package org.wso2.identity.apps.common.util;

import java.util.Arrays;
import java.util.List;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.commons.lang.StringUtils;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
import org.wso2.carbon.identity.application.common.model.Claim;
import org.wso2.carbon.identity.application.common.model.ClaimConfig;
import org.wso2.carbon.identity.application.common.model.ClaimMapping;
import org.wso2.carbon.identity.application.common.model.InboundAuthenticationConfig;
import org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig;
import org.wso2.carbon.identity.application.common.model.LocalAndOutboundAuthenticationConfig;
import org.wso2.carbon.identity.application.common.model.ServiceProvider;
import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.oauth.IdentityOAuthAdminException;
import org.wso2.carbon.identity.oauth.OAuthUtil;
import org.wso2.carbon.identity.oauth.dto.OAuthConsumerAppDTO;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.identity.apps.common.internal.AppsCommonDataHolder;
import org.wso2.identity.apps.common.util.AppPortalConstants;

/* loaded from: input_file:org/wso2/identity/apps/common/util/AppPortalUtils.class */
public class AppPortalUtils {
    private AppPortalUtils() {
    }

    public static void createOAuth2Application(String str, String str2, String str3, String str4, String str5, int i, String str6, String str7, List<String> list) throws IdentityOAuthAdminException {
        OAuthConsumerAppDTO oAuthConsumerAppDTO = new OAuthConsumerAppDTO();
        oAuthConsumerAppDTO.setApplicationName(str);
        oAuthConsumerAppDTO.setOAuthVersion("OAuth-2.0");
        oAuthConsumerAppDTO.setOauthConsumerKey(str3);
        oAuthConsumerAppDTO.setOauthConsumerSecret(str4);
        String serverURL = IdentityUtil.getServerURL(str2, true, true);
        oAuthConsumerAppDTO.setCallbackUrl(!"carbon.super".equals(str6) ? serverURL.replace(str2, "/t/" + str6.trim() + str2) : StringUtils.equals(AppPortalConstants.CONSOLE_APP, str) ? "regexp=(" + serverURL + "|" + serverURL.replace(str2, "/t/(.*)" + str2) + "|" + serverURL.replace(str2, "/o/(.*)" + str2) + ")" : "regexp=(" + serverURL + "|" + serverURL.replace(str2, "/t/(.*)" + str2) + ")");
        oAuthConsumerAppDTO.setBypassClientCredentials(true);
        if (list != null && !list.isEmpty()) {
            oAuthConsumerAppDTO.setGrantTypes(String.join(" ", list));
        }
        oAuthConsumerAppDTO.setPkceMandatory(true);
        oAuthConsumerAppDTO.setTokenBindingType(str7);
        oAuthConsumerAppDTO.setTokenBindingValidationEnabled(true);
        oAuthConsumerAppDTO.setTokenRevocationWithIDPSessionTerminationEnabled(true);
        try {
            PrivilegedCarbonContext.startTenantFlow();
            PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
            threadLocalCarbonContext.setTenantId(i);
            threadLocalCarbonContext.setTenantDomain(str6);
            threadLocalCarbonContext.setUsername(str5);
            AppsCommonDataHolder.getInstance().getOAuthAdminService().registerOAuthApplicationData(oAuthConsumerAppDTO);
        } finally {
            PrivilegedCarbonContext.endTenantFlow();
        }
    }

    @Deprecated
    public static void createApplication(String str, String str2, String str3, String str4, String str5, String str6) throws IdentityApplicationManagementException {
        createApplication(str, str2, str3, str4, str5, str6, "");
    }

    public static void createApplication(String str, String str2, String str3, String str4, String str5, String str6, String str7) throws IdentityApplicationManagementException {
        ServiceProvider serviceProvider = new ServiceProvider();
        serviceProvider.setApplicationName(str);
        serviceProvider.setDescription(str3);
        serviceProvider.setSaasApp(true);
        serviceProvider.setManagementApp(true);
        if (StringUtils.isNotEmpty(str7)) {
            serviceProvider.setAccessUrl(IdentityUtil.getServerURL(str7, true, true));
        }
        InboundAuthenticationRequestConfig inboundAuthenticationRequestConfig = new InboundAuthenticationRequestConfig();
        inboundAuthenticationRequestConfig.setInboundAuthKey(str4);
        inboundAuthenticationRequestConfig.setInboundAuthType(AppPortalConstants.INBOUND_AUTH2_TYPE);
        inboundAuthenticationRequestConfig.setInboundConfigType(AppPortalConstants.INBOUND_CONFIG_TYPE);
        List asList = Arrays.asList(inboundAuthenticationRequestConfig);
        InboundAuthenticationConfig inboundAuthenticationConfig = new InboundAuthenticationConfig();
        inboundAuthenticationConfig.setInboundAuthenticationRequestConfigs((InboundAuthenticationRequestConfig[]) asList.toArray(new InboundAuthenticationRequestConfig[0]));
        serviceProvider.setInboundAuthenticationConfig(inboundAuthenticationConfig);
        LocalAndOutboundAuthenticationConfig localAndOutboundAuthenticationConfig = new LocalAndOutboundAuthenticationConfig();
        localAndOutboundAuthenticationConfig.setUseUserstoreDomainInLocalSubjectIdentifier(true);
        localAndOutboundAuthenticationConfig.setUseTenantDomainInLocalSubjectIdentifier(true);
        localAndOutboundAuthenticationConfig.setSkipConsent(true);
        localAndOutboundAuthenticationConfig.setSkipLogoutConsent(true);
        serviceProvider.setLocalAndOutBoundAuthenticationConfig(localAndOutboundAuthenticationConfig);
        ClaimConfig claimConfig = new ClaimConfig();
        claimConfig.setClaimMappings(getRequestedClaimMappings());
        claimConfig.setLocalClaimDialect(true);
        serviceProvider.setClaimConfig(claimConfig);
        AppsCommonDataHolder.getInstance().getApplicationManagementService().createApplication(serviceProvider, str6, str2);
    }

