package org.wso2.carbon.identity.application.authentication.framework.handler.request.impl;

import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.collections.MapUtils;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.json.JSONArray;
import org.json.JSONObject;
import org.wso2.carbon.consent.mgt.core.ConsentManager;
import org.wso2.carbon.consent.mgt.core.exception.ConsentManagementException;
import org.wso2.carbon.consent.mgt.core.model.PIICategoryValidity;
import org.wso2.carbon.consent.mgt.core.model.ReceiptInput;
import org.wso2.carbon.consent.mgt.core.model.ReceiptPurposeInput;
import org.wso2.carbon.consent.mgt.core.model.ReceiptServiceInput;
import org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade;
import org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig;
import org.wso2.carbon.identity.application.authentication.framework.config.model.ExternalIdPConfig;
import org.wso2.carbon.identity.application.authentication.framework.config.model.SequenceConfig;
import org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.exception.FrameworkException;
import org.wso2.carbon.identity.application.authentication.framework.exception.PostAuthenticationFailedException;
import org.wso2.carbon.identity.application.authentication.framework.exception.UserSessionException;
import org.wso2.carbon.identity.application.authentication.framework.handler.request.AbstractPostAuthnHandler;
import org.wso2.carbon.identity.application.authentication.framework.handler.request.PostAuthnHandlerFlowStatus;
import org.wso2.carbon.identity.application.authentication.framework.internal.FrameworkServiceComponent;
import org.wso2.carbon.identity.application.authentication.framework.internal.FrameworkServiceDataHolder;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.authentication.framework.store.UserSessionStore;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkErrorConstants;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils;
import org.wso2.carbon.identity.application.common.model.IdentityProvider;
import org.wso2.carbon.identity.claim.metadata.mgt.ClaimMetadataHandler;
import org.wso2.carbon.identity.claim.metadata.mgt.exception.ClaimMetadataException;
import org.wso2.carbon.identity.core.ServiceURLBuilder;
import org.wso2.carbon.identity.core.URLBuilderException;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.user.profile.mgt.association.federation.exception.FederatedAssociationManagerException;
import org.wso2.carbon.idp.mgt.IdentityProviderManagementException;
import org.wso2.carbon.idp.mgt.IdentityProviderManager;
import org.wso2.carbon.user.api.ClaimMapping;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.UserRealm;
import org.wso2.carbon.user.core.claim.ClaimManager;
import org.wso2.carbon.user.core.common.AbstractUserStoreManager;
import org.wso2.carbon.user.core.common.User;
import org.wso2.carbon.user.core.util.UserCoreUtil;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/identity/application/authentication/framework/handler/request/impl/JITProvisioningPostAuthenticationHandler.class */
public class JITProvisioningPostAuthenticationHandler extends AbstractPostAuthnHandler {
    private static final Log log = LogFactory.getLog(JITProvisioningPostAuthenticationHandler.class);
    private static volatile JITProvisioningPostAuthenticationHandler instance = new JITProvisioningPostAuthenticationHandler();

    protected JITProvisioningPostAuthenticationHandler() {
    }

    public static JITProvisioningPostAuthenticationHandler getInstance() {
        return instance;
    }

    public int getPriority() {
        int priority = super.getPriority();
        if (priority == -1) {
            priority = 20;
        }
        return priority;
    }

    public String getName() {
        return "JITProvisionHandler";
    }

    @Override // org.wso2.carbon.identity.application.authentication.framework.handler.request.PostAuthenticationHandler
    public PostAuthnHandlerFlowStatus handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws PostAuthenticationFailedException {
        if (!FrameworkUtils.isStepBasedSequenceHandlerExecuted(authenticationContext)) {
            return PostAuthnHandlerFlowStatus.SUCCESS_COMPLETED;
        }
        if (log.isDebugEnabled()) {
            log.debug("Continuing with JIT flow for the user: " + authenticationContext.getSequenceConfig().getAuthenticatedUser());
        }
        Object property = authenticationContext.getProperty(FrameworkConstants.PASSWORD_PROVISION_REDIRECTION_TRIGGERED);
        if (property == null || !((Boolean) property).booleanValue()) {
            return handleRequestFlow(httpServletRequest, httpServletResponse, authenticationContext);
        }
        if (log.isDebugEnabled()) {
            log.debug("The request has hit the response flow of JIT provisioning flow for the user: " + authenticationContext.getSequenceConfig().getAuthenticatedUser().getLoggableUserId());
        }
        return handleResponseFlow(httpServletRequest, authenticationContext);
    }

