package org.wso2.carbon.identity.scim.provider.impl;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
import org.wso2.carbon.identity.application.common.model.ProvisioningServiceProviderType;
import org.wso2.carbon.identity.application.common.model.ServiceProvider;
import org.wso2.carbon.identity.application.common.model.ThreadLocalProvisioningServiceProvider;
import org.wso2.carbon.identity.application.common.util.IdentityApplicationManagementUtil;
import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
import org.wso2.carbon.identity.provisioning.IdentityProvisioningException;
import org.wso2.carbon.identity.provisioning.OutboundProvisioningManager;
import org.wso2.carbon.identity.provisioning.ProvisioningEntity;
import org.wso2.carbon.identity.provisioning.ProvisioningEntityType;
import org.wso2.carbon.identity.provisioning.ProvisioningOperation;
import org.wso2.carbon.identity.scim.common.group.SCIMGroupHandler;
import org.wso2.carbon.identity.scim.common.utils.AttributeMapper;
import org.wso2.carbon.identity.scim.common.utils.IdentitySCIMException;
import org.wso2.carbon.identity.scim.common.utils.SCIMCommonUtils;
import org.wso2.carbon.identity.scim.provider.util.SCIMProviderConstants;
import org.wso2.carbon.user.api.ClaimMapping;
import org.wso2.carbon.user.api.Permission;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.UserStoreManager;
import org.wso2.carbon.user.core.claim.ClaimManager;
import org.wso2.carbon.user.core.util.UserCoreUtil;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
import org.wso2.charon.core.attributes.Attribute;
import org.wso2.charon.core.exceptions.CharonException;
import org.wso2.charon.core.exceptions.DuplicateResourceException;
import org.wso2.charon.core.exceptions.NotFoundException;
import org.wso2.charon.core.extensions.UserManager;
import org.wso2.charon.core.objects.AbstractSCIMObject;
import org.wso2.charon.core.objects.Group;
import org.wso2.charon.core.objects.SCIMObject;
import org.wso2.charon.core.objects.User;

/* loaded from: input_file:WEB-INF/classes/org/wso2/carbon/identity/scim/provider/impl/SCIMUserManager.class */
public class SCIMUserManager implements UserManager {
    public static final String USER_NAME_STRING = "userName";
    private static Log log = LogFactory.getLog(SCIMUserManager.class);
    private UserStoreManager carbonUM;
    private ClaimManager carbonClaimManager;
    private String consumerName;

    public SCIMUserManager(UserStoreManager userStoreManager, String str, ClaimManager claimManager) {
        this.carbonUM = null;
        this.carbonClaimManager = null;
        this.carbonUM = userStoreManager;
        this.consumerName = str;
        this.carbonClaimManager = claimManager;
    }

    public User createUser(User user) throws CharonException, DuplicateResourceException {
        return createUser(user, false);
    }

    public User createUser(User user, boolean z) throws CharonException, DuplicateResourceException {
        try {
            ThreadLocalProvisioningServiceProvider threadLocalProvisioningServiceProvider = IdentityApplicationManagementUtil.getThreadLocalProvisioningServiceProvider();
            if (z) {
                threadLocalProvisioningServiceProvider.setBulkUserAdd(true);
            }
            String str = null;
            if (!"PRIMARY".equalsIgnoreCase(getUserStoreDomainFromSP())) {
                str = getUserStoreDomainFromSP();
            }
            StringBuilder sb = new StringBuilder();
            if (str != null && str.trim().length() > 0) {
                user.setUserName(sb.append(str).append("/").append(UserCoreUtil.removeDomainFromName(user.getUserName())).toString());
            }
            try {
                try {
                    PrivilegedCarbonContext.startTenantFlow();
                    PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
                    threadLocalCarbonContext.setTenantDomain(MultitenantUtils.getTenantDomain(this.consumerName));
                    threadLocalCarbonContext.getTenantId(true);
                    if (log.isDebugEnabled()) {
                        log.debug("Creating user: " + user.getUserName());
                    }
                    SCIMCommonUtils.setThreadLocalIsManagedThroughSCIMEP(true);
                    Map claimsMap = AttributeMapper.getClaimsMap(user);
                    if (claimsMap.containsKey("urn:scim:schemas:core:1.0:groups")) {
                        claimsMap.remove("urn:scim:schemas:core:1.0:groups");
                    }
                    if (this.carbonUM.isExistingUser(user.getUserName())) {
                        throw new DuplicateResourceException("User with the name: " + user.getUserName() + " already exists in the system.");
                    }
                    if (claimsMap.containsKey("urn:scim:schemas:core:1.0:userName")) {
                        claimsMap.remove("urn:scim:schemas:core:1.0:userName");
                    }
                    this.carbonUM.addUser(user.getUserName(), user.getPassword(), (String[]) null, claimsMap, (String) null);
                    log.info("User: " + user.getUserName() + " is created through SCIM.");
                    PrivilegedCarbonContext.endTenantFlow();
                    return user;
                } catch (UserStoreException e) {
                    throw new CharonException(("Error in adding the user: " + user.getUserName() + " to the user store. ") + e.getMessage(), e);
                }
            } catch (Throwable th) {
                PrivilegedCarbonContext.endTenantFlow();
                throw th;
            }
        } catch (IdentityApplicationManagementException e2) {
            throw new CharonException("Error retrieving User Store name. ", e2);
        }
    }

