package com.azure.resourcemanager.authorization.implementation;

import com.azure.resourcemanager.authorization.AuthorizationManager;
import com.azure.resourcemanager.authorization.fluent.models.MicrosoftGraphKeyCredentialInner;
import com.azure.resourcemanager.authorization.fluent.models.MicrosoftGraphPasswordCredentialInner;
import com.azure.resourcemanager.authorization.fluent.models.MicrosoftGraphServicePrincipalInner;
import com.azure.resourcemanager.authorization.fluent.models.ServicePrincipalsAddPasswordRequestBodyInner;
import com.azure.resourcemanager.authorization.models.ActiveDirectoryApplication;
import com.azure.resourcemanager.authorization.models.BuiltInRole;
import com.azure.resourcemanager.authorization.models.CertificateCredential;
import com.azure.resourcemanager.authorization.models.PasswordCredential;
import com.azure.resourcemanager.authorization.models.RoleAssignment;
import com.azure.resourcemanager.authorization.models.ServicePrincipal;
import com.azure.resourcemanager.resources.fluentcore.model.Creatable;
import com.azure.resourcemanager.resources.fluentcore.model.implementation.CreatableUpdatableImpl;
import com.azure.resourcemanager.resources.models.ResourceGroup;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/azure/resourcemanager/authorization/implementation/ServicePrincipalImpl.class */
public class ServicePrincipalImpl extends CreatableUpdatableImpl<ServicePrincipal, MicrosoftGraphServicePrincipalInner, ServicePrincipalImpl> implements ServicePrincipal, ServicePrincipal.Definition, ServicePrincipal.Update, HasCredential<ServicePrincipalImpl> {
    private AuthorizationManager manager;
    private Map<String, PasswordCredential> cachedPasswordCredentials;
    private Map<String, CertificateCredential> cachedCertificateCredentials;
    private Map<String, RoleAssignment> cachedRoleAssignments;
    private Creatable<ActiveDirectoryApplication> applicationCreatable;
    private Map<String, BuiltInRole> rolesToCreate;
    private Set<String> rolesToDelete;
    String assignedSubscription;
    private List<CertificateCredentialImpl<?>> certificateCredentialsToCreate;
    private List<PasswordCredentialImpl<?>> passwordCredentialsToCreate;

    /* JADX INFO: Access modifiers changed from: package-private */
    public ServicePrincipalImpl(MicrosoftGraphServicePrincipalInner microsoftGraphServicePrincipalInner, AuthorizationManager authorizationManager) {
        super(microsoftGraphServicePrincipalInner.displayName(), microsoftGraphServicePrincipalInner);
        this.manager = authorizationManager;
        this.cachedRoleAssignments = new HashMap();
        this.rolesToCreate = new HashMap();
        this.rolesToDelete = new HashSet();
        this.cachedCertificateCredentials = new HashMap();
        this.certificateCredentialsToCreate = new ArrayList();
        this.cachedPasswordCredentials = new HashMap();
        this.passwordCredentialsToCreate = new ArrayList();
        refreshCredentials(microsoftGraphServicePrincipalInner);
    }

    @Override // com.azure.resourcemanager.authorization.models.ServicePrincipal
    public String applicationId() {
        return ((MicrosoftGraphServicePrincipalInner) innerModel()).appId();
    }

    @Override // com.azure.resourcemanager.authorization.models.ServicePrincipal
    public List<String> servicePrincipalNames() {
        return ((MicrosoftGraphServicePrincipalInner) innerModel()).servicePrincipalNames();
    }

    @Override // com.azure.resourcemanager.authorization.models.ServicePrincipal
    public Map<String, PasswordCredential> passwordCredentials() {
        return Collections.unmodifiableMap(this.cachedPasswordCredentials);
    }

    @Override // com.azure.resourcemanager.authorization.models.ServicePrincipal
    public Map<String, CertificateCredential> certificateCredentials() {
        return Collections.unmodifiableMap(this.cachedCertificateCredentials);
    }