    private PostAuthnHandlerFlowStatus handleResponseFlow(HttpServletRequest httpServletRequest, AuthenticationContext authenticationContext) throws PostAuthenticationFailedException {
        SequenceConfig sequenceConfig = authenticationContext.getSequenceConfig();
        Iterator<Map.Entry<Integer, StepConfig>> it = sequenceConfig.getStepMap().entrySet().iterator();
        while (it.hasNext()) {
            StepConfig value = it.next().getValue();
            if (value.getAuthenticatedAutenticator().getApplicationAuthenticator() instanceof FederatedApplicationAuthenticator) {
                String authenticatedIdP = value.getAuthenticatedIdP();
                ExternalIdPConfig externalIdpConfig = getExternalIdpConfig(authenticatedIdP, authenticationContext);
                authenticationContext.setExternalIdP(externalIdpConfig);
                if (externalIdpConfig != null && externalIdpConfig.isProvisioningEnabled()) {
                    if (log.isDebugEnabled()) {
                        log.debug("JIT provisioning response flow has hit for the IDP " + authenticatedIdP + " for the user, " + sequenceConfig.getAuthenticatedUser().getLoggableUserId());
                    }
                    Object property = authenticationContext.getProperty(FrameworkConstants.UNFILTERED_LOCAL_CLAIM_VALUES);
                    Map<String, String> hashMap = property == null ? new HashMap<>() : (Map) property;
                    Map<String, String> combinedClaims = getCombinedClaims(httpServletRequest, hashMap, authenticationContext);
                    if (externalIdpConfig.isPasswordProvisioningEnabled()) {
                        combinedClaims.put(FrameworkConstants.PASSWORD, httpServletRequest.getParameter(FrameworkConstants.PASSWORD));
                    }
                    String usernameFederatedUser = getUsernameFederatedUser(value, sequenceConfig, authenticatedIdP, authenticationContext, hashMap, externalIdpConfig);
                    if (authenticationContext.getProperty(FrameworkConstants.CHANGING_USERNAME_ALLOWED) != null) {
                        usernameFederatedUser = httpServletRequest.getParameter("username");
                        try {
                            if (getUserStoreManager(authenticationContext.getExternalIdP().getProvisioningUserStoreId(), getUserRealm(authenticationContext.getTenantDomain()), usernameFederatedUser).isExistingUser(UserCoreUtil.removeDomainFromName(MultitenantUtils.getTenantAwareUsername(usernameFederatedUser)))) {
                                log.error(FrameworkErrorConstants.ErrorMessages.USER_ALREADY_EXISTS_ERROR.getCode() + " - " + FrameworkErrorConstants.ErrorMessages.USER_ALREADY_EXISTS_ERROR.getMessage());
                                handleExceptions(FrameworkErrorConstants.ErrorMessages.USER_ALREADY_EXISTS_ERROR.getMessage(), "provided.username.already.exists", null);
                            }
                        } catch (UserStoreException e) {
                            handleExceptions(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_CHECKING_USERNAME_EXISTENCE.getMessage(), "error.user.existence", e);
                        }
                    }
                    callDefaultProvisioningHandler(usernameFederatedUser, authenticationContext, externalIdpConfig, combinedClaims, value);
                    handleConsents(httpServletRequest, value, authenticationContext.getTenantDomain());
                }
            }
        }
        return PostAuthnHandlerFlowStatus.SUCCESS_COMPLETED;
    }

    private Map<String, String> getCombinedClaims(HttpServletRequest httpServletRequest, Map<String, String> map, AuthenticationContext authenticationContext) throws PostAuthenticationFailedException {
        ClaimMapping[] claimsForTenant = getClaimsForTenant(authenticationContext.getTenantDomain(), authenticationContext.getExternalIdP().getIdPName());
        HashMap hashMap = new HashMap();
        if (claimsForTenant != null) {
            for (ClaimMapping claimMapping : claimsForTenant) {
                String claimUri = claimMapping.getClaim().getClaimUri();
                String parameter = httpServletRequest.getParameter(claimUri);
                if (StringUtils.isNotBlank(parameter) && StringUtils.isEmpty(map.get(claimUri))) {
                    map.put(claimUri, parameter);
                } else {
                    String parameter2 = httpServletRequest.getParameter("missing-" + claimUri);
                    if (StringUtils.isNotEmpty(parameter2)) {
                        map.put(claimUri, parameter2);
                        hashMap.put(claimUri, parameter2);
                    }
                }
            }
        }
        if (MapUtils.isNotEmpty(hashMap)) {
            AuthenticatedUser authenticatedUser = authenticationContext.getSequenceConfig().getAuthenticatedUser();
            Map<org.wso2.carbon.identity.application.common.model.ClaimMapping, String> userAttributes = authenticatedUser.getUserAttributes();
            userAttributes.putAll(FrameworkUtils.buildClaimMappings(hashMap));
            authenticatedUser.setUserAttributes(userAttributes);
            authenticationContext.getSequenceConfig().setAuthenticatedUser(authenticatedUser);
        }
        return map;
    }