    public User getUser(String str) throws CharonException {
        if (log.isDebugEnabled()) {
            log.debug("Retrieving user: " + str);
        }
        try {
            String[] userList = this.carbonUM.getUserList("urn:scim:schemas:core:1.0:id", str, "default");
            if (userList == null || userList.length == 0) {
                if (!log.isDebugEnabled()) {
                    return null;
                }
                log.debug("User with SCIM id: " + str + " does not exist in the system.");
                return null;
            }
            if (userList != null && userList.length == 0) {
                if (!log.isDebugEnabled()) {
                    return null;
                }
                log.debug("User with SCIM id: " + str + " does not exist in the system.");
                return null;
            }
            ClaimMapping[] allClaimMappings = this.carbonClaimManager.getAllClaimMappings(SCIMProviderConstants.DEFAULT_SCIM_DIALECT);
            ArrayList arrayList = new ArrayList();
            for (ClaimMapping claimMapping : allClaimMappings) {
                arrayList.add(claimMapping.getClaim().getClaimUri());
            }
            User sCIMUser = getSCIMUser(userList[0], arrayList);
            log.info("User: " + sCIMUser.getUserName() + " is retrieved through SCIM.");
            return sCIMUser;
        } catch (UserStoreException e) {
            throw new CharonException("Error in getting user information from Carbon User Store foruser: " + str, e);
        }
    }

    public List<User> listUsers() throws CharonException {
        ArrayList arrayList = new ArrayList();
        try {
            String[] userList = this.carbonUM.getUserList("urn:scim:schemas:core:1.0:id", "*", (String) null);
            if (userList != null && userList.length != 0) {
                ClaimMapping[] allClaimMappings = this.carbonClaimManager.getAllClaimMappings(SCIMProviderConstants.DEFAULT_SCIM_DIALECT);
                ArrayList arrayList2 = new ArrayList();
                for (ClaimMapping claimMapping : allClaimMappings) {
                    arrayList2.add(claimMapping.getClaim().getClaimUri());
                }
                for (String str : userList) {
                    if (str.contains("|")) {
                        str = str.split("\\|")[0];
                    }
                    User sCIMMetaUser = getSCIMMetaUser(str);
                    Map attributeList = sCIMMetaUser.getAttributeList();
                    if (attributeList != null && !attributeList.isEmpty()) {
                        arrayList.add(sCIMMetaUser);
                    }
                }
            }
            return arrayList;
        } catch (UserStoreException e) {
            throw new CharonException("Error while retrieving users from user store..", e);
        }
    }

    public List<User> listUsersByAttribute(Attribute attribute) {
        return Collections.emptyList();
    }

    public List<User> listUsersByFilter(String str, String str2, String str3) throws CharonException {
        if (log.isDebugEnabled()) {
            log.debug("Listing users by filter: " + str + str2 + str3);
        }
        ArrayList arrayList = new ArrayList();
        try {
            String[] userList = !"urn:scim:schemas:core:1.0:groups".equals(str) ? this.carbonUM.getUserList(str, str3, "default") : this.carbonUM.getUserListOfRole(str3);
            if (userList == null || userList.length == 0) {
                if (log.isDebugEnabled()) {
                    log.debug("Users with filter: " + str + str2 + str3 + " does not exist in the system.");
                }
                return Collections.emptyList();
            }
            ClaimMapping[] allClaimMappings = this.carbonClaimManager.getAllClaimMappings(SCIMProviderConstants.DEFAULT_SCIM_DIALECT);
            ArrayList arrayList2 = new ArrayList();
            for (ClaimMapping claimMapping : allClaimMappings) {
                arrayList2.add(claimMapping.getClaim().getClaimUri());
            }
            for (String str4 : userList) {
                if (!"wso2.anonymous.user".equals(str4)) {
                    User sCIMMetaUser = getSCIMMetaUser(str4);
                    if (sCIMMetaUser.getId() != null) {
                        arrayList.add(sCIMMetaUser);
                    }
                }
            }
            log.info("Users filtered through SCIM for the filter: " + str + str2 + str3);
            return arrayList;
        } catch (UserStoreException e) {
            throw new CharonException("Error in filtering users by attribute name : " + str + ", attribute value : " + str3 + " and filter operation " + str2, e);
        }
    }

    public List<User> listUsersBySort(String str, String str2) {
        return Collections.emptyList();
    }

    public List<User> listUsersWithPagination(int i, int i2) {
        return Collections.emptyList();
    }

