package org.wso2.carbon.apimgt.keymgt.token;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.util.LinkedHashMap;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.impl.internal.ServiceReferenceHolder;
import org.wso2.carbon.apimgt.impl.token.ClaimsRetriever;
import org.wso2.carbon.apimgt.impl.utils.APIUtil;
import org.wso2.carbon.apimgt.keymgt.handlers.ResourceConstants;
import org.wso2.carbon.apimgt.keymgt.service.TokenValidationContext;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.api.UserStoreManager;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/apimgt/keymgt/token/JWTGenerator.class */
public class JWTGenerator extends AbstractJWTGenerator {
    private static final Log log = LogFactory.getLog(JWTGenerator.class);

    @Override // org.wso2.carbon.apimgt.keymgt.token.AbstractJWTGenerator
    public Map<String, String> populateStandardClaims(TokenValidationContext tokenValidationContext) throws APIManagementException {
        long currentTimeMillis = System.currentTimeMillis() + (getTTL() * 1000);
        ClaimsRetriever claimsRetriever = getClaimsRetriever();
        String dialectURI = claimsRetriever != null ? claimsRetriever.getDialectURI(tokenValidationContext.getValidationInfoDTO().getEndUserName()) : getDialectURI();
        String subscriber = tokenValidationContext.getValidationInfoDTO().getSubscriber();
        String applicationName = tokenValidationContext.getValidationInfoDTO().getApplicationName();
        String applicationId = tokenValidationContext.getValidationInfoDTO().getApplicationId();
        String tier = tokenValidationContext.getValidationInfoDTO().getTier();
        String endUserName = tokenValidationContext.getValidationInfoDTO().getEndUserName();
        String type = tokenValidationContext.getValidationInfoDTO().getType();
        String userType = tokenValidationContext.getValidationInfoDTO().getUserType();
        String applicationTier = tokenValidationContext.getValidationInfoDTO().getApplicationTier();
        String valueOf = String.valueOf(APIUtil.getTenantId(endUserName));
        Map<String, String> applicationAttributes = getApplicationAttributes(Integer.parseInt(applicationId));
        LinkedHashMap linkedHashMap = new LinkedHashMap(20);
        linkedHashMap.put("iss", AbstractJWTGenerator.API_GATEWAY_ID);
        linkedHashMap.put(ResourceConstants.EXP_PARAM_NAME, String.valueOf(currentTimeMillis));
        linkedHashMap.put(dialectURI + "/subscriber", subscriber);
        linkedHashMap.put(dialectURI + "/applicationid", applicationId);
        linkedHashMap.put(dialectURI + "/applicationname", applicationName);
        linkedHashMap.put(dialectURI + "/applicationtier", applicationTier);
        linkedHashMap.put(dialectURI + "/apicontext", tokenValidationContext.getContext());
        linkedHashMap.put(dialectURI + "/version", tokenValidationContext.getVersion());
        linkedHashMap.put(dialectURI + "/tier", tier);
        linkedHashMap.put(dialectURI + "/keytype", type);
        linkedHashMap.put(dialectURI + "/usertype", userType);
        linkedHashMap.put(dialectURI + "/enduser", APIUtil.getUserNameWithTenantSuffix(endUserName));
        linkedHashMap.put(dialectURI + "/enduserTenantId", valueOf);
        if (applicationAttributes != null) {
            try {
                if (!applicationAttributes.isEmpty()) {
                    linkedHashMap.put(dialectURI + "/applicationAttributes", new ObjectMapper().writeValueAsString(applicationAttributes));
                }
            } catch (JsonProcessingException e) {
                log.error("Error in converting Map to String");
            }
        }
        return linkedHashMap;
    }

    @Override // org.wso2.carbon.apimgt.keymgt.token.AbstractJWTGenerator
    public Map<String, String> populateCustomClaims(TokenValidationContext tokenValidationContext) throws APIManagementException {
        ClaimsRetriever claimsRetriever = getClaimsRetriever();
        if (claimsRetriever == null) {
            return null;
        }
        String endUserName = tokenValidationContext.getValidationInfoDTO().getEndUserName();
        try {
            int tenantId = APIUtil.getTenantId(endUserName);
            if (tenantId != -1) {
                UserStoreManager userStoreManager = ServiceReferenceHolder.getInstance().getRealmService().getTenantUserRealm(tenantId).getUserStoreManager();
                String[] split = endUserName.split(MultitenantUtils.getTenantDomain(endUserName));
                if (split.length != 1) {
                    log.error("Could not extract username without tenant domain for: " + endUserName);
                    return null;
                }
                if (userStoreManager.isExistingUser(split[0].substring(0, split[0].length() - 1))) {
                    return claimsRetriever.getClaims(endUserName);
                }
                log.warn("User " + endUserName + " cannot be found by user store manager");
            } else {
                log.error("Tenant cannot be found for username: " + endUserName);
            }
            return null;
        } catch (APIManagementException e) {
            log.error("Error while retrieving claims ", e);
            return null;
        } catch (UserStoreException e2) {
            log.error("Error while retrieving user store ", e2);
            return null;
        }
    }
}
