package org.wso2.carbon.identity.oauth;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.core.AbstractAdmin;
import org.wso2.carbon.identity.core.model.OAuthAppDO;
import org.wso2.carbon.identity.oauth.cache.AppInfoCache;
import org.wso2.carbon.identity.oauth.cache.CacheKey;
import org.wso2.carbon.identity.oauth.cache.OAuthCache;
import org.wso2.carbon.identity.oauth.cache.OAuthCacheKey;
import org.wso2.carbon.identity.oauth.common.OAuth2ErrorCodes;
import org.wso2.carbon.identity.oauth.common.OAuthConstants;
import org.wso2.carbon.identity.oauth.common.exception.InvalidOAuthClientException;
import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration;
import org.wso2.carbon.identity.oauth.dao.OAuthAppDAO;
import org.wso2.carbon.identity.oauth.dto.OAuthConsumerAppDTO;
import org.wso2.carbon.identity.oauth.dto.OAuthRevocationRequestDTO;
import org.wso2.carbon.identity.oauth.dto.OAuthRevocationResponseDTO;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.dao.TokenMgtDAO;
import org.wso2.carbon.identity.oauth2.model.AccessTokenDO;
import org.wso2.carbon.identity.oauth2.util.OAuth2Util;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/identity/oauth/OAuthAdminService.class */
public class OAuthAdminService extends AbstractAdmin {
    private static List<String> allowedGrants = null;
    protected Log log = LogFactory.getLog(OAuthAdminService.class);
    private AppInfoCache appInfoCache = AppInfoCache.getInstance();

    public String[] registerOAuthConsumer() throws Exception {
        String username = CarbonContext.getThreadLocalCarbonContext().getUsername();
        if (this.log.isDebugEnabled()) {
            this.log.debug("Adding a consumer secret for the logged in user " + username);
        }
        return new OAuthAppDAO().addOAuthConsumer(MultitenantUtils.getTenantAwareUsername(username), CarbonContext.getThreadLocalCarbonContext().getTenantId());
    }

    public OAuthConsumerAppDTO[] getAllOAuthApplicationData() throws Exception {
        String username = CarbonContext.getThreadLocalCarbonContext().getUsername();
        OAuthConsumerAppDTO[] oAuthConsumerAppDTOArr = new OAuthConsumerAppDTO[0];
        if (username == null) {
            if (this.log.isErrorEnabled()) {
                this.log.debug("User not logged in");
            }
            throw new Exception("User not logged in");
        }
        OAuthAppDO[] oAuthConsumerAppsOfUser = new OAuthAppDAO().getOAuthConsumerAppsOfUser(MultitenantUtils.getTenantAwareUsername(username), CarbonContext.getThreadLocalCarbonContext().getTenantId());
        if (oAuthConsumerAppsOfUser != null && oAuthConsumerAppsOfUser.length > 0) {
            oAuthConsumerAppDTOArr = new OAuthConsumerAppDTO[oAuthConsumerAppsOfUser.length];
            for (int i = 0; i < oAuthConsumerAppsOfUser.length; i++) {
                OAuthAppDO oAuthAppDO = oAuthConsumerAppsOfUser[i];
                OAuthConsumerAppDTO oAuthConsumerAppDTO = new OAuthConsumerAppDTO();
                oAuthConsumerAppDTO.setApplicationName(oAuthAppDO.getApplicationName());
                oAuthConsumerAppDTO.setCallbackUrl(oAuthAppDO.getCallbackUrl());
                oAuthConsumerAppDTO.setOauthConsumerKey(oAuthAppDO.getOauthConsumerKey());
                oAuthConsumerAppDTO.setOauthConsumerSecret(oAuthAppDO.getOauthConsumerSecret());
                oAuthConsumerAppDTO.setOAuthVersion(oAuthAppDO.getOauthVersion());
                oAuthConsumerAppDTO.setGrantTypes(oAuthAppDO.getGrantTypes());
                oAuthConsumerAppDTO.setUsername(oAuthAppDO.getUserName());
                oAuthConsumerAppDTOArr[i] = oAuthConsumerAppDTO;
            }
        }
        return oAuthConsumerAppDTOArr;
    }