    @Override // com.azure.resourcemanager.authorization.models.ServicePrincipal
    public Set<RoleAssignment> roleAssignments() {
        return Collections.unmodifiableSet(new HashSet(this.cachedRoleAssignments.values()));
    }

    protected Mono<MicrosoftGraphServicePrincipalInner> getInnerAsync() {
        return this.manager.m0serviceClient().getServicePrincipalsServicePrincipals().getServicePrincipalAsync(id()).doOnSuccess(this::refreshCredentials);
    }

    public Mono<ServicePrincipal> createResourceAsync() {
        Mono then;
        if (isInCreateMode()) {
            ((MicrosoftGraphServicePrincipalInner) innerModel()).withAccountEnabled(true);
            if (this.applicationCreatable != null) {
                ((MicrosoftGraphServicePrincipalInner) innerModel()).withAppId(((ActiveDirectoryApplication) taskResult(this.applicationCreatable.key())).applicationId());
            }
            then = this.manager.m0serviceClient().getServicePrincipalsServicePrincipals().createServicePrincipalAsync((MicrosoftGraphServicePrincipalInner) innerModel()).map(innerToFluentMap(this));
        } else {
            then = m118manager().m0serviceClient().getServicePrincipalsServicePrincipals().updateServicePrincipalAsync(id(), new MicrosoftGraphServicePrincipalInner().withKeyCredentials(((MicrosoftGraphServicePrincipalInner) innerModel()).keyCredentials()).withPasswordCredentials(((MicrosoftGraphServicePrincipalInner) innerModel()).passwordCredentials())).then(refreshAsync());
        }
        return then.flatMap(servicePrincipal -> {
            return submitCredentialsAsync(servicePrincipal).mergeWith(submitRolesAsync(servicePrincipal)).last();
        }).map(servicePrincipal2 -> {
            for (PasswordCredentialImpl<?> passwordCredentialImpl : this.passwordCredentialsToCreate) {
                passwordCredentialImpl.exportAuthFile((ServicePrincipalImpl) servicePrincipal2);
                passwordCredentialImpl.consumeSecret();
            }
            Iterator<CertificateCredentialImpl<?>> it = this.certificateCredentialsToCreate.iterator();
            while (it.hasNext()) {
                it.next().exportAuthFile((ServicePrincipalImpl) servicePrincipal2);
            }
            this.passwordCredentialsToCreate.clear();
            this.certificateCredentialsToCreate.clear();
            return servicePrincipal2;
        });
    }

    private Mono<ServicePrincipal> submitCredentialsAsync(ServicePrincipal servicePrincipal) {
        return Flux.defer(() -> {
            return Flux.fromIterable(this.passwordCredentialsToCreate).flatMap(passwordCredentialImpl -> {
                Mono<MicrosoftGraphPasswordCredentialInner> addPasswordAsync = m118manager().m0serviceClient().getServicePrincipals().addPasswordAsync(id(), new ServicePrincipalsAddPasswordRequestBodyInner().withPasswordCredential((MicrosoftGraphPasswordCredentialInner) passwordCredentialImpl.innerModel()));
                Objects.requireNonNull(passwordCredentialImpl);
                return addPasswordAsync.doOnNext((v1) -> {
                    r1.setInner(v1);
                });
            });
        }).then(refreshAsync());
    }

    private Mono<ServicePrincipal> submitRolesAsync(ServicePrincipal servicePrincipal) {
        return (this.rolesToCreate.isEmpty() ? Mono.just(servicePrincipal) : Flux.fromIterable(this.rolesToCreate.entrySet()).flatMap(entry -> {
            return ((RoleAssignment.DefinitionStages.Blank) m118manager().roleAssignments().define(m118manager().internalContext().randomUuid())).forServicePrincipal(servicePrincipal).withBuiltInRole((BuiltInRole) entry.getValue()).withScope((String) entry.getKey()).createAsync();
        }).doOnNext(roleAssignment -> {
            this.cachedRoleAssignments.put(roleAssignment.id(), roleAssignment);
        }).last().map(roleAssignment2 -> {
            this.rolesToCreate.clear();
            return servicePrincipal;
        })).mergeWith(this.rolesToDelete.isEmpty() ? Mono.just(servicePrincipal) : Flux.fromIterable(this.rolesToDelete).flatMap(str -> {
            return m118manager().roleAssignments().deleteByIdAsync(this.cachedRoleAssignments.get(str).id()).thenReturn(str);
        }).doOnNext(str2 -> {
            this.cachedRoleAssignments.remove(str2);
        }).last().map(str3 -> {
            this.rolesToDelete.clear();
            return servicePrincipal;
        })).last();
    }

