package org.wso2.carbon.identity.api.server.application.management.v1.core;

import com.fasterxml.jackson.core.JsonFactory;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.io.InputStream;
import java.io.StringReader;
import java.io.StringWriter;
import java.net.MalformedURLException;
import java.net.URISyntaxException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.function.BiFunction;
import java.util.function.Function;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.cxf.jaxrs.ext.multipart.Attachment;
import org.apache.cxf.jaxrs.ext.search.ConditionType;
import org.apache.cxf.jaxrs.ext.search.PrimitiveStatement;
import org.apache.cxf.jaxrs.ext.search.SearchCondition;
import org.apache.cxf.jaxrs.ext.search.SearchContext;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.io.ByteArrayResource;
import org.springframework.http.MediaType;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.api.resource.mgt.APIResourceMgtException;
import org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementConstants;
import org.wso2.carbon.identity.api.server.application.management.common.ApplicationManagementServiceHolder;
import org.wso2.carbon.identity.api.server.application.management.v1.ApplicationListItem;
import org.wso2.carbon.identity.api.server.application.management.v1.ApplicationListResponse;
import org.wso2.carbon.identity.api.server.application.management.v1.ApplicationModel;
import org.wso2.carbon.identity.api.server.application.management.v1.ApplicationOwner;
import org.wso2.carbon.identity.api.server.application.management.v1.ApplicationPatchModel;
import org.wso2.carbon.identity.api.server.application.management.v1.ApplicationResponseModel;
import org.wso2.carbon.identity.api.server.application.management.v1.ApplicationTemplateModel;
import org.wso2.carbon.identity.api.server.application.management.v1.ApplicationTemplatesList;
import org.wso2.carbon.identity.api.server.application.management.v1.ApplicationTemplatesListItem;
import org.wso2.carbon.identity.api.server.application.management.v1.AuthorizedAPICreationModel;
import org.wso2.carbon.identity.api.server.application.management.v1.AuthorizedAPIPatchModel;
import org.wso2.carbon.identity.api.server.application.management.v1.AuthorizedAPIResponse;
import org.wso2.carbon.identity.api.server.application.management.v1.AuthorizedScope;
import org.wso2.carbon.identity.api.server.application.management.v1.ConfiguredAuthenticator;
import org.wso2.carbon.identity.api.server.application.management.v1.ConfiguredAuthenticatorsModal;
import org.wso2.carbon.identity.api.server.application.management.v1.CustomInboundProtocolConfiguration;
import org.wso2.carbon.identity.api.server.application.management.v1.InboundProtocolListItem;
import org.wso2.carbon.identity.api.server.application.management.v1.Link;
import org.wso2.carbon.identity.api.server.application.management.v1.OpenIDConnectConfiguration;
import org.wso2.carbon.identity.api.server.application.management.v1.PassiveStsConfiguration;
import org.wso2.carbon.identity.api.server.application.management.v1.ProvisioningConfiguration;
import org.wso2.carbon.identity.api.server.application.management.v1.ResidentApplication;
import org.wso2.carbon.identity.api.server.application.management.v1.SAML2Configuration;
import org.wso2.carbon.identity.api.server.application.management.v1.SAML2ServiceProvider;
import org.wso2.carbon.identity.api.server.application.management.v1.WSTrustConfiguration;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.Utils;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.ApiModelToServiceProvider;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.ApplicationBasicInfoToApiModel;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.ApplicationInfoWithRequiredPropsToApiModel;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.ServiceProviderToApiModel;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.UpdateServiceProvider;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.inbound.InboundAuthConfigToApiModel;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.inbound.InboundFunctions;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.inbound.PassiveSTSInboundFunctions;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.inbound.WSTrustInboundFunctions;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.inbound.custom.CustomInboundFunctions;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.inbound.oauth2.OAuthInboundFunctions;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.inbound.saml.SAMLInboundFunctions;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.provisioning.BuildProvisioningConfiguration;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.provisioning.UpdateProvisioningConfiguration;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.template.ApplicationTemplateApiModelToTemplate;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.template.TemplateToApplicationTemplate;
import org.wso2.carbon.identity.api.server.application.management.v1.core.functions.template.TemplateToApplicationTemplateListItem;
import org.wso2.carbon.identity.api.server.common.Constants;
import org.wso2.carbon.identity.api.server.common.ContextLoader;
import org.wso2.carbon.identity.api.server.common.Util;
import org.wso2.carbon.identity.api.server.common.error.APIError;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementClientException;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
import org.wso2.carbon.identity.application.common.model.APIResource;
import org.wso2.carbon.identity.application.common.model.ApplicationBasicInfo;
import org.wso2.carbon.identity.application.common.model.AuthenticationStep;
import org.wso2.carbon.identity.application.common.model.AuthorizedAPI;
import org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig;
import org.wso2.carbon.identity.application.common.model.IdentityProvider;
import org.wso2.carbon.identity.application.common.model.ImportResponse;
import org.wso2.carbon.identity.application.common.model.InboundAuthenticationConfig;
import org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig;
import org.wso2.carbon.identity.application.common.model.InboundConfigurationProtocol;
import org.wso2.carbon.identity.application.common.model.LocalAuthenticatorConfig;
import org.wso2.carbon.identity.application.common.model.Scope;
import org.wso2.carbon.identity.application.common.model.ServiceProvider;
import org.wso2.carbon.identity.application.common.model.SpFileContent;
import org.wso2.carbon.identity.application.common.util.IdentityApplicationConstants;
import org.wso2.carbon.identity.application.common.util.IdentityApplicationManagementUtil;
import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
import org.wso2.carbon.identity.application.mgt.AuthorizedAPIManagementService;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.configuration.mgt.core.model.ResourceSearchBean;
import org.wso2.carbon.identity.configuration.mgt.core.search.ComplexCondition;
import org.wso2.carbon.identity.configuration.mgt.core.search.Condition;
import org.wso2.carbon.identity.configuration.mgt.core.search.PrimitiveCondition;
import org.wso2.carbon.identity.configuration.mgt.core.search.constant.ConditionType;
import org.wso2.carbon.identity.core.model.ExpressionNode;
import org.wso2.carbon.identity.core.model.FilterTreeBuilder;
import org.wso2.carbon.identity.core.model.Node;
import org.wso2.carbon.identity.core.model.OperationNode;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.cors.mgt.core.CORSManagementService;
import org.wso2.carbon.identity.cors.mgt.core.constant.ErrorMessages;
import org.wso2.carbon.identity.cors.mgt.core.exception.CORSManagementServiceClientException;
import org.wso2.carbon.identity.cors.mgt.core.exception.CORSManagementServiceException;
import org.wso2.carbon.identity.oauth.dao.OAuthAppDO;
import org.wso2.carbon.identity.sso.saml.dto.SAMLSSOServiceProviderDTO;
import org.wso2.carbon.identity.template.mgt.TemplateManager;
import org.wso2.carbon.identity.template.mgt.TemplateMgtConstants;
import org.wso2.carbon.identity.template.mgt.exception.TemplateManagementClientException;
import org.wso2.carbon.identity.template.mgt.exception.TemplateManagementException;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.common.User;
import org.wso2.carbon.user.core.service.RealmService;
import org.yaml.snakeyaml.DumperOptions;
import org.yaml.snakeyaml.LoaderOptions;
import org.yaml.snakeyaml.TypeDescription;
import org.yaml.snakeyaml.Yaml;
import org.yaml.snakeyaml.constructor.Constructor;
import org.yaml.snakeyaml.error.YAMLException;
import org.yaml.snakeyaml.inspector.TrustedPrefixesTagInspector;

/* loaded from: input_file:WEB-INF/lib/org.wso2.carbon.identity.api.server.application.management.v1-1.2.137.jar:org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationManagementService.class */
public class ServerApplicationManagementService {
    private static final int DEFAULT_OFFSET = 0;
    private static final String WS_TRUST_TEMPLATE_ID = "061a3de4-8c08-4878-84a6-24245f11bf0e";
    private static final String STS_TEMPLATE_NOT_FOUND_MESSAGE = "Request template with id: %s could not be found since the WS-Trust connector has not been configured.";
    private static final String YML_FILE_EXTENSION = ".yml";
    private static final String JSON_FILE_EXTENSION = ".json";
    private static final String XML_FILE_EXTENSION = ".xml";

    @Autowired
    private ServerApplicationMetadataService applicationMetadataService;
    private static final Log log = LogFactory.getLog(ServerApplicationManagementService.class);
    private static final Set<String> SUPPORTED_FILTER_ATTRIBUTES = new HashSet();
    private static final List<String> SUPPORTED_REQUIRED_ATTRIBUTES = new ArrayList();
    private static final String[] VALID_MEDIA_TYPES_XML = {"application/xml", "text/xml"};
    private static final String[] VALID_MEDIA_TYPES_YAML = {Constants.MEDIA_TYPE_YAML, "text/yaml", "application/x-yaml"};
    private static final String[] VALID_MEDIA_TYPES_JSON = {"application/json", "text/json"};
    private static final Class<?>[] INBOUND_CONFIG_PROTOCOLS = {ServiceProvider.class, SAMLSSOServiceProviderDTO.class, OAuthAppDO.class};

