package com.googlesource.gerrit.plugins.importer;

import com.google.gerrit.common.errors.NoSuchAccountException;
import com.google.gerrit.extensions.common.AccountInfo;
import com.google.gerrit.extensions.restapi.BadRequestException;
import com.google.gerrit.extensions.restapi.ResourceConflictException;
import com.google.gerrit.extensions.restapi.TopLevelResource;
import com.google.gerrit.extensions.restapi.UnprocessableEntityException;
import com.google.gerrit.reviewdb.client.Account;
import com.google.gerrit.reviewdb.client.AccountGroup;
import com.google.gerrit.reviewdb.client.AccountGroupMember;
import com.google.gerrit.reviewdb.client.AccountGroupName;
import com.google.gerrit.reviewdb.client.AccountSshKey;
import com.google.gerrit.reviewdb.client.AuthType;
import com.google.gerrit.reviewdb.server.ReviewDb;
import com.google.gerrit.server.GerritPersonIdent;
import com.google.gerrit.server.IdentifiedUser;
import com.google.gerrit.server.account.AccountCache;
import com.google.gerrit.server.account.AccountException;
import com.google.gerrit.server.account.AccountManager;
import com.google.gerrit.server.account.AccountState;
import com.google.gerrit.server.account.AuthRequest;
import com.google.gerrit.server.account.CreateAccount;
import com.google.gerrit.server.account.GetSshKeys;
import com.google.gerrit.server.account.GroupCache;
import com.google.gerrit.server.account.GroupUUID;
import com.google.gerrit.server.config.AuthConfig;
import com.google.gwtorm.server.OrmException;
import com.google.inject.Inject;
import com.google.inject.Provider;
import com.google.inject.Singleton;
import java.io.IOException;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import org.eclipse.jgit.lib.PersonIdent;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Singleton
/* loaded from: input_file:com/googlesource/gerrit/plugins/importer/AccountUtil.class */
class AccountUtil {
    private static Logger log = LoggerFactory.getLogger(AccountUtil.class);
    private static final String IMPORTED_USERS = "Imported Users";
    private static final AccountGroup.NameKey IMPORTED_USERS_NAME = new AccountGroup.NameKey(IMPORTED_USERS);
    private final AccountCache accountCache;
    private final AccountManager accountManager;
    private final AuthType authType;
    private final IdentifiedUser currentUser;
    private final GroupCache groupCache;
    private final PersonIdent serverIdent;
    private final Provider<ReviewDb> db;

    @Inject
    private CreateAccount.Factory createAccountFactory;

    /* renamed from: com.googlesource.gerrit.plugins.importer.AccountUtil$1, reason: invalid class name */
    /* loaded from: input_file:com/googlesource/gerrit/plugins/importer/AccountUtil$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$google$gerrit$reviewdb$client$AuthType = new int[AuthType.values().length];

        static {
            try {
                $SwitchMap$com$google$gerrit$reviewdb$client$AuthType[AuthType.HTTP_LDAP.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$google$gerrit$reviewdb$client$AuthType[AuthType.CLIENT_SSL_CERT_LDAP.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$google$gerrit$reviewdb$client$AuthType[AuthType.LDAP.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    @Inject
    public AccountUtil(AccountCache accountCache, AccountManager accountManager, AuthConfig authConfig, GroupCache groupCache, IdentifiedUser identifiedUser, @GerritPersonIdent PersonIdent personIdent, Provider<ReviewDb> provider) {
        this.accountCache = accountCache;
        this.accountManager = accountManager;
        this.authType = authConfig.getAuthType();
        this.currentUser = identifiedUser;
        this.db = provider;
        this.groupCache = groupCache;
        this.serverIdent = personIdent;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Account.Id resolveUser(GerritApi gerritApi, AccountInfo accountInfo) throws NoSuchAccountException, BadRequestException, IOException, OrmException, ResourceConflictException, UnprocessableEntityException {
        if (accountInfo.username == null) {
            throw new NoSuchAccountException(String.format("User %s <%s> (%s) doesn't have a username and cannot be looked up.", accountInfo.name, accountInfo.email, accountInfo._accountId));
        }
        AccountState byUsername = this.accountCache.getByUsername(accountInfo.username);
        if (byUsername == null) {
            switch (AnonymousClass1.$SwitchMap$com$google$gerrit$reviewdb$client$AuthType[this.authType.ordinal()]) {
                case 1:
                case 2:
                case 3:
                    return createAccountByLdapAndAddSshKeys(gerritApi, accountInfo);
                default:
                    return createLocalUser(accountInfo);
            }
        }
        if (!Objects.equals(byUsername.getAccount().getPreferredEmail(), accountInfo.email)) {
            log.warn(String.format("Email mismatch for user %s: expected %s but found %s", accountInfo.username, accountInfo.email, byUsername.getAccount().getPreferredEmail()));
        }
        return byUsername.getAccount().getId();
    }

