package org.wso2.carbon.idp.mgt;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.sql.Connection;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.xml.stream.XMLStreamException;
import org.apache.axiom.om.util.Base64;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.NotImplementedException;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.core.util.KeyStoreManager;
import org.wso2.carbon.identity.application.common.ApplicationAuthenticatorService;
import org.wso2.carbon.identity.application.common.ProvisioningConnectorService;
import org.wso2.carbon.identity.application.common.model.ClaimConfig;
import org.wso2.carbon.identity.application.common.model.ClaimMapping;
import org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig;
import org.wso2.carbon.identity.application.common.model.IdentityProvider;
import org.wso2.carbon.identity.application.common.model.IdentityProviderProperty;
import org.wso2.carbon.identity.application.common.model.LocalRole;
import org.wso2.carbon.identity.application.common.model.PermissionsAndRoleConfig;
import org.wso2.carbon.identity.application.common.model.Property;
import org.wso2.carbon.identity.application.common.model.ProvisioningConnectorConfig;
import org.wso2.carbon.identity.application.common.model.RoleMapping;
import org.wso2.carbon.identity.application.common.util.IdentityApplicationManagementUtil;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.core.ServiceURLBuilder;
import org.wso2.carbon.identity.core.URLBuilderException;
import org.wso2.carbon.identity.core.model.ExpressionNode;
import org.wso2.carbon.identity.core.model.FilterTreeBuilder;
import org.wso2.carbon.identity.core.model.Node;
import org.wso2.carbon.identity.core.model.OperationNode;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.role.mgt.core.IdentityRoleManagementException;
import org.wso2.carbon.identity.role.mgt.core.RoleManagementService;
import org.wso2.carbon.idp.mgt.dao.CacheBackedIdPMgtDAO;
import org.wso2.carbon.idp.mgt.dao.FileBasedIdPMgtDAO;
import org.wso2.carbon.idp.mgt.dao.IdPManagementDAO;
import org.wso2.carbon.idp.mgt.internal.IdPManagementServiceComponent;
import org.wso2.carbon.idp.mgt.internal.IdpMgtServiceComponentHolder;
import org.wso2.carbon.idp.mgt.listener.IdentityProviderMgtListener;
import org.wso2.carbon.idp.mgt.model.ConnectedAppsResult;
import org.wso2.carbon.idp.mgt.model.IdpSearchResult;
import org.wso2.carbon.idp.mgt.util.IdPManagementConstants;
import org.wso2.carbon.idp.mgt.util.IdPManagementUtil;
import org.wso2.carbon.idp.mgt.util.MetadataConverter;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.api.UserStoreManager;
import org.wso2.carbon.user.core.UserCoreConstants;

/* loaded from: input_file:org/wso2/carbon/idp/mgt/IdentityProviderManager.class */
public class IdentityProviderManager implements IdpManager {
    private static final String OPENID_IDP_ENTITY_ID = "IdPEntityId";
    private static final Log log = LogFactory.getLog(IdentityProviderManager.class);
    private static CacheBackedIdPMgtDAO dao = new CacheBackedIdPMgtDAO(new IdPManagementDAO());
    private static volatile IdentityProviderManager instance = new IdentityProviderManager();