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.wso2.carbon.identity.api.server.application.management.v1.core.ServerApplicationManagementService$2, reason: invalid class name */
    /* loaded from: input_file:WEB-INF/lib/org.wso2.carbon.identity.api.server.application.management.v1-1.2.137.jar:org/wso2/carbon/identity/api/server/application/management/v1/core/ServerApplicationManagementService$2.class */
    public static /* synthetic */ class AnonymousClass2 {
        static final /* synthetic */ int[] $SwitchMap$org$apache$cxf$jaxrs$ext$search$ConditionType = new int[ConditionType.values().length];

        static {
            try {
                $SwitchMap$org$apache$cxf$jaxrs$ext$search$ConditionType[ConditionType.EQUALS.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$apache$cxf$jaxrs$ext$search$ConditionType[ConditionType.GREATER_OR_EQUALS.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$apache$cxf$jaxrs$ext$search$ConditionType[ConditionType.LESS_OR_EQUALS.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$apache$cxf$jaxrs$ext$search$ConditionType[ConditionType.GREATER_THAN.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$apache$cxf$jaxrs$ext$search$ConditionType[ConditionType.NOT_EQUALS.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$org$apache$cxf$jaxrs$ext$search$ConditionType[ConditionType.LESS_THAN.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$org$apache$cxf$jaxrs$ext$search$ConditionType[ConditionType.OR.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$org$apache$cxf$jaxrs$ext$search$ConditionType[ConditionType.AND.ordinal()] = 8;
            } catch (NoSuchFieldError e8) {
            }
        }
    }

    public ApplicationListResponse getAllApplications(Integer num, Integer num2, String str, String str2, String str3, String str4) {
        handleNotImplementedCapabilities(str2, str3);
        String tenantDomainFromContext = ContextLoader.getTenantDomainFromContext();
        Integer valueOf = Integer.valueOf(validateAndGetLimit(num));
        Integer valueOf2 = Integer.valueOf(validateAndGetOffset(num2));
        List<String> arrayList = new ArrayList();
        if (StringUtils.isNotBlank(str)) {
            try {
                arrayList = validateFilterTree(new FilterTreeBuilder(str).buildTree());
            } catch (IOException | IdentityException e) {
                throw buildClientError(ApplicationManagementConstants.ErrorMessage.INVALID_FILTER_FORMAT, new String[DEFAULT_OFFSET]);
            }
        }
        String usernameFromContext = ContextLoader.getUsernameFromContext();
        try {
            int countOfApplications = getApplicationManagementService().getCountOfApplications(tenantDomainFromContext, usernameFromContext, str);
            ApplicationBasicInfo[] applicationBasicInfo = getApplicationManagementService().getApplicationBasicInfo(tenantDomainFromContext, usernameFromContext, str, valueOf2.intValue(), valueOf.intValue());
            int length = applicationBasicInfo.length;
            ArrayList arrayList2 = new ArrayList();
            if (StringUtils.isNotEmpty(str4)) {
                arrayList2 = new ArrayList(Arrays.asList(str4.split(",")));
                validateRequiredAttributes(arrayList2);
            }
            if (!arrayList2.contains(ApplicationManagementConstants.CLIENT_ID) && arrayList.contains(ApplicationManagementConstants.CLIENT_ID)) {
                arrayList2.add(ApplicationManagementConstants.CLIENT_ID);
            }
            if (!arrayList2.contains(ApplicationManagementConstants.ISSUER) && arrayList.contains(ApplicationManagementConstants.ISSUER)) {
                arrayList2.add(ApplicationManagementConstants.ISSUER);
            }
            if (!CollectionUtils.isNotEmpty(arrayList2)) {
                return new ApplicationListResponse().totalResults(Integer.valueOf(countOfApplications)).startIndex(Integer.valueOf(valueOf2.intValue() + 1)).count(Integer.valueOf(length)).applications(getApplicationListItems(applicationBasicInfo)).links((List) Util.buildPaginationLinks(valueOf.intValue(), valueOf2.intValue(), countOfApplications, ApplicationManagementConstants.APPLICATION_MANAGEMENT_PATH_COMPONENT, str4, str).entrySet().stream().map(entry -> {
                    return new Link().rel((String) entry.getKey()).href((String) entry.getValue());
                }).collect(Collectors.toList()));
            }
            return new ApplicationListResponse().totalResults(Integer.valueOf(countOfApplications)).startIndex(Integer.valueOf(valueOf2.intValue() + 1)).count(Integer.valueOf(length)).applications(getApplicationListItems(getSpWithRequiredAttributes(applicationBasicInfo, arrayList2), arrayList2)).links((List) Util.buildPaginationLinks(valueOf.intValue(), valueOf2.intValue(), countOfApplications, ApplicationManagementConstants.APPLICATION_MANAGEMENT_PATH_COMPONENT, str4, str).entrySet().stream().map(entry2 -> {
                return new Link().rel((String) entry2.getKey()).href((String) entry2.getValue());
            }).collect(Collectors.toList()));
        } catch (IdentityApplicationManagementException e2) {
            throw handleIdentityApplicationManagementException(e2, "Error listing applications of tenantDomain: " + tenantDomainFromContext);
        }
    }

    private List<String> validateFilterTree(Node node) {
        ArrayList arrayList = new ArrayList();
        if (node instanceof ExpressionNode) {
            ExpressionNode expressionNode = (ExpressionNode) node;
            if (!SUPPORTED_FILTER_ATTRIBUTES.contains(expressionNode.getAttributeValue())) {
                throw buildClientError(ApplicationManagementConstants.ErrorMessage.UNSUPPORTED_FILTER_ATTRIBUTE, expressionNode.getAttributeValue());
            }
            arrayList.add(expressionNode.getAttributeValue());
            return arrayList;
        }
        if (!(node instanceof OperationNode)) {
            throw buildClientError(ApplicationManagementConstants.ErrorMessage.INVALID_FILTER_FORMAT, new String[DEFAULT_OFFSET]);
        }
        Node leftNode = node.getLeftNode();
        Node rightNode = node.getRightNode();
        if (((OperationNode) node).getOperation().equals("not")) {
            throw buildClientError(ApplicationManagementConstants.ErrorMessage.INVALID_FILTER_OPERATION, new String[DEFAULT_OFFSET]);
        }
        return (List) Stream.of((Object[]) new List[]{validateFilterTree(leftNode), validateFilterTree(rightNode)}).flatMap((v0) -> {
            return v0.stream();
        }).collect(Collectors.toList());
    }

    private void validateRequiredAttributes(List<String> list) {
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            if (!SUPPORTED_REQUIRED_ATTRIBUTES.contains(it.next())) {
                ApplicationManagementConstants.ErrorMessage errorMessage = ApplicationManagementConstants.ErrorMessage.NON_EXISTING_REQ_ATTRIBUTES;
                throw Utils.buildBadRequestError(errorMessage.getCode(), errorMessage.getDescription());
            }
        }
    }

    private List<ServiceProvider> getSpWithRequiredAttributes(ApplicationBasicInfo[] applicationBasicInfoArr, List<String> list) throws IdentityApplicationManagementException {
        ArrayList arrayList = new ArrayList();
        int length = applicationBasicInfoArr.length;
        for (int i = DEFAULT_OFFSET; i < length; i++) {
            arrayList.add(getApplicationManagementService().getApplicationWithRequiredAttributes(applicationBasicInfoArr[i].getApplicationId(), list));
        }
        return arrayList;
    }

    private int validateAndGetOffset(Integer num) {
        return (num == null || num.intValue() < 0) ? DEFAULT_OFFSET : num.intValue();
    }

    private int validateAndGetLimit(Integer num) {
        int maximumItemPerPage = IdentityUtil.getMaximumItemPerPage();
        if (num != null && num.intValue() > 0 && num.intValue() <= maximumItemPerPage) {
            return num.intValue();
        }
        if (num == null || num.intValue() <= maximumItemPerPage) {
            return IdentityUtil.getDefaultItemsPerPage();
        }
        if (log.isDebugEnabled()) {
            log.debug("Given limit exceeds the maximum limit. Therefore the configured default limit: " + maximumItemPerPage + " is set as the limit.");
        }
        return maximumItemPerPage;
    }

    public ApplicationResponseModel getApplication(String str) {
        return new ServiceProviderToApiModel().apply(getServiceProvider(str));
    }

    public ArrayList<ConfiguredAuthenticatorsModal> getConfiguredAuthenticators(String str) {
        String tenantDomainFromContext = ContextLoader.getTenantDomainFromContext();
        ArrayList<ConfiguredAuthenticatorsModal> arrayList = new ArrayList<>();
        try {
            AuthenticationStep[] configuredAuthenticators = getApplicationManagementService().getConfiguredAuthenticators(str, tenantDomainFromContext);
            if (configuredAuthenticators == null) {
                throw buildClientError(ApplicationManagementConstants.ErrorMessage.APPLICATION_NOT_FOUND, str);
            }
            int length = configuredAuthenticators.length;
            for (int i = DEFAULT_OFFSET; i < length; i++) {
                AuthenticationStep authenticationStep = configuredAuthenticators[i];
                ArrayList arrayList2 = new ArrayList();
                ArrayList arrayList3 = new ArrayList();
                ConfiguredAuthenticatorsModal configuredAuthenticatorsModal = new ConfiguredAuthenticatorsModal();
                configuredAuthenticatorsModal.stepId(Integer.valueOf(authenticationStep.getStepOrder()));
                LocalAuthenticatorConfig[] localAuthenticatorConfigs = authenticationStep.getLocalAuthenticatorConfigs();
                int length2 = localAuthenticatorConfigs.length;
                for (int i2 = DEFAULT_OFFSET; i2 < length2; i2++) {
                    LocalAuthenticatorConfig localAuthenticatorConfig = localAuthenticatorConfigs[i2];
                    ConfiguredAuthenticator configuredAuthenticator = new ConfiguredAuthenticator();
                    configuredAuthenticator.setName(localAuthenticatorConfig.getDisplayName());
                    configuredAuthenticator.setType(localAuthenticatorConfig.getName());
                    arrayList2.add(configuredAuthenticator);
                }
                IdentityProvider[] federatedIdentityProviders = authenticationStep.getFederatedIdentityProviders();
                int length3 = federatedIdentityProviders.length;
                for (int i3 = DEFAULT_OFFSET; i3 < length3; i3++) {
                    IdentityProvider identityProvider = federatedIdentityProviders[i3];
                    FederatedAuthenticatorConfig[] federatedAuthenticatorConfigs = identityProvider.getFederatedAuthenticatorConfigs();
                    int length4 = federatedAuthenticatorConfigs.length;
                    for (int i4 = DEFAULT_OFFSET; i4 < length4; i4++) {
                        FederatedAuthenticatorConfig federatedAuthenticatorConfig = federatedAuthenticatorConfigs[i4];
                        ConfiguredAuthenticator configuredAuthenticator2 = new ConfiguredAuthenticator();
                        configuredAuthenticator2.setName(identityProvider.getIdentityProviderName());
                        configuredAuthenticator2.setType(federatedAuthenticatorConfig.getName());
                        arrayList3.add(configuredAuthenticator2);
                    }
                }
                configuredAuthenticatorsModal.setLocalAuthenticators(arrayList2);
                configuredAuthenticatorsModal.setFederatedAuthenticators(arrayList3);
                arrayList.add(configuredAuthenticatorsModal);
            }
            return arrayList;
        } catch (IdentityApplicationManagementException e) {
            throw handleIdentityApplicationManagementException(e, "Error retrieving application with id: " + str);
        }
    }

