package org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl;

import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.authentication.framework.config.model.SequenceConfig;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.user.core.util.UserCoreUtil;

/* loaded from: input_file:org/wso2/carbon/identity/application/authentication/framework/handler/sequence/impl/DefaultSequenceHandlerUtils.class */
public class DefaultSequenceHandlerUtils {
    private static Log log = LogFactory.getLog(DefaultSequenceHandlerUtils.class);
    private static final String SEND_ONLY_SP_MAPPED_ROLES = "SPRoleManagement.ReturnOnlyMappedLocalRoles";

    private DefaultSequenceHandlerUtils() {
    }

    public static String getServiceProviderMappedUserRoles(SequenceConfig sequenceConfig, List<String> list) {
        if (log.isDebugEnabled()) {
            log.debug("Getting Service Provider mapped roles of application: " + sequenceConfig.getApplicationConfig().getApplicationName() + " of user: " + sequenceConfig.getAuthenticatedUser());
        }
        boolean parseBoolean = Boolean.parseBoolean(IdentityUtil.getProperty(SEND_ONLY_SP_MAPPED_ROLES));
        String str = null;
        if (CollectionUtils.isNotEmpty(list)) {
            Map<String, String> roleMappings = sequenceConfig.getApplicationConfig().getRoleMappings();
            List<String> arrayList = new ArrayList();
            List<String> arrayList2 = new ArrayList();
            if (roleMappings == null || roleMappings.isEmpty()) {
                if (log.isDebugEnabled()) {
                    log.debug("No local roles to map to Service Provider role mappings. Sending back all local roles as service provider mapped roles.");
                }
                if (isRemoveUserDomainInRole(sequenceConfig)) {
                    arrayList2 = list;
                } else {
                    arrayList = list;
                }
            } else {
                for (String str2 : list) {
                    if (roleMappings.containsKey(str2)) {
                        String str3 = roleMappings.get(str2);
                        arrayList.add(str3);
                        if (log.isDebugEnabled()) {
                            log.debug("Mapping local role: " + str2 + " to service provider role: " + str3);
                        }
                    } else if (!parseBoolean) {
                        if (isRemoveUserDomainInRole(sequenceConfig)) {
                            arrayList2.add(str2);
                        } else {
                            arrayList.add(str2);
                        }
                    }
                }
            }
            if (isRemoveUserDomainInRole(sequenceConfig)) {
                List<String> removeDomainFromNamesExcludeHybrid = removeDomainFromNamesExcludeHybrid(arrayList2);
                if (!removeDomainFromNamesExcludeHybrid.isEmpty()) {
                    arrayList.addAll(removeDomainFromNamesExcludeHybrid);
                }
            }
            str = StringUtils.join(arrayList.toArray(), FrameworkUtils.getMultiAttributeSeparator());
        }
        if (log.isDebugEnabled()) {
            log.debug("Service Provider Mapped Roles: " + str);
        }
        return str;
    }

    private static List<String> removeDomainFromNamesExcludeHybrid(List<String> list) {
        ArrayList arrayList = new ArrayList();
        for (String str : list) {
            String extractDomainFromName = IdentityUtil.extractDomainFromName(str);
            if ("Internal".equalsIgnoreCase(extractDomainFromName) || FrameworkConstants.InternalRoleDomains.APPLICATION_DOMAIN.equalsIgnoreCase(extractDomainFromName) || FrameworkConstants.InternalRoleDomains.WORKFLOW_DOMAIN.equalsIgnoreCase(extractDomainFromName)) {
                arrayList.add(str);
            } else {
                arrayList.add(UserCoreUtil.removeDomainFromName(str));
            }
        }
        return arrayList;
    }

    private static boolean isRemoveUserDomainInRole(SequenceConfig sequenceConfig) {
        return !sequenceConfig.getApplicationConfig().getServiceProvider().getLocalAndOutBoundAuthenticationConfig().isUseUserstoreDomainInRoles();
    }
}