    public User updateUser(User user) throws CharonException {
        if (log.isDebugEnabled()) {
            log.debug("Updating user: " + user.getUserName());
        }
        try {
            SCIMCommonUtils.setThreadLocalIsManagedThroughSCIMEP(true);
            Map claimsMap = AttributeMapper.getClaimsMap(user);
            try {
                String userStoreDomainFromSP = getUserStoreDomainFromSP();
                User user2 = getUser(user.getId());
                if (userStoreDomainFromSP != null && !userStoreDomainFromSP.equalsIgnoreCase(UserCoreUtil.extractDomainFromName(user2.getUserName()))) {
                    throw new CharonException("User :" + user2.getUserName() + "is not belong to user store " + userStoreDomainFromSP + "Hence user updating fail");
                }
                if (getUserStoreDomainFromSP() != null && !"PRIMARY".equalsIgnoreCase(getUserStoreDomainFromSP())) {
                    user.setUserName(UserCoreUtil.addDomainToName(UserCoreUtil.removeDomainFromName(user.getUserName()), getUserStoreDomainFromSP()));
                }
                if (!this.carbonUM.isExistingUser(user.getUserName())) {
                    throw new CharonException("User name is immutable in carbon user store.");
                }
                if (claimsMap.containsKey("urn:scim:schemas:core:1.0:groups")) {
                    claimsMap.remove("urn:scim:schemas:core:1.0:groups");
                }
                if (claimsMap.containsKey("urn:scim:schemas:core:1.0:userName")) {
                    claimsMap.remove("urn:scim:schemas:core:1.0:userName");
                }
                ClaimMapping[] allClaimMappings = this.carbonClaimManager.getAllClaimMappings(SCIMProviderConstants.DEFAULT_SCIM_DIALECT);
                ArrayList arrayList = new ArrayList();
                for (ClaimMapping claimMapping : allClaimMappings) {
                    arrayList.add(claimMapping.getClaim().getClaimUri());
                }
                for (Map.Entry entry : this.carbonUM.getUserClaimValues(user.getUserName(), (String[]) arrayList.toArray(new String[arrayList.size()]), (String) null).entrySet()) {
                    if (!((String) entry.getKey()).equals("urn:scim:schemas:core:1.0:id") && !((String) entry.getKey()).equals("urn:scim:schemas:core:1.0:userName") && !((String) entry.getKey()).equals("urn:scim:schemas:core:1.0:meta.created") && !((String) entry.getKey()).equals("urn:scim:schemas:core:1.0:meta.lastModified") && !((String) entry.getKey()).equals("urn:scim:schemas:core:1.0:meta.location") && !((String) entry.getKey()).equals("urn:scim:schemas:core:1.0:name.familyName")) {
                        this.carbonUM.deleteUserClaimValue(user.getUserName(), (String) entry.getKey(), (String) null);
                    }
                }
                this.carbonUM.setUserClaimValues(user.getUserName(), claimsMap, (String) null);
                if (user.getPassword() != null) {
                    this.carbonUM.updateCredentialByAdmin(user.getUserName(), user.getPassword());
                }
                log.info("User: " + user.getUserName() + " updated updated through SCIM.");
                return user;
            } catch (IdentityApplicationManagementException e) {
                throw new CharonException("Error retrieving User Store name. ", e);
            }
        } catch (UserStoreException e2) {
            throw new CharonException("Error while updating attributes of user: " + user.getUserName(), e2);
        }
    }

    public User patchUser(User user, User user2, String[] strArr) throws CharonException {
        if (log.isDebugEnabled()) {
            log.debug("Updating user: " + user.getUserName());
        }
        try {
            String userStoreDomainFromSP = getUserStoreDomainFromSP();
            if (userStoreDomainFromSP != null && !userStoreDomainFromSP.equalsIgnoreCase(UserCoreUtil.extractDomainFromName(user2.getUserName()))) {
                throw new CharonException("User :" + user2.getUserName() + "is not belong to user store " + userStoreDomainFromSP + "Hence user updating fail");
            }
            try {
                SCIMCommonUtils.setThreadLocalIsManagedThroughSCIMEP(true);
                Map claimsMap = AttributeMapper.getClaimsMap(user);
                if (UserCoreUtil.extractDomainFromName(user.getUserName()).equals("PRIMARY") && !UserCoreUtil.extractDomainFromName(user2.getUserName()).equals("PRIMARY")) {
                    user.setUserName(UserCoreUtil.addDomainToName(user.getUserName(), UserCoreUtil.extractDomainFromName(user2.getUserName())));
                }
                if (!this.carbonUM.isExistingUser(user.getUserName())) {
                    throw new CharonException("User name is immutable in carbon user store.");
                }
                if (claimsMap.containsKey("urn:scim:schemas:core:1.0:groups")) {
                    claimsMap.remove("urn:scim:schemas:core:1.0:groups");
                }
                if (claimsMap.containsKey("urn:scim:schemas:core:1.0:userName")) {
                    claimsMap.remove("urn:scim:schemas:core:1.0:userName");
                }
                for (int i = 0; i < strArr.length; i++) {
                    strArr[i] = "urn:scim:schemas:core:1.0:" + strArr[i];
                }
                this.carbonUM.deleteUserClaimValues(user2.getUserName(), strArr, (String) null);
                this.carbonUM.setUserClaimValues(user2.getUserName(), claimsMap, (String) null);
                if (StringUtils.isNotEmpty(user.getPassword())) {
                    this.carbonUM.updateCredentialByAdmin(user.getUserName(), user.getPassword());
                }
                log.info("User: " + user.getUserName() + " updated updated through SCIM.");
                return user;
            } catch (org.wso2.carbon.user.core.UserStoreException e) {
                throw new CharonException("Error while updating attributes of user: " + user.getUserName(), e);
            }
        } catch (IdentityApplicationManagementException e2) {
            throw new CharonException("Error retrieving User Store name. ", e2);
        }
    }

    public User updateUser(List<Attribute> list) {
        return null;
    }

    public void deleteUser(String str) throws NotFoundException, CharonException {
        if (log.isDebugEnabled()) {
            log.debug("Deleting user: " + str);
        }
        try {
            SCIMCommonUtils.setThreadLocalIsManagedThroughSCIMEP(true);
            String[] userList = this.carbonUM.getUserList("urn:scim:schemas:core:1.0:id", str, "default");
            try {
                String userStoreDomainFromSP = getUserStoreDomainFromSP();
                if (userList == null || userList.length == 0) {
                    if (log.isDebugEnabled()) {
                        log.debug("User with id: " + str + " not found.");
                    }
                    throw new NotFoundException();
                }
                if (userStoreDomainFromSP != null && !userStoreDomainFromSP.equalsIgnoreCase(UserCoreUtil.extractDomainFromName(userList[0]))) {
                    throw new CharonException("User :" + userList[0] + "is not belong to user store " + userStoreDomainFromSP + "Hence user updating fail");
                }
                String str2 = userList[0];
                this.carbonUM.deleteUser(str2);
                log.info("User: " + str2 + " is deleted through SCIM.");
            } catch (IdentityApplicationManagementException e) {
                throw new CharonException("Error retrieving User Store name. ", e);
            }
        } catch (org.wso2.carbon.user.core.UserStoreException e2) {
            throw new CharonException("Error in deleting user: " + ((String) null), e2);
        }
    }

