUsersFromUserNames = validateLicense.getCloud().getGraphAADEnabled() == 1 ? this.aadManagementService.getTenantIdForGraphAADUsersFromUserNames(validateLicense.getCloud(), str2) : "";
            logger.debug(str2 + ".......user in..................." + tenantIdForGraphAADUsersFromUserNames);
            httpServletResponse.addHeader("tenantId", tenantIdForGraphAADUsersFromUserNames);
            httpServletResponse.setStatus(200);
            return modelAndView;
        } catch (Exception e) {
            logger.trace(EXCEPTION + e);
            logger.error(EXCEPTION + e.getMessage());
            httpServletResponse.setStatus(500);
            return null;
        }
    }

    @RequestMapping(value = {"versions/{versionNumber}/clouds/{cloudName}/AADCredentials/"}, method = {RequestMethod.GET})
    public ModelAndView getAADCredentials(@PathVariable("cloudName") String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        logger.debug("versions/{versionNumber}/clouds/{cloudName}/AADCredentials/ ...." + httpServletRequest.getHeader("aadCredId"));
        try {
            CloudLicenseTo validateLicense = this.licenseService.validateLicense(str);
            if (!checkLicense(validateLicense, httpServletResponse)) {
                return null;
            }
            String header = httpServletRequest.getHeader("aadCredId");
            ModelAndView modelAndView = new ModelAndView();
            String cloudName = validateLicense.getCloud().getCloudName();
            int cloudId = validateLicense.getCloud().getCloudId();
            String header2 = httpServletRequest.getHeader("token");
            if (StringUtils.isEmpty(httpServletRequest.getHeader("isInternalCall")) && !performAuthorization(cloudId, cloudName, header2, new User(), httpServletResponse)) {
                return null;
            }
            if (!isAADEnabled(validateLicense.getCloud().getCloudCustomisableDetails())) {
                httpServletResponse.setStatus(443);
                return null;
            }
            AADCredentialsElement aADCredentials = this.aadManagementService.getAADCredentials(cloudId, header);
            if (aADCredentials == null) {
                httpServletResponse.setStatus(404);
                return null;
            }
            logger.debug("............end of loading versions/{versionNumber}/clouds/{cloudName}/AADCredentials/ .................." + aADCredentials.getId());
            modelAndView.addObject(aADCredentials);
            return modelAndView;
        } catch (Exception e) {
            logger.trace(EXCEPTION + e);
            logger.error(EXCEPTION + e.getMessage());
            httpServletResponse.setStatus(500);
            return null;
        }
    }

    @RequestMapping(value = {"versions/{versionNumber}/clouds/{cloudName}/AADCredentials/"}, method = {RequestMethod.POST})
    public void saveAADCredentials(@PathVariable("cloudName") String str, @RequestBody AADCredentialsElement aADCredentialsElement, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        logger.debug("versions/{versionNumber}/clouds/{cloudName}/AADCredentials/ ....");
        try {
            CloudLicenseTo validateLicense = this.licenseService.validateLicense(str);
            if (checkLicense(validateLicense, httpServletResponse)) {
                String cloudName = validateLicense.getCloud().getCloudName();
                int cloudId = validateLicense.getCloud().getCloudId();
                if (performAuthorization(cloudId, cloudName, httpServletRequest.getHeader("token"), new User(), httpServletResponse)) {
                    if (isAADEnabled(validateLicense.getCloud().getCloudCustomisableDetails())) {
                        this.aadManagementService.saveAADCredentials(cloudId, aADCredentialsElement);
                    } else {
                        httpServletResponse.setStatus(443);
                    }
                }
            }
        } catch (Exception e) {
            logger.trace(EXCEPTION + e);
            logger.error(EXCEPTION + e.getMessage());
            httpServletResponse.setStatus(500);
        }
    }

    @RequestMapping(value = {"versions/{versionNumber}/clouds/{cloudName}/synAADUsers/"}, method = {RequestMethod.POST})
    public void syncAADUsers(@PathVariable("cloudName") String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        logger.debug("versions/{versionNumber}/clouds/{cloudName}/synAADUsers/ ....");
        try {
            CloudLicenseTo validateLicense = this.licenseService.validateLicense(str);
            if (checkLicense(validateLicense, httpServletResponse)) {
                validateLicense.getCloud().getCloudName();
                this.aadManagementService.synUserAttributes(validateLicense.getCloud());
            }
        } catch (Exception e) {
            logger.trace(EXCEPTION + e);
            logger.error(EXCEPTION + e.getMessage());
            httpServletResponse.setStatus(500);
        }
    }