    public String exportApplication(String str, Boolean bool) {
        try {
            return getApplicationManagementService().exportSPApplicationFromAppID(str, bool.booleanValue(), ContextLoader.getTenantDomainFromContext());
        } catch (IdentityApplicationManagementException e) {
            throw handleIdentityApplicationManagementException(e, "Error exporting application with id: " + str);
        }
    }

    public TransferResource exportApplicationAsFile(String str, Boolean bool, String str2) {
        if (log.isDebugEnabled()) {
            log.debug("Exporting service provider from application ID " + str);
        }
        if (StringUtils.isBlank(str2)) {
            throw new UnsupportedOperationException("No valid media type found");
        }
        try {
            ServiceProvider exportSPFromAppID = getApplicationManagementService().exportSPFromAppID(str, bool.booleanValue(), ContextLoader.getTenantDomainFromContext());
            TransferResource generateFileFromModel = generateFileFromModel(str2, exportSPFromAppID);
            if (log.isDebugEnabled()) {
                log.debug("Successfully exported: " + exportSPFromAppID.getApplicationName() + " as a file of type: " + str2);
            }
            return generateFileFromModel;
        } catch (IdentityApplicationManagementException e) {
            throw handleIdentityApplicationManagementException(e, "Error exporting application with id: " + str);
        }
    }

    private TransferResource generateFileFromModel(String str, ServiceProvider serviceProvider) {
        String parseJsonFromServiceProvider;
        if (log.isDebugEnabled()) {
            log.debug("Generating file content from model for application: " + serviceProvider.getApplicationName());
        }
        StringBuilder sb = new StringBuilder(serviceProvider.getApplicationName());
        if (Arrays.asList(VALID_MEDIA_TYPES_XML).contains(str)) {
            parseJsonFromServiceProvider = parseXmlFromServiceProvider(serviceProvider);
            sb.append(".xml");
        } else if (Arrays.asList(VALID_MEDIA_TYPES_YAML).contains(str)) {
            parseJsonFromServiceProvider = parseYamlFromServiceProvider(serviceProvider);
            sb.append(".yml");
        } else {
            if (!Arrays.asList(VALID_MEDIA_TYPES_JSON).contains(str)) {
                throw Utils.buildServerError("Unsupported media type: " + str + ". Supported media types are " + Arrays.toString(VALID_MEDIA_TYPES_XML) + ", " + Arrays.toString(VALID_MEDIA_TYPES_YAML) + ", " + Arrays.toString(VALID_MEDIA_TYPES_JSON));
            }
            parseJsonFromServiceProvider = parseJsonFromServiceProvider(serviceProvider);
            sb.append(".json");
        }
        return new TransferResource(sb.toString(), new ByteArrayResource(parseJsonFromServiceProvider.getBytes(StandardCharsets.UTF_8)), MediaType.APPLICATION_OCTET_STREAM);
    }

    private String parseXmlFromServiceProvider(ServiceProvider serviceProvider) {
        try {
            Marshaller createMarshaller = JAXBContext.newInstance(INBOUND_CONFIG_PROTOCOLS).createMarshaller();
            createMarshaller.setProperty("jaxb.formatted.output", true);
            createMarshaller.setListener(new Marshaller.Listener() { // from class: org.wso2.carbon.identity.api.server.application.management.v1.core.ServerApplicationManagementService.1
                public void beforeMarshal(Object obj) {
                    if (obj instanceof InboundAuthenticationConfig) {
                        InboundAuthenticationRequestConfig[] inboundAuthenticationRequestConfigs = ((InboundAuthenticationConfig) obj).getInboundAuthenticationRequestConfigs();
                        int length = inboundAuthenticationRequestConfigs.length;
                        for (int i = ServerApplicationManagementService.DEFAULT_OFFSET; i < length; i++) {
                            inboundAuthenticationRequestConfigs[i].setInboundConfiguration((String) null);
                        }
                    }
                }
            });
            StringWriter stringWriter = new StringWriter();
            createMarshaller.marshal(serviceProvider, stringWriter);
            return stringWriter.toString();
        } catch (JAXBException e) {
            throw Utils.buildServerError("Error exporting application from XML file.", e);
        }
    }

    private String parseYamlFromServiceProvider(ServiceProvider serviceProvider) {
        Constructor constructor = new Constructor(new LoaderOptions());
        CustomRepresenter customRepresenter = new CustomRepresenter(new DumperOptions());
        Class<?>[] clsArr = INBOUND_CONFIG_PROTOCOLS;
        int length = clsArr.length;
        for (int i = DEFAULT_OFFSET; i < length; i++) {
            Class<?> cls = clsArr[i];
            TypeDescription typeDescription = new TypeDescription(InboundConfigurationProtocol.class);
            typeDescription.addPropertyParameters("type", new Class[]{cls});
            constructor.addTypeDescription(typeDescription);
        }
        try {
            return new Yaml(constructor, customRepresenter).dump(serviceProvider);
        } catch (YAMLException e) {
            throw Utils.buildServerError("Error exporting application from YAML file.", e);
        }
    }

    private String parseJsonFromServiceProvider(ServiceProvider serviceProvider) {
        ObjectMapper objectMapper = new ObjectMapper(new JsonFactory());
        objectMapper.registerSubtypes(INBOUND_CONFIG_PROTOCOLS);
        try {
            return objectMapper.writeValueAsString(serviceProvider);
        } catch (JsonProcessingException e) {
            throw Utils.buildServerError("Error exporting application from JSON file.", e);
        }
    }

    public String importApplication(InputStream inputStream, Attachment attachment) {
        return doImportApplication(inputStream, attachment, false);
    }

    public String importApplicationForUpdate(InputStream inputStream, Attachment attachment) {
        return doImportApplication(inputStream, attachment, true);
    }

    private String doImportApplication(InputStream inputStream, Attachment attachment, boolean z) {
        try {
            try {
                SpFileContent buildSpFileContent = buildSpFileContent(inputStream, attachment);
                String tenantDomainFromContext = ContextLoader.getTenantDomainFromContext();
                String usernameFromContext = ContextLoader.getUsernameFromContext();
                ImportResponse importSPApplication = getApplicationManagementService().importSPApplication(parseSP(buildSpFileContent, attachment.getDataHandler().getContentType(), tenantDomainFromContext), tenantDomainFromContext, usernameFromContext, z);
                if (importSPApplication.getResponseCode() == 400) {
                    throw handleErrorResponse(importSPApplication);
                }
                String applicationResourceId = importSPApplication.getApplicationResourceId();
                IOUtils.closeQuietly(inputStream);
                return applicationResourceId;
            } catch (IOException e) {
                throw Utils.buildServerError("Error importing application from file.", e);
            } catch (IdentityApplicationManagementException e2) {
                throw handleIdentityApplicationManagementException(e2, "Error importing application from file.");
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly(inputStream);
            throw th;
        }
    }

    private ServiceProvider parseSP(SpFileContent spFileContent, String str, String str2) throws IdentityApplicationManagementException {
        if (log.isDebugEnabled()) {
            log.debug("Parsing service provider from file: " + spFileContent.getFileName() + " of type: " + str);
        }
        if (StringUtils.isEmpty(spFileContent.getContent())) {
            throw new IdentityApplicationManagementException(String.format("Empty Service Provider configuration file  %s uploaded by tenant: %s", spFileContent.getFileName(), str2));
        }
        if (containsValidMediaType(str, VALID_MEDIA_TYPES_XML)) {
            return parseServiceProviderFromXml(spFileContent, str2);
        }
        if (containsValidMediaType(str, VALID_MEDIA_TYPES_YAML)) {
            return parseServiceProviderFromYaml(spFileContent, str2);
        }
        if (containsValidMediaType(str, VALID_MEDIA_TYPES_JSON)) {
            return parseServiceProviderFromJson(spFileContent, str2);
        }
        log.warn("Unsupported file type " + str + " for file " + spFileContent.getFileName() + " . Defaulting to XML parsing");
        return parseServiceProviderFromXml(spFileContent, str2);
    }

    private boolean containsValidMediaType(String str, String[] strArr) {
        int length = strArr.length;
        for (int i = DEFAULT_OFFSET; i < length; i++) {
            if (str.contains(strArr[i])) {
                return true;
            }
        }
        return false;
    }

    private ServiceProvider parseServiceProviderFromXml(SpFileContent spFileContent, String str) throws IdentityApplicationManagementException {
        try {
            return (ServiceProvider) JAXBContext.newInstance(INBOUND_CONFIG_PROTOCOLS).createUnmarshaller().unmarshal(new StringReader(spFileContent.getContent()));
        } catch (JAXBException e) {
            throw new IdentityApplicationManagementException(String.format("Error in reading XML Service Provider configuration file %s uploaded by tenant: %s", spFileContent.getFileName(), str), e);
        }
    }