    private PostAuthnHandlerFlowStatus handleRequestFlow(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws PostAuthenticationFailedException {
        String authenticationEndpointRetryURL = ConfigurationFacade.getInstance().getAuthenticationEndpointRetryURL();
        SequenceConfig sequenceConfig = authenticationContext.getSequenceConfig();
        Iterator<Map.Entry<Integer, StepConfig>> it = sequenceConfig.getStepMap().entrySet().iterator();
        while (it.hasNext()) {
            StepConfig value = it.next().getValue();
            AuthenticatorConfig authenticatedAutenticator = value.getAuthenticatedAutenticator();
            if (authenticatedAutenticator != null && (authenticatedAutenticator.getApplicationAuthenticator() instanceof FederatedApplicationAuthenticator)) {
                String authenticatedIdP = value.getAuthenticatedIdP();
                ExternalIdPConfig externalIdpConfig = getExternalIdpConfig(authenticatedIdP, authenticationContext);
                authenticationContext.setExternalIdP(externalIdpConfig);
                Map<String, String> localClaimValuesOfIDPInNonAttributeSelectionStep = value.isSubjectAttributeStep() ? (Map) authenticationContext.getProperty(FrameworkConstants.UNFILTERED_LOCAL_CLAIM_VALUES) : getLocalClaimValuesOfIDPInNonAttributeSelectionStep(authenticationContext, value, externalIdpConfig);
                if (localClaimValuesOfIDPInNonAttributeSelectionStep == null || localClaimValuesOfIDPInNonAttributeSelectionStep.size() == 0) {
                    localClaimValuesOfIDPInNonAttributeSelectionStep = FrameworkUtils.getClaimMappings(value.getAuthenticatedUser().getUserAttributes(), false);
                }
                if (externalIdpConfig != null && externalIdpConfig.isProvisioningEnabled()) {
                    if (localClaimValuesOfIDPInNonAttributeSelectionStep == null) {
                        localClaimValuesOfIDPInNonAttributeSelectionStep = new HashMap<>();
                    }
                    String localUserAssociatedForFederatedIdentifier = getLocalUserAssociatedForFederatedIdentifier(value.getAuthenticatedIdP(), value.getAuthenticatedUser().getAuthenticatedSubjectIdentifier(), authenticationContext.getTenantDomain());
                    if (StringUtils.isEmpty(localUserAssociatedForFederatedIdentifier) && externalIdpConfig.isPromptConsentEnabled()) {
                        if (log.isDebugEnabled()) {
                            log.debug(sequenceConfig.getAuthenticatedUser().getLoggableUserId() + " coming from " + externalIdpConfig.getIdPName() + " do not have a local account, hence redirecting to the UI to sign up.");
                        }
                        redirectToAccountCreateUI(externalIdpConfig, authenticationContext, localClaimValuesOfIDPInNonAttributeSelectionStep, httpServletResponse, getUsernameFederatedUser(value, sequenceConfig, authenticatedIdP, authenticationContext, localClaimValuesOfIDPInNonAttributeSelectionStep, externalIdpConfig), httpServletRequest);
                        authenticationContext.setProperty(FrameworkConstants.PASSWORD_PROVISION_REDIRECTION_TRIGGERED, true);
                        return PostAuthnHandlerFlowStatus.INCOMPLETE;
                    }
                    if (StringUtils.isEmpty(localUserAssociatedForFederatedIdentifier) && externalIdpConfig.isAssociateLocalUserEnabled() && StringUtils.isNotBlank(localClaimValuesOfIDPInNonAttributeSelectionStep.get(FrameworkConstants.EMAIL_ADDRESS_CLAIM))) {
                        try {
                            String str = localClaimValuesOfIDPInNonAttributeSelectionStep.get(FrameworkConstants.EMAIL_ADDRESS_CLAIM);
                            AbstractUserStoreManager abstractUserStoreManager = (AbstractUserStoreManager) getUserStoreManager(authenticationContext.getExternalIdP().getProvisioningUserStoreId(), getUserRealm(authenticationContext.getTenantDomain()), str);
                            if (abstractUserStoreManager.isExistingUser(str)) {
                                User user = abstractUserStoreManager.getUser((String) null, str);
                                FrameworkUtils.getFederatedAssociationManager().createFederatedAssociation(new org.wso2.carbon.identity.application.common.model.User(user), value.getAuthenticatedIdP(), value.getAuthenticatedUser().getAuthenticatedSubjectIdentifier());
                                localUserAssociatedForFederatedIdentifier = user.getDomainQualifiedUsername();
                            }
                        } catch (UserStoreException e) {
                            handleExceptions(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_CHECKING_USERNAME_EXISTENCE.getMessage(), "error.user.existence", e);
                        } catch (FrameworkException | FederatedAssociationManagerException e2) {
                            handleExceptions(e2.getMessage(), e2.getErrorCode(), e2);
                        }
                    }
                    if (StringUtils.isNotBlank(localUserAssociatedForFederatedIdentifier)) {
                        if (isAccountLocked(localUserAssociatedForFederatedIdentifier, authenticationContext.getTenantDomain())) {
                            if (log.isDebugEnabled()) {
                                log.debug(String.format("The account is locked for the user: %s in the tenant domain: %s ", localUserAssociatedForFederatedIdentifier, authenticationContext.getTenantDomain()));
                            }
                            handleAccountLockLoginFailure(authenticationEndpointRetryURL, authenticationContext, httpServletResponse, "&authFailure=true&authFailureMsg=error.user.account.locked&errorCode=17003");
                            return PostAuthnHandlerFlowStatus.INCOMPLETE;
                        }
                        if (isAccountDisabled(localUserAssociatedForFederatedIdentifier, authenticationContext.getTenantDomain())) {
                            if (log.isDebugEnabled()) {
                                log.debug(String.format("The account is disabled for the user: %s in the tenant domain: %s ", localUserAssociatedForFederatedIdentifier, authenticationContext.getTenantDomain()));
                            }
                            handleAccountLockLoginFailure(authenticationEndpointRetryURL, authenticationContext, httpServletResponse, "&authFailure=true&authFailureMsg=error.user.account.disabled&errorCode=17004");
                            return PostAuthnHandlerFlowStatus.INCOMPLETE;
                        }
                    }
                    String str2 = localUserAssociatedForFederatedIdentifier;
                    if (StringUtils.isEmpty(str2)) {
                        str2 = getUsernameFederatedUser(value, sequenceConfig, authenticatedIdP, authenticationContext, localClaimValuesOfIDPInNonAttributeSelectionStep, externalIdpConfig);
                    }
                    if (log.isDebugEnabled()) {
                        log.debug("User : " + sequenceConfig.getAuthenticatedUser().getLoggableUserId() + " coming from " + externalIdpConfig.getIdPName() + " do have a local account, with the username " + str2);
                    }
                    if (externalIdpConfig.isAssociateLocalUserEnabled() && StringUtils.equals(UserCoreUtil.removeDomainFromName(str2), localClaimValuesOfIDPInNonAttributeSelectionStep.get(FrameworkConstants.EMAIL_ADDRESS_CLAIM))) {
                        str2 = UserCoreUtil.addTenantDomainToEntry(str2, authenticationContext.getTenantDomain());
                    }
                    callDefaultProvisioningHandler(str2, authenticationContext, externalIdpConfig, localClaimValuesOfIDPInNonAttributeSelectionStep, value);
                }
            }
        }
        return PostAuthnHandlerFlowStatus.SUCCESS_COMPLETED;
    }