    @RequestMapping(value = {"versions/{versionNumber}/clouds/{cloudName}/aadauthorizationtoken"}, method = {RequestMethod.POST})
    public void saveAADAuthorizationtoken(@PathVariable("cloudName") String str, @RequestBody AADAuthorizationTokenElement aADAuthorizationTokenElement, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        logger.debug("versions/{versionNumber}/clouds/{cloudName}/aadauthorizationtoken ....");
        try {
            CloudLicenseTo validateLicense = this.licenseService.validateLicense(str);
            if (checkLicense(validateLicense, httpServletResponse)) {
                validateLicense.getCloud().getCloudName();
                int cloudId = validateLicense.getCloud().getCloudId();
                if (!isAADEnabled(validateLicense.getCloud().getCloudCustomisableDetails())) {
                    httpServletResponse.setStatus(443);
                } else {
                    logger.debug("AADAuthorizationTokenElement ............" + aADAuthorizationTokenElement.toString());
                    this.aadManagementService.saveAADAuthorizationtoken(cloudId, aADAuthorizationTokenElement);
                }
            }
        } catch (Exception e) {
            logger.trace(EXCEPTION + e);
            logger.error(EXCEPTION + e.getMessage());
            httpServletResponse.setStatus(500);
        }
    }

    @RequestMapping(value = {"versions/{versionNumber}/clouds/{cloudName}/aad/users"}, method = {RequestMethod.POST})
    public ModelAndView ldapconnectivityUser(@PathVariable("cloudName") String str, @RequestBody AADUserNamesList aADUserNamesList, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        CloudLicenseTo validateLicense;
        ModelAndView modelAndView = new ModelAndView();
        modelAndView.setViewName("jsonview");
        try {
            validateLicense = this.licenseService.validateLicense(str);
        } catch (Exception e) {
            logger.trace("error trying to load elements  ..........." + e);
            httpServletResponse.setStatus(400);
            logger.error(EXCEPTION + e.getMessage());
        }
        if (!checkLicense(validateLicense, httpServletResponse)) {
            return null;
        }
        if (!isAADEnabled(validateLicense.getCloud().getCloudCustomisableDetails())) {
            httpServletResponse.setStatus(443);
            return null;
        }
        int cloudId = validateLicense.getCloud().getCloudId();
        new ArrayList();
        List<AADUserElement> graphAADUsersFromUserNames = validateLicense.getCloud().getGraphAADEnabled() == 1 ? this.aadManagementService.getGraphAADUsersFromUserNames(validateLicense.getCloud(), aADUserNamesList) : this.aadManagementService.getAADUsersFromUserNames(cloudId, aADUserNamesList);
        if (CollectionUtils.isEmpty(graphAADUsersFromUserNames)) {
            httpServletResponse.setStatus(204);
            return null;
        }
        httpServletResponse.setStatus(200);
        modelAndView.addObject(graphAADUsersFromUserNames);
        return modelAndView;
    }

    @RequestMapping(value = {"versions/{versionNumber}/clouds/{cloudName}/aad/users/migrate"}, method = {RequestMethod.POST})
    public ModelAndView ldapconnectivityUser(@PathVariable("cloudName") String str, @RequestBody AADUsersListElement aADUsersListElement, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        logger.debug(httpServletRequest.getHeader("o365BackupEnabled") + " Inside migrate users ........ sync enabled>>" + httpServletRequest.getHeader("syncEnabled"));
        int size = aADUsersListElement.getAadUsersList().size();
        int i = 0;
        logger.debug(" Inside migrate users ........ backup enabled>>" + httpServletRequest.getHeader("backupEnabled"));
        ModelAndView modelAndView = new ModelAndView();
        modelAndView.setViewName("jsonview");
        try {
            CloudLicenseTo validateLicense = this.licenseService.validateLicense(str);
            String cloudName = validateLicense.getCloud().getCloudName();
            validateLicense.getCloud().getCloudId();
            String header = httpServletRequest.getHeader("adminName");
            boolean parseBoolean = Boolean.parseBoolean(httpServletRequest.getHeader("syncEnabled"));
            boolean parseBoolean2 = Boolean.parseBoolean(httpServletRequest.getHeader("backupEnabled"));
            boolean parseBoolean3 = Boolean.parseBoolean(httpServletRequest.getHeader("o365BackupEnabled"));
            ArrayList arrayList = new ArrayList();
            for (AADUserElement aADUserElement : aADUsersListElement.getAadUsersList()) {
                try {
                    logger.debug(".... odb policy name... " + aADUserElement.getUserName() + "..getDefaultO365Policy.." + aADUserElement.getDefaultOdbPolicy());
                    boolean z = false;
                    try {
                        z = migrateUserFromAAD(validateLicense.getCloud(), aADUserElement, parseBoolean, parseBoolean2, parseBoolean3, header);
                    } catch (UserLimitReachedException e) {
                        logger.error("...user limit reached during migration... ");
                        sendEmailForUserLimitExceded(validateLicense.getCloud().getCloudId(), cloudName, aADUserElement.getUserName(), "User");
                    }
                    if (z) {
                        i++;
                    }
                } catch (Exception e2) {
                    logger.error(" USERS CANNOT BE MIGRATED ................." + e2);
                    logger.debug("USERS CANNOT BE MIGRATED ................." + e2.getMessage());
                }
                arrayList.add(aADUserElement.getUserName());
            }
            if (i == 0) {
                httpServletResponse.setStatus(417);
            } else if (i != size) {
                modelAndView.addObject("totalUsersMigrated", Integer.valueOf(i));
                modelAndView.addObject("totalUsersCount", Integer.valueOf(size));
                httpServletResponse.setStatus(206);
            } else {
                httpServletResponse.setStatus(200);
            }
        } catch (Exception e3) {
            logger.trace("error trying to load elements  ..........." + e3);
            logger.error(EXCEPTION + e3.getMessage());
            httpServletResponse.setStatus(500);
        }
        logger.debug("End of Inside migrate users ........ ");
        return modelAndView;
    }