    private ServiceProvider parseServiceProviderFromYaml(SpFileContent spFileContent, String str) throws IdentityApplicationManagementException {
        try {
            ArrayList arrayList = new ArrayList();
            arrayList.add(ServiceProvider.class.getName());
            arrayList.add(OAuthAppDO.class.getName());
            arrayList.add(SAMLSSOServiceProviderDTO.class.getName());
            LoaderOptions loaderOptions = new LoaderOptions();
            loaderOptions.setTagInspector(new TrustedPrefixesTagInspector(arrayList));
            return (ServiceProvider) new Yaml(new Constructor(ServiceProvider.class, loaderOptions)).loadAs(spFileContent.getContent(), ServiceProvider.class);
        } catch (YAMLException e) {
            throw new IdentityApplicationManagementException(String.format("Error in reading YAML Service Provider configuration file %s uploaded by tenant: %s", spFileContent.getFileName(), str), e);
        }
    }

    private ServiceProvider parseServiceProviderFromJson(SpFileContent spFileContent, String str) throws IdentityApplicationManagementException {
        try {
            ObjectMapper objectMapper = new ObjectMapper();
            objectMapper.registerSubtypes(INBOUND_CONFIG_PROTOCOLS);
            return (ServiceProvider) objectMapper.readValue(spFileContent.getContent(), ServiceProvider.class);
        } catch (JsonProcessingException e) {
            throw new IdentityApplicationManagementException(String.format("Error in reading JSON Service Provider configuration file %s uploaded by tenant: %s", spFileContent.getFileName(), str), e);
        }
    }

    private SpFileContent buildSpFileContent(InputStream inputStream, Attachment attachment) throws IOException {
        SpFileContent spFileContent = new SpFileContent();
        spFileContent.setContent(IOUtils.toString(inputStream, StandardCharsets.UTF_8.name()));
        spFileContent.setFileName(attachment.getDataHandler().getName());
        return spFileContent;
    }

    private APIError handleErrorResponse(ImportResponse importResponse) {
        String errorCode = importResponse.getErrorCode() != null ? importResponse.getErrorCode() : IdentityApplicationConstants.Error.INVALID_REQUEST.getCode();
        String str = DEFAULT_OFFSET;
        if (ArrayUtils.isNotEmpty(importResponse.getErrors())) {
            str = importResponse.getErrors()[DEFAULT_OFFSET];
        }
        return Utils.buildClientError(errorCode, "Error importing application from XML file.", str);
    }

    public String createApplication(ApplicationModel applicationModel, String str) {
        if (StringUtils.isNotBlank(str)) {
            throw Utils.buildNotImplementedError(ApplicationManagementConstants.ErrorMessage.APPLICATION_CREATION_WITH_TEMPLATES_NOT_IMPLEMENTED.getCode(), "Application creation with templates not supported.");
        }
        if (applicationModel.getInboundProtocolConfiguration() != null && applicationModel.getInboundProtocolConfiguration().getOidc() != null) {
            validateCORSOrigins(applicationModel.getInboundProtocolConfiguration().getOidc().getAllowedOrigins());
        }
        if (applicationModel.getInboundProtocolConfiguration() != null && applicationModel.getInboundProtocolConfiguration().getSaml() != null && applicationModel.getAdvancedConfigurations() != null && applicationModel.getAdvancedConfigurations().getUseExternalConsentPage() != null && applicationModel.getAdvancedConfigurations().getUseExternalConsentPage().booleanValue()) {
            throw Utils.buildBadRequestError(ApplicationManagementConstants.ErrorMessage.USE_EXTERNAL_CONSENT_PAGE_NOT_SUPPORTED.getCode(), ApplicationManagementConstants.ErrorMessage.USE_EXTERNAL_CONSENT_PAGE_NOT_SUPPORTED.getDescription());
        }
        String usernameFromContext = ContextLoader.getUsernameFromContext();
        String tenantDomainFromContext = ContextLoader.getTenantDomainFromContext();
        String str2 = DEFAULT_OFFSET;
        ServiceProvider apply = new ApiModelToServiceProvider().apply(applicationModel);
        try {
            str2 = getApplicationManagementService().createApplication(apply, tenantDomainFromContext, usernameFromContext);
            if (apply.isB2BSelfServiceApp()) {
                String b2BSelfServiceSystemUser = org.wso2.carbon.identity.organization.management.service.util.Utils.getB2BSelfServiceSystemUser(tenantDomainFromContext);
                if (StringUtils.isNotEmpty(b2BSelfServiceSystemUser)) {
                    ApplicationOwner applicationOwner = new ApplicationOwner();
                    applicationOwner.id(b2BSelfServiceSystemUser);
                    changeApplicationOwner(str2, applicationOwner);
                }
            }
            if (applicationModel.getInboundProtocolConfiguration() != null && applicationModel.getInboundProtocolConfiguration().getOidc() != null) {
                OAuthInboundFunctions.updateCorsOrigins(str2, applicationModel.getInboundProtocolConfiguration().getOidc());
            }
            return str2;
        } catch (IdentityApplicationManagementException e) {
            if (log.isDebugEnabled()) {
                log.debug("Error while creating application. Rolling back possibly created inbound config data.", e);
            }
            InboundFunctions.rollbackInbounds(getConfiguredInbounds(apply));
            throw handleIdentityApplicationManagementException(e, "Error creating application.");
        } catch (CORSManagementServiceException e2) {
            if (log.isDebugEnabled()) {
                log.debug("Error while updating CORS origins. Rolling back created application data.", e2);
            }
            if (str2 != null) {
                deleteApplication(str2);
            }
            if (ErrorMessages.ERROR_CODE_DUPLICATE_ORIGINS.getCode().equals(e2.getErrorCode())) {
                throw buildClientError((CORSManagementServiceException) e2, "Error creating application. Found duplicate allowed origin entries.");
            }
            throw buildClientError((CORSManagementServiceException) e2, "Error creating application. Allow CORS origins update failed.");
        } catch (Throwable th) {
            if (log.isDebugEnabled()) {
                log.debug("Server encountered unexpected error. Rolling back created application data.", th);
            }
            if (str2 != null) {
                deleteApplication(str2);
            } else {
                InboundFunctions.rollbackInbounds(getConfiguredInbounds(apply));
            }
            throw Utils.buildServerError(ApplicationManagementConstants.ErrorMessage.ERROR_PROCESSING_REQUEST.getCode(), ApplicationManagementConstants.ErrorMessage.ERROR_PROCESSING_REQUEST.getMessage(), ApplicationManagementConstants.ErrorMessage.ERROR_PROCESSING_REQUEST.getDescription());
        }
    }

    public void patchApplication(String str, ApplicationPatchModel applicationPatchModel) {
        ServiceProvider cloneApplication = cloneApplication(str);
        if (applicationPatchModel != null) {
            new UpdateServiceProvider().apply(cloneApplication, applicationPatchModel);
        }
        boolean isAllowUpdateSystemApplication = isAllowUpdateSystemApplication(cloneApplication.getApplicationName(), applicationPatchModel);
        try {
            if (isAllowUpdateSystemApplication) {
                try {
                    IdentityApplicationManagementUtil.setAllowUpdateSystemApplicationThreadLocal(true);
                } catch (IdentityApplicationManagementException e) {
                    throw handleIdentityApplicationManagementException(e, "Error patching application with id: " + str);
                }
            }
            getApplicationManagementService().updateApplicationByResourceId(str, cloneApplication, ContextLoader.getTenantDomainFromContext(), ContextLoader.getUsernameFromContext());
            if (isAllowUpdateSystemApplication) {
                IdentityApplicationManagementUtil.removeAllowUpdateSystemApplicationThreadLocal();
            }
        } catch (Throwable th) {
            if (isAllowUpdateSystemApplication) {
                IdentityApplicationManagementUtil.removeAllowUpdateSystemApplicationThreadLocal();
            }
            throw th;
        }
    }

    public void deleteApplication(String str) {
        String usernameFromContext = ContextLoader.getUsernameFromContext();
        String tenantDomainFromContext = ContextLoader.getTenantDomainFromContext();
        try {
            List applicationCORSOrigins = ApplicationManagementServiceHolder.getCorsManagementService().getApplicationCORSOrigins(str, tenantDomainFromContext);
            if (!CollectionUtils.isEmpty(applicationCORSOrigins)) {
                ApplicationManagementServiceHolder.getCorsManagementService().deleteCORSOrigins(str, (List) applicationCORSOrigins.stream().map((v0) -> {
                    return v0.getId();
                }).collect(Collectors.toList()), tenantDomainFromContext);
            }
            getApplicationManagementService().deleteApplicationByResourceId(str, tenantDomainFromContext, usernameFromContext);
        } catch (CORSManagementServiceClientException e) {
            if (!ErrorMessages.ERROR_CODE_INVALID_APP_ID.getCode().equals(e.getErrorCode())) {
                throw Utils.buildClientError(e.getErrorCode(), "Error while trying to remove CORS origins associated with the application: " + str, e.getMessage());
            }
            if (log.isDebugEnabled()) {
                log.debug("Invalid application id: " + str, e);
            }
        } catch (CORSManagementServiceException e2) {
            throw Utils.buildServerError("Error while trying to remove CORS origins associated with the application: " + str, e2);
        } catch (IdentityApplicationManagementException e3) {
            throw handleIdentityApplicationManagementException(e3, "Error deleting application with id: " + str);
        }
    }

    public ResidentApplication getResidentApplication() {
        return getResidentApplication(ContextLoader.getTenantDomainFromContext());
    }

