package org.wso2.carbon.identity.application.authentication.framework.config.model.graph.js;

import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade;
import org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.internal.FrameworkServiceDataHolder;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils;
import org.wso2.carbon.identity.application.common.model.ClaimMapping;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.claim.metadata.mgt.ClaimMetadataHandler;
import org.wso2.carbon.identity.claim.metadata.mgt.exception.ClaimMetadataException;
import org.wso2.carbon.identity.core.IdentityClaimManager;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.idp.mgt.IdentityProviderManagementException;
import org.wso2.carbon.idp.mgt.IdentityProviderManager;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.claim.Claim;

/* loaded from: input_file:org/wso2/carbon/identity/application/authentication/framework/config/model/graph/js/JsClaims.class */
public class JsClaims extends AbstractJSContextMemberObject {
    private static final Log LOG = LogFactory.getLog(JsClaims.class);
    private String idp;
    private boolean isRemoteClaimRequest;
    private int step;
    protected transient AuthenticatedUser authenticatedUser;

    public JsClaims(AuthenticationContext authenticationContext, int i, String str, boolean z) {
        this(i, str, z);
        initializeContext(authenticationContext);
    }

    public JsClaims(int i, String str, boolean z) {
        this.isRemoteClaimRequest = z;
        this.idp = str;
        this.step = i;
    }

    @Override // org.wso2.carbon.identity.application.authentication.framework.config.model.graph.js.AbstractJSContextMemberObject
    public void initializeContext(AuthenticationContext authenticationContext) {
        super.initializeContext(authenticationContext);
        if (StringUtils.isNotBlank(this.idp) && getContext().getCurrentAuthenticatedIdPs().containsKey(this.idp)) {
            this.authenticatedUser = getContext().getCurrentAuthenticatedIdPs().get(this.idp).getUser();
        } else {
            this.authenticatedUser = getAuthenticatedUserFromSubjectIdentifierStep();
        }
    }

    private AuthenticatedUser getAuthenticatedUserFromSubjectIdentifierStep() {
        AuthenticatedUser authenticatedUser = null;
        if (getCurrentSubjectIdentifierStep() != null) {
            authenticatedUser = getCurrentSubjectIdentifierStep().getAuthenticatedUser();
        }
        return authenticatedUser;
    }

    private StepConfig getCurrentSubjectIdentifierStep() {
        if (getContext().getSequenceConfig() == null) {
            return null;
        }
        Map<Integer, StepConfig> stepMap = getContext().getSequenceConfig().getStepMap();
        Optional<StepConfig> findFirst = stepMap.values().stream().filter(stepConfig -> {
            return stepConfig.isCompleted() && stepConfig.isSubjectIdentifierStep();
        }).findFirst();
        if (findFirst.isPresent()) {
            return findFirst.get();
        }
        if (getContext().getCurrentStep() > 0) {
            return stepMap.get(Integer.valueOf(getContext().getCurrentStep()));
        }
        return null;
    }

    public JsClaims(AuthenticatedUser authenticatedUser, boolean z) {
        this.isRemoteClaimRequest = z;
        this.authenticatedUser = authenticatedUser;
    }

    public JsClaims(AuthenticationContext authenticationContext, AuthenticatedUser authenticatedUser, boolean z) {
        this(authenticatedUser, z);
        initializeContext(authenticationContext);
    }

    public Object getMember(String str) {
        if (this.authenticatedUser != null) {
            return this.isRemoteClaimRequest ? getFederatedClaim(str) : getLocalClaim(str);
        }
        return null;
    }

    public boolean hasMember(String str) {
        if (this.authenticatedUser != null) {
            return this.isRemoteClaimRequest ? hasFederatedClaim(str) : hasLocalClaim(str);
        }
        return false;
    }

    public void setMember(String str, Object obj) {
        if (this.authenticatedUser == null) {
            super.setMember(str, obj);
        } else if (this.isRemoteClaimRequest) {
            setFederatedClaim(str, obj);
        } else {
            setLocalClaim(str, obj);
        }
    }

    private void setLocalClaim(String str, Object obj) {
        if (isFederatedIdP()) {
            setLocalMappedClaim(str, obj);
        } else {
            setLocalUserClaim(str, obj);
        }
    }

    private void setLocalMappedClaim(String str, Object obj) {
        String remoteClaimMappedToLocalClaim = getRemoteClaimMappedToLocalClaim(str, FrameworkUtils.getClaimMappings(this.authenticatedUser.getUserAttributes(), false));
        if (remoteClaimMappedToLocalClaim != null) {
            setFederatedClaim(remoteClaimMappedToLocalClaim, String.valueOf(obj));
        }
    }

