package org.wso2.carbon.identity.oauth.endpoint.user.impl;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.oltu.oauth2.common.utils.JSONUtils;
import org.json.JSONObject;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.application.common.model.ClaimMapping;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.oauth.cache.AuthorizationGrantCache;
import org.wso2.carbon.identity.oauth.cache.AuthorizationGrantCacheEntry;
import org.wso2.carbon.identity.oauth.cache.AuthorizationGrantCacheKey;
import org.wso2.carbon.identity.oauth.endpoint.util.ClaimUtil;
import org.wso2.carbon.identity.oauth.user.UserInfoEndpointException;
import org.wso2.carbon.identity.oauth.user.UserInfoResponseBuilder;
import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationResponseDTO;
import org.wso2.carbon.identity.oauth2.internal.OAuth2ServiceComponentHolder;
import org.wso2.carbon.identity.oauth2.util.OAuth2Util;
import org.wso2.carbon.registry.core.Resource;
import org.wso2.carbon.registry.core.exceptions.RegistryException;

/* loaded from: input_file:WEB-INF/classes/org/wso2/carbon/identity/oauth/endpoint/user/impl/UserInfoJSONResponseBuilder.class */
public class UserInfoJSONResponseBuilder implements UserInfoResponseBuilder {
    private static final Log log = LogFactory.getLog(UserInfoJSONResponseBuilder.class);
    private static final String UPDATED_AT = "updated_at";
    private static final String PHONE_NUMBER_VERIFIED = "phone_number_verified";
    private static final String EMAIL_VERIFIED = "email_verified";
    private static final String ADDRESS = "address";
    private ArrayList<String> lstEssential = new ArrayList<>();
    Map<String, Object> claimsforAddressScope = new HashMap();

    public String getResponseString(OAuth2TokenValidationResponseDTO oAuth2TokenValidationResponseDTO) throws UserInfoEndpointException {
        Map<String, Object> claimsFromUserStore;
        Resource resource = null;
        try {
            try {
                PrivilegedCarbonContext.startTenantFlow();
                PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
                int clientTenatId = OAuth2Util.getClientTenatId();
                String tenantDomain = IdentityTenantUtil.getTenantDomain(clientTenatId);
                threadLocalCarbonContext.setTenantId(clientTenatId);
                threadLocalCarbonContext.setTenantDomain(tenantDomain);
                resource = OAuth2ServiceComponentHolder.getRegistryService().getConfigSystemRegistry(clientTenatId).get("/oidc");
                OAuth2Util.clearClientTenantId();
                PrivilegedCarbonContext.endTenantFlow();
            } catch (RegistryException e) {
                log.error("Error while obtaining registry collection from :/oidc", e);
                OAuth2Util.clearClientTenantId();
                PrivilegedCarbonContext.endTenantFlow();
            }
            Map<ClaimMapping, String> userAttributesFromCache = getUserAttributesFromCache(oAuth2TokenValidationResponseDTO);
            HashMap hashMap = new HashMap();
            if (userAttributesFromCache == null || userAttributesFromCache.isEmpty()) {
                if (log.isDebugEnabled()) {
                    log.debug("User attributes not found in cache. Trying to retrieve from user store.");
                }
                claimsFromUserStore = ClaimUtil.getClaimsFromUserStore(oAuth2TokenValidationResponseDTO);
            } else {
                claimsFromUserStore = UserInfoEndpointConfig.getInstance().getUserInfoClaimRetriever().getClaimsMap(userAttributesFromCache);
            }
            if (claimsFromUserStore == null) {
                claimsFromUserStore = new HashMap();
            }
            for (String str : oAuth2TokenValidationResponseDTO.getScope()) {
                if (resource != null && resource.getProperties() != null) {
                    Enumeration<?> propertyNames = resource.getProperties().propertyNames();
                    while (propertyNames.hasMoreElements()) {
                        if (((String) propertyNames.nextElement()).equals(str)) {
                            String property = resource.getProperty(str);
                            String[] split = property.contains(",") ? property.split(",") : new String[]{property};
                            for (Map.Entry<String, Object> entry : claimsFromUserStore.entrySet()) {
                                if (Arrays.asList(split).contains(entry.getKey())) {
                                    if (str.equals(ADDRESS)) {
                                        this.claimsforAddressScope.put(entry.getKey(), claimsFromUserStore.get(entry.getKey()));
                                    } else {
                                        hashMap.put(entry.getKey(), claimsFromUserStore.get(entry.getKey()));
                                    }
                                }
                            }
                        }
                    }
                }
            }
            if (!hashMap.containsKey("sub") || StringUtils.isBlank((String) claimsFromUserStore.get("sub"))) {
                hashMap.put("sub", oAuth2TokenValidationResponseDTO.getAuthorizedUser());
            }
            if (this.claimsforAddressScope.size() > 0) {
                JSONObject jSONObject = new JSONObject();
                for (Map.Entry<String, Object> entry2 : this.claimsforAddressScope.entrySet()) {
                    jSONObject.put(entry2.getKey(), claimsFromUserStore.get(entry2.getKey()));
                }
                hashMap.put(ADDRESS, jSONObject);
            }
            if (hashMap.containsKey(UPDATED_AT) && hashMap.get(UPDATED_AT) != null && (hashMap.get(UPDATED_AT) instanceof String)) {
                hashMap.put(UPDATED_AT, Integer.valueOf(Integer.parseInt((String) hashMap.get(UPDATED_AT))));
            }
            if (hashMap.containsKey(PHONE_NUMBER_VERIFIED) && hashMap.get(PHONE_NUMBER_VERIFIED) != null && (hashMap.get(PHONE_NUMBER_VERIFIED) instanceof String)) {
                hashMap.put(PHONE_NUMBER_VERIFIED, Boolean.valueOf((String) hashMap.get(PHONE_NUMBER_VERIFIED)));
            }
            if (hashMap.containsKey(EMAIL_VERIFIED) && hashMap.get(EMAIL_VERIFIED) != null && (hashMap.get(EMAIL_VERIFIED) instanceof String)) {
                hashMap.put(EMAIL_VERIFIED, Boolean.valueOf((String) hashMap.get(EMAIL_VERIFIED)));
            }
            if (this.lstEssential != null) {
                Iterator<String> it = this.lstEssential.iterator();
                while (it.hasNext()) {
                    String next = it.next();
                    hashMap.put(next, claimsFromUserStore.get(next));
                }
            }
            return JSONUtils.buildJSON(hashMap);
        } catch (Throwable th) {
            OAuth2Util.clearClientTenantId();
            PrivilegedCarbonContext.endTenantFlow();
            throw th;
        }
    }