    private String getUsernameFederatedUser(StepConfig stepConfig, SequenceConfig sequenceConfig, String str, AuthenticationContext authenticationContext, Map<String, String> map, ExternalIdPConfig externalIdPConfig) throws PostAuthenticationFailedException {
        String userIdClaimUriInLocalDialect = getUserIdClaimUriInLocalDialect(externalIdPConfig);
        return isUserNameFoundFromUserIDClaimURI(map, userIdClaimUriInLocalDialect) ? map.get(userIdClaimUriInLocalDialect) : FrameworkUtils.isJITProvisionEnhancedFeatureEnabled() ? getFederatedUsername(stepConfig.getAuthenticatedUser().getUserName(), str, authenticationContext) : sequenceConfig.getAuthenticatedUser().getUserName();
    }

    private boolean isUserNameFoundFromUserIDClaimURI(Map<String, String> map, String str) {
        return StringUtils.isNotBlank(str) && StringUtils.isNotBlank(map.get(str));
    }

    private String getFederatedUsername(String str, String str2, AuthenticationContext authenticationContext) throws PostAuthenticationFailedException {
        String str3 = null;
        try {
            int tenantId = IdentityTenantUtil.getTenantId(authenticationContext.getTenantDomain());
            str3 = UserSessionStore.getInstance().getFederatedUserId(str, tenantId, UserSessionStore.getInstance().getIdPId(str2, tenantId));
        } catch (UserSessionException e) {
            handleExceptions(String.format(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_GETTING_FEDERATED_USERNAME.getMessage(), str, str2), FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_GETTING_FEDERATED_USERNAME.getCode(), e);
        }
        return str3;
    }