    private void setLocalUserClaim(String str, Object obj) {
        try {
            UserRealm tenantUserRealm = FrameworkServiceDataHolder.getInstance().getRealmService().getTenantUserRealm(IdentityTenantUtil.getTenantId(this.authenticatedUser.getTenantDomain()));
            HashMap hashMap = new HashMap();
            hashMap.put(str, String.valueOf(obj));
            tenantUserRealm.getUserStoreManager().setUserClaimValuesWithID(this.authenticatedUser.getUserId(), hashMap, (String) null);
        } catch (UserStoreException e) {
            LOG.error(String.format("Error when setting claim : %s of user: %s to value: %s", str, this.authenticatedUser, String.valueOf(obj)), e);
        }
    }

    private String getRemoteClaimMappedToLocalClaim(String str, Map<String, String> map) {
        Map mappingsMapFromOtherDialectToCarbon;
        String str2 = null;
        String tenantDomain = getContext().getTenantDomain();
        try {
            str2 = getContext().getSequenceConfig().getStepMap().get(Integer.valueOf(this.step)).getAuthenticatedAutenticator().getApplicationAuthenticator().getClaimDialectURI();
            boolean useDefaultLocalIdpDialect = ConfigurationFacade.getInstance().getIdPConfigByName(this.idp, tenantDomain).useDefaultLocalIdpDialect();
            if (str2 != null || useDefaultLocalIdpDialect) {
                if (str2 == null) {
                    str2 = "http://wso2.org/claims";
                }
                mappingsMapFromOtherDialectToCarbon = ClaimMetadataHandler.getInstance().getMappingsMapFromOtherDialectToCarbon(str2, map.keySet(), tenantDomain, true);
            } else {
                mappingsMapFromOtherDialectToCarbon = IdentityProviderManager.getInstance().getMappedIdPClaimsMap(this.idp, tenantDomain, Collections.singletonList(str));
            }
            if (mappingsMapFromOtherDialectToCarbon != null) {
                return (String) mappingsMapFromOtherDialectToCarbon.get(str);
            }
            return null;
        } catch (ClaimMetadataException e) {
            LOG.error("Error when getting claim mappings from " + str2 + " for tenant domain: " + tenantDomain);
            return null;
        } catch (IdentityProviderManagementException e2) {
            LOG.error(String.format("Error when getting claim : %s of user: %s", str, this.authenticatedUser), e2);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean hasFederatedClaim(String str) {
        if (isFederatedIdP()) {
            return FrameworkUtils.getClaimMappings(this.authenticatedUser.getUserAttributes(), false).containsKey(str);
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean hasLocalClaim(String str) {
        int tenantId = IdentityTenantUtil.getTenantId(this.authenticatedUser.getTenantDomain());
        try {
            for (Claim claim : IdentityClaimManager.getInstance().getAllSupportedClaims(FrameworkServiceDataHolder.getInstance().getRealmService().getTenantUserRealm(tenantId))) {
                if (claim.getClaimUri().equals(str)) {
                    return true;
                }
            }
            return false;
        } catch (UserStoreException e) {
            LOG.error("Error when retrieving user realm for tenant : " + tenantId, e);
            return false;
        } catch (IdentityException e2) {
            LOG.error("Error when initializing identity claim manager.", e2);
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getFederatedClaim(String str) {
        if (isFederatedIdP()) {
            return FrameworkUtils.getClaimMappings(this.authenticatedUser.getUserAttributes(), false).get(str);
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getLocalClaim(String str) {
        return isFederatedIdP() ? getLocalMappedClaim(str) : getLocalUserClaim(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isFederatedIdP() {
        return StringUtils.isNotBlank(this.idp) && !"LOCAL".equals(this.idp);
    }

    private void setFederatedClaim(String str, Object obj) {
        if (obj == null) {
            obj = "";
        }
        this.authenticatedUser.getUserAttributes().put(ClaimMapping.build(str, str, (String) null, false), String.valueOf(obj));
    }

    private String getLocalMappedClaim(String str) {
        Map<String, String> claimMappings = FrameworkUtils.getClaimMappings(this.authenticatedUser.getUserAttributes(), false);
        String remoteClaimMappedToLocalClaim = getRemoteClaimMappedToLocalClaim(str, claimMappings);
        if (remoteClaimMappedToLocalClaim != null) {
            return claimMappings.get(remoteClaimMappedToLocalClaim);
        }
        return null;
    }

    private String getLocalUserClaim(String str) {
        try {
            return (String) FrameworkServiceDataHolder.getInstance().getRealmService().getTenantUserRealm(IdentityTenantUtil.getTenantId(this.authenticatedUser.getTenantDomain())).getUserStoreManager().getUserClaimValuesWithID(this.authenticatedUser.getUserId(), new String[]{str}, (String) null).get(str);
        } catch (UserStoreException e) {
            LOG.error(String.format("Error when getting claim : %s of user: %s", str, this.authenticatedUser), e);
            return null;
        }
    }
}
