package org.wso2.carbon.user.mgt.multiplecredentials;

import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.transport.http.HTTPConstants;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.RegistryType;
import org.wso2.carbon.core.CarbonConfigurationContextFactory;
import org.wso2.carbon.registry.core.Registry;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.user.api.Claim;
import org.wso2.carbon.user.api.RealmConfiguration;
import org.wso2.carbon.user.core.UserRealm;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.carbon.user.core.UserStoreManager;
import org.wso2.carbon.user.core.multiplecredentials.Credential;
import org.wso2.carbon.user.core.multiplecredentials.MultipleCredentialUserStoreManager;
import org.wso2.carbon.user.mgt.UserMgtConstants;
import org.wso2.carbon.user.mgt.common.ClaimValue;
import org.wso2.carbon.user.mgt.common.MultipleCredentialsUserAdminException;

/* loaded from: input_file:org/wso2/carbon/user/mgt/multiplecredentials/MultipleCredentialsUserProxy.class */
public class MultipleCredentialsUserProxy {
    private UserRealm realm = CarbonContext.getThreadLocalCarbonContext().getUserRealm();
    private static final String DOMAIN_PARAMETER = "multipleCredentialDomain";
    private static final String MULTIPLE_CREDENTIAL_DOMAIN_NAME = "multipleCredentialUserStoreDomain";
    private static Log log = LogFactory.getLog(MultipleCredentialsUserProxy.class);
    private static final Object lock = new Object();
    private static MultipleCredentialUserStoreManager userStoreManager;

    private String getLoggedInUser() {
        HttpServletRequest httpServletRequest;
        MessageContext currentMessageContext = MessageContext.getCurrentMessageContext();
        if (currentMessageContext == null || (httpServletRequest = (HttpServletRequest) currentMessageContext.getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST)) == null) {
            return null;
        }
        return (String) httpServletRequest.getSession(false).getAttribute("wso2carbon.admin.logged.in");
    }

    public void addUser(Credential credential, String[] strArr, ClaimValue[] claimValueArr, String str) throws MultipleCredentialsUserAdminException {
        try {
            getUserStoreManager().addUser(credential, checkRolesPermissions(strArr), getClaimsMap(claimValueArr), str);
        } catch (UserStoreException e) {
            throw new MultipleCredentialsUserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new MultipleCredentialsUserAdminException(e2.getMessage(), e2);
        }
    }

    private String[] checkRolesPermissions(String[] strArr) throws UserStoreException, MultipleCredentialsUserAdminException {
        RealmConfiguration realmConfiguration = this.realm.getRealmConfiguration();
        if (realmConfiguration.getUserStoreProperty("ExternalIdP") != null) {
            throw new MultipleCredentialsUserAdminException("Please contact your external Identity Provider to add users");
        }
        if (strArr != null) {
            String loggedInUser = getLoggedInUser();
            Arrays.sort(strArr);
            boolean z = false;
            for (String str : strArr) {
                z = this.realm.getAuthorizationManager().isRoleAuthorized(str, "/permission", UserMgtConstants.EXECUTE_ACTION);
                if (!z) {
                    z = this.realm.getAuthorizationManager().isRoleAuthorized(str, "/permission/admin", UserMgtConstants.EXECUTE_ACTION);
                }
                if (z) {
                    break;
                }
            }
            if ((Arrays.binarySearch(strArr, realmConfiguration.getAdminRoleName()) > -1 || z) && !realmConfiguration.getAdminUserName().equals(loggedInUser)) {
                log.warn("An attempt to assign user to Admin permission role by user : " + loggedInUser);
                throw new UserStoreException("Can not assign user to Admin permission role");
            }
            boolean z2 = false;
            String[] strArr2 = new String[strArr.length + 1];
            int i = 0;
            while (true) {
                if (i >= strArr.length) {
                    break;
                }
                strArr2[i] = strArr[i];
                if (strArr[i].equals(realmConfiguration.getEveryOneRoleName())) {
                    z2 = true;
                    break;
                }
                i++;
            }
            if (!z2) {
                strArr2[strArr.length] = realmConfiguration.getEveryOneRoleName();
                strArr = strArr2;
            }
        }
        return strArr;
    }