    private boolean isAccountLocked(String str, String str2) throws PostAuthenticationFailedException {
        try {
            Map userClaimValues = FrameworkServiceDataHolder.getInstance().getRealmService().getTenantUserRealm(IdentityTenantUtil.getTenantId(str2)).getUserStoreManager().getUserClaimValues(str, new String[]{FrameworkConstants.ACCOUNT_LOCKED_CLAIM_URI}, FrameworkConstants.DEFAULT_SEQUENCE);
            if (userClaimValues == null || userClaimValues.size() <= 0) {
                return false;
            }
            return Boolean.parseBoolean((String) userClaimValues.get(FrameworkConstants.ACCOUNT_LOCKED_CLAIM_URI));
        } catch (UserStoreException e) {
            throw new PostAuthenticationFailedException(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_CHECKING_ACCOUNT_LOCK_STATUS.getCode(), String.format(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_CHECKING_ACCOUNT_LOCK_STATUS.getMessage(), str), e);
        }
    }

    private boolean isAccountDisabled(String str, String str2) throws PostAuthenticationFailedException {
        try {
            Map userClaimValues = FrameworkServiceDataHolder.getInstance().getRealmService().getTenantUserRealm(IdentityTenantUtil.getTenantId(str2)).getUserStoreManager().getUserClaimValues(str, new String[]{FrameworkConstants.ACCOUNT_DISABLED_CLAIM_URI}, FrameworkConstants.DEFAULT_SEQUENCE);
            if (userClaimValues == null || userClaimValues.size() <= 0) {
                return false;
            }
            return Boolean.parseBoolean((String) userClaimValues.get(FrameworkConstants.ACCOUNT_DISABLED_CLAIM_URI));
        } catch (UserStoreException e) {
            throw new PostAuthenticationFailedException(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_CHECKING_ACCOUNT_DISABLE_STATUS.getCode(), String.format(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_CHECKING_ACCOUNT_DISABLE_STATUS.getMessage(), str), e);
        }
    }

    private void handleAccountLockLoginFailure(String str, AuthenticationContext authenticationContext, HttpServletResponse httpServletResponse, String str2) throws PostAuthenticationFailedException {
        try {
            String appendQueryParamsStringToUrl = FrameworkUtils.appendQueryParamsStringToUrl(FrameworkUtils.appendQueryParamsStringToUrl(str, "sp=" + authenticationContext.getServiceProviderName()), String.format("%s=", FrameworkConstants.REQUEST_PARAM_AUTH_FLOW_ID) + authenticationContext.getContextIdentifier());
            if (1 == 0) {
                str2 = "&authFailure=true&authFailureMsg=login.fail.message";
            }
            String appendQueryParamsStringToUrl2 = FrameworkUtils.appendQueryParamsStringToUrl(appendQueryParamsStringToUrl, str2);
            authenticationContext.setRetrying(false);
            httpServletResponse.sendRedirect(appendQueryParamsStringToUrl2);
        } catch (IOException e) {
            handleExceptions(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_HANDLING_ACCOUNT_LOCK_FAILURE_FED_USERS.getMessage(), FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_HANDLING_ACCOUNT_LOCK_FAILURE_FED_USERS.getCode(), e);
        }
    }

    private ReceiptInput buildConsentForResidentIDP(String str, String str2, String str3) {
        ReceiptInput receiptInput = new ReceiptInput();
        receiptInput.setJurisdiction("USA");
        receiptInput.setCollectionMethod(FrameworkConstants.Consent.COLLECTION_METHOD_JIT);
        receiptInput.setLanguage(FrameworkConstants.Consent.LANGUAGE_ENGLISH);
        receiptInput.setPiiPrincipalId(str);
        receiptInput.setPolicyUrl(str3);
        receiptInput.setServices(getReceiptServiceInputs(new JSONObject(str2)));
        if (log.isDebugEnabled()) {
            log.debug("Built consent from endpoint util : " + str2);
        }
        return receiptInput;
    }

    private List<ReceiptServiceInput> getReceiptServiceInputs(JSONObject jSONObject) {
        JSONArray jSONArray = jSONObject.getJSONArray(FrameworkConstants.Consent.SERVICES);
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < jSONArray.length(); i++) {
            JSONObject jSONObject2 = jSONArray.getJSONObject(i);
            ReceiptServiceInput receiptServiceInput = new ReceiptServiceInput();
            JSONArray jSONArray2 = jSONObject2.getJSONArray(FrameworkConstants.Consent.PURPOSES);
            ArrayList arrayList2 = new ArrayList();
            for (int i2 = 0; i2 < jSONArray2.length(); i2++) {
                arrayList2.add(getReceiptPurposeInputs((JSONObject) jSONArray2.get(i2)));
            }
            receiptServiceInput.setPurposes(arrayList2);
            arrayList.add(receiptServiceInput);
        }
        return arrayList;
    }