    private Account.Id createAccountByLdapAndAddSshKeys(GerritApi gerritApi, AccountInfo accountInfo) throws NoSuchAccountException, BadRequestException, IOException, OrmException, ResourceConflictException, UnprocessableEntityException {
        if (!accountInfo.username.matches("^([a-zA-Z0-9][a-zA-Z0-9._-]*[a-zA-Z0-9]|[a-zA-Z0-9])$")) {
            throw new NoSuchAccountException(String.format("User %s not found", accountInfo.username));
        }
        try {
            AuthRequest forUser = AuthRequest.forUser(accountInfo.username);
            forUser.setSkipAuthentication(true);
            Account.Id accountId = this.accountManager.authenticate(forUser).getAccountId();
            addSshKeys(gerritApi, accountInfo);
            return accountId;
        } catch (AccountException e) {
            return createLocalUser(accountInfo);
        }
    }

    private void addSshKeys(GerritApi gerritApi, AccountInfo accountInfo) throws BadRequestException, IOException, OrmException {
        List<GetSshKeys.SshKeyInfo> sshKeys = gerritApi.getSshKeys(accountInfo.username);
        ((ReviewDb) this.db.get()).accountSshKeys().upsert(toAccountSshKey(this.accountCache.getByUsername(accountInfo.username), sshKeys));
    }

    private static Collection<AccountSshKey> toAccountSshKey(AccountState accountState, List<GetSshKeys.SshKeyInfo> list) {
        HashSet hashSet = new HashSet();
        int i = 1;
        Iterator<GetSshKeys.SshKeyInfo> it = list.iterator();
        while (it.hasNext()) {
            int i2 = i;
            i++;
            hashSet.add(new AccountSshKey(new AccountSshKey.Id(accountState.getAccount().getId(), i2), it.next().sshPublicKey));
        }
        return hashSet;
    }

    private Account.Id createLocalUser(AccountInfo accountInfo) throws BadRequestException, ResourceConflictException, UnprocessableEntityException, OrmException {
        CreateAccount.Input input = new CreateAccount.Input();
        log.info(String.format("User '%s' not found", accountInfo.username));
        String str = accountInfo.username;
        input.username = str;
        input.email = accountInfo.email;
        input.name = accountInfo.name;
        AccountInfo accountInfo2 = (AccountInfo) this.createAccountFactory.create(str).apply(TopLevelResource.INSTANCE, input).value();
        log.info(String.format("Local user '%s' created", str));
        Account.Id id = new Account.Id(accountInfo2._accountId.intValue());
        this.accountCache.get(id).getAccount().setActive(false);
        addToImportedUsersGroup(id);
        this.accountCache.evict(id);
        return id;
    }

    private void addToImportedUsersGroup(Account.Id id) throws OrmException {
        ((ReviewDb) this.db.get()).accountGroupMembers().insert(Collections.singleton(new AccountGroupMember(new AccountGroupMember.Key(id, getImportedUsersGroup().getId()))));
    }

    private AccountGroup getImportedUsersGroup() throws OrmException {
        AccountGroup accountGroup = this.groupCache.get(IMPORTED_USERS_NAME);
        if (accountGroup == null) {
            accountGroup = createImportedUsersGroup();
        }
        return accountGroup;
    }

    private AccountGroup createImportedUsersGroup() throws OrmException {
        AccountGroup accountGroup = new AccountGroup(IMPORTED_USERS_NAME, new AccountGroup.Id(((ReviewDb) this.db.get()).nextAccountGroupId()), GroupUUID.make(IMPORTED_USERS, this.currentUser.newCommitterIdent(this.serverIdent.getWhen(), this.serverIdent.getTimeZone())));
        accountGroup.setDescription(IMPORTED_USERS);
        ((ReviewDb) this.db.get()).accountGroupNames().insert(Collections.singleton(new AccountGroupName(accountGroup)));
        ((ReviewDb) this.db.get()).accountGroups().insert(Collections.singleton(accountGroup));
        this.groupCache.onCreateGroup(IMPORTED_USERS_NAME);
        return accountGroup;
    }
}