    private IdentityProviderManager() {
    }

    public static IdentityProviderManager getInstance() {
        return instance;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public IdentityProvider getResidentIdP(String str) throws IdentityProviderManagementException {
        IdPManagementUtil.setTenantSpecifiers(str);
        String property = IdentityUtil.getProperty("OpenID.OpenIDServerUrl");
        String property2 = IdentityUtil.getProperty("OAuth.OAuth1RequestTokenUrl");
        String property3 = IdentityUtil.getProperty("OAuth.OAuth1AuthorizeUrl");
        String property4 = IdentityUtil.getProperty("OAuth.OAuth1AccessTokenUrl");
        String property5 = IdentityUtil.getProperty("OAuth.OAuth2AuthzEPUrl");
        String property6 = IdentityUtil.getProperty("OAuth.OAuth2TokenEPUrl");
        String property7 = IdentityUtil.getProperty("OAuth.OAuth2UserInfoEPUrl");
        String property8 = IdentityUtil.getProperty("OAuth.OIDCCheckSessionEPUrl");
        String property9 = IdentityUtil.getProperty("OAuth.OIDCLogoutEPUrl");
        String property10 = IdentityUtil.getProperty("PassiveSTS.IdentityProviderURL");
        String property11 = IdentityUtil.getProperty("SecurityTokenService.IdentityProviderURL");
        String property12 = IdentityUtil.getProperty("SCIM.UserEPUrl");
        String property13 = IdentityUtil.getProperty("SCIM.GroupEPUrl");
        String property14 = IdentityUtil.getProperty("SCIM2.UserEPUrl");
        String property15 = IdentityUtil.getProperty("SCIM2.GroupEPUrl");
        String property16 = IdentityUtil.getProperty("OAuth.OAuth2RevokeEPUrl");
        String property17 = IdentityUtil.getProperty("OAuth.OAuth2IntrospectEPUrl");
        String property18 = IdentityUtil.getProperty("OAuth.OIDCWebFingerEPUrl");
        String property19 = IdentityUtil.getProperty("OAuth.OAuth2DCREPUrl");
        String property20 = IdentityUtil.getProperty("OAuth.OAuth2JWKSPage");
        String property21 = IdentityUtil.getProperty("OAuth.OIDCDiscoveryEPUrl");
        if (StringUtils.isBlank(property)) {
            property = IdentityUtil.getServerURL("openid", true, true);
        }
        if (StringUtils.isBlank(property2)) {
            property2 = IdentityUtil.getServerURL("oauth/request-token", true, true);
        }
        if (StringUtils.isBlank(property3)) {
            property3 = IdentityUtil.getServerURL("oauth/authorize-url", true, true);
        }
        if (StringUtils.isBlank(property4)) {
            property4 = IdentityUtil.getServerURL("oauth/access-token", true, true);
        }
        String resolveAbsoluteURL = resolveAbsoluteURL("oauth2/authorize", property5, str);
        String resolveAbsoluteURL2 = resolveAbsoluteURL("oauth2/token", property6, str);
        String resolveAbsoluteURL3 = resolveAbsoluteURL("oauth2/revoke", property16, str);
        String addTenantPathParamInLegacyMode = addTenantPathParamInLegacyMode(resolveAbsoluteURL("oauth2/introspect", property17, str), str);
        String resolveAbsoluteURL4 = resolveAbsoluteURL("oauth2/userinfo", property7, str);
        String resolveAbsoluteURL5 = resolveAbsoluteURL("oidc/checksession", property8, str);
        String resolveAbsoluteURL6 = resolveAbsoluteURL("oidc/logout", property9, str);
        String addTenantPathParamInLegacyMode2 = addTenantPathParamInLegacyMode(resolveAbsoluteURL("api/identity/oauth2/dcr/v1.1/register", property19, str), str);
        String addTenantPathParamInLegacyMode3 = addTenantPathParamInLegacyMode(resolveAbsoluteURL("oauth2/jwks", property20, str), str);
        String addTenantPathParamInLegacyMode4 = addTenantPathParamInLegacyMode(resolveAbsoluteURL("oauth2/oidcdiscovery", property21, str), str);
        String resolveAbsoluteURL7 = resolveAbsoluteURL("passivests", property10, str);
        String replace = StringUtils.isNotBlank(property11) ? property11.replace("wso2carbon-sts", getTenantContextFromTenantDomain(str) + "wso2carbon-sts") : IdentityUtil.getServerURL("services/" + getTenantContextFromTenantDomain(str) + "wso2carbon-sts", true, true);
        if (StringUtils.isBlank(property12)) {
            property12 = IdentityUtil.getServerURL("wso2/scim/Users", true, false);
        }
        if (StringUtils.isBlank(property13)) {
            property13 = IdentityUtil.getServerURL("wso2/scim/Groups", true, false);
        }
        if (StringUtils.isBlank(property14)) {
            property14 = IdentityUtil.getServerURL("scim2/Users", true, false);
        }
        try {
            if (StringUtils.isNotBlank(str) && !"carbon.super".equals(str)) {
                property14 = getTenantUrl(property14, str);
            }
        } catch (URISyntaxException e) {
            log.error("SCIM 2.0 Users endpoint is malformed");
        }
        if (StringUtils.isBlank(property15)) {
            property15 = IdentityUtil.getServerURL("scim2/Groups", true, false);
        }
        try {
            if (StringUtils.isNotBlank(str) && !"carbon.super".equals(str)) {
                property15 = getTenantUrl(property15, str);
            }
        } catch (URISyntaxException e2) {
            log.error("SCIM 2.0 Groups endpoint is malformed");
        }
        IdentityProvider idPByName = dao.getIdPByName(null, IdPManagementConstants.RESIDENT_IDP, IdentityTenantUtil.getTenantId(str), str);
        if (idPByName == null) {
            throw new IdentityProviderManagementException("Could not find Resident Identity Provider for tenant " + str);
        }
        try {
            int tenantId = IdPManagementServiceComponent.getRealmService().getTenantManager().getTenantId(str);
            try {
                try {
                    IdentityTenantUtil.initializeRegistry(tenantId);
                    PrivilegedCarbonContext.startTenantFlow();
                    PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(str, true);
                    KeyStoreManager keyStoreManager = KeyStoreManager.getInstance(tenantId);
                    X509Certificate defaultPrimaryCertificate = !"carbon.super".equals(str) ? (X509Certificate) keyStoreManager.getKeyStore(str.trim().replace(IdPManagementConstants.MULTI_VALUED_PROPERTY_CHARACTER, "-") + ".jks").getCertificate(str) : keyStoreManager.getDefaultPrimaryCertificate();
                    PrivilegedCarbonContext.endTenantFlow();
                    if (defaultPrimaryCertificate == null) {
                        throw new IdentityProviderManagementException("Cannot find the primary certificate for tenant " + str);
                    }
                    try {
                        idPByName.setCertificate(Base64.encode(defaultPrimaryCertificate.getEncoded()));
                        ArrayList arrayList = new ArrayList();
                        FederatedAuthenticatorConfig federatedAuthenticator = IdentityApplicationManagementUtil.getFederatedAuthenticator(idPByName.getFederatedAuthenticatorConfigs(), "openid");
                        if (federatedAuthenticator == null) {
                            federatedAuthenticator = new FederatedAuthenticatorConfig();
                            federatedAuthenticator.setName("openid");
                        }
                        ArrayList arrayList2 = new ArrayList(Arrays.asList(federatedAuthenticator.getProperties()));
                        if (IdentityApplicationManagementUtil.getProperty(federatedAuthenticator.getProperties(), "OpenIdUrl") == null) {
                            Property property22 = new Property();
                            property22.setName("OpenIdUrl");
                            property22.setValue(property);
                            arrayList2.add(property22);
                        }
                        federatedAuthenticator.setProperties((Property[]) arrayList2.toArray(new Property[arrayList2.size()]));
                        arrayList.add(federatedAuthenticator);
                        arrayList.add(buildSAMLProperties(idPByName, str));
                        FederatedAuthenticatorConfig federatedAuthenticator2 = IdentityApplicationManagementUtil.getFederatedAuthenticator(idPByName.getFederatedAuthenticatorConfigs(), "oauth10a");
                        if (federatedAuthenticator2 == null) {
                            federatedAuthenticator2 = new FederatedAuthenticatorConfig();
                            federatedAuthenticator2.setName("oauth10a");
                        }
                        ArrayList arrayList3 = new ArrayList(Arrays.asList(federatedAuthenticator2.getProperties()));
                        if (IdentityApplicationManagementUtil.getProperty(federatedAuthenticator2.getProperties(), "OAuth1RequestTokenUrl") == null) {
                            Property property23 = new Property();
                            property23.setName("OAuth1RequestTokenUrl");
                            property23.setValue(property2);
                            arrayList3.add(property23);
                        }
                        if (IdentityApplicationManagementUtil.getProperty(federatedAuthenticator2.getProperties(), "OAuth1AuthorizeUrl") == null) {
                            Property property24 = new Property();
                            property24.setName("OAuth1AuthorizeUrl");
                            property24.setValue(property3);
                            arrayList3.add(property24);
                        }
                        if (IdentityApplicationManagementUtil.getProperty(federatedAuthenticator2.getProperties(), "OAuth1AccessTokenUrl") == null) {
                            Property property25 = new Property();
                            property25.setName("OAuth1AccessTokenUrl");
                            property25.setValue(property4);
                            arrayList3.add(property25);
                        }
                        federatedAuthenticator2.setProperties((Property[]) arrayList3.toArray(new Property[arrayList3.size()]));
                        arrayList.add(federatedAuthenticator2);
                        FederatedAuthenticatorConfig federatedAuthenticator3 = IdentityApplicationManagementUtil.getFederatedAuthenticator(idPByName.getFederatedAuthenticatorConfigs(), "openidconnect");
                        if (federatedAuthenticator3 == null) {
                            federatedAuthenticator3 = new FederatedAuthenticatorConfig();
                            federatedAuthenticator3.setName("openidconnect");
                        }
                        ArrayList arrayList4 = new ArrayList();
                        arrayList4.add(IdentityTenantUtil.isTenantQualifiedUrlsEnabled() ? resolveFedAuthnProperty(resolveAbsoluteURL2, federatedAuthenticator3, OPENID_IDP_ENTITY_ID) : resolveFedAuthnProperty(getOIDCResidentIdPEntityId(), federatedAuthenticator3, OPENID_IDP_ENTITY_ID));
                        arrayList4.add(resolveFedAuthnProperty(resolveAbsoluteURL, federatedAuthenticator3, "OAuth2AuthzEPUrl"));
                        arrayList4.add(resolveFedAuthnProperty(resolveAbsoluteURL2, federatedAuthenticator3, "OAuth2TokenEPUrl"));
                        arrayList4.add(resolveFedAuthnProperty(resolveAbsoluteURL3, federatedAuthenticator3, "OAuth2RevokeEPUrl"));
                        arrayList4.add(resolveFedAuthnProperty(addTenantPathParamInLegacyMode, federatedAuthenticator3, "OAuth2IntrospectEPUrl"));
                        arrayList4.add(resolveFedAuthnProperty(resolveAbsoluteURL4, federatedAuthenticator3, "OAuth2UserInfoEPUrl"));
                        arrayList4.add(resolveFedAuthnProperty(resolveAbsoluteURL5, federatedAuthenticator3, "OIDCCheckSessionEPUrl"));
                        arrayList4.add(resolveFedAuthnProperty(resolveAbsoluteURL6, federatedAuthenticator3, "OIDCLogoutEPUrl"));
                        arrayList4.add(resolveFedAuthnProperty(addTenantPathParamInLegacyMode2, federatedAuthenticator3, "OAuth2DCREPUrl"));
                        arrayList4.add(resolveFedAuthnProperty(property18, federatedAuthenticator3, "OIDCWebFingerEPUrl"));
                        arrayList4.add(resolveFedAuthnProperty(addTenantPathParamInLegacyMode3, federatedAuthenticator3, "OAuth2JWKSPage"));
                        arrayList4.add(resolveFedAuthnProperty(addTenantPathParamInLegacyMode4, federatedAuthenticator3, "OIDCDiscoveryEPUrl"));
                        federatedAuthenticator3.setProperties((Property[]) arrayList4.toArray(new Property[arrayList4.size()]));
                        arrayList.add(federatedAuthenticator3);
                        FederatedAuthenticatorConfig federatedAuthenticator4 = IdentityApplicationManagementUtil.getFederatedAuthenticator(idPByName.getFederatedAuthenticatorConfigs(), "passivests");
                        if (federatedAuthenticator4 == null) {
                            federatedAuthenticator4 = new FederatedAuthenticatorConfig();
                            federatedAuthenticator4.setName("passivests");
                        }
                        ArrayList arrayList5 = new ArrayList();
                        Property property26 = IdentityApplicationManagementUtil.getProperty(federatedAuthenticator4.getProperties(), "IdentityProviderUrl");
                        if (property26 == null) {
                            property26 = new Property();
                            property26.setName("IdentityProviderUrl");
                        }
                        property26.setValue(resolveAbsoluteURL7);
                        arrayList5.add(property26);
                        Property property27 = IdentityApplicationManagementUtil.getProperty(federatedAuthenticator4.getProperties(), OPENID_IDP_ENTITY_ID);
                        if (property27 == null) {
                            property27 = new Property();
                            property27.setName(OPENID_IDP_ENTITY_ID);
                            property27.setValue(IdPManagementUtil.getResidentIdPEntityId());
                        }
                        arrayList5.add(property27);
                        for (Property property28 : federatedAuthenticator4.getProperties()) {
                            if (property28 != null && !"IdentityProviderUrl".equals(property28.getName()) && !OPENID_IDP_ENTITY_ID.equals(property28.getName())) {
                                arrayList5.add(property28);
                            }
                        }
                        federatedAuthenticator4.setProperties((Property[]) arrayList5.toArray(new Property[arrayList5.size()]));
                        arrayList.add(federatedAuthenticator4);
                        FederatedAuthenticatorConfig federatedAuthenticator5 = IdentityApplicationManagementUtil.getFederatedAuthenticator(idPByName.getFederatedAuthenticatorConfigs(), "wstrust");
                        if (federatedAuthenticator5 == null) {
                            federatedAuthenticator5 = new FederatedAuthenticatorConfig();
                            federatedAuthenticator5.setName("wstrust");
                        }
                        ArrayList arrayList6 = new ArrayList(Arrays.asList(federatedAuthenticator5.getProperties()));
                        if (IdentityApplicationManagementUtil.getProperty(federatedAuthenticator5.getProperties(), "IDENTITY_PROVIDER_URL") == null) {
                            Property property29 = new Property();
                            property29.setName("IDENTITY_PROVIDER_URL");
                            property29.setValue(replace);
                            arrayList6.add(property29);
                        }
                        federatedAuthenticator5.setProperties((Property[]) arrayList6.toArray(new Property[arrayList6.size()]));
                        arrayList.add(federatedAuthenticator5);
                        new ArrayList();
                        FederatedAuthenticatorConfig federatedAuthenticatorConfig = new FederatedAuthenticatorConfig();
                        federatedAuthenticatorConfig.setName("IDPProperties");
                        ArrayList arrayList7 = new ArrayList(Arrays.asList(federatedAuthenticatorConfig.getProperties()));
                        Property property30 = new Property();
                        property30.setName("CleanUpPeriod");
                        String property31 = IdentityUtil.getProperty("JDBCPersistenceManager.SessionDataPersist.SessionDataCleanUp.CleanUpPeriod");
                        if (StringUtils.isBlank(property31)) {
                            property31 = "1140";
                        } else if (!StringUtils.isNumeric(property31)) {
                            log.warn("PersistanceCleanUpPeriod in identity.xml should be a numeric value");
                            property31 = "1140";
                        }
                        property30.setValue(property31);
                        arrayList7.add(property30);
                        federatedAuthenticatorConfig.setProperties((Property[]) arrayList7.toArray(new Property[arrayList7.size()]));
                        arrayList.add(federatedAuthenticatorConfig);
                        idPByName.setFederatedAuthenticatorConfigs((FederatedAuthenticatorConfig[]) arrayList.toArray(new FederatedAuthenticatorConfig[arrayList.size()]));
                        ProvisioningConnectorConfig provisioningConnector = IdentityApplicationManagementUtil.getProvisioningConnector(idPByName.getProvisioningConnectorConfigs(), IdPManagementConstants.SCIM);
                        if (provisioningConnector == null) {
                            provisioningConnector = new ProvisioningConnectorConfig();
                            provisioningConnector.setName(IdPManagementConstants.SCIM);
                        }
                        ArrayList arrayList8 = new ArrayList(Arrays.asList(provisioningConnector.getProvisioningProperties()));
                        Property property32 = IdentityApplicationManagementUtil.getProperty(provisioningConnector.getProvisioningProperties(), "scimUserEndpoint");
                        if (property32 == null) {
                            Property property33 = new Property();
                            property33.setName("scimUserEndpoint");
                            property33.setValue(property12);
                            arrayList8.add(property33);
                        } else if (!property12.equalsIgnoreCase(property32.getValue())) {
                            property32.setValue(property12);
                        }
                        Property property34 = IdentityApplicationManagementUtil.getProperty(provisioningConnector.getProvisioningProperties(), "scimGroupEndpoint");
                        if (property34 == null) {
                            Property property35 = new Property();
                            property35.setName("scimGroupEndpoint");
                            property35.setValue(property13);
                            arrayList8.add(property35);
                        } else if (!property13.equalsIgnoreCase(property34.getValue())) {
                            property34.setValue(property13);
                        }
                        Property property36 = IdentityApplicationManagementUtil.getProperty(provisioningConnector.getProvisioningProperties(), "scim2UserEndpoint");
                        if (property36 == null) {
                            Property property37 = new Property();
                            property37.setName("scim2UserEndpoint");
                            property37.setValue(property14);
                            arrayList8.add(property37);
                        } else if (!property14.equalsIgnoreCase(property36.getValue())) {
                            property36.setValue(property14);
                        }
                        Property property38 = IdentityApplicationManagementUtil.getProperty(provisioningConnector.getProvisioningProperties(), "scim2GroupEndpoint");
                        if (property38 == null) {
                            Property property39 = new Property();
                            property39.setName("scim2GroupEndpoint");
                            property39.setValue(property15);
                            arrayList8.add(property39);
                        } else if (!property15.equalsIgnoreCase(property38.getValue())) {
                            property38.setValue(property15);
                        }
                        provisioningConnector.setProvisioningProperties((Property[]) arrayList8.toArray(new Property[arrayList8.size()]));
                        idPByName.setProvisioningConnectorConfigs(new ProvisioningConnectorConfig[]{provisioningConnector});
                        return idPByName;
                    } catch (CertificateEncodingException e3) {
                        throw new IdentityProviderManagementException("Error occurred while encoding primary certificate for tenant domain " + str, e3);
                    }
                } catch (Exception e4) {
                    throw new IdentityProviderManagementException("Error retrieving primary certificate for tenant : " + str, e4);
                }
            } catch (Throwable th) {
                PrivilegedCarbonContext.endTenantFlow();
                throw th;
            }
        } catch (UserStoreException e5) {
            throw new IdentityProviderManagementException("Exception occurred while retrieving Tenant ID from Tenant Domain " + str, (Throwable) e5);
        }
    }

    private String buildSAMLUrl(String str, String str2, String str3, boolean z) throws IdentityProviderManagementException {
        String str4 = str;
        if (StringUtils.isBlank(str4)) {
            try {
                str4 = ServiceURLBuilder.create().addPath(new String[]{str3}).build().getAbsolutePublicURL();
            } catch (URLBuilderException e) {
                throw new IdentityProviderManagementException("Error while building URL for context: " + str3 + " for tenantDomain: " + str2, (Throwable) e);
            }
        }
        if (z && isNotSuperTenant(str2)) {
            HashMap hashMap = new HashMap();
            hashMap.put("tenantDomain", new String[]{str2});
            try {
                str4 = IdentityUtil.buildQueryUrl(str4, hashMap);
            } catch (UnsupportedEncodingException e2) {
                throw new IdentityProviderManagementException("Error while building URL for context: " + str3 + " for tenantDomain: " + str2, e2);
            }
        }
        return resolveAbsoluteURL(str3, str4, str2);
    }

    private boolean isNotSuperTenant(String str) {
        return !StringUtils.equals(str, "carbon.super");
    }