    public Group createGroup(Group group) throws CharonException, DuplicateResourceException {
        String str;
        String str2;
        if (log.isDebugEnabled()) {
            log.debug("Creating group: " + group.getDisplayName());
        }
        try {
            String displayName = group.getDisplayName();
            try {
                if (getUserStoreDomainFromSP() != null) {
                    str2 = getUserStoreDomainFromSP();
                    str = UserCoreUtil.addDomainToName(UserCoreUtil.removeDomainFromName(displayName), str2);
                } else if (displayName.indexOf("/") > 0) {
                    str = displayName;
                    str2 = displayName.split("/")[0];
                } else {
                    str = "PRIMARY/" + displayName;
                    str2 = "PRIMARY";
                }
                group.setDisplayName(str);
                if (this.carbonUM.isExistingRole(group.getDisplayName(), false)) {
                    throw new DuplicateResourceException("Group with name: " + group.getDisplayName() + " already exists in the system.");
                }
                SCIMCommonUtils.setThreadLocalIsManagedThroughSCIMEP(true);
                List<String> members = group.getMembers();
                List membersWithDisplayName = group.getMembersWithDisplayName();
                if (CollectionUtils.isNotEmpty(members)) {
                    ArrayList arrayList = new ArrayList();
                    for (String str3 : members) {
                        String[] userList = this.carbonUM.getUserList("urn:scim:schemas:core:1.0:id", str3, "default");
                        if (userList == null || userList.length == 0) {
                            throw new IdentitySCIMException("User: " + str3 + " doesn't exist in the user store. Hence, can not create the group: " + group.getDisplayName());
                        }
                        if (userList[0].indexOf("/") > 0 && !StringUtils.containsIgnoreCase(userList[0], str2)) {
                            throw new IdentitySCIMException("User: " + str3 + " doesn't exist in the same user store. Hence, can not create the group: " + group.getDisplayName());
                        }
                        arrayList.add(userList[0]);
                        if (CollectionUtils.isNotEmpty(membersWithDisplayName)) {
                            boolean z = false;
                            Iterator it = membersWithDisplayName.iterator();
                            while (true) {
                                if (!it.hasNext()) {
                                    break;
                                }
                                String str4 = (String) it.next();
                                if ((str4.indexOf("/") > 0 ? str4.split("/")[1] : str4).equalsIgnoreCase(userList[0].indexOf("/") > 0 ? userList[0].split("/")[1] : userList[0])) {
                                    z = true;
                                    break;
                                }
                            }
                            if (!z) {
                                throw new IdentitySCIMException("Given SCIM user Id and name not matching..");
                            }
                        }
                    }
                    new SCIMGroupHandler(this.carbonUM.getTenantId()).createSCIMAttributes(group);
                    this.carbonUM.addRole(group.getDisplayName(), (String[]) arrayList.toArray(new String[arrayList.size()]), (Permission[]) null, false);
                    log.info("Group: " + group.getDisplayName() + " is created through SCIM.");
                } else {
                    new SCIMGroupHandler(this.carbonUM.getTenantId()).createSCIMAttributes(group);
                    this.carbonUM.addRole(group.getDisplayName(), (String[]) null, (Permission[]) null, false);
                    log.info("Group: " + group.getDisplayName() + " is created through SCIM.");
                }
                return group;
            } catch (IdentityApplicationManagementException e) {
                throw new CharonException("Error retrieving User Store name. ", e);
            }
        } catch (UserStoreException e2) {
            try {
                new SCIMGroupHandler(this.carbonUM.getTenantId()).deleteGroupAttributes(group.getDisplayName());
                throw new CharonException("Error occurred while adding role : " + group.getDisplayName(), e2);
            } catch (UserStoreException | IdentitySCIMException e3) {
                throw new CharonException("Error occurred while doing rollback operation of the SCIM table entry for role: " + group.getDisplayName(), e2);
            }
        } catch (IdentitySCIMException e4) {
            throw new CharonException("Error in creating group", e4);
        }
    }

    public Group getGroup(String str) throws CharonException {
        if (log.isDebugEnabled()) {
            log.debug("Retrieving group with id: " + str);
        }
        try {
            String groupName = new SCIMGroupHandler(this.carbonUM.getTenantId()).getGroupName(str);
            if (groupName != null) {
                return getGroupWithName(groupName);
            }
            return null;
        } catch (org.wso2.carbon.user.core.UserStoreException e) {
            throw new CharonException("Error in retrieving group : " + str, e);
        } catch (IdentitySCIMException e2) {
            throw new CharonException("Error in retrieving SCIM Group information from database.", e2);
        }
    }

    public List<Group> listGroups() throws CharonException {
        ArrayList arrayList = new ArrayList();
        try {
            Iterator it = new SCIMGroupHandler(this.carbonUM.getTenantId()).listSCIMRoles().iterator();
            while (it.hasNext()) {
                Group groupOnlyWithMetaAttributes = getGroupOnlyWithMetaAttributes((String) it.next());
                if (groupOnlyWithMetaAttributes.getId() != null) {
                    arrayList.add(groupOnlyWithMetaAttributes);
                }
            }
            return arrayList;
        } catch (org.wso2.carbon.user.core.UserStoreException e) {
            throw new CharonException("Error in obtaining role names from user store." + e.getMessage(), e);
        } catch (IdentitySCIMException e2) {
            throw new CharonException("Error in retrieving SCIM Group information from database.", e2);
        }
    }

    public List<Group> listGroupsByAttribute(Attribute attribute) throws CharonException {
        return Collections.emptyList();
    }