    private static ClaimMapping[] getRequestedClaimMappings() {
        Claim claim = new Claim();
        claim.setClaimUri(AppPortalConstants.EMAIL_CLAIM_URI);
        ClaimMapping claimMapping = new ClaimMapping();
        claimMapping.setRequested(true);
        claimMapping.setLocalClaim(claim);
        claimMapping.setRemoteClaim(claim);
        Claim claim2 = new Claim();
        claim2.setClaimUri(AppPortalConstants.DISPLAY_NAME_CLAIM_URI);
        ClaimMapping claimMapping2 = new ClaimMapping();
        claimMapping2.setRequested(true);
        claimMapping2.setLocalClaim(claim2);
        claimMapping2.setRemoteClaim(claim2);
        Claim claim3 = new Claim();
        claim3.setClaimUri(AppPortalConstants.EMAIL_CLAIM_URI);
        ClaimMapping claimMapping3 = new ClaimMapping();
        claimMapping3.setRequested(true);
        claimMapping3.setLocalClaim(claim3);
        claimMapping3.setRemoteClaim(claim3);
        return new ClaimMapping[]{claimMapping, claimMapping2, claimMapping3};
    }

    public static void initiatePortals(String str, int i) throws IdentityApplicationManagementException, IdentityOAuthAdminException, RegistryException, UserStoreException {
        ApplicationManagementService applicationManagementService = AppsCommonDataHolder.getInstance().getApplicationManagementService();
        String adminUserName = AppsCommonDataHolder.getInstance().getRegistryService().getUserRealm(i).getRealmConfiguration().getAdminUserName();
        for (AppPortalConstants.AppPortal appPortal : AppPortalConstants.AppPortal.values()) {
            if (applicationManagementService.getApplicationExcludingFileBasedSPs(appPortal.getName(), str) == null) {
                String randomNumber = OAuthUtil.getRandomNumber();
                List asList = Arrays.asList("authorization_code", "refresh_token", AppPortalConstants.GRANT_TYPE_ACCOUNT_SWITCH);
                if (AppPortalConstants.CONSOLE_APP.equals(appPortal.getName())) {
                    asList = Arrays.asList("authorization_code", "refresh_token", AppPortalConstants.GRANT_TYPE_ACCOUNT_SWITCH, AppPortalConstants.GRANT_TYPE_ORGANIZATION_SWITCH);
                }
                List asList2 = Arrays.asList(AppsCommonDataHolder.getInstance().getOAuthAdminService().getAllowedGrantTypes());
                Stream stream = asList.stream();
                asList2.getClass();
                List list = (List) stream.filter((v1) -> {
                    return r1.contains(v1);
                }).collect(Collectors.toList());
                String consumerKey = appPortal.getConsumerKey();
                if (!"carbon.super".equals(str)) {
                    consumerKey = consumerKey + "_" + str;
                }
                try {
                    createOAuth2Application(appPortal.getName(), appPortal.getPath(), consumerKey, randomNumber, adminUserName, i, str, AppPortalConstants.TOKEN_BINDING_TYPE_COOKIE, list);
                    createApplication(appPortal.getName(), adminUserName, appPortal.getDescription(), consumerKey, randomNumber, str, appPortal.getPath());
                } catch (IdentityOAuthAdminException e) {
                    if (!"Error when adding the application. An application with the same name already exists.".equals(e.getMessage())) {
                        throw e;
                    }
                }
            }
        }
    }

    public static InboundAuthenticationRequestConfig getOAuthInboundAuthenticationRequestConfig(ServiceProvider serviceProvider) {
        if (serviceProvider == null || serviceProvider.getInboundAuthenticationConfig() == null || serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs() == null || serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs().length == 0) {
            return null;
        }
        for (InboundAuthenticationRequestConfig inboundAuthenticationRequestConfig : serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs()) {
            if (AppPortalConstants.INBOUND_AUTH2_TYPE.equals(inboundAuthenticationRequestConfig.getInboundAuthType())) {
                return inboundAuthenticationRequestConfig;
            }
        }
        return null;
    }
}
