package org.wso2.carbon.identity.oauth.endpoint.util;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import org.apache.commons.collections.MapUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.claim.mgt.ClaimManagerHandler;
import org.wso2.carbon.identity.application.common.model.ClaimMapping;
import org.wso2.carbon.identity.application.common.model.ServiceProvider;
import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.oauth.OAuthUtil;
import org.wso2.carbon.identity.oauth.user.UserInfoEndpointException;
import org.wso2.carbon.identity.oauth2.dao.TokenMgtDAO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationResponseDTO;
import org.wso2.carbon.identity.oauth2.internal.OAuth2ServiceComponentHolder;
import org.wso2.carbon.identity.oauth2.model.AccessTokenDO;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.UserRealm;
import org.wso2.carbon.user.core.UserStoreManager;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:WEB-INF/classes/org/wso2/carbon/identity/oauth/endpoint/util/ClaimUtil.class */
public class ClaimUtil {
    static final String SP_DIALECT = "http://wso2.org/oidc/claim";
    private static final Log log = LogFactory.getLog(ClaimUtil.class);
    private static final String INBOUND_AUTH2_TYPE = "oauth2";

    private ClaimUtil() {
    }

    public static Map<String, Object> getClaimsFromUserStore(OAuth2TokenValidationResponseDTO oAuth2TokenValidationResponseDTO) throws UserInfoEndpointException {
        UserRealm realm;
        String authorizedUser = oAuth2TokenValidationResponseDTO.getAuthorizedUser();
        String tenantDomain = MultitenantUtils.getTenantDomain(oAuth2TokenValidationResponseDTO.getAuthorizedUser());
        ArrayList arrayList = new ArrayList();
        HashMap hashMap = new HashMap();
        try {
            realm = IdentityTenantUtil.getRealm(tenantDomain, authorizedUser);
        } catch (Exception e) {
            if (!(e instanceof UserStoreException)) {
                log.error("Error while retrieving the claims from user store for " + authorizedUser, e);
                throw new UserInfoEndpointException("Error while retrieving the claims from user store for " + authorizedUser);
            }
            if (e.getMessage().contains("UserNotFound") && log.isDebugEnabled()) {
                log.debug("User " + authorizedUser + " not found in user store");
            }
        }
        if (realm == null) {
            log.warn("No valid tenant domain provider. Empty claim returned back");
            return new HashMap();
        }
        UserStoreManager userStoreManager = realm.getUserStoreManager();
        AccessTokenDO retrieveAccessToken = new TokenMgtDAO().retrieveAccessToken(oAuth2TokenValidationResponseDTO.getAuthorizationContextToken().getTokenString(), false);
        ApplicationManagementService applicationMgtService = OAuth2ServiceComponentHolder.getApplicationMgtService();
        String consumerKey = retrieveAccessToken != null ? retrieveAccessToken.getConsumerKey() : null;
        String tenantDomainOfOauthApp = OAuthUtil.getTenantDomainOfOauthApp(OAuthUtil.getAppInformationByClientId(consumerKey));
        ServiceProvider applicationExcludingFileBasedSPs = applicationMgtService.getApplicationExcludingFileBasedSPs(applicationMgtService.getServiceProviderNameByClientId(consumerKey, INBOUND_AUTH2_TYPE, tenantDomainOfOauthApp), tenantDomainOfOauthApp);
        if (applicationExcludingFileBasedSPs == null) {
            return hashMap;
        }
        ClaimMapping[] claimMappings = applicationExcludingFileBasedSPs.getClaimConfig().getClaimMappings();
        String subjectClaimUri = applicationExcludingFileBasedSPs.getLocalAndOutBoundAuthenticationConfig().getSubjectClaimUri();
        if (applicationExcludingFileBasedSPs.getClaimConfig().getClaimMappings() != null) {
            ClaimMapping[] claimMappings2 = applicationExcludingFileBasedSPs.getClaimConfig().getClaimMappings();
            int length = claimMappings2.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                ClaimMapping claimMapping = claimMappings2[i];
                if (claimMapping.getRemoteClaim().getClaimUri().equals(subjectClaimUri)) {
                    subjectClaimUri = claimMapping.getLocalClaim().getClaimUri();
                    break;
                }
                i++;
            }
        }
        arrayList.add(subjectClaimUri);
        boolean z = false;
        if (subjectClaimUri != null || (claimMappings != null && claimMappings.length > 0)) {
            for (ClaimMapping claimMapping2 : claimMappings) {
                if (claimMapping2.isRequested()) {
                    arrayList.add(claimMapping2.getLocalClaim().getClaimUri());
                    if (claimMapping2.getLocalClaim().getClaimUri().equals(subjectClaimUri)) {
                        z = true;
                    }
                }
            }
            if (log.isDebugEnabled()) {
                log.debug("Requested number of local claims: " + arrayList.size());
            }
            Map mappingsMapFromOtherDialectToCarbon = ClaimManagerHandler.getInstance().getMappingsMapFromOtherDialectToCarbon(SP_DIALECT, (Set) null, tenantDomain, true);
            Map userClaimValues = userStoreManager.getUserClaimValues(MultitenantUtils.getTenantAwareUsername(authorizedUser), (String[]) arrayList.toArray(new String[arrayList.size()]), (String) null);
            if (log.isDebugEnabled()) {
                log.debug("User claims retrieved from user store: " + userClaimValues.size());
            }
            if (MapUtils.isEmpty(userClaimValues)) {
                return new HashMap();
            }
            for (Map.Entry entry : userClaimValues.entrySet()) {
                String str = (String) mappingsMapFromOtherDialectToCarbon.get(entry.getKey());
                if (str != null) {
                    if (((String) entry.getKey()).equals(subjectClaimUri)) {
                        hashMap.put("sub", entry.getValue());
                        if (!z) {
                        }
                    }
                    hashMap.put(str, entry.getValue());
                    if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable("UserClaims")) {
                        log.debug("Mapped claim: key -  " + str + " value -" + ((String) entry.getValue()));
                    }
                }
            }
        }
        return hashMap;
    }
}