    public List<Group> listGroupsByFilter(String str, String str2, String str3) throws CharonException {
        if (log.isDebugEnabled()) {
            log.debug("Listing groups with filter: " + str + str2 + str3);
        }
        ArrayList arrayList = new ArrayList();
        if (str3 != null) {
            try {
                if (this.carbonUM.isExistingRole(str3, false)) {
                    if ("system/wso2.anonymous.role".equals(str3) || UserCoreUtil.isEveryoneRole(str3, this.carbonUM.getRealmConfiguration()) || UserCoreUtil.isPrimaryAdminRole(str3, this.carbonUM.getRealmConfiguration())) {
                        throw new IdentitySCIMException("Internal roles do not support SCIM.");
                    }
                    arrayList.add(getGroupOnlyWithMetaAttributes(str3.indexOf("/") > 0 ? str3 : "PRIMARY/" + str3));
                    return arrayList;
                }
            } catch (org.wso2.carbon.user.core.UserStoreException e) {
                throw new CharonException("Error in filtering groups by attribute name : " + str + ", attribute value : " + str3 + " and filter operation " + str2, e);
            } catch (UserStoreException e2) {
                throw new CharonException("Error in filtering group with filter: " + str + str2 + str3, e2);
            } catch (IdentitySCIMException e3) {
                throw new CharonException("Error in retrieving SCIM Group information from database.", e3);
            }
        }
        return Collections.emptyList();
    }

    public List<Group> listGroupsBySort(String str, String str2) throws CharonException {
        return Collections.emptyList();
    }

    public List<Group> listGroupsWithPagination(int i, int i2) {
        return Collections.emptyList();
    }

    public Group updateGroup(Group group, Group group2) throws CharonException {
        try {
            String userStoreDomainFromSP = getUserStoreDomainFromSP();
            if (userStoreDomainFromSP != null && !userStoreDomainFromSP.equalsIgnoreCase(UserCoreUtil.extractDomainFromName(group.getDisplayName()))) {
                throw new CharonException("Group :" + group.getDisplayName() + "is not belong to user store " + userStoreDomainFromSP + "Hence group updating fail");
            }
            group.setDisplayName(UserCoreUtil.addDomainToName(UserCoreUtil.removeDomainFromName(group.getDisplayName()), UserCoreUtil.extractDomainFromName(group.getDisplayName())));
            if (UserCoreUtil.extractDomainFromName(group2.getDisplayName()).equals("PRIMARY") && !UserCoreUtil.extractDomainFromName(group.getDisplayName()).equals("PRIMARY")) {
                String extractDomainFromName = UserCoreUtil.extractDomainFromName(group.getDisplayName());
                group2.setDisplayName(UserCoreUtil.addDomainToName(group2.getDisplayName(), extractDomainFromName));
                if (group2.getMembers() != null && !group2.getMembers().isEmpty()) {
                    group2 = addDomainToUserMembers(group2, extractDomainFromName);
                }
            }
            group2.setDisplayName(SCIMCommonUtils.getGroupNameWithDomain(group2.getDisplayName()));
            group.setDisplayName(SCIMCommonUtils.getGroupNameWithDomain(group.getDisplayName()));
            if (log.isDebugEnabled()) {
                log.debug("Updating group: " + group.getDisplayName());
            }
            try {
                SCIMCommonUtils.setThreadLocalIsManagedThroughSCIMEP(true);
                boolean z = false;
                SCIMCommonUtils.setThreadLocalIsManagedThroughSCIMEP(true);
                List<String> members = group2.getMembers();
                List<String> membersWithDisplayName = group2.getMembersWithDisplayName();
                String extractDomainFromName2 = UserCoreUtil.extractDomainFromName(group2.getDisplayName());
                if (membersWithDisplayName != null && membersWithDisplayName.size() > 0) {
                    for (String str : membersWithDisplayName) {
                        String extractDomainFromName3 = UserCoreUtil.extractDomainFromName(str);
                        if (!"PRIMARY".equals(extractDomainFromName2) && "PRIMARY".equals(extractDomainFromName3)) {
                            throw new IdentitySCIMException("User store domain is not indicated for user :" + str);
                        }
                        if (!extractDomainFromName2.equalsIgnoreCase(extractDomainFromName3)) {
                            throw new IdentitySCIMException(str + " does not belongs to user store " + extractDomainFromName2);
                        }
                    }
                }
                if (CollectionUtils.isNotEmpty(members)) {
                    for (String str2 : members) {
                        String[] userList = this.carbonUM.getUserList("urn:scim:schemas:core:1.0:id", UserCoreUtil.addDomainToName(str2, extractDomainFromName2), "default");
                        if (userList == null || userList.length == 0) {
                            throw new IdentitySCIMException("User: " + str2 + " doesn't exist in the user store. Hence, can not update the group: " + group.getDisplayName());
                        }
                        if (!UserCoreUtil.isContain(UserCoreUtil.removeDomainFromName(userList[0]), UserCoreUtil.removeDomainFromNames((String[]) membersWithDisplayName.toArray(new String[membersWithDisplayName.size()])))) {
                            throw new IdentitySCIMException("Given SCIM user Id and name not matching..");
                        }
                    }
                }
                if (!group.getDisplayName().equalsIgnoreCase(group2.getDisplayName())) {
                    this.carbonUM.updateRoleName(group.getDisplayName().toLowerCase(), group2.getDisplayName().toLowerCase());
                    z = true;
                }
                List<String> membersWithDisplayName2 = group.getMembersWithDisplayName();
                List<String> membersWithDisplayName3 = group2.getMembersWithDisplayName();
                if (membersWithDisplayName3 != null) {
                    ArrayList arrayList = new ArrayList();
                    ArrayList arrayList2 = new ArrayList();
                    if (CollectionUtils.isNotEmpty(membersWithDisplayName2)) {
                        for (String str3 : membersWithDisplayName2) {
                            if (membersWithDisplayName3 == null || !membersWithDisplayName3.contains(str3)) {
                                arrayList2.add(str3);
                            }
                        }
                    }
                    if (CollectionUtils.isNotEmpty(membersWithDisplayName3)) {
                        for (String str4 : membersWithDisplayName3) {
                            if (membersWithDisplayName2 == null || !membersWithDisplayName2.contains(str4)) {
                                arrayList.add(str4);
                            }
                        }
                    }
                    if (CollectionUtils.isNotEmpty(arrayList) || CollectionUtils.isNotEmpty(arrayList2)) {
                        this.carbonUM.updateUserListOfRole(group2.getDisplayName(), (String[]) arrayList2.toArray(new String[arrayList2.size()]), (String[]) arrayList.toArray(new String[arrayList.size()]));
                        z = true;
                    }
                }
                if (z) {
                    log.info("Group: " + group2.getDisplayName() + " is updated through SCIM.");
                } else {
                    log.warn("There is no updated field in the group: " + group.getDisplayName() + ". Therefore ignoring the provisioning.");
                }
                return group2;
            } catch (UserStoreException | IdentitySCIMException e) {
                throw new CharonException("Error occurred while updating old group : " + group.getDisplayName(), e);
            }
        } catch (IdentityApplicationManagementException e2) {
            throw new CharonException("Error retrieving User Store name. ", e2);
        }
    }