    private void sendEmailForUserLimitExceded(int i, String str, String str2, String str3) {
        EmailProps emailProps = new EmailProps();
        ArrayList arrayList = new ArrayList();
        emailProps.setAction("user-limit-reached");
        new EmailRecipent();
        try {
            for (User user : this.userManagementService.getAllAdmins(i, str)) {
                EmailRecipent emailRecipent = new EmailRecipent();
                emailRecipent.setUserName(user.getUserName());
                emailRecipent.setEmail(user.getEmailId());
                arrayList.add(emailRecipent);
            }
        } catch (Exception e) {
            logger.trace(EXCEPTION + e);
            logger.error(EXCEPTION + e.getMessage());
        }
        logger.debug("Toatal email recipents count...:" + arrayList.size());
        emailProps.setActionBy("");
        emailProps.setStartDate(DateUtil.getDateInddMMMyyyy(System.currentTimeMillis()));
        emailProps.setDeviceName(str2);
        emailProps.setRecipents(arrayList);
        emailProps.setToUser(true);
        emailProps.setBodyData("Portal");
        emailProps.setSupportDescription(str3);
        emailProps.setUserName(str2);
        emailProps.setActionOn(str2);
        emailProps.setUserName(str2);
        this.cloudMailService.sendMail(emailProps);
    }

    private boolean isAADEnabled(List<CloudCustomisableDetails> list) {
        boolean z = false;
        Iterator<CloudCustomisableDetails> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if ("AAD Enabled".equals(it.next().getName())) {
                z = true;
                break;
            }
        }
        return z;
    }