    private FederatedAuthenticatorConfig buildSAMLProperties(IdentityProvider identityProvider, String str) throws IdentityProviderManagementException {
        String buildSAMLUrl = buildSAMLUrl(IdentityUtil.getProperty("SSOService.IdentityProviderURL"), str, IdPManagementConstants.SAMLSSO, true);
        String buildSAMLUrl2 = buildSAMLUrl(IdentityUtil.getProperty("SSOService.IdentityProviderURL"), str, IdPManagementConstants.SAMLSSO, true);
        String buildSAMLUrl3 = buildSAMLUrl(IdentityUtil.getProperty("SSOService.SAMLECPEndpoint"), str, IdPManagementConstants.SAML_ECP_URL, true);
        String buildSAMLUrl4 = buildSAMLUrl(IdentityUtil.getProperty("SSOService.ArtifactResolutionEndpoint"), str, IdPManagementConstants.SSO_ARTIFACT_URL, false);
        FederatedAuthenticatorConfig federatedAuthenticator = IdentityApplicationManagementUtil.getFederatedAuthenticator(identityProvider.getFederatedAuthenticatorConfigs(), IdPManagementConstants.SAMLSSO);
        if (federatedAuthenticator == null) {
            federatedAuthenticator = new FederatedAuthenticatorConfig();
            federatedAuthenticator.setName(IdPManagementConstants.SAMLSSO);
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(resolveFedAuthnProperty(buildSAMLUrl, federatedAuthenticator, "SSOUrl"));
        arrayList.add(resolveFedAuthnProperty(buildSAMLUrl2, federatedAuthenticator, "LogoutReqUrl"));
        arrayList.add(resolveFedAuthnProperty(buildSAMLUrl3, federatedAuthenticator, "ECPUrl"));
        arrayList.add(resolveFedAuthnProperty(buildSAMLUrl4, federatedAuthenticator, "ArtifactResolveUrl"));
        Property property = IdentityApplicationManagementUtil.getProperty(federatedAuthenticator.getProperties(), OPENID_IDP_ENTITY_ID);
        if (property == null) {
            property = new Property();
            property.setName(OPENID_IDP_ENTITY_ID);
            property.setValue(IdPManagementUtil.getResidentIdPEntityId());
        }
        arrayList.add(property);
        addSSOUrlAsDestinationUrl(federatedAuthenticator, buildSAMLUrl, arrayList);
        for (Property property2 : federatedAuthenticator.getProperties()) {
            if (property2 != null && !"SSOUrl".equals(property2.getName()) && !"LogoutReqUrl".equals(property2.getName()) && !"ECPUrl".equals(property2.getName()) && !OPENID_IDP_ENTITY_ID.equals(property2.getName())) {
                arrayList.add(property2);
            }
        }
        Property property3 = IdentityApplicationManagementUtil.getProperty(federatedAuthenticator.getProperties(), "SAMLMetadataValidityPeriod");
        if (property3 == null) {
            property3 = new Property();
            property3.setName("SAMLMetadataValidityPeriod");
            property3.setValue("60");
        }
        arrayList.add(property3);
        Property property4 = IdentityApplicationManagementUtil.getProperty(federatedAuthenticator.getProperties(), "SAMLMetadataSigningEnabled");
        if (property4 == null) {
            property4 = new Property();
            property4.setName("SAMLMetadataSigningEnabled");
            property4.setValue("false");
        }
        arrayList.add(property4);
        Property property5 = IdentityApplicationManagementUtil.getProperty(federatedAuthenticator.getProperties(), "samlAuthnRequestsSigningEnabled");
        if (property5 == null) {
            property5 = new Property();
            property5.setName("samlAuthnRequestsSigningEnabled");
            property5.setValue("false");
        }
        arrayList.add(property5);
        federatedAuthenticator.setProperties((Property[]) arrayList.toArray(new Property[arrayList.size()]));
        return federatedAuthenticator;
    }

    private void addSSOUrlAsDestinationUrl(FederatedAuthenticatorConfig federatedAuthenticatorConfig, String str, List<Property> list) {
        List list2 = (List) Arrays.stream(federatedAuthenticatorConfig.getProperties()).filter(property -> {
            return property.getName().startsWith("DestinationURI");
        }).collect(Collectors.toList());
        if (list2.stream().noneMatch(property2 -> {
            return StringUtils.equals(str, property2.getValue());
        })) {
            list.add(buildDestinationURLProperty(str, list2.size() + 1));
        }
    }

    private Property buildDestinationURLProperty(String str, int i) {
        Property property = new Property();
        property.setName("DestinationURI." + i);
        property.setValue(str);
        return property;
    }

    private Property resolveFedAuthnProperty(String str, FederatedAuthenticatorConfig federatedAuthenticatorConfig, String str2) {
        Property property = IdentityApplicationManagementUtil.getProperty(federatedAuthenticatorConfig.getProperties(), str2);
        if (property == null || IdentityTenantUtil.isTenantQualifiedUrlsEnabled()) {
            property = new Property();
            property.setName(str2);
            property.setValue(str);
        }
        return property;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public void addResidentIdP(IdentityProvider identityProvider, String str) throws IdentityProviderManagementException {
        Collection<IdentityProviderMgtListener> idpMgtListeners = IdPManagementServiceComponent.getIdpMgtListeners();
        for (IdentityProviderMgtListener identityProviderMgtListener : idpMgtListeners) {
            if (identityProviderMgtListener.isEnable() && !identityProviderMgtListener.doPreAddResidentIdP(identityProvider, str)) {
                return;
            }
        }
        if (identityProvider.getFederatedAuthenticatorConfigs() == null) {
            identityProvider.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[0]);
        }
        FederatedAuthenticatorConfig federatedAuthenticator = IdentityApplicationManagementUtil.getFederatedAuthenticator(identityProvider.getFederatedAuthenticatorConfigs(), IdPManagementConstants.SAMLSSO);
        if (federatedAuthenticator == null) {
            federatedAuthenticator = new FederatedAuthenticatorConfig();
            federatedAuthenticator.setName(IdPManagementConstants.SAMLSSO);
        }
        if (federatedAuthenticator.getProperties() == null) {
            federatedAuthenticator.setProperties(new Property[0]);
        }
        boolean z = false;
        for (Property property : federatedAuthenticator.getProperties()) {
            if (OPENID_IDP_ENTITY_ID.equals(property.getName())) {
                z = true;
            }
        }
        if (!z) {
            Property property2 = new Property();
            property2.setName(OPENID_IDP_ENTITY_ID);
            if (IdentityTenantUtil.getTenantId(str) == -1234 || !IdentityTenantUtil.isTenantQualifiedUrlsEnabled()) {
                property2.setValue(IdPManagementUtil.getResidentIdPEntityId());
            } else {
                property2.setValue(IdPManagementUtil.getResidentIdPEntityId() + "/t/" + str);
            }
            if (federatedAuthenticator.getProperties().length > 0) {
                List asList = Arrays.asList(federatedAuthenticator.getProperties());
                asList.add(property2);
                federatedAuthenticator.setProperties((Property[]) asList.toArray());
            } else {
                federatedAuthenticator.setProperties(new Property[]{property2});
            }
        }
        Property property3 = new Property();
        String property4 = IdentityUtil.getProperty("SSOService.SAMLMetadataValidityPeriod");
        if (StringUtils.isBlank(property4)) {
            property4 = "60";
        } else if (!StringUtils.isNumeric(property4) || Integer.parseInt(property4) <= 0) {
            log.warn("SAMLMetadataValidityPeriod in identity.xml should be a numeric value hence defaulting to value: 60m");
            property4 = "60";
        }
        property3.setName("SAMLMetadataValidityPeriod");
        property3.setValue(property4);
        Property property5 = new Property();
        String property6 = IdentityUtil.getProperty("SSOService.SAMLMetadataSigningEnabled");
        if (StringUtils.isBlank(property6)) {
            log.warn("SAMLMetadataSigningEnabled in identity.xml should be a boolean value");
            property6 = "false";
        }
        property5.setName("SAMLMetadataSigningEnabled");
        property5.setValue(property6);
        Property property7 = new Property();
        String property8 = IdentityUtil.getProperty("SSOService.SAML2AuthnRequestsSigningEnabled");
        if (StringUtils.isBlank(property8)) {
            log.warn("samlAuthnRequestSigningEnabled in identity.xml should be a boolean value");
            property8 = "false";
        }
        property7.setName("samlAuthnRequestsSigningEnabled");
        property7.setValue(property8);
        ArrayList arrayList = new ArrayList(Arrays.asList(federatedAuthenticator.getProperties()));
        arrayList.add(property3);
        arrayList.add(property5);
        arrayList.add(property7);
        federatedAuthenticator.setProperties((Property[]) arrayList.toArray(new Property[arrayList.size()]));
        Property property9 = new Property();
        property9.setName(OPENID_IDP_ENTITY_ID);
        property9.setValue(getOIDCResidentIdPEntityId());
        FederatedAuthenticatorConfig federatedAuthenticatorConfig = new FederatedAuthenticatorConfig();
        federatedAuthenticatorConfig.setProperties(new Property[]{property9});
        federatedAuthenticatorConfig.setName("openidconnect");
        Property property10 = new Property();
        property10.setName(OPENID_IDP_ENTITY_ID);
        property10.setValue(IdPManagementUtil.getResidentIdPEntityId());
        FederatedAuthenticatorConfig federatedAuthenticatorConfig2 = new FederatedAuthenticatorConfig();
        federatedAuthenticatorConfig2.setProperties(new Property[]{property10});
        federatedAuthenticatorConfig2.setName("passivests");
        identityProvider.setFederatedAuthenticatorConfigs(IdentityApplicationManagementUtil.concatArrays(identityProvider.getFederatedAuthenticatorConfigs(), new FederatedAuthenticatorConfig[]{federatedAuthenticator, federatedAuthenticatorConfig2, federatedAuthenticatorConfig}));
        IdentityProviderProperty[] identityProviderPropertyArr = new IdentityProviderProperty[2];
        IdentityProviderProperty identityProviderProperty = new IdentityProviderProperty();
        String property11 = IdentityUtil.getProperty("TimeConfig.RememberMeTimeout");
        if (StringUtils.isBlank(property11) || !StringUtils.isNumeric(property11) || Integer.parseInt(property11) <= 0) {
            log.warn("RememberMeTimeout in identity.xml should be a numeric value");
            property11 = "20160";
        }
        identityProviderProperty.setName("RememberMeTimeout");
        identityProviderProperty.setValue(property11);
        IdentityProviderProperty identityProviderProperty2 = new IdentityProviderProperty();
        String property12 = IdentityUtil.getProperty("TimeConfig.SessionIdleTimeout");
        if (StringUtils.isBlank(property12) || !StringUtils.isNumeric(property12) || Integer.parseInt(property12) <= 0) {
            log.warn("SessionIdleTimeout in identity.xml should be a numeric value");
            property12 = "15";
        }
        identityProviderProperty2.setName("SessionIdleTimeout");
        identityProviderProperty2.setValue(property12);
        identityProviderPropertyArr[0] = identityProviderProperty;
        identityProviderPropertyArr[1] = identityProviderProperty2;
        identityProvider.setIdpProperties(identityProviderPropertyArr);
        dao.addIdP(identityProvider, IdentityTenantUtil.getTenantId(str), str);
        for (IdentityProviderMgtListener identityProviderMgtListener2 : idpMgtListeners) {
            if (identityProviderMgtListener2.isEnable() && !identityProviderMgtListener2.doPostAddResidentIdP(identityProvider, str)) {
                return;
            }
        }
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public void updateResidentIdP(IdentityProvider identityProvider, String str) throws IdentityProviderManagementException {
        IdentityProvider idPByName = dao.getIdPByName(null, IdPManagementConstants.RESIDENT_IDP, IdentityTenantUtil.getTenantId(str), str);
        HashMap hashMap = new HashMap();
        for (IdentityProviderProperty identityProviderProperty : identityProvider.getIdpProperties()) {
            hashMap.put(identityProviderProperty.getName(), identityProviderProperty.getValue());
        }
        IdentityProviderProperty[] idpProperties = idPByName.getIdpProperties();
        ArrayList arrayList = new ArrayList();
        for (IdentityProviderProperty identityProviderProperty2 : idpProperties) {
            IdentityProviderProperty identityProviderProperty3 = new IdentityProviderProperty();
            String name = identityProviderProperty2.getName();
            identityProviderProperty3.setName(name);
            if (hashMap.containsKey(name)) {
                identityProviderProperty3.setValue((String) hashMap.get(name));
            } else {
                identityProviderProperty3.setValue(identityProviderProperty2.getValue());
            }
            arrayList.add(identityProviderProperty3);
            hashMap.remove(name);
        }
        for (Map.Entry entry : hashMap.entrySet()) {
            IdentityProviderProperty identityProviderProperty4 = new IdentityProviderProperty();
            identityProviderProperty4.setName((String) entry.getKey());
            identityProviderProperty4.setValue((String) entry.getValue());
            arrayList.add(identityProviderProperty4);
        }
        identityProvider.setIdpProperties((IdentityProviderProperty[]) arrayList.toArray(new IdentityProviderProperty[arrayList.size()]));
        for (IdentityProviderProperty identityProviderProperty5 : identityProvider.getIdpProperties()) {
            if (StringUtils.equals(identityProviderProperty5.getName(), "SessionIdleTimeout")) {
                if (StringUtils.isBlank(identityProviderProperty5.getValue()) || !StringUtils.isNumeric(identityProviderProperty5.getValue()) || Integer.parseInt(identityProviderProperty5.getValue().trim()) <= 0) {
                    throw new IdentityProviderManagementException("SessionIdleTimeout of ResidentIdP should be a numeric value greater than 0 ");
                }
            } else if (StringUtils.equals(identityProviderProperty5.getName(), "RememberMeTimeout")) {
                if (StringUtils.isBlank(identityProviderProperty5.getValue()) || !StringUtils.isNumeric(identityProviderProperty5.getValue()) || Integer.parseInt(identityProviderProperty5.getValue().trim()) <= 0) {
                    throw new IdentityProviderManagementException("RememberMeTimeout of ResidentIdP should be a numeric value greater than 0 ");
                }
            } else if (StringUtils.equals(identityProviderProperty5.getName(), "SAMLMetadataValidityPeriod")) {
                if (StringUtils.isBlank(identityProviderProperty5.getValue()) || !StringUtils.isNumeric(identityProviderProperty5.getValue()) || Integer.parseInt(identityProviderProperty5.getValue().trim()) <= 0) {
                    throw new IdentityProviderManagementException("SAMLMetadataValidityPeriod of ResidentIdP should be a numeric value greater than 0 ");
                }
            } else if (!StringUtils.equals(identityProviderProperty5.getName(), "SAMLMetadataSigningEnabled")) {
                continue;
            } else {
                if (StringUtils.isBlank(identityProviderProperty5.getValue())) {
                    throw new IdentityProviderManagementException("SAMLMetadataSigningEnabled of ResidentIdP should be a boolean value ");
                }
                if (StringUtils.equals(identityProviderProperty5.getName(), "samlAuthnRequestsSigningEnabled") && StringUtils.isBlank(identityProviderProperty5.getValue())) {
                    throw new IdentityProviderManagementException("samlAuthnRequestsSigningEnabled of ResidentIdP should be a boolean value ");
                }
            }
        }
        Collection<IdentityProviderMgtListener> idpMgtListeners = IdPManagementServiceComponent.getIdpMgtListeners();
        for (IdentityProviderMgtListener identityProviderMgtListener : idpMgtListeners) {
            if (identityProviderMgtListener.isEnable() && !identityProviderMgtListener.doPreUpdateResidentIdP(identityProvider, str)) {
                return;
            }
        }
        if (identityProvider.getFederatedAuthenticatorConfigs() == null) {
            identityProvider.setFederatedAuthenticatorConfigs(new FederatedAuthenticatorConfig[0]);
        }
        IdentityProvider idPByName2 = getInstance().getIdPByName(IdPManagementConstants.RESIDENT_IDP, str, true);
        int tenantId = IdentityTenantUtil.getTenantId(str);
        validateUpdateOfIdPEntityId(idPByName2.getFederatedAuthenticatorConfigs(), identityProvider.getFederatedAuthenticatorConfigs(), tenantId, str);
        dao.updateIdP(identityProvider, idPByName2, tenantId, str);
        for (IdentityProviderMgtListener identityProviderMgtListener2 : idpMgtListeners) {
            if (identityProviderMgtListener2.isEnable() && !identityProviderMgtListener2.doPostUpdateResidentIdP(identityProvider, str)) {
                return;
            }
        }
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public List<IdentityProvider> getIdPs(String str) throws IdentityProviderManagementException {
        return dao.getIdPs(null, IdentityTenantUtil.getTenantId(str), str);
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public IdpSearchResult getIdPs(Integer num, Integer num2, String str, String str2, String str3, String str4) throws IdentityProviderManagementException {
        return getIdPs(num, num2, str, str2, str3, str4, new ArrayList());
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public IdpSearchResult getIdPs(Integer num, Integer num2, String str, String str2, String str3, String str4, List<String> list) throws IdentityProviderManagementException {
        IdpSearchResult idpSearchResult = new IdpSearchResult();
        List<ExpressionNode> expressionNodes = getExpressionNodes(str);
        setParameters(num, num2, str2, str3, str, idpSearchResult);
        int tenantId = IdentityTenantUtil.getTenantId(str4);
        idpSearchResult.setTotalIDPCount(dao.getTotalIdPCount(tenantId, expressionNodes));
        idpSearchResult.setIdpList(dao.getPaginatedIdPsSearch(tenantId, expressionNodes, idpSearchResult.getLimit(), idpSearchResult.getOffSet(), idpSearchResult.getSortOrder(), idpSearchResult.getSortBy(), list));
        return idpSearchResult;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public IdpSearchResult getIdPs(Integer num, Integer num2, String str, String str2, String str3, List<String> list, List<ExpressionNode> list2) throws IdentityProviderManagementException {
        IdpSearchResult idpSearchResult = new IdpSearchResult();
        setParameters(num, num2, null, str2, str2, idpSearchResult);
        int tenantId = IdentityTenantUtil.getTenantId(str3);
        idpSearchResult.setTotalIDPCount(dao.getTotalIdPCount(tenantId, list2));
        idpSearchResult.setIdpList(dao.getPaginatedIdPsSearch(tenantId, list2, idpSearchResult.getLimit(), idpSearchResult.getOffSet(), idpSearchResult.getSortOrder(), idpSearchResult.getSortBy(), list));
        return idpSearchResult;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public int getTotalIdPCount(String str, String str2) throws IdentityProviderManagementException {
        return dao.getTotalIdPCount(IdentityTenantUtil.getTenantId(str2), getExpressionNodes(str));
    }