    public OAuthConsumerAppDTO getOAuthApplicationData(String str) throws Exception {
        OAuthConsumerAppDTO oAuthConsumerAppDTO = new OAuthConsumerAppDTO();
        OAuthAppDO appInformation = new OAuthAppDAO().getAppInformation(str);
        if (appInformation != null) {
            oAuthConsumerAppDTO.setApplicationName(appInformation.getApplicationName());
            oAuthConsumerAppDTO.setCallbackUrl(appInformation.getCallbackUrl());
            oAuthConsumerAppDTO.setOauthConsumerKey(appInformation.getOauthConsumerKey());
            oAuthConsumerAppDTO.setOauthConsumerSecret(appInformation.getOauthConsumerSecret());
            oAuthConsumerAppDTO.setOAuthVersion(appInformation.getOauthVersion());
            oAuthConsumerAppDTO.setGrantTypes(appInformation.getGrantTypes());
        }
        return oAuthConsumerAppDTO;
    }

    public OAuthConsumerAppDTO getOAuthApplicationDataByAppName(String str) throws Exception {
        OAuthConsumerAppDTO oAuthConsumerAppDTO = new OAuthConsumerAppDTO();
        OAuthAppDO appInformationByAppName = new OAuthAppDAO().getAppInformationByAppName(str);
        if (appInformationByAppName != null) {
            oAuthConsumerAppDTO.setApplicationName(appInformationByAppName.getApplicationName());
            oAuthConsumerAppDTO.setCallbackUrl(appInformationByAppName.getCallbackUrl());
            oAuthConsumerAppDTO.setOauthConsumerKey(appInformationByAppName.getOauthConsumerKey());
            oAuthConsumerAppDTO.setOauthConsumerSecret(appInformationByAppName.getOauthConsumerSecret());
            oAuthConsumerAppDTO.setOAuthVersion(appInformationByAppName.getOauthVersion());
            oAuthConsumerAppDTO.setGrantTypes(appInformationByAppName.getGrantTypes());
        }
        return oAuthConsumerAppDTO;
    }

    public void registerOAuthApplicationData(OAuthConsumerAppDTO oAuthConsumerAppDTO) throws Exception {
        String username = CarbonContext.getThreadLocalCarbonContext().getUsername();
        if (username != null) {
            String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(username);
            int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
            OAuthAppDAO oAuthAppDAO = new OAuthAppDAO();
            OAuthAppDO oAuthAppDO = new OAuthAppDO();
            if (oAuthConsumerAppDTO != null) {
                oAuthAppDO.setApplicationName(oAuthConsumerAppDTO.getApplicationName());
                if ((oAuthConsumerAppDTO.getGrantTypes().contains("authorization_code") || oAuthConsumerAppDTO.getGrantTypes().contains("implicit")) && (oAuthConsumerAppDTO.getCallbackUrl() == null || oAuthConsumerAppDTO.getCallbackUrl().equals(""))) {
                    throw new IdentityOAuthAdminException("Callback Url is required for Code or Implicit grant types");
                }
                oAuthAppDO.setCallbackUrl(oAuthConsumerAppDTO.getCallbackUrl());
                if (oAuthConsumerAppDTO.getOauthConsumerKey() == null) {
                    oAuthAppDO.setOauthConsumerKey(OAuthUtil.getRandomNumber());
                    oAuthAppDO.setOauthConsumerSecret(OAuthUtil.getRandomNumber());
                } else {
                    oAuthAppDO.setOauthConsumerKey(oAuthConsumerAppDTO.getOauthConsumerKey());
                    oAuthAppDO.setOauthConsumerSecret(oAuthConsumerAppDTO.getOauthConsumerSecret());
                }
                String username2 = oAuthConsumerAppDTO.getUsername();
                if (username2 != null && username2.trim().length() > 0) {
                    if (CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager().isExistingUser(oAuthConsumerAppDTO.getUsername())) {
                        tenantAwareUsername = username2;
                    } else {
                        this.log.warn("OAuth application registrant user name " + username2 + " does not exist in the user store. Using logged-in user name " + tenantAwareUsername + " as registrant name");
                    }
                }
                oAuthAppDO.setUserName(tenantAwareUsername);
                oAuthAppDO.setTenantId(tenantId);
                if (oAuthConsumerAppDTO.getOAuthVersion() != null) {
                    oAuthAppDO.setOauthVersion(oAuthConsumerAppDTO.getOAuthVersion());
                } else {
                    oAuthAppDO.setOauthVersion(OAuthConstants.OAuthVersions.VERSION_2);
                }
                if (OAuthConstants.OAuthVersions.VERSION_2.equals(oAuthConsumerAppDTO.getOAuthVersion())) {
                    ArrayList arrayList = new ArrayList(Arrays.asList(getAllowedGrantTypes()));
                    for (String str : oAuthConsumerAppDTO.getGrantTypes().split("\\s")) {
                        if (!str.trim().equals("") && !arrayList.contains(str)) {
                            throw new Exception(str + " not allowed");
                        }
                    }
                    oAuthAppDO.setGrantTypes(oAuthConsumerAppDTO.getGrantTypes());
                }
                oAuthAppDAO.addOAuthApplication(oAuthAppDO);
                if (OAuthServerConfiguration.getInstance().isCacheEnabled()) {
                    this.appInfoCache.addToCache(oAuthAppDO.getOauthConsumerKey(), oAuthAppDO);
                }
            }
        }
    }

