package org.wso2.carbon.apimgt.keymgt.listeners;

import java.util.Set;
import org.apache.axis2.AxisFault;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.impl.APIManagerConfiguration;
import org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO;
import org.wso2.carbon.apimgt.impl.dto.Environment;
import org.wso2.carbon.apimgt.impl.utils.APIAuthenticationAdminClient;
import org.wso2.carbon.apimgt.impl.workflow.WorkflowException;
import org.wso2.carbon.apimgt.impl.workflow.WorkflowExecutor;
import org.wso2.carbon.apimgt.impl.workflow.WorkflowExecutorFactory;
import org.wso2.carbon.apimgt.keymgt.internal.ServiceReferenceHolder;
import org.wso2.carbon.apimgt.keymgt.util.APIKeyMgtDataHolder;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.oauth.listener.IdentityOathEventListener;
import org.wso2.carbon.user.api.Tenant;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.UserStoreManager;
import org.wso2.carbon.user.core.util.UserCoreUtil;

/* loaded from: input_file:org/wso2/carbon/apimgt/keymgt/listeners/KeyManagerUserOperationListener.class */
public class KeyManagerUserOperationListener extends IdentityOathEventListener {
    private static final Log log = LogFactory.getLog(KeyManagerUserOperationListener.class);

    public int getExecutionOrderId() {
        return getOrderId() - 1;
    }

    public boolean doPreDeleteUser(String str, UserStoreManager userStoreManager) {
        ApiMgtDAO dAOInstance = getDAOInstance();
        try {
            String tenantDomain = getTenantDomain();
            Tenant tenant = getTenant(getTenantId());
            if (tenant == null && "carbon.super".equals(tenantDomain)) {
                tenant = new org.wso2.carbon.user.core.tenant.Tenant();
                tenant.setDomain("carbon.super");
                tenant.setId(-1234);
            } else {
                str = UserCoreUtil.addTenantDomainToEntry(str, tenantDomain);
            }
            String str2 = (String) userStoreManager.getProperties(tenant).get("DomainName");
            str = "PRIMARY".equals(str2) ? str2.toUpperCase() + "/" + str : IdentityUtil.addDomainToName(str, str2);
            getWorkflowExecutor("AM_USER_SIGNUP").cleanUpPendingTask(dAOInstance.getExternalWorkflowReferenceForUserSignup(str));
        } catch (UserStoreException e) {
            log.error("Error while cleaning up workflow task for the user: " + str, e);
        } catch (APIManagementException e2) {
            log.error("Error while cleaning up workflow task for the user: " + str, e2);
        } catch (WorkflowException e3) {
            log.error("Error while cleaning up workflow task for the user: " + str, e3);
        }
        return !isEnable() || removeGatewayKeyCache(str, userStoreManager);
    }

    public boolean doPreUpdateRoleListOfUser(String str, String[] strArr, String[] strArr2, UserStoreManager userStoreManager) {
        return !isEnable() || removeGatewayKeyCache(str, userStoreManager);
    }

    public boolean doPreUpdateUserListOfRole(String str, String[] strArr, String[] strArr2, UserStoreManager userStoreManager) {
        return !isEnable() || removeGatewayKeyCache(str, userStoreManager);
    }

    private boolean removeGatewayKeyCache(String str, UserStoreManager userStoreManager) {
        String addTenantDomainToEntry = UserCoreUtil.addTenantDomainToEntry(UserCoreUtil.addDomainToName(str, getUserStoreDomainName(userStoreManager)), getTenantDomain());
        if (!isUserStoreInUsernameCaseSensitive(addTenantDomainToEntry)) {
            addTenantDomainToEntry = addTenantDomainToEntry.toLowerCase();
        }
        APIManagerConfiguration apiManagerConfiguration = getApiManagerConfiguration();
        if (apiManagerConfiguration.getApiGatewayEnvironments().size() <= 0) {
            return true;
        }
        try {
            Set activeAccessTokensOfUser = getDAOInstance().getActiveAccessTokensOfUser(addTenantDomainToEntry);
            if (activeAccessTokensOfUser == null || activeAccessTokensOfUser.isEmpty()) {
                if (!log.isDebugEnabled()) {
                    return true;
                }
                log.debug("No active tokens found for the user " + addTenantDomainToEntry);
                return true;
            }
            if (log.isDebugEnabled()) {
                log.debug("Found " + activeAccessTokensOfUser.size() + " active tokens of the user " + addTenantDomainToEntry);
            }
            for (Environment environment : apiManagerConfiguration.getApiGatewayEnvironments().values()) {
                if (log.isDebugEnabled()) {
                    log.debug("Going to remove tokens from the cache of the Gateway '" + environment.getName() + "'");
                }
                try {
                    getApiAuthenticationAdminClient(environment).invalidateCachedTokens(activeAccessTokensOfUser);
                    log.debug("Removed cached tokens of the Gateway.");
                } catch (AxisFault e) {
                    log.error("Error occurred while invalidating the Gateway Token Cache of Gateway '" + environment.getName() + "'", e);
                }
            }
            return true;
        } catch (APIManagementException e2) {
            log.error("Error while getting active access tokens of user " + addTenantDomainToEntry, e2);
            return false;
        }
    }

    protected APIAuthenticationAdminClient getApiAuthenticationAdminClient(Environment environment) throws AxisFault {
        return new APIAuthenticationAdminClient(environment);
    }

    protected APIManagerConfiguration getApiManagerConfiguration() {
        return ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService().getAPIManagerConfiguration();
    }

    protected boolean isUserStoreInUsernameCaseSensitive(String str) {
        return IdentityUtil.isUserStoreInUsernameCaseSensitive(str);
    }

    protected String getUserStoreDomainName(UserStoreManager userStoreManager) {
        return UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration());
    }

    protected WorkflowExecutor getWorkflowExecutor(String str) throws WorkflowException {
        return WorkflowExecutorFactory.getInstance().getWorkflowExecutor(str);
    }

    protected Tenant getTenant(int i) throws UserStoreException {
        return APIKeyMgtDataHolder.getRealmService().getTenantManager().getTenant(i);
    }

    protected int getTenantId() {
        return PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
    }

    protected String getTenantDomain() {
        return PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
    }

    protected ApiMgtDAO getDAOInstance() {
        return ApiMgtDAO.getInstance();
    }
}