    private List<ExpressionNode> getExpressionNodes(String str) throws IdentityProviderManagementClientException {
        ArrayList arrayList = new ArrayList();
        try {
            if (StringUtils.isNotBlank(str)) {
                setExpressionNodeList(new FilterTreeBuilder(str).buildTree(), arrayList);
            }
            return arrayList;
        } catch (IOException | IdentityException e) {
            throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage.ERROR_CODE_RETRIEVE_IDP, "Error occurred while validate filter, filter: " + str, e);
        }
    }

    private void setExpressionNodeList(Node node, List<ExpressionNode> list) throws IdentityProviderManagementClientException {
        if (!(node instanceof ExpressionNode)) {
            if (node instanceof OperationNode) {
                setExpressionNodeList(node.getLeftNode(), list);
                setExpressionNodeList(node.getRightNode(), list);
                return;
            }
            return;
        }
        if (StringUtils.isNotBlank(((ExpressionNode) node).getAttributeValue()) && ((ExpressionNode) node).getAttributeValue().contains(IdPManagementConstants.IDP_IS_ENABLED)) {
            if ("true".contains(((ExpressionNode) node).getValue())) {
                ((ExpressionNode) node).setValue(IdPManagementConstants.IS_TRUE_VALUE);
            } else {
                if (!"false".contains(((ExpressionNode) node).getValue())) {
                    throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage.ERROR_CODE_RETRIEVE_IDP, "Invalid value: " + ((ExpressionNode) node).getValue() + "is passed for 'isEnabled' attribute in the filter. It should be 'true' or 'false'");
                }
                ((ExpressionNode) node).setValue(IdPManagementConstants.IS_FALSE_VALUE);
            }
        }
        list.add((ExpressionNode) node);
    }

    private void setParameters(Integer num, Integer num2, String str, String str2, String str3, IdpSearchResult idpSearchResult) throws IdentityProviderManagementClientException {
        idpSearchResult.setLimit(validateLimit(num));
        idpSearchResult.setOffSet(validateOffset(num2));
        idpSearchResult.setSortBy(validateSortBy(str3));
        idpSearchResult.setSortOrder(validateSortOrder(str2));
        idpSearchResult.setFilter(str);
    }

    private String validateSortBy(String str) {
        String str2;
        if (StringUtils.isBlank(str)) {
            if (!log.isDebugEnabled()) {
                return "ID";
            }
            log.debug("sortBy attribute is empty. Therefore we set the default sortBy attribute. sortByID");
            return "ID";
        }
        boolean z = -1;
        switch (str.hashCode()) {
            case 3373707:
                if (str.equals(IdPManagementConstants.IDP_NAME)) {
                    z = false;
                    break;
                }
                break;
            case 510870969:
                if (str.equals(IdPManagementConstants.IDP_HOME_REALM_ID)) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                str2 = IdPManagementConstants.NAME;
                break;
            case true:
                str2 = IdPManagementConstants.HOME_REALM_ID;
                break;
            default:
                str2 = "ID";
                if (log.isDebugEnabled()) {
                    log.debug("sortBy attribute is incorrect. Therefore we set the default sortBy attribute. sortBy: ID");
                    break;
                }
                break;
        }
        return str2;
    }

    private String validateSortOrder(String str) {
        String str2;
        if (StringUtils.isBlank(str)) {
            str2 = "ASC";
            if (log.isDebugEnabled()) {
                log.debug("sortOrder is empty. Therefore we set the default sortOrder value as ASC. SortOrder: " + str2);
            }
        } else if (str.equals(IdPManagementConstants.DESC_SORT_ORDER)) {
            str2 = IdPManagementConstants.DESC_SORT_ORDER;
        } else if (str.equals("ASC")) {
            str2 = "ASC";
        } else {
            str2 = "ASC";
            if (log.isDebugEnabled()) {
                log.debug("sortOrder is incorrect. Therefore we set the default sortOrder value as ASC. SortOrder: " + str2);
            }
        }
        return str2;
    }

    private int validateLimit(Integer num) throws IdentityProviderManagementClientException {
        if (num == null) {
            if (log.isDebugEnabled()) {
                log.debug("Given limit is null. Therefore we get the default limit from identity.xml.");
            }
            num = Integer.valueOf(IdentityUtil.getDefaultItemsPerPage());
        }
        if (num.intValue() < 0) {
            throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage.ERROR_CODE_RETRIEVE_IDP, "Given limit: " + num + " is a negative value.");
        }
        int maximumItemPerPage = IdentityUtil.getMaximumItemPerPage();
        if (num.intValue() > maximumItemPerPage) {
            if (log.isDebugEnabled()) {
                log.debug("Given limit exceed the maximum limit. Therefore we get the default limit from identity.xml. limit: " + maximumItemPerPage);
            }
            num = Integer.valueOf(maximumItemPerPage);
        }
        return num.intValue();
    }