    public ResidentApplication updateResidentApplication(ProvisioningConfiguration provisioningConfiguration) {
        String tenantDomainFromContext = ContextLoader.getTenantDomainFromContext();
        try {
            String applicationResourceId = getResidentSp(tenantDomainFromContext).getApplicationResourceId();
            ServiceProvider cloneApplication = cloneApplication(applicationResourceId);
            if (provisioningConfiguration != null) {
                new UpdateProvisioningConfiguration().apply(cloneApplication, provisioningConfiguration);
            }
            updateServiceProvider(applicationResourceId, cloneApplication);
            return getResidentApplication(tenantDomainFromContext);
        } catch (IdentityApplicationManagementException e) {
            throw handleIdentityApplicationManagementException(e, "Error updating resident application of tenantDomain: " + tenantDomainFromContext);
        }
    }

    private ServiceProvider getResidentSp(String str) throws IdentityApplicationManagementException {
        ServiceProvider serviceProvider = getApplicationManagementService().getServiceProvider("wso2carbon-local-sp", str);
        if (serviceProvider == null) {
            throw Utils.buildServerError("Resident application cannot be found for tenantDomain: " + str);
        }
        return serviceProvider;
    }

    private ResidentApplication getResidentApplication(String str) {
        try {
            return new ResidentApplication().provisioningConfigurations(new BuildProvisioningConfiguration().apply(getResidentSp(str)));
        } catch (IdentityApplicationManagementException e) {
            throw handleIdentityApplicationManagementException(e, "Error retrieving resident application of tenantDomain: " + str);
        }
    }

    public void deleteOAuthInbound(String str) {
        deleteInbound(str, "oauth2");
    }

    public void deleteSAMLInbound(String str) {
        deleteInbound(str, "samlsso");
    }

    public void deletePassiveStsInbound(String str) {
        deleteInbound(str, "passivests");
    }

    public void deleteWSTrustInbound(String str) {
        deleteInbound(str, "wstrust");
    }

    public void deleteCustomInbound(String str, String str2) {
        deleteInbound(str, str2);
    }

    public OpenIDConnectConfiguration getInboundOAuthConfiguration(String str) {
        return (OpenIDConnectConfiguration) getInbound(str, "oauth2", OAuthInboundFunctions::getOAuthConfiguration);
    }

    public SAML2ServiceProvider getInboundSAMLConfiguration(String str) {
        return (SAML2ServiceProvider) getInbound(str, "samlsso", SAMLInboundFunctions::getSAML2ServiceProvider);
    }

    public PassiveStsConfiguration getPassiveStsConfiguration(String str) {
        return (PassiveStsConfiguration) getInbound(str, "passivests", PassiveSTSInboundFunctions::getPassiveSTSConfiguration);
    }

    public WSTrustConfiguration getWSTrustConfiguration(String str) {
        return (WSTrustConfiguration) getInbound(str, "wstrust", WSTrustInboundFunctions::getWSTrustConfiguration);
    }

    public CustomInboundProtocolConfiguration getCustomInboundConfiguration(String str, String str2) {
        if (isUnknownInboundType(str2)) {
            throw Utils.buildBadRequestError("Unknown inbound type: " + str2);
        }
        return (CustomInboundProtocolConfiguration) getInbound(str, str2, CustomInboundFunctions::getCustomInbound);
    }

    private boolean isUnknownInboundType(String str) {
        return this.applicationMetadataService.getInboundProtocols(true).stream().noneMatch(authProtocolMetadata -> {
            return StringUtils.equals(authProtocolMetadata.getName(), str);
        });
    }

    public List<InboundProtocolListItem> getInboundProtocols(String str) {
        return new InboundAuthConfigToApiModel().apply(getServiceProvider(str));
    }

    public void putInboundOAuthConfiguration(String str, OpenIDConnectConfiguration openIDConnectConfiguration) {
        validateCORSOrigins(openIDConnectConfiguration.getAllowedOrigins());
        boolean isAllowUpdateSystemAppOAuthConfigs = isAllowUpdateSystemAppOAuthConfigs(str, openIDConnectConfiguration);
        if (isAllowUpdateSystemAppOAuthConfigs) {
            try {
                IdentityApplicationManagementUtil.setAllowUpdateSystemApplicationThreadLocal(true);
            } catch (Throwable th) {
                if (isAllowUpdateSystemAppOAuthConfigs) {
                    IdentityApplicationManagementUtil.removeAllowUpdateSystemApplicationThreadLocal();
                }
                throw th;
            }
        }
        putInbound(str, openIDConnectConfiguration, OAuthInboundFunctions::putOAuthInbound);
        if (isAllowUpdateSystemAppOAuthConfigs) {
            IdentityApplicationManagementUtil.removeAllowUpdateSystemApplicationThreadLocal();
        }
    }

    public void putInboundSAMLConfiguration(String str, SAML2Configuration sAML2Configuration) {
        putInbound(str, sAML2Configuration, SAMLInboundFunctions::putSAMLInbound);
    }

    public void putInboundPassiveSTSConfiguration(String str, PassiveStsConfiguration passiveStsConfiguration) {
        putInbound(str, passiveStsConfiguration, PassiveSTSInboundFunctions::putPassiveSTSInbound);
    }

    public void putInboundWSTrustConfiguration(String str, WSTrustConfiguration wSTrustConfiguration) {
        putInbound(str, wSTrustConfiguration, WSTrustInboundFunctions::putWSTrustConfiguration);
    }

    public void updateCustomInbound(String str, String str2, CustomInboundProtocolConfiguration customInboundProtocolConfiguration) {
        if (isUnknownInboundType(str2)) {
            throw Utils.buildBadRequestError("Unknown inbound type: " + str2);
        }
        customInboundProtocolConfiguration.setName(str2);
        putInbound(str, customInboundProtocolConfiguration, CustomInboundFunctions::putCustomInbound);
    }

    public String createApplicationTemplate(ApplicationTemplateModel applicationTemplateModel) {
        try {
            return getTemplateManager().addTemplate(new ApplicationTemplateApiModelToTemplate().apply(applicationTemplateModel));
        } catch (TemplateManagementException e) {
            throw handleTemplateManagementException(e, "Error while adding the new application template.");
        }
    }

    public ApplicationTemplatesList listApplicationTemplates(Integer num, Integer num2, SearchContext searchContext) {
        validatePaginationSupport(num, num2);
        try {
            List<ApplicationTemplatesListItem> list = (List) getTemplateManager().listTemplates(TemplateMgtConstants.TemplateType.APPLICATION_TEMPLATE.toString(), (Integer) null, (Integer) null, getSearchCondition(TemplateMgtConstants.TemplateType.APPLICATION_TEMPLATE.toString(), ContextLoader.getTenantDomainFromContext(), searchContext)).stream().map(new TemplateToApplicationTemplateListItem()).collect(Collectors.toList());
            ApplicationTemplatesList applicationTemplatesList = new ApplicationTemplatesList();
            applicationTemplatesList.setTemplates(list);
            return applicationTemplatesList;
        } catch (TemplateManagementException e) {
            throw handleTemplateManagementException(e, "Error while listing application templates.");
        }
    }

    private boolean isAllowUpdateSystemApplication(String str, ApplicationPatchModel applicationPatchModel) {
        Set systemApplications = ApplicationManagementServiceHolder.getApplicationManagementService().getSystemApplications();
        if (systemApplications == null) {
            return false;
        }
        Stream stream = systemApplications.stream();
        Objects.requireNonNull(str);
        return !stream.noneMatch(str::equalsIgnoreCase) && StringUtils.equalsIgnoreCase("Console", str) && StringUtils.equalsIgnoreCase("Console", applicationPatchModel.getName()) && applicationPatchModel.getDescription() == null && applicationPatchModel.getImageUrl() == null && applicationPatchModel.getAccessUrl() == null && applicationPatchModel.getTemplateId() == null && applicationPatchModel.getClaimConfiguration() == null && applicationPatchModel.getAdvancedConfigurations() == null && applicationPatchModel.getProvisioningConfigurations() == null;
    }

    private boolean isAllowUpdateSystemAppOAuthConfigs(String str, OpenIDConnectConfiguration openIDConnectConfiguration) {
        ServiceProvider serviceProvider = getServiceProvider(str);
        Set systemApplications = ApplicationManagementServiceHolder.getApplicationManagementService().getSystemApplications();
        if (systemApplications == null) {
            return false;
        }
        Stream stream = systemApplications.stream();
        String applicationName = serviceProvider.getApplicationName();
        Objects.requireNonNull(applicationName);
        if (stream.noneMatch(applicationName::equalsIgnoreCase) || !StringUtils.equalsIgnoreCase("Console", serviceProvider.getApplicationName())) {
            return false;
        }
        OpenIDConnectConfiguration openIDConnectConfiguration2 = (OpenIDConnectConfiguration) getInbound(str, "oauth2", OAuthInboundFunctions::getOAuthConfiguration);
        openIDConnectConfiguration2.setCallbackURLs(openIDConnectConfiguration.getCallbackURLs());
        openIDConnectConfiguration2.setAllowedOrigins(openIDConnectConfiguration.getAllowedOrigins());
        return openIDConnectConfiguration.equals(openIDConnectConfiguration2);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v32, types: [java.util.List] */
    private Condition getSearchCondition(String str, String str2, SearchContext searchContext) {
        if (searchContext == null) {
            if (!log.isDebugEnabled()) {
                return null;
            }
            log.debug("Cannot find a valid search context.");
            return null;
        }
        SearchCondition condition = searchContext.getCondition(ResourceSearchBean.class);
        if (condition == null) {
            if (!log.isDebugEnabled()) {
                return null;
            }
            log.debug("Search condition parsed from the search expression is invalid.");
            return null;
        }
        ComplexCondition buildSearchCondition = buildSearchCondition(condition);
        ArrayList arrayList = new ArrayList();
        PrimitiveCondition primitiveCondition = new PrimitiveCondition("resourceTypeName", ConditionType.PrimitiveOperator.EQUALS, str);
        PrimitiveCondition primitiveCondition2 = new PrimitiveCondition("tenantDomain", ConditionType.PrimitiveOperator.EQUALS, str2);
        if (buildSearchCondition instanceof ComplexCondition) {
            arrayList = buildSearchCondition.getConditions();
            arrayList.add(primitiveCondition);
            arrayList.add(primitiveCondition2);
        } else if (buildSearchCondition instanceof PrimitiveCondition) {
            arrayList.add(buildSearchCondition);
            arrayList.add(primitiveCondition);
            arrayList.add(primitiveCondition2);
        }
        return new ComplexCondition(getComplexOperatorFromOdata(org.apache.cxf.jaxrs.ext.search.ConditionType.AND), arrayList);
    }