    private Map<ClaimMapping, String> getUserAttributesFromCache(OAuth2TokenValidationResponseDTO oAuth2TokenValidationResponseDTO) {
        AuthorizationGrantCacheEntry valueFromCacheByToken = AuthorizationGrantCache.getInstance().getValueFromCacheByToken(new AuthorizationGrantCacheKey(oAuth2TokenValidationResponseDTO.getAuthorizationContextToken().getTokenString()));
        if (valueFromCacheByToken == null) {
            return new HashMap();
        }
        if (StringUtils.isNotEmpty(valueFromCacheByToken.getEssentialClaims())) {
            this.lstEssential = getEssentialClaims(valueFromCacheByToken.getEssentialClaims());
        }
        return valueFromCacheByToken.getUserAttributes();
    }

    private ArrayList<String> getEssentialClaims(String str) {
        JSONObject jSONObject = new JSONObject(str);
        ArrayList<String> arrayList = new ArrayList<>();
        if (jSONObject != null && jSONObject.toString().contains("userinfo")) {
            JSONObject jSONObject2 = jSONObject.getJSONObject("userinfo");
            Iterator<String> keys = jSONObject2.keys();
            while (keys.hasNext()) {
                String next = keys.next();
                String str2 = null;
                if (jSONObject2 != null) {
                    str2 = jSONObject2.get(next).toString();
                }
                JSONObject jSONObject3 = new JSONObject(str2);
                if (jSONObject3 != null) {
                    Iterator<String> keys2 = jSONObject3.keys();
                    while (keys2.hasNext()) {
                        String next2 = keys2.next();
                        if (jSONObject3.get(next2).toString().equals("true") && next2.equals("essential")) {
                            arrayList.add(next);
                        }
                    }
                }
            }
        }
        return arrayList;
    }
}