    private int validateOffset(Integer num) throws IdentityProviderManagementClientException {
        if (num == null) {
            num = 0;
        }
        if (num.intValue() >= 0) {
            return num.intValue();
        }
        throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage.ERROR_CODE_RETRIEVE_IDP, "Invalid offset applied. Offset should not negative. offSet: " + num);
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public List<IdentityProvider> getIdPsSearch(String str, String str2) throws IdentityProviderManagementException {
        return dao.getIdPsSearch(null, IdentityTenantUtil.getTenantId(str), str, str2);
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public List<IdentityProvider> getEnabledIdPs(String str) throws IdentityProviderManagementException {
        ArrayList arrayList = new ArrayList();
        for (IdentityProvider identityProvider : getIdPs(str)) {
            if (identityProvider.isEnable()) {
                arrayList.add(identityProvider);
            }
        }
        return arrayList;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public IdentityProvider getIdPByName(String str, String str2, boolean z) throws IdentityProviderManagementException {
        int tenantId = IdentityTenantUtil.getTenantId(str2);
        if (StringUtils.isEmpty(str)) {
            throw new IdentityProviderManagementException("Invalid argument: Identity Provider Name value is empty");
        }
        IdentityProvider idPByName = dao.getIdPByName(null, str, tenantId, str2);
        if (!z) {
            if (idPByName == null) {
                idPByName = new FileBasedIdPMgtDAO().getIdPByName(str, str2);
            }
            if (idPByName == null) {
                idPByName = IdPManagementServiceComponent.getFileBasedIdPs().get("default");
            }
        }
        return idPByName;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public IdentityProvider getIdPById(String str, String str2, boolean z) throws IdentityProviderManagementException {
        if (StringUtils.isEmpty(str)) {
            throw new IdentityProviderManagementException("Invalid argument: Identity Provider ID value is empty");
        }
        IdentityProvider identityProvider = null;
        try {
            identityProvider = dao.getIdPById(null, Integer.valueOf(Integer.parseInt(str)).intValue(), IdentityTenantUtil.getTenantId(str2), str2);
        } catch (NumberFormatException e) {
        }
        if (!z) {
            if (identityProvider == null) {
                identityProvider = new FileBasedIdPMgtDAO().getIdPByName(str, str2);
            }
            if (identityProvider == null) {
                identityProvider = IdPManagementServiceComponent.getFileBasedIdPs().get("default");
            }
        }
        return identityProvider;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public IdentityProvider getIdPByResourceId(String str, String str2, boolean z) throws IdentityProviderManagementException {
        validateGetIdPInputValues(str);
        return dao.getIdPByResourceId(str, IdentityTenantUtil.getTenantId(str2), str2);
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public String getIdPNameByResourceId(String str) throws IdentityProviderManagementException {
        validateGetIdPInputValues(str);
        return dao.getIdPNameByResourceId(str);
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public Map<String, String> getIdPNamesById(String str, Set<String> set) throws IdentityProviderManagementException {
        if (set.isEmpty()) {
            return null;
        }
        return dao.getIdPNamesById(IdentityTenantUtil.getTenantId(str), set);
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public IdentityProvider getEnabledIdPByName(String str, String str2, boolean z) throws IdentityProviderManagementException {
        IdentityProvider idPByName = getIdPByName(str, str2, z);
        if (idPByName == null || !idPByName.isEnable()) {
            return null;
        }
        return idPByName;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public IdentityProvider getIdPByName(String str, String str2) throws IdentityProviderManagementException {
        return getIdPByName(str, str2, false);
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public IdentityProvider getIdPById(String str, String str2) throws IdentityProviderManagementException {
        return getIdPById(str, str2, false);
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public IdentityProvider getIdPByAuthenticatorPropertyValue(String str, String str2, String str3, boolean z) throws IdentityProviderManagementException {
        int tenantId = IdentityTenantUtil.getTenantId(str3);
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2)) {
            throw new IdentityProviderManagementException("Invalid argument: Authenticator property or property value is empty");
        }
        IdentityProvider idPByAuthenticatorPropertyValue = dao.getIdPByAuthenticatorPropertyValue(null, str, str2, tenantId, str3);
        if (idPByAuthenticatorPropertyValue == null && !z) {
            idPByAuthenticatorPropertyValue = new FileBasedIdPMgtDAO().getIdPByAuthenticatorPropertyValue(str, str2, str3);
        }
        return idPByAuthenticatorPropertyValue;
    }

    public IdentityProvider getIdPByAuthenticatorPropertyValue(String str, String str2, String str3, String str4, boolean z) throws IdentityProviderManagementException {
        int tenantId = IdentityTenantUtil.getTenantId(str3);
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2) || StringUtils.isEmpty(str4)) {
            throw new IdentityProviderManagementException("Invalid argument: Authenticator property, property value or authenticator name is empty");
        }
        IdentityProvider idPByAuthenticatorPropertyValue = dao.getIdPByAuthenticatorPropertyValue(null, str, str2, str4, tenantId, str3);
        if (idPByAuthenticatorPropertyValue == null && !z) {
            idPByAuthenticatorPropertyValue = new FileBasedIdPMgtDAO().getIdPByAuthenticatorPropertyValue(str, str2, str3, str4);
        }
        return idPByAuthenticatorPropertyValue;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public IdentityProvider getEnabledIdPByName(String str, String str2) throws IdentityProviderManagementException {
        IdentityProvider idPByName = getIdPByName(str, str2);
        if (idPByName == null || !idPByName.isEnable()) {
            return null;
        }
        return idPByName;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public IdentityProvider getIdPByRealmId(String str, String str2) throws IdentityProviderManagementException {
        int tenantId = IdentityTenantUtil.getTenantId(str2);
        if (StringUtils.isEmpty(str)) {
            throw new IdentityProviderManagementException("Invalid argument: Identity Provider Home Realm Identifier value is empty");
        }
        IdentityProvider idPByRealmId = dao.getIdPByRealmId(str, tenantId, str2);
        if (idPByRealmId == null) {
            idPByRealmId = new FileBasedIdPMgtDAO().getIdPByRealmId(str, str2);
        }
        return idPByRealmId;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public IdentityProvider getEnabledIdPByRealmId(String str, String str2) throws IdentityProviderManagementException {
        IdentityProvider idPByRealmId = getIdPByRealmId(str, str2);
        if (idPByRealmId == null || !idPByRealmId.isEnable()) {
            return null;
        }
        return idPByRealmId;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public Set<ClaimMapping> getMappedLocalClaims(String str, String str2, List<String> list) throws IdentityProviderManagementException {
        ClaimMapping[] claimMappings;
        int tenantId = IdentityTenantUtil.getTenantId(str2);
        if (StringUtils.isEmpty(str)) {
            throw new IdentityProviderManagementException("Invalid argument: Identity Provider Name value is empty");
        }
        IdentityProvider idPByName = dao.getIdPByName(null, str, tenantId, str2);
        if (idPByName == null) {
            idPByName = new FileBasedIdPMgtDAO().getIdPByName(str, str2);
        }
        if (idPByName == null) {
            idPByName = IdPManagementServiceComponent.getFileBasedIdPs().get("default");
        }
        ClaimConfig claimConfig = idPByName.getClaimConfig();
        if (claimConfig == null || (claimMappings = claimConfig.getClaimMappings()) == null || claimMappings.length <= 0 || list == null) {
            return new HashSet();
        }
        HashSet hashSet = new HashSet();
        for (String str3 : list) {
            int length = claimMappings.length;
            int i = 0;
            while (true) {
                if (i < length) {
                    ClaimMapping claimMapping = claimMappings[i];
                    if (claimMapping.getRemoteClaim().getClaimUri().equals(str3)) {
                        hashSet.add(claimMapping);
                        break;
                    }
                    i++;
                }
            }
        }
        return hashSet;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public Map<String, String> getMappedLocalClaimsMap(String str, String str2, List<String> list) throws IdentityProviderManagementException {
        Set<ClaimMapping> mappedLocalClaims = getMappedLocalClaims(str, str2, list);
        HashMap hashMap = new HashMap();
        for (ClaimMapping claimMapping : mappedLocalClaims) {
            hashMap.put(claimMapping.getRemoteClaim().getClaimUri(), claimMapping.getLocalClaim().getClaimUri());
        }
        return hashMap;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public Set<ClaimMapping> getMappedIdPClaims(String str, String str2, List<String> list) throws IdentityProviderManagementException {
        ClaimMapping[] claimMappings;
        int tenantId = IdentityTenantUtil.getTenantId(str2);
        if (StringUtils.isEmpty(str)) {
            throw new IdentityProviderManagementException("Invalid argument: Identity Provider Name value is empty");
        }
        IdentityProvider idPByName = dao.getIdPByName(null, str, tenantId, str2);
        if (idPByName == null) {
            idPByName = new FileBasedIdPMgtDAO().getIdPByName(str, str2);
        }
        if (idPByName == null) {
            idPByName = IdPManagementServiceComponent.getFileBasedIdPs().get("default");
        }
        ClaimConfig claimConfig = idPByName.getClaimConfig();
        if (claimConfig == null || (claimMappings = claimConfig.getClaimMappings()) == null || claimMappings.length <= 0 || list == null) {
            return new HashSet();
        }
        HashSet hashSet = new HashSet();
        for (String str3 : list) {
            int length = claimMappings.length;
            int i = 0;
            while (true) {
                if (i < length) {
                    ClaimMapping claimMapping = claimMappings[i];
                    if (claimMapping.getLocalClaim().getClaimUri().equals(str3)) {
                        hashSet.add(claimMapping);
                        break;
                    }
                    i++;
                }
            }
        }
        return hashSet;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public Map<String, String> getMappedIdPClaimsMap(String str, String str2, List<String> list) throws IdentityProviderManagementException {
        Set<ClaimMapping> mappedIdPClaims = getMappedIdPClaims(str, str2, list);
        HashMap hashMap = new HashMap();
        for (ClaimMapping claimMapping : mappedIdPClaims) {
            hashMap.put(claimMapping.getLocalClaim().getClaimUri(), claimMapping.getRemoteClaim().getClaimUri());
        }
        return hashMap;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public Set<RoleMapping> getMappedLocalRoles(String str, String str2, String[] strArr) throws IdentityProviderManagementException {
        RoleMapping[] roleMappings;
        int tenantId = IdentityTenantUtil.getTenantId(str2);
        if (StringUtils.isEmpty(str)) {
            throw new IdentityProviderManagementException("Invalid argument: Identity Provider Name value is empty");
        }
        IdentityProvider idPByName = dao.getIdPByName(null, str, tenantId, str2);
        if (idPByName == null) {
            idPByName = new FileBasedIdPMgtDAO().getIdPByName(str, str2);
        }
        if (idPByName == null) {
            idPByName = IdPManagementServiceComponent.getFileBasedIdPs().get("default");
        }
        PermissionsAndRoleConfig permissionAndRoleConfig = idPByName.getPermissionAndRoleConfig();
        if (permissionAndRoleConfig == null || (roleMappings = permissionAndRoleConfig.getRoleMappings()) == null || roleMappings.length <= 0 || strArr == null) {
            return new HashSet();
        }
        HashSet hashSet = new HashSet();
        for (String str3 : strArr) {
            int length = roleMappings.length;
            int i = 0;
            while (true) {
                if (i < length) {
                    RoleMapping roleMapping = roleMappings[i];
                    if (roleMapping.getRemoteRole().equals(str3)) {
                        hashSet.add(roleMapping);
                        break;
                    }
                    i++;
                }
            }
        }
        return hashSet;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public Map<String, LocalRole> getMappedLocalRolesMap(String str, String str2, String[] strArr) throws IdentityProviderManagementException {
        Set<RoleMapping> mappedLocalRoles = getMappedLocalRoles(str, str2, strArr);
        HashMap hashMap = new HashMap();
        for (RoleMapping roleMapping : mappedLocalRoles) {
            hashMap.put(roleMapping.getRemoteRole(), roleMapping.getLocalRole());
        }
        return hashMap;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public Set<RoleMapping> getMappedIdPRoles(String str, String str2, LocalRole[] localRoleArr) throws IdentityProviderManagementException {
        RoleMapping[] roleMappings;
        int tenantId = IdentityTenantUtil.getTenantId(str2);
        if (StringUtils.isEmpty(str)) {
            throw new IdentityProviderManagementException("Invalid argument: Identity Provider Name value is empty");
        }
        IdentityProvider idPByName = dao.getIdPByName(null, str, tenantId, str2);
        if (idPByName == null) {
            idPByName = new FileBasedIdPMgtDAO().getIdPByName(str, str2);
        }
        if (idPByName == null) {
            idPByName = IdPManagementServiceComponent.getFileBasedIdPs().get("default");
        }
        PermissionsAndRoleConfig permissionAndRoleConfig = idPByName.getPermissionAndRoleConfig();
        if (permissionAndRoleConfig == null || (roleMappings = permissionAndRoleConfig.getRoleMappings()) == null || roleMappings.length <= 0 || localRoleArr == null) {
            return new HashSet();
        }
        HashSet hashSet = new HashSet();
        for (LocalRole localRole : localRoleArr) {
            int length = roleMappings.length;
            int i = 0;
            while (true) {
                if (i < length) {
                    RoleMapping roleMapping = roleMappings[i];
                    if (roleMapping.getLocalRole().equals(localRole)) {
                        hashSet.add(roleMapping);
                        break;
                    }
                    i++;
                }
            }
        }
        return hashSet;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public Map<LocalRole, String> getMappedIdPRolesMap(String str, String str2, LocalRole[] localRoleArr) throws IdentityProviderManagementException {
        Set<RoleMapping> mappedIdPRoles = getMappedIdPRoles(str, str2, localRoleArr);
        HashMap hashMap = new HashMap();
        for (RoleMapping roleMapping : mappedIdPRoles) {
            hashMap.put(roleMapping.getLocalRole(), roleMapping.getRemoteRole());
        }
        return hashMap;
    }