    private MultipleCredentialUserStoreManager getUserStoreManager() throws UserStoreException {
        if (userStoreManager == null) {
            synchronized (lock) {
                if (userStoreManager == null) {
                    String str = (String) CarbonConfigurationContextFactory.getConfigurationContext().getAxisConfiguration().getParameterValue(DOMAIN_PARAMETER);
                    if (str == null) {
                        str = MULTIPLE_CREDENTIAL_DOMAIN_NAME;
                    }
                    UserStoreManager userStoreManager2 = this.realm.getUserStoreManager();
                    UserStoreManager secondaryUserStoreManager = userStoreManager2.getSecondaryUserStoreManager(str);
                    if (secondaryUserStoreManager != null) {
                        userStoreManager2 = secondaryUserStoreManager;
                    }
                    if (!(userStoreManager2 instanceof MultipleCredentialUserStoreManager)) {
                        UserStoreException multipleCredentialsNotSupportedException = new MultipleCredentialsNotSupportedException("User store does not support multiple credentials.");
                        log.fatal("User store does not support multiple credentials.", multipleCredentialsNotSupportedException);
                        throw multipleCredentialsNotSupportedException;
                    }
                    userStoreManager = (MultipleCredentialUserStoreManager) userStoreManager2;
                }
            }
        }
        return userStoreManager;
    }

    public void addUsers(Credential[] credentialArr, String[] strArr, ClaimValue[] claimValueArr, String str) throws MultipleCredentialsUserAdminException {
        try {
            getUserStoreManager().addUsers(credentialArr, checkRolesPermissions(strArr), getClaimsMap(claimValueArr), str);
        } catch (UserStoreException e) {
            throw new MultipleCredentialsUserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new MultipleCredentialsUserAdminException(e2.getMessage(), e2);
        }
    }

    public void deleteUser(String str, String str2) throws MultipleCredentialsUserAdminException {
        try {
            String loggedInUser = getLoggedInUser();
            RealmConfiguration realmConfiguration = this.realm.getRealmConfiguration();
            if (str != null && str.equals(realmConfiguration.getAdminUserName()) && !str.equals(loggedInUser)) {
                log.warn("An attempt to delete Admin user by user : " + loggedInUser);
                throw new UserStoreException("Can not delete Admin user");
            }
            MultipleCredentialUserStoreManager userStoreManager2 = getUserStoreManager();
            if (str != null) {
                String[] roleListOfUser = userStoreManager2.getRoleListOfUser(str, str2);
                Arrays.sort(roleListOfUser);
                if (Arrays.binarySearch(roleListOfUser, realmConfiguration.getAdminRoleName()) > -1 && loggedInUser != null && !str.equals(loggedInUser) && !realmConfiguration.getAdminUserName().equals(loggedInUser) && !str.equals(realmConfiguration.getAdminUserName())) {
                    log.warn("An attempt to delete user in Admin role by user : " + loggedInUser);
                    throw new UserStoreException("Can not delete user in Admin role");
                }
            }
            userStoreManager2.deleteUser(str, str2);
            String str3 = "/users/" + str;
            Registry registry = CarbonContext.getThreadLocalCarbonContext().getRegistry(RegistryType.SYSTEM_CONFIGURATION);
            if (registry.resourceExists(str3)) {
                registry.delete(str3);
            }
        } catch (RegistryException e) {
            String str4 = "Error deleting user from registry, " + e.getMessage();
            log.error(str4, e);
            throw new MultipleCredentialsUserAdminException(str4, e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new MultipleCredentialsUserAdminException(e2.getMessage(), e2);
        } catch (UserStoreException e3) {
            throw new MultipleCredentialsUserAdminException(e3.getMessage(), e3);
        }
    }

    public void addCredential(String str, String str2, Credential credential) throws MultipleCredentialsUserAdminException {
        try {
            getUserStoreManager().addCredential(str, str2, credential);
        } catch (UserStoreException e) {
            throw new MultipleCredentialsUserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new MultipleCredentialsUserAdminException(e2.getMessage(), e2);
        }
    }

    public void updateCredential(String str, String str2, Credential credential) throws MultipleCredentialsUserAdminException {
        try {
            getUserStoreManager().updateCredential(str, str2, credential);
        } catch (UserStoreException e) {
            throw new MultipleCredentialsUserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new MultipleCredentialsUserAdminException(e2.getMessage(), e2);
        }
    }

    public void deleteCredential(String str, String str2) throws MultipleCredentialsUserAdminException {
        try {
            getUserStoreManager().deleteCredential(str, str2);
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new MultipleCredentialsUserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            throw new MultipleCredentialsUserAdminException(e2.getMessage(), e2);
        }
    }

    public Credential[] getCredentials(String str, String str2) throws MultipleCredentialsUserAdminException {
        try {
            return getUserStoreManager().getCredentials(str, str2);
        } catch (UserStoreException e) {
            throw new MultipleCredentialsUserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new MultipleCredentialsUserAdminException(e2.getMessage(), e2);
        }
    }

    public void setUserClaimValue(String str, String str2, String str3, String str4, String str5) throws MultipleCredentialsUserAdminException {
        try {
            getUserStoreManager().setUserClaimValue(str, str2, str3, str4, str5);
        } catch (UserStoreException e) {
            throw new MultipleCredentialsUserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new MultipleCredentialsUserAdminException(e2.getMessage(), e2);
        }
    }