    private Condition buildSearchCondition(SearchCondition searchCondition) {
        if (searchCondition.getStatement() == null) {
            ArrayList arrayList = new ArrayList();
            Iterator it = searchCondition.getSearchConditions().iterator();
            while (it.hasNext()) {
                arrayList.add(buildSearchCondition((SearchCondition) it.next()));
            }
            return new ComplexCondition(getComplexOperatorFromOdata(searchCondition.getConditionType()), arrayList);
        }
        PrimitiveStatement statement = searchCondition.getStatement();
        if (!ApplicationManagementConstants.TemplateProperties.SEARCH_KEYS.contains(statement.getProperty())) {
            if ("name".equals(statement.getProperty())) {
                return new PrimitiveCondition("resourceName", getPrimitiveOperatorFromOdata(statement.getCondition()), statement.getValue());
            }
            throw buildClientError(ApplicationManagementConstants.ErrorMessage.ERROR_CODE_ERROR_INVALID_SEARCH_FILTER, (String[]) null);
        }
        ArrayList arrayList2 = new ArrayList();
        PrimitiveCondition primitiveCondition = new PrimitiveCondition("attributeKey", ConditionType.PrimitiveOperator.EQUALS, statement.getProperty());
        PrimitiveCondition primitiveCondition2 = new PrimitiveCondition("attributeValue", getPrimitiveOperatorFromOdata(statement.getCondition()), statement.getValue());
        arrayList2.add(primitiveCondition);
        arrayList2.add(primitiveCondition2);
        return new ComplexCondition(getComplexOperatorFromOdata(org.apache.cxf.jaxrs.ext.search.ConditionType.AND), arrayList2);
    }

    private ConditionType.PrimitiveOperator getPrimitiveOperatorFromOdata(org.apache.cxf.jaxrs.ext.search.ConditionType conditionType) {
        ConditionType.PrimitiveOperator primitiveOperator;
        switch (AnonymousClass2.$SwitchMap$org$apache$cxf$jaxrs$ext$search$ConditionType[conditionType.ordinal()]) {
            case 1:
                primitiveOperator = ConditionType.PrimitiveOperator.EQUALS;
                break;
            case 2:
                primitiveOperator = ConditionType.PrimitiveOperator.GREATER_OR_EQUALS;
                break;
            case 3:
                primitiveOperator = ConditionType.PrimitiveOperator.LESS_OR_EQUALS;
                break;
            case 4:
                primitiveOperator = ConditionType.PrimitiveOperator.GREATER_THAN;
                break;
            case 5:
                primitiveOperator = ConditionType.PrimitiveOperator.NOT_EQUALS;
                break;
            case 6:
                primitiveOperator = ConditionType.PrimitiveOperator.LESS_THAN;
                break;
            default:
                throw buildClientError(ApplicationManagementConstants.ErrorMessage.INVALID_FILTER_OPERATION, conditionType.name());
        }
        return primitiveOperator;
    }

    private ConditionType.ComplexOperator getComplexOperatorFromOdata(org.apache.cxf.jaxrs.ext.search.ConditionType conditionType) {
        ConditionType.ComplexOperator complexOperator;
        switch (AnonymousClass2.$SwitchMap$org$apache$cxf$jaxrs$ext$search$ConditionType[conditionType.ordinal()]) {
            case 7:
                complexOperator = ConditionType.ComplexOperator.OR;
                break;
            case 8:
                complexOperator = ConditionType.ComplexOperator.AND;
                break;
            default:
                throw buildClientError(ApplicationManagementConstants.ErrorMessage.INVALID_FILTER_OPERATION, conditionType.name());
        }
        return complexOperator;
    }

    public ApplicationTemplateModel getApplicationTemplateById(String str) {
        try {
            return new TemplateToApplicationTemplate().apply(getTemplateManager().getTemplateById(str));
        } catch (TemplateManagementException e) {
            if (TemplateMgtConstants.ErrorMessages.ERROR_CODE_TEMPLATE_NOT_FOUND.getCode().equals(e.getErrorCode())) {
                throw handleTemplateNotFoundException(e);
            }
            throw handleTemplateManagementException(e, "Error while retrieving the application template with id " + str + ".");
        }
    }

    public void deleteApplicationTemplateById(String str) {
        try {
            getTemplateManager().deleteTemplateById(str);
        } catch (TemplateManagementException e) {
            if (!TemplateMgtConstants.ErrorMessages.ERROR_CODE_TEMPLATE_NOT_FOUND.getCode().equals(e.getErrorCode())) {
                throw handleTemplateManagementException(e, "Error while deleting the application template with id " + str + ".");
            }
            throw handleTemplateNotFoundException(e);
        }
    }

    public void updateApplicationTemplateById(String str, ApplicationTemplateModel applicationTemplateModel) {
        try {
            getTemplateManager().updateTemplateById(str, new ApplicationTemplateApiModelToTemplate().apply(applicationTemplateModel));
        } catch (TemplateManagementException e) {
            if (!TemplateMgtConstants.ErrorMessages.ERROR_CODE_TEMPLATE_NOT_FOUND.getCode().equals(e.getErrorCode())) {
                throw handleTemplateManagementException(e, "Error while updating the application template with id " + str + ".");
            }
            throw handleTemplateNotFoundException(e);
        }
    }

    public void changeApplicationOwner(String str, ApplicationOwner applicationOwner) {
        ServiceProvider cloneApplication = cloneApplication(str);
        User userFromUserID = getUserFromUserID(applicationOwner.getId());
        org.wso2.carbon.identity.application.common.model.User user = new org.wso2.carbon.identity.application.common.model.User();
        user.setUserName(userFromUserID.getUsername());
        user.setUserStoreDomain(userFromUserID.getUserStoreDomain());
        user.setTenantDomain(userFromUserID.getTenantDomain());
        cloneApplication.setOwner(user);
        updateServiceProvider(str, cloneApplication);
    }

    public void addAuthorizedAPI(String str, AuthorizedAPICreationModel authorizedAPICreationModel) {
        try {
            String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
            String id = authorizedAPICreationModel.getId();
            if (getAuthorizedAPIManagementService().getAuthorizedAPI(str, id, tenantDomain) != null) {
                throw handleAuthorizedAPIConflictError(str, id);
            }
            APIResource aPIResourceById = ApplicationManagementServiceHolder.getApiResourceManager().getAPIResourceById(id, tenantDomain);
            if (aPIResourceById == null) {
                throw buildClientError(ApplicationManagementConstants.ErrorMessage.API_RESOURCE_NOT_FOUND, id, tenantDomain);
            }
            validateAPIResourceScopes(aPIResourceById, authorizedAPICreationModel.getScopes());
            String validatePolicy = validatePolicy(authorizedAPICreationModel.getPolicyIdentifier());
            if (aPIResourceById.isAuthorizationRequired() && !validatePolicy.equals(ApplicationManagementConstants.RBAC)) {
                throw buildClientError(ApplicationManagementConstants.ErrorMessage.INVALID_POLICY_TYPE_FOR_API_RESOURCE, id, validatePolicy);
            }
            getAuthorizedAPIManagementService().addAuthorizedAPI(str, new AuthorizedAPI.AuthorizedAPIBuilder().appId(str).apiId(id).policyId(validatePolicy).scopes((List) authorizedAPICreationModel.getScopes().stream().map(str2 -> {
                return new Scope.ScopeBuilder().name(str2).build();
            }).collect(Collectors.toList())).build(), tenantDomain);
        } catch (IdentityApplicationManagementException e) {
            throw handleIdentityApplicationManagementException(e, "Error adding authorized API with id: " + authorizedAPICreationModel.getId() + " to application with id: " + str);
        } catch (APIResourceMgtException e2) {
            throw Utils.buildServerError("Error while fetching API resource with id: " + authorizedAPICreationModel.getId(), e2);
        }
    }

    public void deleteAuthorizedAPI(String str, String str2) {
        try {
            getAuthorizedAPIManagementService().deleteAuthorizedAPI(str, str2, CarbonContext.getThreadLocalCarbonContext().getTenantDomain());
        } catch (IdentityApplicationManagementException e) {
            throw handleIdentityApplicationManagementException(e, "Error while deleting authorized API with id: " + str2 + " from the application with  id: " + str);
        }
    }