    /* JADX WARN: Code restructure failed: missing block: B:94:0x0207, code lost:
    
        continue;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void handleMetadata(int r7, org.wso2.carbon.identity.application.common.model.IdentityProvider r8) throws org.wso2.carbon.idp.mgt.IdentityProviderManagementException {
        /*
            Method dump skipped, instructions count: 532
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.wso2.carbon.idp.mgt.IdentityProviderManager.handleMetadata(int, org.wso2.carbon.identity.application.common.model.IdentityProvider):void");
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    @Deprecated
    public void addIdP(IdentityProvider identityProvider, String str) throws IdentityProviderManagementException {
        addIdPWithResourceId(identityProvider, str);
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public IdentityProvider addIdPWithResourceId(IdentityProvider identityProvider, String str) throws IdentityProviderManagementException {
        markConfidentialPropertiesUsingMetadata(identityProvider);
        validateAddIdPInputValues(identityProvider.getIdentityProviderName(), str);
        validateOutboundProvisioningRoles(identityProvider, str);
        Collection<IdentityProviderMgtListener> idpMgtListeners = IdPManagementServiceComponent.getIdpMgtListeners();
        for (IdentityProviderMgtListener identityProviderMgtListener : idpMgtListeners) {
            if (identityProviderMgtListener.isEnable() && !identityProviderMgtListener.doPreAddIdP(identityProvider, str)) {
                return null;
            }
        }
        int tenantId = IdentityTenantUtil.getTenantId(str);
        if (isPermissionAndRoleConfigExist(identityProvider)) {
            verifyAndUpdateRoleConfiguration(str, tenantId, identityProvider.getPermissionAndRoleConfig());
        }
        validateIdPEntityId(extractIdpEntityIdFromMetadata(identityProvider), tenantId, str);
        validateIdPIssuerName(identityProvider, tenantId, str);
        handleMetadata(tenantId, identityProvider);
        IdentityProvider idPByResourceId = dao.getIdPByResourceId(dao.addIdP(identityProvider, tenantId, str), tenantId, str);
        for (IdentityProviderMgtListener identityProviderMgtListener2 : idpMgtListeners) {
            if (identityProviderMgtListener2.isEnable() && !identityProviderMgtListener2.doPostAddIdP(idPByResourceId, str)) {
                return null;
            }
        }
        return idPByResourceId;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    @Deprecated
    public void deleteIdP(String str, String str2) throws IdentityProviderManagementException {
        Collection<IdentityProviderMgtListener> idpMgtListeners = IdPManagementServiceComponent.getIdpMgtListeners();
        for (IdentityProviderMgtListener identityProviderMgtListener : idpMgtListeners) {
            if (identityProviderMgtListener.isEnable() && !identityProviderMgtListener.doPreDeleteIdP(str, str2)) {
                return;
            }
        }
        if (StringUtils.isEmpty(str)) {
            throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage.ERROR_CODE_IDP_NAME_INVALID, "IdP name is empty.");
        }
        IdentityProvider idPByName = getIdPByName(str, str2, true);
        if (idPByName == null) {
            return;
        }
        deleteIDP(idPByName.getResourceId(), str, str2);
        for (IdentityProviderMgtListener identityProviderMgtListener2 : idpMgtListeners) {
            if (identityProviderMgtListener2.isEnable() && !identityProviderMgtListener2.doPostDeleteIdP(str, str2)) {
                return;
            }
        }
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public void deleteIdPs(String str) throws IdentityProviderManagementException {
        Collection<IdentityProviderMgtListener> idpMgtListeners = IdPManagementServiceComponent.getIdpMgtListeners();
        for (IdentityProviderMgtListener identityProviderMgtListener : idpMgtListeners) {
            if (identityProviderMgtListener.isEnable() && !identityProviderMgtListener.doPreDeleteIdPs(str)) {
                return;
            }
        }
        int tenantId = IdentityTenantUtil.getTenantId(str);
        Iterator<IdentityProvider> it = getIdPs(str).iterator();
        while (it.hasNext()) {
            deleteMetadataStrings(it.next().getIdentityProviderName(), tenantId);
        }
        dao.deleteIdPs(tenantId);
        for (IdentityProviderMgtListener identityProviderMgtListener2 : idpMgtListeners) {
            if (identityProviderMgtListener2.isEnable() && !identityProviderMgtListener2.doPostDeleteIdPs(str)) {
                return;
            }
        }
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public void deleteIdPByResourceId(String str, String str2) throws IdentityProviderManagementException {
        Collection<IdentityProviderMgtListener> idpMgtListeners = IdPManagementServiceComponent.getIdpMgtListeners();
        for (IdentityProviderMgtListener identityProviderMgtListener : idpMgtListeners) {
            if (identityProviderMgtListener.isEnable() && !identityProviderMgtListener.doPreDeleteIdPByResourceId(str, str2)) {
                return;
            }
        }
        IdentityProvider idPByResourceId = getIdPByResourceId(str, str2, true);
        if (idPByResourceId == null) {
            return;
        }
        deleteIDP(str, idPByResourceId.getIdentityProviderName(), str2);
        for (IdentityProviderMgtListener identityProviderMgtListener2 : idpMgtListeners) {
            if (identityProviderMgtListener2.isEnable() && !identityProviderMgtListener2.doPostDeleteIdPByResourceId(str, idPByResourceId, str2)) {
                return;
            }
        }
    }

    private void deleteMetadataStrings(String str, int i) throws IdentityProviderManagementException {
        for (MetadataConverter metadataConverter : IdpMgtServiceComponentHolder.getInstance().getMetadataConverters()) {
            if (metadataConverter.canDelete(i, str)) {
                metadataConverter.deleteMetadataString(i, str);
            }
        }
    }

    private void deleteIDP(String str, String str2, String str3) throws IdentityProviderManagementException {
        int tenantId = IdentityTenantUtil.getTenantId(str3);
        deleteMetadataStrings(str2, tenantId);
        dao.deleteIdPByResourceId(str, tenantId, str3);
    }

    @Deprecated
    public void forceDeleteIdp(String str, String str2) throws IdentityProviderManagementException {
        Collection<IdentityProviderMgtListener> idpMgtListeners = IdPManagementServiceComponent.getIdpMgtListeners();
        for (IdentityProviderMgtListener identityProviderMgtListener : idpMgtListeners) {
            if (identityProviderMgtListener.isEnable() && !identityProviderMgtListener.doPreDeleteIdP(str, str2)) {
                return;
            }
        }
        IdentityProvider idPByName = getIdPByName(str, str2, true);
        if (idPByName == null) {
            throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage.ERROR_CODE_IDP_NAME_DOES_NOT_EXIST, str);
        }
        forceDeleteIDP(idPByName.getResourceId(), str, str2);
        for (IdentityProviderMgtListener identityProviderMgtListener2 : idpMgtListeners) {
            if (identityProviderMgtListener2.isEnable() && !identityProviderMgtListener2.doPostDeleteIdP(str, str2)) {
                return;
            }
        }
    }

    public void forceDeleteIdpByResourceId(String str, String str2) throws IdentityProviderManagementException {
        Collection<IdentityProviderMgtListener> idpMgtListeners = IdPManagementServiceComponent.getIdpMgtListeners();
        for (IdentityProviderMgtListener identityProviderMgtListener : idpMgtListeners) {
            if (identityProviderMgtListener.isEnable() && !identityProviderMgtListener.doPreDeleteIdPByResourceId(str, str2)) {
                return;
            }
        }
        IdentityProvider idPByResourceId = getIdPByResourceId(str, str2, true);
        if (idPByResourceId == null) {
            throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage.ERROR_CODE_IDP_DOES_NOT_EXIST, str);
        }
        forceDeleteIDP(str, idPByResourceId.getIdentityProviderName(), str2);
        for (IdentityProviderMgtListener identityProviderMgtListener2 : idpMgtListeners) {
            if (identityProviderMgtListener2.isEnable() && !identityProviderMgtListener2.doPostDeleteIdPByResourceId(str, idPByResourceId, str2)) {
                return;
            }
        }
    }

    private void forceDeleteIDP(String str, String str2, String str3) throws IdentityProviderManagementException {
        int tenantId = IdentityTenantUtil.getTenantId(str3);
        for (MetadataConverter metadataConverter : IdpMgtServiceComponentHolder.getInstance().getMetadataConverters()) {
            if (metadataConverter.canDelete(tenantId, str2)) {
                metadataConverter.deleteMetadataString(tenantId, str2);
            }
        }
        dao.forceDeleteIdPByResourceId(str, tenantId, str3);
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    @Deprecated
    public void updateIdP(String str, IdentityProvider identityProvider, String str2) throws IdentityProviderManagementException {
        markConfidentialPropertiesUsingMetadata(identityProvider);
        Collection<IdentityProviderMgtListener> idpMgtListeners = IdPManagementServiceComponent.getIdpMgtListeners();
        for (IdentityProviderMgtListener identityProviderMgtListener : idpMgtListeners) {
            if (identityProviderMgtListener.isEnable() && !identityProviderMgtListener.doPreUpdateIdP(str, identityProvider, str2)) {
                return;
            }
        }
        IdentityProvider idPByName = getIdPByName(str, str2, true);
        if (idPByName == null) {
            throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage.ERROR_CODE_IDP_NAME_DOES_NOT_EXIST, str);
        }
        updateIDP(idPByName, identityProvider, IdentityTenantUtil.getTenantId(str2), str2);
        for (IdentityProviderMgtListener identityProviderMgtListener2 : idpMgtListeners) {
            if (identityProviderMgtListener2.isEnable() && !identityProviderMgtListener2.doPostUpdateIdP(str, identityProvider, str2)) {
                return;
            }
        }
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public IdentityProvider updateIdPByResourceId(String str, IdentityProvider identityProvider, String str2) throws IdentityProviderManagementException {
        markConfidentialPropertiesUsingMetadata(identityProvider);
        Collection<IdentityProviderMgtListener> idpMgtListeners = IdPManagementServiceComponent.getIdpMgtListeners();
        for (IdentityProviderMgtListener identityProviderMgtListener : idpMgtListeners) {
            if (identityProviderMgtListener.isEnable() && !identityProviderMgtListener.doPreUpdateIdPByResourceId(str, identityProvider, str2)) {
                return null;
            }
        }
        int tenantId = IdentityTenantUtil.getTenantId(str2);
        IdentityProvider idPByResourceId = getIdPByResourceId(str, str2, true);
        validateUpdateIdPInputValues(idPByResourceId, str, identityProvider, str2);
        updateIDP(idPByResourceId, identityProvider, tenantId, str2);
        for (IdentityProviderMgtListener identityProviderMgtListener2 : idpMgtListeners) {
            if (identityProviderMgtListener2.isEnable() && !identityProviderMgtListener2.doPostUpdateIdPByResourceId(str, idPByResourceId, identityProvider, str2)) {
                return null;
            }
        }
        return dao.getUpdatedIdPByResourceId(str, tenantId, str2);
    }