    public boolean isInCreateMode() {
        return id() == null;
    }

    void refreshCredentials(MicrosoftGraphServicePrincipalInner microsoftGraphServicePrincipalInner) {
        this.cachedCertificateCredentials.clear();
        this.cachedPasswordCredentials.clear();
        if (microsoftGraphServicePrincipalInner.keyCredentials() != null) {
            microsoftGraphServicePrincipalInner.keyCredentials().forEach(microsoftGraphKeyCredentialInner -> {
                CertificateCredentialImpl certificateCredentialImpl = new CertificateCredentialImpl(microsoftGraphKeyCredentialInner);
                this.cachedCertificateCredentials.put(certificateCredentialImpl.name(), certificateCredentialImpl);
            });
        }
        if (microsoftGraphServicePrincipalInner.passwordCredentials() != null) {
            microsoftGraphServicePrincipalInner.passwordCredentials().forEach(microsoftGraphPasswordCredentialInner -> {
                PasswordCredentialImpl passwordCredentialImpl = new PasswordCredentialImpl(microsoftGraphPasswordCredentialInner);
                this.cachedPasswordCredentials.put(passwordCredentialImpl.name(), passwordCredentialImpl);
            });
        }
    }

    public Mono<ServicePrincipal> refreshAsync() {
        return getInnerAsync().map(innerToFluentMap(this));
    }

    @Override // com.azure.resourcemanager.authorization.models.ServicePrincipal.DefinitionStages.WithCredential, com.azure.resourcemanager.authorization.models.ServicePrincipal.UpdateStages.WithCredential
    public CertificateCredentialImpl<ServicePrincipalImpl> defineCertificateCredential(String str) {
        return new CertificateCredentialImpl<>(str, this);
    }

    @Override // com.azure.resourcemanager.authorization.models.ServicePrincipal.DefinitionStages.WithCredential, com.azure.resourcemanager.authorization.models.ServicePrincipal.UpdateStages.WithCredential
    public PasswordCredentialImpl<ServicePrincipalImpl> definePasswordCredential(String str) {
        return new PasswordCredentialImpl<>(str, this);
    }

    @Override // com.azure.resourcemanager.authorization.models.ServicePrincipal.UpdateStages.WithCredential
    public ServicePrincipalImpl withoutCredential(String str) {
        if (this.cachedPasswordCredentials.containsKey(str)) {
            ((MicrosoftGraphServicePrincipalInner) innerModel()).passwordCredentials().remove(this.cachedPasswordCredentials.get(str).innerModel());
        } else if (this.cachedCertificateCredentials.containsKey(str)) {
            ((MicrosoftGraphServicePrincipalInner) innerModel()).keyCredentials().remove(this.cachedCertificateCredentials.get(str).innerModel());
        }
        return this;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // com.azure.resourcemanager.authorization.implementation.HasCredential
    public ServicePrincipalImpl withCertificateCredential(CertificateCredentialImpl<?> certificateCredentialImpl) {
        this.certificateCredentialsToCreate.add(certificateCredentialImpl);
        if (((MicrosoftGraphServicePrincipalInner) innerModel()).keyCredentials() == null) {
            ((MicrosoftGraphServicePrincipalInner) innerModel()).withKeyCredentials(new ArrayList());
        }
        ((MicrosoftGraphServicePrincipalInner) innerModel()).keyCredentials().add((MicrosoftGraphKeyCredentialInner) certificateCredentialImpl.innerModel());
        return this;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // com.azure.resourcemanager.authorization.implementation.HasCredential
    public ServicePrincipalImpl withPasswordCredential(PasswordCredentialImpl<?> passwordCredentialImpl) {
        this.passwordCredentialsToCreate.add(passwordCredentialImpl);
        return this;
    }