    private ReceiptPurposeInput getReceiptPurposeInputs(JSONObject jSONObject) {
        ReceiptPurposeInput receiptPurposeInput = new ReceiptPurposeInput();
        receiptPurposeInput.setConsentType(FrameworkConstants.Consent.EXPLICIT_CONSENT_TYPE);
        receiptPurposeInput.setPrimaryPurpose(true);
        receiptPurposeInput.setThirdPartyDisclosure(false);
        receiptPurposeInput.setPurposeId(Integer.valueOf(jSONObject.getInt("purposeId")));
        JSONArray jSONArray = jSONObject.getJSONArray("purposeCategoryId");
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < jSONArray.length(); i++) {
            arrayList.add(Integer.valueOf(jSONArray.getInt(i)));
        }
        receiptPurposeInput.setTermination(FrameworkConstants.Consent.INFINITE_TERMINATION);
        receiptPurposeInput.setPurposeCategoryId(arrayList);
        receiptPurposeInput.setTermination(FrameworkConstants.Consent.INFINITE_TERMINATION);
        ArrayList arrayList2 = new ArrayList();
        JSONArray jSONArray2 = (JSONArray) jSONObject.get(FrameworkConstants.Consent.PII_CATEGORY);
        for (int i2 = 0; i2 < jSONArray2.length(); i2++) {
            PIICategoryValidity pIICategoryValidity = new PIICategoryValidity(Integer.valueOf(((JSONObject) jSONArray2.get(i2)).getInt("piiCategoryId")), FrameworkConstants.Consent.INFINITE_TERMINATION);
            pIICategoryValidity.setConsented(true);
            arrayList2.add(pIICategoryValidity);
        }
        receiptPurposeInput.setPiiCategory(arrayList2);
        return receiptPurposeInput;
    }

    private String getLocalUserAssociatedForFederatedIdentifier(String str, String str2, String str3) throws PostAuthenticationFailedException {
        String str4 = null;
        try {
            str4 = FrameworkUtils.getFederatedAssociationManager().getUserForFederatedAssociation(str3, str, str2);
        } catch (FederatedAssociationManagerException | FrameworkException e) {
            handleExceptions(String.format(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_GETTING_USERNAME_ASSOCIATED_WITH_IDP.getMessage(), str), FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_GETTING_USERNAME_ASSOCIATED_WITH_IDP.getCode(), e);
        }
        return str4;
    }

    private void handleExceptions(String str, String str2, Exception exc) throws PostAuthenticationFailedException {
        throw new PostAuthenticationFailedException(str2, str, exc);
    }

    private void redirectToAccountCreateUI(ExternalIdPConfig externalIdPConfig, AuthenticationContext authenticationContext, Map<String, String> map, HttpServletResponse httpServletResponse, String str, HttpServletRequest httpServletRequest) throws PostAuthenticationFailedException {
        ServiceURLBuilder addPath;
        try {
            ServiceURLBuilder create = ServiceURLBuilder.create();
            if (externalIdPConfig.isModifyUserNameAllowed()) {
                authenticationContext.setProperty(FrameworkConstants.CHANGING_USERNAME_ALLOWED, true);
                addPath = create.addPath(new String[]{FrameworkUtils.getUserNameProvisioningUIUrl()});
                addPath.addParameter(FrameworkConstants.ALLOW_CHANGE_USER_NAME, String.valueOf(true));
                if (log.isDebugEnabled()) {
                    log.debug(externalIdPConfig.getName() + " allow to change the username, redirecting to registration endpoint to provision the user: " + str);
                }
            } else {
                addPath = create.addPath(new String[]{FrameworkUtils.getPasswordProvisioningUIUrl()});
                if (log.isDebugEnabled() && externalIdPConfig.isPasswordProvisioningEnabled()) {
                    log.debug(externalIdPConfig.getName() + " supports password provisioning, redirecting to sign up endpoint to provision the user : " + str);
                }
            }
            if (externalIdPConfig.isPasswordProvisioningEnabled()) {
                addPath.addParameter(FrameworkConstants.PASSWORD_PROVISION_ENABLED, String.valueOf(true));
            }
            if (!IdentityTenantUtil.isTenantQualifiedUrlsEnabled()) {
                addPath.addParameter("TenantDomain", authenticationContext.getTenantDomain());
            }
            addPath.addParameter(FrameworkConstants.SERVICE_PROVIDER, authenticationContext.getSequenceConfig().getApplicationConfig().getApplicationName());
            addPath.addParameter("username", str);
            addPath.addParameter(FrameworkConstants.SKIP_SIGN_UP_ENABLE_CHECK, String.valueOf(true));
            addPath.addParameter("sessionDataKey", authenticationContext.getContextIdentifier());
            addMissingClaims(addPath, authenticationContext);
            ServiceURLBuilder serviceURLBuilder = addPath;
            Objects.requireNonNull(serviceURLBuilder);
            map.forEach(serviceURLBuilder::addParameter);
            httpServletResponse.sendRedirect(addPath.build().getRelativePublicURL());
        } catch (IOException | URLBuilderException e) {
            handleExceptions(String.format(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_TRYING_CALL_SIGN_UP_ENDPOINT_FOR_PASSWORD_PROVISIONING.getMessage(), str, externalIdPConfig.getName()), FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_TRYING_CALL_SIGN_UP_ENDPOINT_FOR_PASSWORD_PROVISIONING.getCode(), e);
        }
    }