    public void updateAuthorizedAPI(String str, String str2, AuthorizedAPIPatchModel authorizedAPIPatchModel) {
        try {
            String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
            List<String> addedScopes = authorizedAPIPatchModel.getAddedScopes();
            List<String> removedScopes = authorizedAPIPatchModel.getRemovedScopes();
            addedScopes.removeAll(removedScopes);
            APIResource aPIResourceById = ApplicationManagementServiceHolder.getApiResourceManager().getAPIResourceById(str2, tenantDomain);
            if (aPIResourceById == null) {
                throw buildClientError(ApplicationManagementConstants.ErrorMessage.API_RESOURCE_NOT_FOUND, str2, tenantDomain);
            }
            validateAPIResourceScopes(aPIResourceById, addedScopes);
            AuthorizedAPI authorizedAPI = getAuthorizedAPIManagementService().getAuthorizedAPI(str, str2, tenantDomain);
            if (authorizedAPI == null) {
                throw buildClientError(ApplicationManagementConstants.ErrorMessage.AUTHORIZED_API_NOT_FOUND, str2, str);
            }
            addedScopes.removeIf(str3 -> {
                return authorizedAPI.getScopes().stream().anyMatch(scope -> {
                    return scope.getName().equals(str3);
                });
            });
            getAuthorizedAPIManagementService().patchAuthorizedAPI(str, str2, addedScopes, removedScopes, tenantDomain);
        } catch (IdentityApplicationManagementException e) {
            throw handleIdentityApplicationManagementException(e, "Error while updating authorized API with id: " + str2 + " for the application with  id: " + str);
        } catch (APIResourceMgtException e2) {
            throw Utils.buildServerError("Error while fetching API resource with id: " + str2, e2);
        }
    }

    public List<AuthorizedAPIResponse> getAuthorizedAPIs(String str) {
        try {
            ArrayList arrayList = new ArrayList();
            List<AuthorizedAPI> authorizedAPIs = getAuthorizedAPIManagementService().getAuthorizedAPIs(str, PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain());
            if (authorizedAPIs == null) {
                return new ArrayList();
            }
            for (AuthorizedAPI authorizedAPI : authorizedAPIs) {
                arrayList.add(new AuthorizedAPIResponse().id(authorizedAPI.getAPIId()).identifier(authorizedAPI.getAPIIdentifier()).displayName(authorizedAPI.getAPIName()).policyId(authorizedAPI.getPolicyId()).authorizedScopes(createAuthorizedScope(authorizedAPI.getScopes())));
            }
            return arrayList;
        } catch (IdentityApplicationManagementException e) {
            throw handleIdentityApplicationManagementException(e, "Error retrieving authorized APIs of application with id: " + str);
        }
    }

    private String validatePolicy(String str) {
        if (StringUtils.isBlank(str)) {
            return ApplicationManagementConstants.RBAC;
        }
        if (StringUtils.equalsIgnoreCase(ApplicationManagementConstants.RBAC, str) || StringUtils.equalsIgnoreCase(ApplicationManagementConstants.NO_POLICY, str)) {
            return StringUtils.upperCase(str);
        }
        throw buildClientError(ApplicationManagementConstants.ErrorMessage.INVALID_POLICY_VALUE, new String[DEFAULT_OFFSET]);
    }

    private void validateAPIResourceScopes(APIResource aPIResource, List<String> list) throws APIResourceMgtException {
        List scopes = aPIResource.getScopes();
        if (list == null) {
            return;
        }
        for (String str : list) {
            if (scopes.stream().noneMatch(scope -> {
                return scope.getName().equals(str);
            })) {
                throw buildClientError(ApplicationManagementConstants.ErrorMessage.SCOPES_NOT_FOUND, aPIResource.getId(), CarbonContext.getThreadLocalCarbonContext().getTenantDomain());
            }
        }
    }

    private List<AuthorizedScope> createAuthorizedScope(List<Scope> list) {
        return (List) list.stream().map(scope -> {
            return new AuthorizedScope().name(scope.getName()).displayName(scope.getDisplayName()).id(scope.getId());
        }).collect(Collectors.toList());
    }

    private <T> T getInbound(String str, String str2, Function<InboundAuthenticationRequestConfig, T> function) {
        return function.apply(getInboundAuthRequestConfig(str, str2));
    }

    public OpenIDConnectConfiguration regenerateOAuthApplicationSecret(String str) {
        return OAuthInboundFunctions.regenerateClientSecret(getInboundAuthRequestConfig(str, "oauth2").getInboundAuthKey());
    }

    public void revokeOAuthClient(String str) {
        OAuthInboundFunctions.revokeOAuthClient(getInboundAuthRequestConfig(str, "oauth2").getInboundAuthKey());
    }

    private InboundAuthenticationRequestConfig getInboundAuthRequestConfig(String str, String str2) {
        InboundAuthenticationRequestConfig inboundAuthenticationRequestConfig = InboundFunctions.getInboundAuthenticationRequestConfig(getServiceProvider(str), str2);
        if (inboundAuthenticationRequestConfig == null) {
            throw buildClientError(ApplicationManagementConstants.ErrorMessage.INBOUND_NOT_CONFIGURED, str2, str);
        }
        return inboundAuthenticationRequestConfig;
    }

    /* JADX WARN: Type inference failed for: r9v0, types: [java.lang.Throwable, org.wso2.carbon.identity.api.server.common.error.APIError] */
    private void deleteInbound(String str, String str2) {
        try {
            ServiceProvider cloneApplication = cloneApplication(str);
            InboundAuthenticationConfig inboundAuthenticationConfig = cloneApplication.getInboundAuthenticationConfig();
            if (ArrayUtils.isNotEmpty(inboundAuthenticationConfig.getInboundAuthenticationRequestConfigs())) {
                cloneApplication.getInboundAuthenticationConfig().setInboundAuthenticationRequestConfigs((InboundAuthenticationRequestConfig[]) Arrays.stream(inboundAuthenticationConfig.getInboundAuthenticationRequestConfigs()).filter(inboundAuthenticationRequestConfig -> {
                    return !StringUtils.equals(str2, inboundAuthenticationRequestConfig.getInboundAuthType());
                }).toArray(i -> {
                    return new InboundAuthenticationRequestConfig[i];
                }));
                updateServiceProvider(str, cloneApplication);
            }
            if (str2.equals("oauth2")) {
                String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
                CORSManagementService corsManagementService = ApplicationManagementServiceHolder.getCorsManagementService();
                try {
                    corsManagementService.deleteCORSOrigins(str, (List) corsManagementService.getApplicationCORSOrigins(str, tenantDomain).stream().map((v0) -> {
                        return v0.getId();
                    }).collect(Collectors.toList()), tenantDomain);
                } catch (CORSManagementServiceException e) {
                    log.error("Error while trying to remove CORS origins associated with the application.", e);
                }
            }
        } catch (APIError e2) {
            if (!ApplicationManagementConstants.ErrorMessage.APPLICATION_NOT_FOUND.getCode().equals(e2.getCode())) {
                throw e2;
            }
        }
    }

    private ServiceProvider cloneApplication(String str) {
        return Utils.deepCopyApplication(getServiceProvider(str));
    }

    private ServiceProvider getServiceProvider(String str) {
        try {
            String tenantDomainFromContext = ContextLoader.getTenantDomainFromContext();
            ServiceProvider applicationByResourceId = getApplicationManagementService().getApplicationByResourceId(str, tenantDomainFromContext);
            if (applicationByResourceId == null) {
                throw buildClientError(ApplicationManagementConstants.ErrorMessage.APPLICATION_NOT_FOUND, str, tenantDomainFromContext);
            }
            return applicationByResourceId;
        } catch (IdentityApplicationManagementException e) {
            throw handleIdentityApplicationManagementException(e, "Error retrieving application with id: " + str);
        }
    }

    private List<InboundAuthenticationRequestConfig> getConfiguredInbounds(ServiceProvider serviceProvider) {
        return (serviceProvider.getInboundAuthenticationConfig() == null || serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs() == null) ? Collections.emptyList() : Arrays.asList(serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs());
    }

    private List<ApplicationListItem> getApplicationListItems(ApplicationBasicInfo[] applicationBasicInfoArr) {
        return (List) Arrays.stream(applicationBasicInfoArr).map(new ApplicationBasicInfoToApiModel()).collect(Collectors.toList());
    }

    private List<ApplicationListItem> getApplicationListItems(List<ServiceProvider> list, List<String> list2) {
        ArrayList arrayList = new ArrayList();
        Iterator<ServiceProvider> it = list.iterator();
        while (it.hasNext()) {
            ApplicationResponseModel apply = new ServiceProviderToApiModel().apply(it.next());
            if (list2.stream().noneMatch(str -> {
                return str.equals("templateId");
            })) {
                apply.templateId(null);
            }
            if (list2.stream().noneMatch(str2 -> {
                return str2.equals(ApplicationManagementConstants.ADVANCED_CONFIGURATIONS);
            })) {
                apply.advancedConfigurations(null);
            }
            if (list2.stream().noneMatch(str3 -> {
                return str3.equals(ApplicationManagementConstants.CLIENT_ID);
            })) {
                apply.clientId(null);
            }
            if (list2.stream().noneMatch(str4 -> {
                return str4.equals(ApplicationManagementConstants.ISSUER);
            })) {
                apply.issuer(null);
            }
            if (list2.stream().noneMatch(str5 -> {
                return str5.equals("associatedRoles.allowedAudience");
            })) {
                apply.associatedRoles(null);
            }
            arrayList.add(new ApplicationInfoWithRequiredPropsToApiModel().apply(apply));
        }
        return arrayList;
    }

    private <I> void putInbound(String str, I i, BiFunction<ServiceProvider, I, InboundAuthenticationRequestConfig> biFunction) {
        ServiceProvider cloneApplication = cloneApplication(str);
        InboundAuthenticationRequestConfig apply = biFunction.apply(cloneApplication, i);
        InboundFunctions.updateOrInsertInbound(cloneApplication, apply);
        try {
            updateServiceProvider(str, cloneApplication);
        } catch (APIError e) {
            if (log.isDebugEnabled()) {
                log.debug("Error while updating application: " + str + ". Attempting to rollback possible inbound configurations created before the update.");
            }
            doRollback(str, apply);
            throw e;
        }
    }

