package org.wso2.carbon.identity.application.authentication.framework.config.model.graph.js;

import java.util.Collections;
import java.util.Map;
import jdk.nashorn.api.scripting.AbstractJSObject;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.internal.FrameworkServiceDataHolder;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils;
import org.wso2.carbon.identity.application.common.model.ClaimMapping;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.claim.metadata.mgt.ClaimMetadataHandler;
import org.wso2.carbon.identity.claim.metadata.mgt.exception.ClaimMetadataException;
import org.wso2.carbon.identity.core.IdentityClaimManager;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.idp.mgt.IdentityProviderManagementException;
import org.wso2.carbon.idp.mgt.IdentityProviderManager;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.claim.Claim;
import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.user.core.util.UserCoreUtil;

/* loaded from: input_file:org/wso2/carbon/identity/application/authentication/framework/config/model/graph/js/JsClaims.class */
public class JsClaims extends AbstractJSObject {
    private static final Log LOG = LogFactory.getLog(JsClaims.class);
    private AuthenticationContext wrappedContext;
    private String idp;
    private boolean isRemoteClaimRequest;
    private int step;
    private AuthenticatedUser authenticatedUser;

    public JsClaims(AuthenticationContext authenticationContext, int i, String str, boolean z) {
        this.wrappedContext = authenticationContext;
        this.isRemoteClaimRequest = z;
        this.idp = str;
        this.step = i;
        if (StringUtils.isNotBlank(str) && authenticationContext.getCurrentAuthenticatedIdPs().containsKey(str)) {
            this.authenticatedUser = authenticationContext.getCurrentAuthenticatedIdPs().get(str).getUser();
        }
    }

    public JsClaims(AuthenticatedUser authenticatedUser, boolean z) {
        this.isRemoteClaimRequest = z;
        this.authenticatedUser = authenticatedUser;
    }

    public Object getMember(String str) {
        if (this.authenticatedUser != null) {
            return this.isRemoteClaimRequest ? getFederatedClaim(str) : getLocalClaim(str);
        }
        return null;
    }

    public boolean hasMember(String str) {
        if (this.authenticatedUser != null) {
            return this.isRemoteClaimRequest ? hasFederatedClaim(str) : hasLocalClaim(str);
        }
        return false;
    }

    public void setMember(String str, Object obj) {
        if (this.authenticatedUser == null) {
            super.setMember(str, obj);
        } else if (this.isRemoteClaimRequest) {
            setFederatedClaim(str, obj);
        } else {
            setLocalClaim(str, obj);
        }
    }

    private void setFederatedClaim(String str, Object obj) {
        if (obj == null) {
            obj = "";
        }
        this.authenticatedUser.getUserAttributes().put(ClaimMapping.build(str, str, (String) null, false), obj.toString());
    }

    private void setLocalClaim(String str, Object obj) {
        int tenantId = IdentityTenantUtil.getTenantId(this.authenticatedUser.getTenantDomain());
        RealmService realmService = FrameworkServiceDataHolder.getInstance().getRealmService();
        String addDomainToName = UserCoreUtil.addDomainToName(this.authenticatedUser.getUserName(), this.authenticatedUser.getUserStoreDomain());
        try {
            UserRealm tenantUserRealm = realmService.getTenantUserRealm(tenantId);
            tenantUserRealm.getUserStoreManager().setUserClaimValues(this.authenticatedUser.getUserName(), Collections.singletonMap(str, obj.toString()), (String) null);
            tenantUserRealm.getUserStoreManager().getUserClaimValues(addDomainToName, new String[]{str}, (String) null).get(str);
        } catch (UserStoreException e) {
            LOG.error(String.format("Error when setting claim : %s of user: %s to value: %s", str, this.authenticatedUser, obj.toString()), e);
        }
    }

