package io.phasetwo.service.auth.invitation;

import io.phasetwo.service.Orgs;
import io.phasetwo.service.model.InvitationModel;
import io.phasetwo.service.model.OrganizationProvider;
import io.phasetwo.service.model.OrganizationRoleModel;
import io.phasetwo.service.resource.OrganizationResourceProviderFactory;
import jakarta.ws.rs.core.MultivaluedMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.jboss.logging.Logger;
import org.keycloak.authentication.RequiredActionContext;
import org.keycloak.authentication.RequiredActionProvider;
import org.keycloak.events.EventBuilder;
import org.keycloak.events.EventType;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;

/* loaded from: input_file:io/phasetwo/service/auth/invitation/InvitationRequiredAction.class */
public class InvitationRequiredAction implements RequiredActionProvider {
    private static final Logger log = Logger.getLogger(InvitationRequiredAction.class);

    public void evaluateTriggers(RequiredActionContext requiredActionContext) {
        RealmModel realm = requiredActionContext.getRealm();
        UserModel user = requiredActionContext.getUser();
        log.debugf("InvitationRequiredAction.evaluateTriggers called for realm %s and user %s", realm.getName(), user.getEmail());
        long count = getUserInvites(requiredActionContext, realm, user).count();
        log.debugf("Found %d invites for %s", count, user.getEmail());
        if (count > 0) {
            log.debugf("Adding InvitationRequiredActionFactory for %s", user.getEmail());
            user.addRequiredAction(InvitationRequiredActionFactory.PROVIDER_ID);
        }
    }

    private Stream<InvitationModel> getUserInvites(RequiredActionContext requiredActionContext, RealmModel realmModel, UserModel userModel) {
        return ((OrganizationProvider) requiredActionContext.getSession().getProvider(OrganizationProvider.class)).getUserInvitationsStream(realmModel, userModel);
    }

    public void requiredActionChallenge(RequiredActionContext requiredActionContext) {
        List list;
        RealmModel realm = requiredActionContext.getRealm();
        UserModel user = requiredActionContext.getUser();
        log.infof("InvitationRequiredAction.requiredActionChallenge called for realm %s and user %s", realm.getName(), user.getEmail());
        if (!user.isEmailVerified() || user.getEmail() == null || (list = (List) getUserInvites(requiredActionContext, realm, user).collect(Collectors.toList())) == null || list.size() <= 0) {
            log.info("No challenge");
            requiredActionContext.ignore();
        } else {
            log.infof("Found %d invites for %s", Integer.valueOf(list.size()), user.getEmail());
            requiredActionContext.challenge(requiredActionContext.form().setAttribute("invitations", new InvitationsBean(realm, list)).createForm("invitations.ftl"));
        }
    }

    public void processAction(RequiredActionContext requiredActionContext) {
        EventBuilder event = requiredActionContext.getEvent();
        RealmModel realm = requiredActionContext.getRealm();
        UserModel user = requiredActionContext.getUser();
        log.infof("InvitationRequiredAction.processAction called for realm %s and user %s", realm.getName(), user.getEmail());
        MultivaluedMap decodedFormParameters = requiredActionContext.getHttpRequest().getDecodedFormParameters();
        log.infof("Form Parameters: %s", mapToString(decodedFormParameters));
        OrganizationProvider organizationProvider = (OrganizationProvider) requiredActionContext.getSession().getProvider(OrganizationProvider.class);
        List list = (List) decodedFormParameters.get(OrganizationResourceProviderFactory.ID);
        organizationProvider.getUserInvitationsStream(realm, user).forEach(invitationModel -> {
            if (list != null && list.contains(invitationModel.getOrganization().getId())) {
                log.infof("selected %s", invitationModel.getOrganization().getId());
                memberFromInvitation(invitationModel, user);
                event.clone().event(EventType.CUSTOM_REQUIRED_ACTION).user(user).detail(Orgs.FIELD_ORG_ID, invitationModel.getOrganization().getId()).detail("invitation_id", invitationModel.getId()).success();
            }
            invitationModel.getOrganization().revokeInvitation(invitationModel.getId());
            event.clone().event(EventType.CUSTOM_REQUIRED_ACTION).detail(Orgs.FIELD_ORG_ID, invitationModel.getOrganization().getId()).detail("invitation_id", invitationModel.getId()).user(user).error("User invitation revoked.");
        });
        requiredActionContext.success();
    }

    void memberFromInvitation(InvitationModel invitationModel, UserModel userModel) {
        invitationModel.getOrganization().grantMembership(userModel);
        invitationModel.getRoles().stream().forEach(str -> {
            OrganizationRoleModel roleByName = invitationModel.getOrganization().getRoleByName(str);
            if (roleByName == null) {
                log.debugf("No org role found for invitation role %s. Skipping...", str);
            } else {
                roleByName.grantRole(userModel);
            }
        });
    }

    public void close() {
    }

    private String mapToString(Map<?, ?> map) {
        return (String) map.keySet().stream().map(obj -> {
            return String.valueOf(obj) + "=" + String.valueOf(map.get(obj));
        }).collect(Collectors.joining(", ", "{", "}"));
    }
}