    @Override // com.azure.resourcemanager.authorization.models.ServicePrincipal.DefinitionStages.WithApplication
    public ServicePrincipalImpl withExistingApplication(String str) {
        ((MicrosoftGraphServicePrincipalInner) innerModel()).withAppId(str);
        return this;
    }

    @Override // com.azure.resourcemanager.authorization.models.ServicePrincipal.DefinitionStages.WithApplication
    public ServicePrincipalImpl withExistingApplication(ActiveDirectoryApplication activeDirectoryApplication) {
        ((MicrosoftGraphServicePrincipalInner) innerModel()).withAppId(activeDirectoryApplication.applicationId());
        return this;
    }

    @Override // com.azure.resourcemanager.authorization.models.ServicePrincipal.DefinitionStages.WithApplication
    public ServicePrincipalImpl withNewApplication(Creatable<ActiveDirectoryApplication> creatable) {
        addDependency(creatable);
        this.applicationCreatable = creatable;
        return this;
    }

    @Override // com.azure.resourcemanager.authorization.models.ServicePrincipal.DefinitionStages.WithApplication
    public ServicePrincipalImpl withNewApplication(String str) {
        return withNewApplication((Creatable<ActiveDirectoryApplication>) ((ActiveDirectoryApplication.DefinitionStages.Blank) this.manager.applications().define(name())).withSignOnUrl(str).withIdentifierUrl(str));
    }

    @Override // com.azure.resourcemanager.authorization.models.ServicePrincipal.DefinitionStages.WithApplication
    public ServicePrincipalImpl withNewApplication() {
        return withNewApplication((Creatable<ActiveDirectoryApplication>) this.manager.applications().define(name()));
    }

    @Override // com.azure.resourcemanager.authorization.models.ServicePrincipal.UpdateStages.WithRoleAssignment
    public ServicePrincipalImpl withNewRole(BuiltInRole builtInRole, String str) {
        this.rolesToCreate.put(str, builtInRole);
        return this;
    }

    @Override // com.azure.resourcemanager.authorization.models.ServicePrincipal.UpdateStages.WithRoleAssignment
    public ServicePrincipalImpl withNewRoleInSubscription(BuiltInRole builtInRole, String str) {
        this.assignedSubscription = str;
        return withNewRole(builtInRole, "subscriptions/" + str);
    }

    @Override // com.azure.resourcemanager.authorization.models.ServicePrincipal.UpdateStages.WithRoleAssignment
    public ServicePrincipalImpl withNewRoleInResourceGroup(BuiltInRole builtInRole, ResourceGroup resourceGroup) {
        return withNewRole(builtInRole, resourceGroup.id());
    }

    @Override // com.azure.resourcemanager.authorization.models.ServicePrincipal.UpdateStages.WithRoleAssignment
    public ServicePrincipal.Update withoutRole(RoleAssignment roleAssignment) {
        this.rolesToDelete.add(roleAssignment.id());
        return this;
    }

    public String id() {
        return ((MicrosoftGraphServicePrincipalInner) innerModel()).id();
    }

    /* renamed from: manager, reason: merged with bridge method [inline-methods] */
    public AuthorizationManager m118manager() {
        return this.manager;
    }

    public /* bridge */ /* synthetic */ Object update() {
        return super.update();
    }

    @Override // com.azure.resourcemanager.authorization.models.ServicePrincipal.DefinitionStages.WithApplication
    public /* bridge */ /* synthetic */ ServicePrincipal.DefinitionStages.WithCreate withNewApplication(Creatable creatable) {
        return withNewApplication((Creatable<ActiveDirectoryApplication>) creatable);
    }

    @Override // com.azure.resourcemanager.authorization.implementation.HasCredential
    public /* bridge */ /* synthetic */ ServicePrincipalImpl withPasswordCredential(PasswordCredentialImpl passwordCredentialImpl) {
        return withPasswordCredential((PasswordCredentialImpl<?>) passwordCredentialImpl);
    }

    @Override // com.azure.resourcemanager.authorization.implementation.HasCredential
    public /* bridge */ /* synthetic */ ServicePrincipalImpl withCertificateCredential(CertificateCredentialImpl certificateCredentialImpl) {
        return withCertificateCredential((CertificateCredentialImpl<?>) certificateCredentialImpl);
    }
}