    public void updateConsumerApplication(OAuthConsumerAppDTO oAuthConsumerAppDTO) throws Exception {
        String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(CarbonContext.getThreadLocalCarbonContext().getUsername());
        int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
        OAuthAppDAO oAuthAppDAO = new OAuthAppDAO();
        OAuthAppDO oAuthAppDO = new OAuthAppDO();
        oAuthAppDO.setUserName(tenantAwareUsername);
        oAuthAppDO.setTenantId(tenantId);
        oAuthAppDO.setOauthConsumerKey(oAuthConsumerAppDTO.getOauthConsumerKey());
        oAuthAppDO.setOauthConsumerSecret(oAuthConsumerAppDTO.getOauthConsumerSecret());
        oAuthAppDO.setCallbackUrl(oAuthConsumerAppDTO.getCallbackUrl());
        oAuthAppDO.setApplicationName(oAuthConsumerAppDTO.getApplicationName());
        if (OAuthConstants.OAuthVersions.VERSION_2.equals(oAuthConsumerAppDTO.getOAuthVersion())) {
            ArrayList arrayList = new ArrayList(Arrays.asList(getAllowedGrantTypes()));
            for (String str : oAuthConsumerAppDTO.getGrantTypes().split("\\s")) {
                if (!str.trim().equals("") && !arrayList.contains(str)) {
                    throw new Exception(str + " not allowed");
                }
            }
            oAuthAppDO.setGrantTypes(oAuthConsumerAppDTO.getGrantTypes());
        }
        oAuthAppDAO.updateConsumerApplication(oAuthAppDO);
        if (OAuthServerConfiguration.getInstance().isCacheEnabled()) {
            this.appInfoCache.addToCache(oAuthAppDO.getOauthConsumerKey(), oAuthAppDO);
        }
    }

    public void removeOAuthApplicationData(String str) throws Exception {
        new OAuthAppDAO().removeConsumerApplication(str);
        if (OAuthServerConfiguration.getInstance().isCacheEnabled()) {
            OAuthCache.getInstance().clearCacheEntry((CacheKey) new OAuthCacheKey(str));
            this.appInfoCache.clearCacheEntry(str);
            if (this.log.isDebugEnabled()) {
                this.log.debug("Client credentials are removed from the cache.");
            }
        }
    }