    public Group updateGroup(List<Attribute> list) throws CharonException {
        return null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v83, types: [java.util.List] */
    public Group patchGroup(Group group, Group group2) throws CharonException {
        try {
            String userStoreDomainFromSP = getUserStoreDomainFromSP();
            if (userStoreDomainFromSP != null && !userStoreDomainFromSP.equalsIgnoreCase(UserCoreUtil.extractDomainFromName(group.getDisplayName()))) {
                throw new CharonException("Group :" + group.getDisplayName() + "is not belong to user store " + userStoreDomainFromSP + "Hence group updating fail");
            }
            group.setDisplayName(UserCoreUtil.addDomainToName(UserCoreUtil.removeDomainFromName(group.getDisplayName()), UserCoreUtil.extractDomainFromName(group.getDisplayName())));
            if (log.isDebugEnabled()) {
                log.debug("Updating group: " + group.getDisplayName());
            }
            try {
                SCIMCommonUtils.setThreadLocalIsManagedThroughSCIMEP(true);
                boolean z = false;
                SCIMCommonUtils.setThreadLocalIsManagedThroughSCIMEP(true);
                List<String> members = group2.getMembers();
                List membersWithDisplayName = group2.getMembersWithDisplayName();
                if (members != null) {
                    for (String str : members) {
                        String[] userList = this.carbonUM.getUserList("urn:scim:schemas:core:1.0:id", str, "default");
                        if (userList == null || userList.length == 0) {
                            throw new CharonException("User: " + str + " doesn't exist in the user store. Hence, can not update the group: " + group.getDisplayName());
                        }
                        if (!membersWithDisplayName.contains(userList[0])) {
                            throw new CharonException("Given SCIM user Id and name not matching..");
                        }
                    }
                }
                if (UserCoreUtil.extractDomainFromName(group2.getDisplayName()).equals("PRIMARY") && !UserCoreUtil.extractDomainFromName(group.getDisplayName()).equals("PRIMARY")) {
                    String extractDomainFromName = UserCoreUtil.extractDomainFromName(group.getDisplayName());
                    group2.setDisplayName(UserCoreUtil.addDomainToName(group2.getDisplayName(), extractDomainFromName));
                    if (group2.getMembers() != null && !group2.getMembers().isEmpty()) {
                        group2 = addDomainToUserMembers(group2, extractDomainFromName);
                    }
                }
                if (!group.getDisplayName().equalsIgnoreCase(group2.getDisplayName())) {
                    this.carbonUM.updateRoleName(group.getDisplayName().toLowerCase(), group2.getDisplayName().toLowerCase());
                    z = true;
                }
                List<String> membersWithDisplayName2 = group2.getMembersWithDisplayName((String) null);
                List<String> membersWithDisplayName3 = group2.getMembersWithDisplayName("delete");
                if (group2.getAttributesOfMeta() != null && "members".equals(group2.getAttributesOfMeta().get(0))) {
                    if (!membersWithDisplayName3.isEmpty()) {
                        log.warn("All Existing members will be deleted through SCIM meta attributes Hence operation delete is Invalid");
                        membersWithDisplayName3 = new ArrayList();
                    }
                    String[] userListOfRole = this.carbonUM.getUserListOfRole(group2.getDisplayName());
                    if (membersWithDisplayName2.isEmpty()) {
                        this.carbonUM.updateUserListOfRole(group2.getDisplayName(), userListOfRole, new String[0]);
                    } else {
                        ArrayList arrayList = new ArrayList();
                        for (String str2 : userListOfRole) {
                            if (!membersWithDisplayName2.contains(str2)) {
                                arrayList.add(str2);
                            }
                        }
                        this.carbonUM.updateUserListOfRole(group2.getDisplayName(), (String[]) arrayList.toArray(new String[arrayList.size()]), new String[0]);
                    }
                }
                List membersWithDisplayName4 = group.getMembersWithDisplayName();
                ArrayList arrayList2 = new ArrayList();
                ArrayList arrayList3 = new ArrayList();
                if (membersWithDisplayName2.isEmpty() && membersWithDisplayName3.isEmpty()) {
                    arrayList3 = Arrays.asList(this.carbonUM.getUserListOfRole(group2.getDisplayName()));
                }
                for (String str3 : membersWithDisplayName2) {
                    if (membersWithDisplayName4.isEmpty() || !membersWithDisplayName4.contains(str3)) {
                        arrayList2.add(str3);
                    }
                }
                for (String str4 : membersWithDisplayName3) {
                    if (!membersWithDisplayName4.isEmpty() && membersWithDisplayName4.contains(str4)) {
                        arrayList3.add(str4);
                    }
                }
                if (group2.getDisplayName() != null && (CollectionUtils.isNotEmpty(arrayList2) || CollectionUtils.isNotEmpty(arrayList3))) {
                    this.carbonUM.updateUserListOfRole(group2.getDisplayName(), (String[]) arrayList3.toArray(new String[arrayList3.size()]), (String[]) arrayList2.toArray(new String[arrayList2.size()]));
                    z = true;
                }
                if (z) {
                    log.info("Group: " + group2.getDisplayName() + " is updated through SCIM.");
                } else {
                    log.warn("There is no updated field in the group: " + group.getDisplayName() + ". Therefore ignoring the provisioning.");
                }
                return group2;
            } catch (UserStoreException e) {
                throw new CharonException("Error in patching group", e);
            }
        } catch (IdentityApplicationManagementException e2) {
            throw new CharonException("Error retrieving User Store name. ", e2);
        }
    }