    public void setUserClaimValues(String str, String str2, ClaimValue[] claimValueArr, String str3) throws MultipleCredentialsUserAdminException {
        try {
            getUserStoreManager().setUserClaimValues(str, str2, getClaimsMap(claimValueArr), str3);
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new MultipleCredentialsUserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            throw new MultipleCredentialsUserAdminException(e2.getMessage(), e2);
        }
    }

    public void deleteUserClaimValue(String str, String str2, String str3, String str4) throws MultipleCredentialsUserAdminException {
        try {
            getUserStoreManager().deleteUserClaimValue(str, str2, str3, str4);
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new MultipleCredentialsUserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            throw new MultipleCredentialsUserAdminException(e2.getMessage(), e2);
        }
    }

    public void deleteUserClaimValues(String str, String str2, String[] strArr, String str3) throws MultipleCredentialsUserAdminException {
        try {
            getUserStoreManager().deleteUserClaimValues(str, str2, strArr, str3);
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new MultipleCredentialsUserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            throw new MultipleCredentialsUserAdminException(e2.getMessage(), e2);
        }
    }

    public String getUserClaimValue(String str, String str2, String str3, String str4) throws MultipleCredentialsUserAdminException {
        try {
            return getUserStoreManager().getUserClaimValue(str, str2, str3, str4);
        } catch (UserStoreException e) {
            throw new MultipleCredentialsUserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new MultipleCredentialsUserAdminException(e2.getMessage(), e2);
        }
    }

    public ClaimValue[] getUserClaimValues(String str, String str2, String[] strArr, String str3) throws MultipleCredentialsUserAdminException {
        try {
            return getClaimValues((Claim[]) getUserStoreManager().getUserClaimValues(str, str2, strArr, str3));
        } catch (UserStoreException e) {
            throw new MultipleCredentialsUserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new MultipleCredentialsUserAdminException(e2.getMessage(), e2);
        }
    }

    public ClaimValue[] getAllUserClaimValues(String str, String str2, String str3) throws MultipleCredentialsUserAdminException {
        try {
            return getClaimValues((Claim[]) getUserStoreManager().getUserClaimValues(str, str2, str3));
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new MultipleCredentialsUserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            throw new MultipleCredentialsUserAdminException(e2.getMessage(), e2);
        }
    }

    public boolean authenticate(Credential credential) throws MultipleCredentialsUserAdminException {
        try {
            return getUserStoreManager().authenticate(credential);
        } catch (UserStoreException e) {
            throw new MultipleCredentialsUserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new MultipleCredentialsUserAdminException(e2.getMessage(), e2);
        }
    }

    private Map<String, String> getClaimsMap(ClaimValue[] claimValueArr) {
        HashMap hashMap = new HashMap();
        if (claimValueArr != null) {
            for (ClaimValue claimValue : claimValueArr) {
                hashMap.put(claimValue.getClaimURI(), claimValue.getValue());
            }
        }
        return hashMap;
    }

    private ClaimValue[] getClaimValues(Claim[] claimArr) {
        if (claimArr == null) {
            return null;
        }
        ClaimValue[] claimValueArr = new ClaimValue[claimArr.length];
        int i = 0;
        for (Claim claim : claimArr) {
            claimValueArr[i] = new ClaimValue();
            claimValueArr[i].setClaimURI(claim.getClaimUri());
            claimValueArr[i].setValue(claim.getValue());
            i++;
        }
        return claimValueArr;
    }

    private ClaimValue[] getClaimValues(Map<String, String> map) {
        if (map == null) {
            return null;
        }
        ClaimValue[] claimValueArr = new ClaimValue[map.size()];
        int i = 0;
        for (Map.Entry<String, String> entry : map.entrySet()) {
            claimValueArr[i] = new ClaimValue();
            claimValueArr[i].setClaimURI(entry.getKey());
            claimValueArr[i].setValue(entry.getValue());
            i++;
        }
        return claimValueArr;
    }

    public void addUser(String str, Credential credential, String[] strArr, ClaimValue[] claimValueArr, String str2) throws MultipleCredentialsUserAdminException {
        try {
            getUserStoreManager().addUserWithUserId(str, credential, checkRolesPermissions(strArr), getClaimsMap(claimValueArr), str2);
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new MultipleCredentialsUserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            throw new MultipleCredentialsUserAdminException(e2.getMessage(), e2);
        }
    }

    public String getUserId(Credential credential) throws MultipleCredentialsUserAdminException {
        try {
            return getUserStoreManager().getUserId(credential);
        } catch (UserStoreException e) {
            throw new MultipleCredentialsUserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new MultipleCredentialsUserAdminException(e2.getMessage(), e2);
        }
    }
}