    public OAuthConsumerAppDTO[] getAppsAuthorizedByUser() throws IdentityOAuthAdminException {
        TokenMgtDAO tokenMgtDAO = new TokenMgtDAO();
        OAuthAppDAO oAuthAppDAO = new OAuthAppDAO();
        try {
            OAuthAppDO[] appsAuthorizedByUser = tokenMgtDAO.getAppsAuthorizedByUser((PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername() + "@" + PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain()).toLowerCase());
            OAuthConsumerAppDTO[] oAuthConsumerAppDTOArr = new OAuthConsumerAppDTO[appsAuthorizedByUser.length];
            for (int i = 0; i < oAuthConsumerAppDTOArr.length; i++) {
                OAuthAppDO appInformation = oAuthAppDAO.getAppInformation(appsAuthorizedByUser[i].getOauthConsumerKey());
                OAuthConsumerAppDTO oAuthConsumerAppDTO = new OAuthConsumerAppDTO();
                oAuthConsumerAppDTO.setApplicationName(appInformation.getApplicationName());
                oAuthConsumerAppDTO.setUsername(appInformation.getUserName());
                oAuthConsumerAppDTO.setGrantTypes(appInformation.getGrantTypes());
                oAuthConsumerAppDTOArr[i] = oAuthConsumerAppDTO;
            }
            return oAuthConsumerAppDTOArr;
        } catch (InvalidOAuthClientException e) {
            this.log.error(e.getMessage());
            throw new IdentityOAuthAdminException("Error while retrieving OAuth application information");
        } catch (IdentityOAuth2Exception e2) {
            this.log.error(e2.getMessage());
            throw new IdentityOAuthAdminException("Error while retrieving OAuth application information");
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r9v0, types: [java.lang.Throwable, org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception] */
    public OAuthRevocationResponseDTO revokeAuthzForAppsByResoureOwner(OAuthRevocationRequestDTO oAuthRevocationRequestDTO) throws IdentityOAuthAdminException {
        TokenMgtDAO tokenMgtDAO = new TokenMgtDAO();
        try {
            if (oAuthRevocationRequestDTO.getApps() == null || oAuthRevocationRequestDTO.getApps().length <= 0) {
                OAuthRevocationResponseDTO oAuthRevocationResponseDTO = new OAuthRevocationResponseDTO();
                oAuthRevocationResponseDTO.setError(true);
                oAuthRevocationResponseDTO.setErrorCode(OAuth2ErrorCodes.INVALID_REQUEST);
                oAuthRevocationResponseDTO.setErrorMsg("Invalid revocation request");
                return oAuthRevocationResponseDTO;
            }
            String lowerCase = (PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername() + "@" + PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain()).toLowerCase();
            ArrayList<AccessTokenDO> arrayList = new ArrayList();
            OAuthAppDAO oAuthAppDAO = new OAuthAppDAO();
            String str = null;
            if (OAuth2Util.checkAccessTokenPartitioningEnabled() && OAuth2Util.checkUserNameAssertionEnabled()) {
                str = OAuth2Util.getUserStoreDomainFromUserId(lowerCase);
            }
            OAuthAppDO[] appsAuthorizedByUser = tokenMgtDAO.getAppsAuthorizedByUser(lowerCase);
            for (String str2 : oAuthRevocationRequestDTO.getApps()) {
                for (OAuthAppDO oAuthAppDO : appsAuthorizedByUser) {
                    OAuthAppDO appInformation = oAuthAppDAO.getAppInformation(oAuthAppDO.getOauthConsumerKey());
                    if (appInformation.getApplicationName().equals(str2)) {
                        arrayList.add(tokenMgtDAO.getValidAccessTokenIfExist(appInformation.getOauthConsumerKey(), lowerCase, str, true));
                    }
                }
            }
            tokenMgtDAO.revokeTokensByResourceOwner(oAuthRevocationRequestDTO.getApps(), lowerCase);
            for (AccessTokenDO accessTokenDO : arrayList) {
                OAuthUtil.clearOAuthCache(accessTokenDO.getConsumerKey(), accessTokenDO.getAuthzUser(), OAuth2Util.buildScopeString(accessTokenDO.getScope()));
            }
            return new OAuthRevocationResponseDTO();
        } catch (InvalidOAuthClientException e) {
            this.log.error(e.getMessage(), e);
            throw new IdentityOAuthAdminException("Error occurred while revoking OAuth2 authorization grant(s)");
        } catch (IdentityOAuth2Exception e2) {
            this.log.error(e2.getMessage(), e2);
            throw new IdentityOAuthAdminException("Error occurred while revoking OAuth2 authorization grant(s)");
        }
    }

    public String[] getAllowedGrantTypes() {
        if (allowedGrants == null) {
            allowedGrants = new ArrayList();
            allowedGrants.addAll(OAuthServerConfiguration.getInstance().getSupportedGrantTypes().keySet());
            if (OAuthServerConfiguration.getInstance().getSupportedResponseTypes().containsKey("token")) {
                allowedGrants.add("implicit");
            }
        }
        return (String[]) allowedGrants.toArray(new String[allowedGrants.size()]);
    }
}