    private void addMissingClaims(ServiceURLBuilder serviceURLBuilder, AuthenticationContext authenticationContext) {
        String[] missingClaims = FrameworkUtils.getMissingClaims(authenticationContext);
        if (StringUtils.isNotEmpty(missingClaims[1])) {
            if (log.isDebugEnabled()) {
                log.debug("Mandatory claims for SP, " + missingClaims[1] + " is missing for the user : " + authenticationContext.getSequenceConfig().getAuthenticatedUser().getAuthenticatedSubjectIdentifier() + " from the IDP " + authenticationContext.getExternalIdP().getIdPName());
            }
            serviceURLBuilder.addParameter(FrameworkConstants.MISSING_CLAIMS, missingClaims[1]);
            serviceURLBuilder.addParameter(FrameworkConstants.MISSING_CLAIMS_DISPLAY_NAME, missingClaims[0]);
        }
    }

    private ExternalIdPConfig getExternalIdpConfig(String str, AuthenticationContext authenticationContext) throws PostAuthenticationFailedException {
        ExternalIdPConfig externalIdPConfig = null;
        try {
            externalIdPConfig = ConfigurationFacade.getInstance().getIdPConfigByName(str, authenticationContext.getTenantDomain());
        } catch (IdentityProviderManagementException e) {
            handleExceptions(String.format(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_GETTING_IDP_BY_NAME.getMessage(), str, authenticationContext.getTenantDomain()), FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_GETTING_IDP_BY_NAME.getCode(), e);
        }
        return externalIdPConfig;
    }

    private ClaimMapping[] getClaimsForTenant(String str, String str2) throws PostAuthenticationFailedException {
        UserRealm userRealm = null;
        try {
            userRealm = (UserRealm) FrameworkServiceComponent.getRealmService().getTenantUserRealm(IdentityTenantUtil.getTenantId(str));
        } catch (UserStoreException e) {
            handleExceptions(String.format(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_GETTING_REALM_IN_POST_AUTHENTICATION.getMessage(), str), FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_GETTING_REALM_IN_POST_AUTHENTICATION.getCode(), e);
        }
        ClaimMapping[] claimMappingArr = null;
        if (userRealm != null) {
            try {
                ClaimManager claimManager = userRealm.getClaimManager();
                if (claimManager != null) {
                    claimMappingArr = claimManager.getAllClaimMappings();
                }
            } catch (UserStoreException e2) {
                handleExceptions(String.format(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_TRYING_TO_GET_CLAIMS_WHILE_TRYING_TO_PASSWORD_PROVISION.getMessage(), str2), FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_TRYING_TO_GET_CLAIMS_WHILE_TRYING_TO_PASSWORD_PROVISION.getCode(), e2);
            }
        }
        if (log.isDebugEnabled() && !ArrayUtils.isEmpty(claimMappingArr)) {
            StringBuilder sb = new StringBuilder();
            for (ClaimMapping claimMapping : claimMappingArr) {
                sb.append(claimMapping.getClaim().getClaimUri()).append(" ");
            }
            log.debug("Claims in tenant " + str + " : " + sb.toString());
        }
        return claimMappingArr;
    }