    private boolean hasFederatedClaim(String str) {
        if (isFederatedIdP()) {
            return FrameworkUtils.getClaimMappings(this.authenticatedUser.getUserAttributes(), false).containsKey(str);
        }
        return false;
    }

    private boolean hasLocalClaim(String str) {
        int tenantId = IdentityTenantUtil.getTenantId(this.authenticatedUser.getTenantDomain());
        try {
            for (Claim claim : IdentityClaimManager.getInstance().getAllSupportedClaims(FrameworkServiceDataHolder.getInstance().getRealmService().getTenantUserRealm(tenantId))) {
                if (claim.getClaimUri().equals(str)) {
                    return true;
                }
            }
            return false;
        } catch (UserStoreException e) {
            LOG.error("Error when retrieving user realm for tenant : " + tenantId, e);
            return false;
        } catch (IdentityException e2) {
            LOG.error("Error when initializing identity claim manager.", e2);
            return false;
        }
    }

    private String getFederatedClaim(String str) {
        if (isFederatedIdP()) {
            return FrameworkUtils.getClaimMappings(this.authenticatedUser.getUserAttributes(), false).get(str);
        }
        return null;
    }

    private String getLocalClaim(String str) {
        return isFederatedIdP() ? getLocalMappedClaim(str) : getLocalUserClaim(str);
    }

    private boolean isFederatedIdP() {
        return StringUtils.isNotBlank(this.idp) && !"LOCAL".equals(this.idp);
    }

    private String getLocalMappedClaim(String str) {
        Map mappingsMapFromOtherDialectToCarbon;
        Map<ClaimMapping, String> userAttributes = this.authenticatedUser.getUserAttributes();
        String str2 = null;
        String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
        try {
            str2 = this.wrappedContext.getSequenceConfig().getStepMap().get(Integer.valueOf(this.step)).getAuthenticatedAutenticator().getApplicationAuthenticator().getClaimDialectURI();
            boolean useDefaultLocalIdpDialect = ConfigurationFacade.getInstance().getIdPConfigByName(this.idp, tenantDomain).useDefaultLocalIdpDialect();
            Map<String, String> claimMappings = FrameworkUtils.getClaimMappings(userAttributes, false);
            if (str2 != null || useDefaultLocalIdpDialect) {
                if (str2 == null) {
                    str2 = "http://wso2.org/claims";
                }
                mappingsMapFromOtherDialectToCarbon = ClaimMetadataHandler.getInstance().getMappingsMapFromOtherDialectToCarbon(str2, claimMappings.keySet(), tenantDomain, true);
            } else {
                mappingsMapFromOtherDialectToCarbon = IdentityProviderManager.getInstance().getMappedIdPClaimsMap(this.idp, PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain(), Collections.singletonList(str));
            }
            if (mappingsMapFromOtherDialectToCarbon != null) {
                return claimMappings.get(mappingsMapFromOtherDialectToCarbon.get(str));
            }
            return null;
        } catch (IdentityProviderManagementException e) {
            LOG.error(String.format("Error when getting claim : %s of user: %s", str, this.authenticatedUser), e);
            return null;
        } catch (ClaimMetadataException e2) {
            LOG.error("Error when getting claim mappings from " + str2 + " for tenant domain: " + tenantDomain);
            return null;
        }
    }

    private String getLocalUserClaim(String str) {
        int tenantId = IdentityTenantUtil.getTenantId(this.authenticatedUser.getTenantDomain());
        try {
            return (String) FrameworkServiceDataHolder.getInstance().getRealmService().getTenantUserRealm(tenantId).getUserStoreManager().getUserClaimValues(UserCoreUtil.addDomainToName(this.authenticatedUser.getUserName(), this.authenticatedUser.getUserStoreDomain()), new String[]{str}, (String) null).get(str);
        } catch (UserStoreException e) {
            LOG.error(String.format("Error when getting claim : %s of user: %s", str, this.authenticatedUser), e);
            return null;
        }
    }
}