    private boolean migrateUserFromAAD(Cloud cloud, AADUserElement aADUserElement, boolean z, boolean z2, boolean z3, String str) {
        AADUserElement aADUserElement2;
        boolean z4 = false;
        boolean z5 = z;
        boolean z6 = z2;
        boolean z7 = z3;
        int cloudId = cloud.getCloudId();
        try {
            aADUserElement2 = null;
            if (cloud.getGraphAADEnabled() == 1) {
                AADCredentialsElement aADCredentials = this.aadManagementService.getAADCredentials(cloudId);
                ArrayList arrayList = new ArrayList();
                if (cloud.getMultiTenantAADEnabled() != 1) {
                    arrayList.add(aADCredentials.getTenentId());
                } else if (CollectionUtils.isEmpty(aADCredentials.getTenants())) {
                    arrayList.add(aADCredentials.getTenentId());
                } else {
                    arrayList.addAll(aADCredentials.getTenants());
                }
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    aADUserElement2 = this.aadManagementService.getNewAADUserFromUserName(aADUserElement.getUserName(), aADCredentials.getClientId(), aADCredentials.getSecretKey(), (String) it.next());
                    if (aADUserElement2 != null) {
                        break;
                    }
                }
            } else {
                aADUserElement2 = this.aadManagementService.getAADUserFromUserName(cloudId, aADUserElement.getUserName());
            }
        } catch (UserLimitReachedException e) {
            throw new UserLimitReachedException("user limit reached");
        } catch (Exception e2) {
            MigrationStatus migrationStatus = new MigrationStatus();
            migrationStatus.setMigratedBy(str);
            migrationStatus.setMigratededTimestamp(System.currentTimeMillis());
            migrationStatus.setMigrated(false);
            migrationStatus.setReason("Failed to get user form AD");
            migrationStatus.setUserName(aADUserElement.getUserPrincipalName());
            if (StringUtils.isEmpty(aADUserElement.getMail())) {
                migrationStatus.setEmailId(aADUserElement.getUserPrincipalName());
            } else {
                migrationStatus.setEmailId(aADUserElement.getMail());
            }
            this.userManagementService.saveMigrationStatus(cloudId, migrationStatus);
            logger.trace(EXCEPTION + e2);
            logger.error(EXCEPTION + e2.getMessage());
        }
        if (aADUserElement2 == null) {
            return false;
        }
        if (StringUtils.isEmpty(aADUserElement2.getProductType())) {
            logger.debug("User is not part of any type .... so skip " + aADUserElement2.getUserPrincipalName());
        }
        if ("SYNC".equalsIgnoreCase(aADUserElement2.getProductType())) {
            z6 = false;
        } else if ("BACKUP".equalsIgnoreCase(aADUserElement2.getProductType())) {
            z5 = false;
        } else if ("O365".equalsIgnoreCase(aADUserElement2.getProductType())) {
            z5 = false;
        } else if ("BOTH".equalsIgnoreCase(aADUserElement2.getProductType())) {
            z6 = true;
            z5 = true;
            z7 = true;
        }
        if (StringUtils.isEmpty(aADUserElement.getDefaultSyncPolicy())) {
            aADUserElement.setDefaultSyncPolicy(PCHelperConstant.getPropertyFileValueDefaultSyncPolicy());
        }
        if (StringUtils.isEmpty(aADUserElement.getDefaultOdbPolicy())) {
            aADUserElement.setDefaultOdbPolicy(PCHelperConstant.getPropertyFileValueDefaultO365PolicyName());
        }
        if (z6 && StringUtils.isEmpty(aADUserElement.getDefaultPolicy())) {
            aADUserElement.setDefaultPolicy(PCHelperConstant.getPropertyFileValueDefaultBkpPolicy());
        }
        if (aADUserElement != null) {
            logger.debug(z7 + "...AAD User Element ...." + aADUserElement.toString());
        }
        if (this.userManagementService.createUserFromAAD(cloudId, cloud.getCloudName(), aADUserElement, str, z5, z6, z7, cloud)) {
            this.auditHistoryService.saveStatisticToDatabase(cloudId, cloud.getCloudName(), MIGRATION, str, aADUserElement.getUserPrincipalName(), "AAD", System.currentTimeMillis(), PCActionTypes.AAD_USER_MIGRATION.getActionTypeValue());
            z4 = true;
        }
        return z4;
    }

    @RequestMapping(value = {"versions/{versionNumber}/clouds/{cloudName}/delete/AADCredentials/"}, method = {RequestMethod.DELETE})
    public void deleteAADCredentials(@PathVariable("cloudName") String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        logger.debug("..delete..versions/{versionNumber}/clouds/{cloudName}/AADCredentials/ ...." + httpServletRequest.getHeader("aadCredId"));
        try {
            CloudLicenseTo validateLicense = this.licenseService.validateLicense(str);
            if (checkLicense(validateLicense, httpServletResponse)) {
                String header = httpServletRequest.getHeader("aadCredId");
                new ModelAndView();
                String cloudName = validateLicense.getCloud().getCloudName();
                int cloudId = validateLicense.getCloud().getCloudId();
                String header2 = httpServletRequest.getHeader("token");
                if (!StringUtils.isEmpty(httpServletRequest.getHeader("isInternalCall")) || performAuthorization(cloudId, cloudName, header2, new User(), httpServletResponse)) {
                    if (!isAADEnabled(validateLicense.getCloud().getCloudCustomisableDetails())) {
                        httpServletResponse.setStatus(443);
                        return;
                    }
                    this.aadManagementService.deleteAADCredentials(cloudId, header);
                    httpServletResponse.setStatus(200);
                    logger.debug("..end of delete..versions/{versionNumber}/clouds/{cloudName}/AADCredentials/ ....");
                }
            }
        } catch (Exception e) {
            logger.trace(EXCEPTION + e);
            logger.error(EXCEPTION + e.getMessage());
            httpServletResponse.setStatus(500);
        }
    }
}