    public void deleteGroup(String str) throws NotFoundException, CharonException {
        if (log.isDebugEnabled()) {
            log.debug("Deleting group: " + str);
        }
        try {
            SCIMCommonUtils.setThreadLocalIsManagedThroughSCIMEP(true);
            String groupName = new SCIMGroupHandler(this.carbonUM.getTenantId()).getGroupName(str);
            if (groupName == null) {
                if (log.isDebugEnabled()) {
                    log.debug("Group with SCIM id: " + str + " doesn't exist in the system.");
                }
                throw new NotFoundException();
            }
            try {
                String userStoreDomainFromSP = getUserStoreDomainFromSP();
                if (userStoreDomainFromSP != null && !userStoreDomainFromSP.equalsIgnoreCase(UserCoreUtil.extractDomainFromName(groupName))) {
                    throw new CharonException("Group :" + groupName + "is not belong to user store " + userStoreDomainFromSP + "Hence group updating fail");
                }
                this.carbonUM.deleteRole(groupName);
                log.info("Group: " + groupName + " is deleted through SCIM.");
            } catch (IdentityApplicationManagementException e) {
                throw new CharonException("Error retrieving User Store name. ", e);
            }
        } catch (UserStoreException | IdentitySCIMException e2) {
            throw new CharonException("Error occurred while deleting group " + str, e2);
        }
    }

    private User getSCIMMetaUser(String str) throws CharonException {
        ArrayList arrayList = new ArrayList();
        arrayList.add("urn:scim:schemas:core:1.0:id");
        arrayList.add("urn:scim:schemas:core:1.0:meta.location");
        arrayList.add("urn:scim:schemas:core:1.0:meta.created");
        arrayList.add("urn:scim:schemas:core:1.0:meta.lastModified");
        try {
            Map userClaimValues = this.carbonUM.getUserClaimValues(str, (String[]) arrayList.toArray(new String[arrayList.size()]), (String) null);
            userClaimValues.put("urn:scim:schemas:core:1.0:userName", str);
            return AttributeMapper.constructSCIMObjectFromAttributes(userClaimValues, 1);
        } catch (UserStoreException | CharonException | NotFoundException e) {
            throw new CharonException("Error in getting user information from Carbon User Store for user: " + str + " ", e);
        }
    }

    private User getSCIMUser(String str, List<String> list) throws CharonException {
        Group groupOnlyWithMetaAttributes;
        try {
            Map userClaimValues = this.carbonUM.getUserClaimValues(str, (String[]) list.toArray(new String[list.size()]), (String) null);
            if (userClaimValues.containsKey("urn:scim:schemas:core:1.0:addresses")) {
                userClaimValues.remove("urn:scim:schemas:core:1.0:addresses");
            }
            userClaimValues.put("urn:scim:schemas:core:1.0:userName", str);
            String[] roleListOfUser = this.carbonUM.getRoleListOfUser(str);
            User constructSCIMObjectFromAttributes = AttributeMapper.constructSCIMObjectFromAttributes(userClaimValues, 1);
            for (String str2 : roleListOfUser) {
                if (!UserCoreUtil.isEveryoneRole(str2, this.carbonUM.getRealmConfiguration()) && !UserCoreUtil.isPrimaryAdminRole(str2, this.carbonUM.getRealmConfiguration()) && !"system/wso2.anonymous.role".equalsIgnoreCase(str2) && !str2.toLowerCase().startsWith("Internal/".toLowerCase()) && (groupOnlyWithMetaAttributes = getGroupOnlyWithMetaAttributes(str2)) != null) {
                    constructSCIMObjectFromAttributes.setGroup((String) null, groupOnlyWithMetaAttributes.getId(), str2);
                }
            }
            return constructSCIMObjectFromAttributes;
        } catch (UserStoreException | CharonException | NotFoundException | IdentitySCIMException e) {
            throw new CharonException("Error in getting user information for user: " + str, e);
        }
    }

    private Group getGroupWithName(String str) throws CharonException, org.wso2.carbon.user.core.UserStoreException, IdentitySCIMException {
        Group group = new Group();
        group.setDisplayName(str);
        String[] userListOfRole = this.carbonUM.getUserListOfRole(str);
        if (userListOfRole != null && userListOfRole.length != 0) {
            for (String str2 : userListOfRole) {
                group.setMember(this.carbonUM.getUserClaimValue(str2, "urn:scim:schemas:core:1.0:id", (String) null), str2);
            }
        }
        return new SCIMGroupHandler(this.carbonUM.getTenantId()).getGroupWithAttributes(group, str);
    }