    private void updateIDP(IdentityProvider identityProvider, IdentityProvider identityProvider2, int i, String str) throws IdentityProviderManagementException {
        if (isPermissionAndRoleConfigExist(identityProvider2)) {
            verifyAndUpdateRoleConfiguration(str, i, identityProvider2.getPermissionAndRoleConfig());
        }
        validateUpdateOfIdPEntityId(identityProvider.getFederatedAuthenticatorConfigs(), identityProvider2.getFederatedAuthenticatorConfigs(), i, str);
        validateIdPIssuerName(identityProvider, identityProvider2, i, str);
        handleMetadata(i, identityProvider2);
        dao.updateIdP(identityProvider2, identityProvider, i, str);
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public FederatedAuthenticatorConfig[] getAllFederatedAuthenticators() throws IdentityProviderManagementException {
        List federatedAuthenticators = ApplicationAuthenticatorService.getInstance().getFederatedAuthenticators();
        return CollectionUtils.isNotEmpty(federatedAuthenticators) ? (FederatedAuthenticatorConfig[]) federatedAuthenticators.toArray(new FederatedAuthenticatorConfig[federatedAuthenticators.size()]) : new FederatedAuthenticatorConfig[0];
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public ProvisioningConnectorConfig[] getAllProvisioningConnectors() throws IdentityProviderManagementException {
        List provisioningConnectorConfigs = ProvisioningConnectorService.getInstance().getProvisioningConnectorConfigs();
        if (provisioningConnectorConfigs == null || provisioningConnectorConfigs.size() <= 0) {
            return null;
        }
        return (ProvisioningConnectorConfig[]) provisioningConnectorConfigs.toArray(new ProvisioningConnectorConfig[0]);
    }

    private boolean validateIdPEntityId(FederatedAuthenticatorConfig[] federatedAuthenticatorConfigArr, int i, String str) throws IdentityProviderManagementException {
        Property[] properties;
        if (federatedAuthenticatorConfigArr == null) {
            return true;
        }
        for (FederatedAuthenticatorConfig federatedAuthenticatorConfig : federatedAuthenticatorConfigArr) {
            if (("SAMLSSOAuthenticator".equals(federatedAuthenticatorConfig.getName()) || IdPManagementConstants.SAMLSSO.equals(federatedAuthenticatorConfig.getName())) && (properties = federatedAuthenticatorConfig.getProperties()) != null) {
                for (Property property : properties) {
                    if (OPENID_IDP_ENTITY_ID.equals(property.getName())) {
                        if (dao.isIdPAvailableForAuthenticatorProperty(federatedAuthenticatorConfig.getName(), OPENID_IDP_ENTITY_ID, property.getValue(), i)) {
                            throw new IdentityProviderManagementClientException("An Identity Provider Entity ID has already been registered with the name '" + property.getValue() + "' for tenant '" + str + "'");
                        }
                        return true;
                    }
                }
            }
        }
        return true;
    }

    private boolean validateUpdateOfIdPEntityId(FederatedAuthenticatorConfig[] federatedAuthenticatorConfigArr, FederatedAuthenticatorConfig[] federatedAuthenticatorConfigArr2, int i, String str) throws IdentityProviderManagementException {
        String str2 = null;
        if (federatedAuthenticatorConfigArr != null) {
            for (FederatedAuthenticatorConfig federatedAuthenticatorConfig : federatedAuthenticatorConfigArr) {
                if ("SAMLSSOAuthenticator".equals(federatedAuthenticatorConfig.getName()) || IdPManagementConstants.SAMLSSO.equals(federatedAuthenticatorConfig.getName())) {
                    Property[] properties = federatedAuthenticatorConfig.getProperties();
                    if (properties != null) {
                        int length = properties.length;
                        int i2 = 0;
                        while (true) {
                            if (i2 >= length) {
                                break;
                            }
                            Property property = properties[i2];
                            if (OPENID_IDP_ENTITY_ID.equals(property.getName())) {
                                str2 = property.getValue();
                                break;
                            }
                            i2++;
                        }
                    }
                }
            }
        }
        if (federatedAuthenticatorConfigArr2 == null) {
            return true;
        }
        for (FederatedAuthenticatorConfig federatedAuthenticatorConfig2 : federatedAuthenticatorConfigArr2) {
            if ("SAMLSSOAuthenticator".equals(federatedAuthenticatorConfig2.getName()) || IdPManagementConstants.SAMLSSO.equals(federatedAuthenticatorConfig2.getName())) {
                Property[] properties2 = federatedAuthenticatorConfig2.getProperties();
                if (properties2 == null) {
                    return true;
                }
                for (Property property2 : properties2) {
                    if (OPENID_IDP_ENTITY_ID.equals(property2.getName())) {
                        if ((str2 == null || !str2.equals(property2.getValue())) && dao.isIdPAvailableForAuthenticatorProperty(federatedAuthenticatorConfig2.getName(), OPENID_IDP_ENTITY_ID, property2.getValue(), i)) {
                            throw new IdentityProviderManagementClientException("An Identity Provider Entity ID has already been registered with the name '" + property2.getValue() + "' for tenant '" + str + "'");
                        }
                        return true;
                    }
                }
                return true;
            }
        }
        return true;
    }

    private String getOIDCResidentIdPEntityId() {
        String property = IdentityUtil.getProperty("OAuth.OpenIDConnect.IDTokenIssuerID");
        if (StringUtils.isBlank(property)) {
            property = "localhost";
        }
        return property;
    }

    public String getResidentIDPMetadata(String str) throws IdentityProviderManagementException {
        if (IdpMgtServiceComponentHolder.getInstance().getMetadataConverters().isEmpty()) {
            throw new IdentityProviderManagementException("Error receiving Metadata object for tenant: " + str);
        }
        FederatedAuthenticatorConfig[] federatedAuthenticatorConfigs = getResidentIdP(str).getFederatedAuthenticatorConfigs();
        FederatedAuthenticatorConfig federatedAuthenticatorConfig = null;
        int i = 0;
        while (true) {
            if (i >= federatedAuthenticatorConfigs.length) {
                break;
            }
            if (federatedAuthenticatorConfigs[i].getName().equals(IdPManagementConstants.SAMLSSO)) {
                federatedAuthenticatorConfig = federatedAuthenticatorConfigs[i];
                break;
            }
            i++;
        }
        if (federatedAuthenticatorConfig == null) {
            return null;
        }
        for (int i2 = 0; i2 < IdpMgtServiceComponentHolder.getInstance().getMetadataConverters().size(); i2++) {
            try {
                MetadataConverter metadataConverter = IdpMgtServiceComponentHolder.getInstance().getMetadataConverters().get(i2);
                if (metadataConverter.canHandle(federatedAuthenticatorConfig)) {
                    return metadataConverter.getMetadataString(federatedAuthenticatorConfig);
                }
            } catch (IdentityProviderSAMLException e) {
                throw new IdentityProviderManagementException("Error in retrieving metadata string for tenant:" + str, e.getMessage());
            }
        }
        return null;
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public ConnectedAppsResult getConnectedApplications(String str, Integer num, Integer num2, String str2) throws IdentityProviderManagementException {
        validateResourceId(str, str2);
        return dao.getConnectedApplications(str, Integer.valueOf(validateLimit(num)).intValue(), Integer.valueOf(validateOffset(num2)).intValue());
    }

    private void validateResourceId(String str, String str2) throws IdentityProviderManagementException {
        if (StringUtils.isEmpty(str)) {
            throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage.ERROR_CODE_RETRIEVE_IDP_CONNECTED_APPS, "Invalid argument: Identity Provider resource ID value is empty");
        }
        if (getIdPByResourceId(str, str2, true) == null) {
            throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage.ERROR_CODE_IDP_DOES_NOT_EXIST, str);
        }
    }

    private String resolveAbsoluteURL(String str, String str2, String str3) throws IdentityProviderManagementServerException {
        if (IdentityTenantUtil.isTenantQualifiedUrlsEnabled() || !StringUtils.isNotBlank(str2)) {
            try {
                return ServiceURLBuilder.create().setTenant(str3).addPath(new String[]{str}).build().getAbsolutePublicURL();
            } catch (URLBuilderException e) {
                throw ((IdentityProviderManagementServerException) IdentityProviderManagementException.error(IdentityProviderManagementServerException.class, "Error while building URL: " + str, e));
            }
        }
        if (log.isDebugEnabled()) {
            log.debug("Resolved URL:" + str2 + " from file configuration for default url context: " + str);
        }
        return str2;
    }

    private String addTenantPathParamInLegacyMode(String str, String str2) {
        try {
            if (!IdentityTenantUtil.isTenantQualifiedUrlsEnabled() && StringUtils.isNotBlank(str2) && !"carbon.super".equals(str2)) {
                str = getTenantUrl(str, str2);
            }
        } catch (URISyntaxException e) {
            log.error(String.format("%s endpoint is malformed.", str), e);
        }
        return str;
    }

    private String getTenantUrl(String str, String str2) throws URISyntaxException {
        URI uri = new URI(str);
        return new URI(uri.getScheme(), uri.getUserInfo(), uri.getHost(), uri.getPort(), "/t/" + str2 + uri.getPath(), uri.getQuery(), uri.getFragment()).toString();
    }

    private void verifyAndUpdateRoleConfiguration(String str, int i, PermissionsAndRoleConfig permissionsAndRoleConfig) throws IdentityProviderManagementException {
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        for (RoleMapping roleMapping : permissionsAndRoleConfig.getRoleMappings()) {
            try {
                if (roleMapping.getRemoteRole() != null && roleMapping.getLocalRole() != null && !StringUtils.isBlank(roleMapping.getLocalRole().getLocalRoleName())) {
                    UserStoreManager userStoreManager = IdPManagementServiceComponent.getRealmService().getTenantUserRealm(i).getUserStoreManager();
                    String localRoleName = roleMapping.getLocalRole().getLocalRoleName();
                    if (StringUtils.isNotBlank(roleMapping.getLocalRole().getUserStoreId())) {
                        localRoleName = IdentityUtil.addDomainToName(localRoleName, roleMapping.getLocalRole().getUserStoreId());
                    }
                    if (IdentityUtil.isGroupsVsRolesSeparationImprovementsEnabled() && isGroup(localRoleName)) {
                        if (log.isDebugEnabled()) {
                            log.debug("Groups including: " + localRoleName + ", are not allowed for the identity provider role mapping.");
                        }
                    } else if (userStoreManager.isExistingRole(localRoleName)) {
                        arrayList.add(roleMapping);
                        arrayList2.add(roleMapping.getRemoteRole());
                    } else if (log.isDebugEnabled()) {
                        log.debug("Invalid local role name: " + localRoleName + " for the federated role: " + roleMapping.getRemoteRole());
                    }
                }
            } catch (UserStoreException e) {
                throw new IdentityProviderManagementException("Error occurred while retrieving UserStoreManager for tenant " + str, (Throwable) e);
            }
        }
        permissionsAndRoleConfig.setRoleMappings((RoleMapping[]) arrayList.toArray(new RoleMapping[0]));
        permissionsAndRoleConfig.setIdpRoles((String[]) arrayList2.toArray(new String[0]));
    }

    private void validateGetIdPInputValues(String str) throws IdentityProviderManagementException {
        if (StringUtils.isEmpty(str)) {
            throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage.ERROR_CODE_IDP_GET_REQUEST_INVALID, "Invalid argument: Identity Provider resource ID value is empty");
        }
    }

    private void validateAddIdPInputValues(String str, String str2) throws IdentityProviderManagementException {
        if (getInstance().getIdPByName(str, str2, true) != null) {
            throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage.ERROR_CODE_IDP_ALREADY_EXISTS, str);
        }
        if (IdPManagementServiceComponent.getFileBasedIdPs().containsKey(str) && !str.startsWith(IdPManagementConstants.SHARED_IDP_PREFIX)) {
            throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage.ERROR_CODE_IDP_ALREADY_EXISTS, str);
        }
    }