    private void doRollback(String str, InboundAuthenticationRequestConfig inboundAuthenticationRequestConfig) {
        if (StringUtils.equals(InboundFunctions.getInboundAuthKey(getServiceProvider(str), inboundAuthenticationRequestConfig.getInboundAuthType()), inboundAuthenticationRequestConfig.getInboundAuthKey())) {
            return;
        }
        if (log.isDebugEnabled()) {
            log.debug("Removing inbound data related to inbound type: " + inboundAuthenticationRequestConfig.getInboundAuthType() + " of application: " + str + " as part of rollback.");
        }
        InboundFunctions.rollbackInbound(inboundAuthenticationRequestConfig);
    }

    private void updateServiceProvider(String str, ServiceProvider serviceProvider) {
        try {
            getApplicationManagementService().updateApplicationByResourceId(str, serviceProvider, ContextLoader.getTenantDomainFromContext(), ContextLoader.getUsernameFromContext());
        } catch (IdentityApplicationManagementException e) {
            throw handleIdentityApplicationManagementException(e, "Error updating application with id: " + str);
        }
    }

    private void handleNotImplementedCapabilities(String str, String str2) {
        ApplicationManagementConstants.ErrorMessage errorMessage = DEFAULT_OFFSET;
        if (str2 != null || str != null) {
            errorMessage = ApplicationManagementConstants.ErrorMessage.SORTING_NOT_IMPLEMENTED;
        }
        if (errorMessage != null) {
            throw Utils.buildServerError(errorMessage.getCode(), errorMessage.getMessage(), errorMessage.getDescription());
        }
    }

    private void validatePaginationSupport(Integer num, Integer num2) {
        if (num == null && num2 == null) {
            return;
        }
        ApplicationManagementConstants.ErrorMessage errorMessage = ApplicationManagementConstants.ErrorMessage.PAGINATED_LISTING_NOT_IMPLEMENTED;
        throw Utils.buildNotImplementedError(errorMessage.getCode(), errorMessage.getDescription());
    }

    private ApplicationManagementService getApplicationManagementService() {
        return ApplicationManagementServiceHolder.getApplicationManagementService();
    }

    private AuthorizedAPIManagementService getAuthorizedAPIManagementService() {
        return ApplicationManagementServiceHolder.getAuthorizedAPIManagementService();
    }

    private TemplateManager getTemplateManager() {
        return ApplicationManagementServiceHolder.getTemplateManager();
    }

    private APIError handleIdentityApplicationManagementException(IdentityApplicationManagementException identityApplicationManagementException, String str) {
        if (identityApplicationManagementException instanceof IdentityApplicationManagementClientException) {
            throw buildClientError(identityApplicationManagementException, str);
        }
        throw buildServerError(identityApplicationManagementException, str);
    }

    private APIError buildServerError(IdentityApplicationManagementException identityApplicationManagementException, String str) {
        return Utils.buildServerError(getErrorCode(identityApplicationManagementException, IdentityApplicationConstants.Error.UNEXPECTED_SERVER_ERROR.getCode()), str, identityApplicationManagementException.getMessage(), identityApplicationManagementException);
    }

    private APIError buildClientError(IdentityApplicationManagementException identityApplicationManagementException, String str) {
        String errorCode = getErrorCode(identityApplicationManagementException, IdentityApplicationConstants.Error.INVALID_REQUEST.getCode());
        return Constants.ERROR_CODE_RESOURCE_LIMIT_REACHED.equals(errorCode) ? handleResourceLimitReached() : Utils.buildClientError(errorCode, str, identityApplicationManagementException.getMessage());
    }

    private APIError handleResourceLimitReached() {
        return Utils.buildForbiddenError(ApplicationManagementConstants.ErrorMessage.ERROR_APPLICATION_LIMIT_REACHED.getCode(), ApplicationManagementConstants.ErrorMessage.ERROR_APPLICATION_LIMIT_REACHED.getMessage(), ApplicationManagementConstants.ErrorMessage.ERROR_APPLICATION_LIMIT_REACHED.getDescription());
    }

    private String getErrorCode(IdentityApplicationManagementException identityApplicationManagementException, String str) {
        return identityApplicationManagementException.getErrorCode() != null ? identityApplicationManagementException.getErrorCode() : str;
    }

    private APIError handleTemplateManagementException(TemplateManagementException templateManagementException, String str) {
        if (templateManagementException instanceof TemplateManagementClientException) {
            throw buildClientError(templateManagementException, str);
        }
        throw buildServerError(templateManagementException, str);
    }

    private APIError handleTemplateNotFoundException(TemplateManagementException templateManagementException) {
        return Utils.buildNotFoundError(templateManagementException.getErrorCode(), "Template not found", templateManagementException.getMessage());
    }

    private APIError buildServerError(TemplateManagementException templateManagementException, String str) {
        return Utils.buildServerError(getErrorCode(templateManagementException, IdentityApplicationConstants.Error.UNEXPECTED_SERVER_ERROR.getCode()), str, templateManagementException.getMessage(), templateManagementException);
    }

    private APIError buildClientError(TemplateManagementException templateManagementException, String str) {
        return Utils.buildClientError(getErrorCode(templateManagementException, IdentityApplicationConstants.Error.INVALID_REQUEST.getCode()), str, templateManagementException.getMessage());
    }

    private APIError buildClientError(CORSManagementServiceException cORSManagementServiceException, String str) {
        return Utils.buildClientError(getErrorCode(cORSManagementServiceException, IdentityApplicationConstants.Error.INVALID_REQUEST.getCode()), str, cORSManagementServiceException.getMessage());
    }

    private String getErrorCode(TemplateManagementException templateManagementException, String str) {
        return templateManagementException.getErrorCode() != null ? templateManagementException.getErrorCode() : str;
    }

    private String getErrorCode(CORSManagementServiceException cORSManagementServiceException, String str) {
        return cORSManagementServiceException.getErrorCode() != null ? cORSManagementServiceException.getErrorCode() : str;
    }

    private APIError buildClientError(ApplicationManagementConstants.ErrorMessage errorMessage, String... strArr) {
        return Utils.buildClientError(errorMessage.getCode(), errorMessage.getMessage(), buildFormattedDescription(errorMessage.getDescription(), strArr));
    }

    private String buildFormattedDescription(String str, String... strArr) {
        return strArr != null ? String.format(str, strArr) : str;
    }

    private static void validateCORSOrigins(List<String> list) {
        boolean z = true;
        if (CollectionUtils.isEmpty(list)) {
            return;
        }
        for (String str : list) {
            try {
                if (StringUtils.isNotEmpty(new URL(str).toURI().getPath())) {
                    z = DEFAULT_OFFSET;
                }
            } catch (IllegalArgumentException | MalformedURLException | URISyntaxException e) {
                z = DEFAULT_OFFSET;
            }
            if (!z) {
                throw Utils.buildBadRequestError("Error creating application. Invalid Allowed Origin found: " + str);
            }
        }
    }

    private User getUserFromUserID(String str) {
        RealmService realmService = ApplicationManagementServiceHolder.getRealmService();
        if (realmService == null) {
            if (log.isDebugEnabled()) {
                log.debug("RealmService is not set properly.");
            }
            throw Utils.buildServerError(ApplicationManagementConstants.ErrorMessage.ERROR_RETRIEVING_USER_BY_ID.getCode(), ApplicationManagementConstants.ErrorMessage.ERROR_RETRIEVING_USER_BY_ID.getMessage(), buildFormattedDescription(ApplicationManagementConstants.ErrorMessage.ERROR_RETRIEVING_USER_BY_ID.getDescription(), str));
        }
        try {
            return realmService.getTenantUserRealm(PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId()).getUserStoreManager().getUserWithID(str, (String[]) null, (String) null);
        } catch (UserStoreException e) {
            if (e.getMessage().startsWith(ApplicationManagementConstants.NON_EXISTING_USER_CODE)) {
                throw buildClientError(ApplicationManagementConstants.ErrorMessage.NON_EXISTING_USER_ID, str);
            }
            throw Utils.buildServerError(ApplicationManagementConstants.ErrorMessage.ERROR_RETRIEVING_USERSTORE_MANAGER.getCode(), ApplicationManagementConstants.ErrorMessage.ERROR_RETRIEVING_USERSTORE_MANAGER.getMessage(), ApplicationManagementConstants.ErrorMessage.ERROR_RETRIEVING_USERSTORE_MANAGER.getDescription());
        }
    }

    private APIError handleAuthorizedAPIConflictError(String str, String str2) {
        return Utils.buildConflictError(ApplicationManagementConstants.ErrorMessage.API_RESOURCE_ALREADY_AUTHORIZED.getCode(), ApplicationManagementConstants.ErrorMessage.API_RESOURCE_ALREADY_AUTHORIZED.getMessage(), String.format(ApplicationManagementConstants.ErrorMessage.API_RESOURCE_ALREADY_AUTHORIZED.getDescription(), str2, str));
    }

    static {
        SUPPORTED_FILTER_ATTRIBUTES.add("name");
        SUPPORTED_FILTER_ATTRIBUTES.add(ApplicationManagementConstants.CLIENT_ID);
        SUPPORTED_FILTER_ATTRIBUTES.add(ApplicationManagementConstants.ISSUER);
        SUPPORTED_REQUIRED_ATTRIBUTES.add(ApplicationManagementConstants.ADVANCED_CONFIGURATIONS);
        SUPPORTED_REQUIRED_ATTRIBUTES.add(ApplicationManagementConstants.CLIENT_ID);
        SUPPORTED_REQUIRED_ATTRIBUTES.add("templateId");
        SUPPORTED_REQUIRED_ATTRIBUTES.add(ApplicationManagementConstants.ISSUER);
        SUPPORTED_REQUIRED_ATTRIBUTES.add("associatedRoles.allowedAudience");
    }
}