    private Group getGroupOnlyWithMetaAttributes(String str) throws CharonException, IdentitySCIMException, org.wso2.carbon.user.core.UserStoreException {
        Group group = new Group();
        group.setDisplayName(str);
        return new SCIMGroupHandler(this.carbonUM.getTenantId()).getGroupWithAttributes(group, str);
    }

    private void provision(ProvisioningOperation provisioningOperation, SCIMObject sCIMObject) throws CharonException {
        String domainName = UserCoreUtil.getDomainName(this.carbonUM.getRealmConfiguration());
        try {
            HashMap hashMap = new HashMap();
            if (sCIMObject.getAttribute("password") != null) {
                hashMap.put(org.wso2.carbon.identity.application.common.model.ClaimMapping.build("org:wso2:carbon:identity:provisioning:claim:password", (String) null, (String) null, false), Arrays.asList(sCIMObject.getAttribute("password").getStringValue()));
            }
            if (sCIMObject.getAttribute(USER_NAME_STRING) != null) {
                hashMap.put(org.wso2.carbon.identity.application.common.model.ClaimMapping.build("org:wso2:carbon:identity:provisioning:claim:username", (String) null, (String) null, false), Arrays.asList(sCIMObject.getAttribute(USER_NAME_STRING).getStringValue()));
            }
            ProvisioningEntity provisioningEntity = new ProvisioningEntity(ProvisioningEntityType.USER, UserCoreUtil.addDomainToName(sCIMObject.getAttribute(USER_NAME_STRING).getName(), domainName), provisioningOperation, hashMap);
            provisioningEntity.setInboundAttributes(AttributeMapper.getClaimsMap((AbstractSCIMObject) sCIMObject));
            String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
            ThreadLocalProvisioningServiceProvider threadLocalProvisioningServiceProvider = IdentityApplicationManagementUtil.getThreadLocalProvisioningServiceProvider();
            if (threadLocalProvisioningServiceProvider != null) {
                String serviceProviderName = threadLocalProvisioningServiceProvider.getServiceProviderName();
                String tenantDomain2 = threadLocalProvisioningServiceProvider.getTenantDomain();
                if (threadLocalProvisioningServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) {
                    try {
                        serviceProviderName = ApplicationManagementService.getInstance().getServiceProviderNameByClientId(threadLocalProvisioningServiceProvider.getServiceProviderName(), "oauth2", tenantDomain2);
                    } catch (IdentityApplicationManagementException e) {
                        log.error("Error while provisioning", e);
                        return;
                    }
                }
                OutboundProvisioningManager.getInstance().provision(provisioningEntity, serviceProviderName, threadLocalProvisioningServiceProvider.getClaimDialect(), tenantDomain2, threadLocalProvisioningServiceProvider.isJustInTimeProvisioning());
            } else {
                OutboundProvisioningManager.getInstance().provision(provisioningEntity, "wso2carbon-local-sp", "http://wso2.org/claims", tenantDomain, false);
            }
        } catch (IdentityProvisioningException e2) {
            throw new CharonException("Error while provisioning to externaluser store in dumb mode.", e2);
        } catch (NotFoundException e3) {
            throw new CharonException("Failed to find resource in external user store.", e3);
        }
    }

    private String getUserStoreDomainFromSP() throws IdentityApplicationManagementException {
        ThreadLocalProvisioningServiceProvider threadLocalProvisioningServiceProvider = IdentityApplicationManagementUtil.getThreadLocalProvisioningServiceProvider();
        ServiceProvider serviceProviderByClientId = threadLocalProvisioningServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH ? ApplicationManagementService.getInstance().getServiceProviderByClientId(threadLocalProvisioningServiceProvider.getServiceProviderName(), "oauth2", threadLocalProvisioningServiceProvider.getTenantDomain()) : ApplicationManagementService.getInstance().getServiceProvider(threadLocalProvisioningServiceProvider.getServiceProviderName(), threadLocalProvisioningServiceProvider.getTenantDomain());
        if (serviceProviderByClientId == null || serviceProviderByClientId.getInboundProvisioningConfig() == null || StringUtils.isBlank(serviceProviderByClientId.getInboundProvisioningConfig().getProvisioningUserStore())) {
            return null;
        }
        return serviceProviderByClientId.getInboundProvisioningConfig().getProvisioningUserStore();
    }

    private Group addDomainToUserMembers(Group group, String str) throws CharonException {
        List members = group.getMembers();
        if (StringUtils.isBlank(str) || members == null || members.isEmpty()) {
            return group;
        }
        Map<String, String> mergeSCIMIDsWithDisplayNames = mergeSCIMIDsWithDisplayNames(group);
        Iterator it = members.iterator();
        while (it.hasNext()) {
            group.removeMember((String) it.next());
        }
        for (Map.Entry<String, String> entry : mergeSCIMIDsWithDisplayNames.entrySet()) {
            group.setMember(entry.getKey(), UserCoreUtil.addDomainToName(entry.getValue(), str));
        }
        return group;
    }

    private Map<String, String> mergeSCIMIDsWithDisplayNames(Group group) throws CharonException {
        List members = group.getMembers();
        List membersWithDisplayName = group.getMembersWithDisplayName();
        HashMap hashMap = new HashMap();
        for (int i = 0; i < members.size(); i++) {
            hashMap.put(members.get(i), membersWithDisplayName.get(i));
        }
        return hashMap;
    }
}