    private void validateUpdateIdPInputValues(IdentityProvider identityProvider, String str, IdentityProvider identityProvider2, String str2) throws IdentityProviderManagementException {
        if (identityProvider == null) {
            throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage.ERROR_CODE_IDP_DOES_NOT_EXIST, str);
        }
        boolean z = false;
        IdentityProvider idPByName = getIdPByName(identityProvider2.getIdentityProviderName(), str2, true);
        if (idPByName != null) {
            z = !StringUtils.equals(idPByName.getResourceId(), identityProvider.getResourceId());
        }
        if (z || IdPManagementServiceComponent.getFileBasedIdPs().containsKey(identityProvider2.getIdentityProviderName())) {
            throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage.ERROR_CODE_IDP_ALREADY_EXISTS, identityProvider2.getIdentityProviderName());
        }
        validateOutboundProvisioningConnectorProperties(identityProvider2);
    }

    private void validateOutboundProvisioningConnectorProperties(IdentityProvider identityProvider) throws IdentityProviderManagementException {
        ProvisioningConnectorConfig[] provisioningConnectorConfigs = identityProvider.getProvisioningConnectorConfigs();
        if (ArrayUtils.isEmpty(provisioningConnectorConfigs)) {
            return;
        }
        for (ProvisioningConnectorConfig provisioningConnectorConfig : provisioningConnectorConfigs) {
            Property[] provisioningProperties = provisioningConnectorConfig.getProvisioningProperties();
            if (ArrayUtils.isEmpty(provisioningProperties) || provisioningProperties.length < 2) {
                return;
            }
            HashSet hashSet = new HashSet();
            for (Property property : provisioningProperties) {
                if (!hashSet.add(property)) {
                    throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage.DUPLICATE_OUTBOUND_CONNECTOR_PROPERTIES, identityProvider.getIdentityProviderName());
                }
            }
        }
    }

    private boolean isPermissionAndRoleConfigExist(IdentityProvider identityProvider) {
        return (identityProvider.getPermissionAndRoleConfig() == null || identityProvider.getPermissionAndRoleConfig().getRoleMappings() == null) ? false : true;
    }

    private boolean isMetadataFileExist(String str, String str2) {
        return StringUtils.isNotEmpty(str) && StringUtils.isNotEmpty(str2);
    }

    @Override // org.wso2.carbon.idp.mgt.IdpManager
    public IdentityProvider getIdPByMetadataProperty(String str, String str2, String str3, boolean z) throws IdentityProviderManagementException {
        int tenantId = IdentityTenantUtil.getTenantId(str3);
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2)) {
            throw new IdentityProviderManagementException("Invalid argument: IDP metadata property or property value is empty");
        }
        String iDPNameByMetadataProperty = getIDPNameByMetadataProperty(null, str, str2, tenantId, str3, z);
        if (iDPNameByMetadataProperty != null) {
            return getIdPByName(iDPNameByMetadataProperty, str3, z);
        }
        if (!log.isDebugEnabled()) {
            return null;
        }
        log.debug("IDP Name not found for metadata property name: " + str + " value: " + str2 + ". Returning null without continuing.");
        return null;
    }

    private boolean validateIdPIssuerName(IdentityProvider identityProvider, int i, String str) throws IdentityProviderManagementException {
        IdentityProviderProperty[] idpProperties = identityProvider.getIdpProperties();
        if (ArrayUtils.isEmpty(idpProperties)) {
            return true;
        }
        for (IdentityProviderProperty identityProviderProperty : idpProperties) {
            if (identityProviderProperty != null && "idpIssuerName".equals(identityProviderProperty.getName()) && StringUtils.isNotBlank(identityProviderProperty.getValue())) {
                String iDPNameByMetadataProperty = getIDPNameByMetadataProperty(null, "idpIssuerName", identityProviderProperty.getValue(), i, str, false);
                if (StringUtils.isNotEmpty(iDPNameByMetadataProperty)) {
                    throw new IdentityProviderManagementClientException("The provided IDP Issuer Name '" + identityProviderProperty.getValue() + "' has already been registered with the IDP '" + iDPNameByMetadataProperty + "'.");
                }
            }
        }
        return true;
    }

    private boolean validateIdPIssuerName(IdentityProvider identityProvider, IdentityProvider identityProvider2, int i, String str) throws IdentityProviderManagementException {
        String str2 = null;
        IdentityProviderProperty[] idpProperties = identityProvider2.getIdpProperties();
        if (!ArrayUtils.isEmpty(idpProperties)) {
            for (IdentityProviderProperty identityProviderProperty : idpProperties) {
                if (identityProviderProperty != null && "idpIssuerName".equals(identityProviderProperty.getName()) && StringUtils.isNotBlank(identityProviderProperty.getValue())) {
                    str2 = identityProviderProperty.getValue();
                }
            }
        }
        String str3 = null;
        IdentityProviderProperty[] idpProperties2 = identityProvider.getIdpProperties();
        if (!ArrayUtils.isEmpty(idpProperties2)) {
            for (IdentityProviderProperty identityProviderProperty2 : idpProperties2) {
                if (identityProviderProperty2 != null && "idpIssuerName".equals(identityProviderProperty2.getName()) && StringUtils.isNotBlank(identityProviderProperty2.getValue())) {
                    str3 = identityProviderProperty2.getValue();
                }
            }
        }
        if (!StringUtils.isNotBlank(str2) || StringUtils.equals(str2, str3)) {
            return true;
        }
        String iDPNameByMetadataProperty = getIDPNameByMetadataProperty(null, "idpIssuerName", str2, i, str, false);
        if (StringUtils.isNotEmpty(iDPNameByMetadataProperty)) {
            throw new IdentityProviderManagementClientException("The provided IDP Issuer Name '" + str2 + "' has already been registered with the IDP '" + iDPNameByMetadataProperty + "'.");
        }
        return true;
    }

    private String getIDPNameByMetadataProperty(Connection connection, String str, String str2, int i, String str3, boolean z) throws IdentityProviderManagementException {
        String idPNameByMetadataProperty = dao.getIdPNameByMetadataProperty(null, str, str2, i, str3);
        if (idPNameByMetadataProperty == null && !z) {
            if (log.isDebugEnabled()) {
                log.debug("Attempting to retrieve IDP Name from filebased IDPs for IDP metadata property name: " + str + " value: " + str2);
            }
            idPNameByMetadataProperty = new FileBasedIdPMgtDAO().getIdPNameByMetadataProperty(str, str2);
        }
        return idPNameByMetadataProperty;
    }

    private void validateOutboundProvisioningRoles(IdentityProvider identityProvider, String str) throws IdentityProviderManagementException {
        String provisioningRole = identityProvider.getProvisioningRole();
        if (StringUtils.isBlank(provisioningRole)) {
            return;
        }
        String[] split = StringUtils.split(provisioningRole, ",");
        try {
            RoleManagementService roleManagementService = IdpMgtServiceComponentHolder.getInstance().getRoleManagementService();
            for (String str2 : split) {
                try {
                } catch (NotImplementedException e) {
                    if (log.isDebugEnabled()) {
                        log.debug("isExistingRoleName is not implemented in the RoleManagementService. Therefore, proceeding without validating outbound provisioning role existence.");
                    }
                }
                if (!roleManagementService.isExistingRoleName(str2, str)) {
                    throw IdPManagementUtil.handleClientException(IdPManagementConstants.ErrorMessage.ERROR_CODE_NOT_EXISTING_OUTBOUND_PROVISIONING_ROLE, null);
                    break;
                }
            }
        } catch (IdentityRoleManagementException e2) {
            throw IdPManagementUtil.handleServerException(IdPManagementConstants.ErrorMessage.ERROR_CODE_VALIDATING_OUTBOUND_PROVISIONING_ROLES, null, e2);
        }
    }

    private boolean isGroup(String str) {
        return !Stream.of((Object[]) new String[]{"Internal", "Application", "Workflow"}).anyMatch(str2 -> {
            return str.toUpperCase().startsWith((str2 + UserCoreConstants.DOMAIN_SEPARATOR).toUpperCase());
        });
    }

    private String getTenantContextFromTenantDomain(String str) {
        return !"carbon.super".equalsIgnoreCase(str) ? "t/" + str + "/" : IdPManagementConstants.EMPTY_STRING;
    }

    private FederatedAuthenticatorConfig[] extractIdpEntityIdFromMetadata(IdentityProvider identityProvider) throws IdentityProviderManagementException {
        Property extractPropertyFromMetadata;
        List<MetadataConverter> metadataConverters = IdpMgtServiceComponentHolder.getInstance().getMetadataConverters();
        if (metadataConverters.isEmpty()) {
            throw new IdentityProviderManagementException("Metadata Converter is not set");
        }
        FederatedAuthenticatorConfig[] federatedAuthenticatorConfigs = identityProvider.getFederatedAuthenticatorConfigs();
        for (FederatedAuthenticatorConfig federatedAuthenticatorConfig : federatedAuthenticatorConfigs) {
            Property[] properties = federatedAuthenticatorConfig.getProperties();
            if (ArrayUtils.isEmpty(properties)) {
                return federatedAuthenticatorConfigs;
            }
            for (Property property : properties) {
                if (property != null && !StringUtils.isBlank(property.getName()) && property.getName().contains(IdPManagementConstants.META_DATA)) {
                    Iterator<MetadataConverter> it = metadataConverters.iterator();
                    while (true) {
                        if (it.hasNext()) {
                            MetadataConverter next = it.next();
                            if (next.canHandle(property) && (extractPropertyFromMetadata = extractPropertyFromMetadata(next, properties, OPENID_IDP_ENTITY_ID)) != null) {
                                ArrayList arrayList = new ArrayList(Arrays.asList(properties));
                                arrayList.add(extractPropertyFromMetadata);
                                properties = (Property[]) arrayList.toArray(properties);
                                federatedAuthenticatorConfig.setProperties(properties);
                                break;
                            }
                        }
                    }
                }
            }
        }
        return federatedAuthenticatorConfigs;
    }

    private Property extractPropertyFromMetadata(MetadataConverter metadataConverter, Property[] propertyArr, String str) throws IdentityProviderManagementException {
        Property property = null;
        try {
            Property[] properties = metadataConverter.getFederatedAuthenticatorConfig(propertyArr, new StringBuilder()).getProperties();
            int length = properties.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                Property property2 = properties[i];
                if (str.equals(property2.getName())) {
                    property = property2;
                    break;
                }
                i++;
            }
            return property;
        } catch (XMLStreamException e) {
            throw new IdentityProviderManagementException("Error while configuring metadata", (Throwable) e);
        } catch (IdentityProviderManagementException e2) {
            throw new IdentityProviderManagementException("Error converting metadata", (Throwable) e2);
        }
    }

    private void markConfidentialPropertiesUsingMetadata(IdentityProvider identityProvider) throws IdentityProviderManagementException {
        Map<String, List<String>> createFedAuthConfidentialPropsMap = createFedAuthConfidentialPropsMap();
        Arrays.asList(identityProvider.getFederatedAuthenticatorConfigs()).forEach(federatedAuthenticatorConfig -> {
            List list = (List) createFedAuthConfidentialPropsMap.get(federatedAuthenticatorConfig.getName());
            Arrays.asList(federatedAuthenticatorConfig.getProperties()).forEach(property -> {
                if (list == null || !list.contains(property.getName())) {
                    return;
                }
                property.setConfidential(true);
            });
        });
    }

    private Map<String, List<String>> createFedAuthConfidentialPropsMap() throws IdentityProviderManagementException {
        HashMap hashMap = new HashMap();
        for (FederatedAuthenticatorConfig federatedAuthenticatorConfig : getAllFederatedAuthenticators()) {
            ArrayList arrayList = new ArrayList();
            for (Property property : federatedAuthenticatorConfig.getProperties()) {
                if (property.isConfidential()) {
                    arrayList.add(property.getName());
                }
            }
            hashMap.put(federatedAuthenticatorConfig.getName(), arrayList);
        }
        return hashMap;
    }
}