    private void callDefaultProvisioningHandler(String str, AuthenticationContext authenticationContext, ExternalIdPConfig externalIdPConfig, Map<String, String> map, StepConfig stepConfig) throws PostAuthenticationFailedException {
        boolean useDefaultLocalIdpDialect = externalIdPConfig.useDefaultLocalIdpDialect();
        String claimDialectURI = stepConfig.getAuthenticatedAutenticator().getApplicationAuthenticator().getClaimDialectURI();
        String idpRoleClaimUri = FrameworkUtils.getIdpRoleClaimUri(externalIdPConfig);
        Map<String, String> claimMappings = FrameworkUtils.getClaimMappings(stepConfig.getAuthenticatedUser().getUserAttributes(), false);
        Map map2 = null;
        boolean z = false;
        if (useDefaultLocalIdpDialect && StringUtils.isNotBlank(claimDialectURI)) {
            try {
                map2 = ClaimMetadataHandler.getInstance().getMappingsMapFromOtherDialectToCarbon(claimDialectURI, claimMappings.keySet(), authenticationContext.getTenantDomain(), true);
            } catch (ClaimMetadataException e) {
                throw new PostAuthenticationFailedException(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_HANDLING_CLAIM_MAPPINGS.getCode(), FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_HANDLING_CLAIM_MAPPINGS.getMessage(), e);
            }
        }
        if (map2 != null) {
            idpRoleClaimUri = (String) map2.get(IdentityUtil.getLocalGroupsClaimURI());
        } else if (claimDialectURI == null && !useDefaultLocalIdpDialect) {
            idpRoleClaimUri = FrameworkUtils.getIdpRoleClaimUri(externalIdPConfig);
        }
        if (StringUtils.isNotEmpty(IdentityUtil.getProperty(FrameworkConstants.Config.SEND_ONLY_LOCALLY_MAPPED_ROLES_OF_IDP))) {
            z = Boolean.parseBoolean(IdentityUtil.getProperty(FrameworkConstants.Config.SEND_ONLY_LOCALLY_MAPPED_ROLES_OF_IDP));
        }
        List<String> identityProvideMappedUserRoles = FrameworkUtils.getIdentityProvideMappedUserRoles(externalIdPConfig, claimMappings, idpRoleClaimUri, Boolean.valueOf(z));
        map.put(FrameworkConstants.ASSOCIATED_ID, stepConfig.getAuthenticatedUser().getAuthenticatedSubjectIdentifier());
        map.put(FrameworkConstants.IDP_ID, stepConfig.getAuthenticatedIdP());
        if (authenticationContext.getProperty(FrameworkConstants.SECRET_KEY_CLAIM_URL) != null) {
            map.put(FrameworkConstants.SECRET_KEY_CLAIM_URL, authenticationContext.getProperty(FrameworkConstants.SECRET_KEY_CLAIM_URL).toString());
        }
        map.remove(FrameworkUtils.getLocalClaimUriMappedForIdPRoleClaim(externalIdPConfig));
        map.remove(FrameworkConstants.GROUPS_CLAIM);
        Map<String, String> runtimeClaims = authenticationContext.getRuntimeClaims();
        Map map3 = (Map) authenticationContext.getProperty(FrameworkConstants.UNFILTERED_IDP_CLAIM_VALUES);
        Iterator<Map.Entry<String, String>> it = runtimeClaims.entrySet().iterator();
        while (it.hasNext()) {
            String key = it.next().getKey();
            if (map2 == null || !map3.containsKey(map2.get(key))) {
                map.remove(key);
            } else {
                map.put(key, (String) map3.get(map2.get(key)));
            }
        }
        try {
            FrameworkUtils.getStepBasedSequenceHandler().callJitProvisioning(str, authenticationContext, identityProvideMappedUserRoles, map);
        } catch (FrameworkException e2) {
            handleExceptions(String.format(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_TRYING_TO_PROVISION_USER_WITHOUT_PASSWORD_PROVISIONING.getMessage(), str, externalIdPConfig.getName()), FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_TRYING_TO_PROVISION_USER_WITHOUT_PASSWORD_PROVISIONING.getCode(), e2);
        }
    }

    private void handleConsents(HttpServletRequest httpServletRequest, StepConfig stepConfig, String str) throws PostAuthenticationFailedException {
        String localUserAssociatedForFederatedIdentifier = getLocalUserAssociatedForFederatedIdentifier(stepConfig.getAuthenticatedIdP(), stepConfig.getAuthenticatedUser().getAuthenticatedSubjectIdentifier(), str);
        String parameter = httpServletRequest.getParameter("consent");
        String parameter2 = httpServletRequest.getParameter("policy");
        if (StringUtils.isNotEmpty(parameter)) {
            addConsent(buildConsentForResidentIDP(localUserAssociatedForFederatedIdentifier, parameter, parameter2), str);
        }
    }

    private void addConsent(ReceiptInput receiptInput, String str) throws PostAuthenticationFailedException {
        ConsentManager consentManager = FrameworkServiceDataHolder.getInstance().getConsentManager();
        if (receiptInput.getServices().size() == 0) {
            throw new PostAuthenticationFailedException(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_ADDING_CONSENT.getCode(), String.format(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_ADDING_CONSENT.getMessage(), str));
        }
        ReceiptServiceInput receiptServiceInput = (ReceiptServiceInput) receiptInput.getServices().get(0);
        receiptServiceInput.setTenantDomain(str);
        try {
            setIDPData(str, receiptServiceInput);
            receiptInput.setTenantDomain(str);
            consentManager.addConsent(receiptInput);
        } catch (ConsentManagementException e) {
            handleExceptions(String.format(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_ADDING_CONSENT.getMessage(), str), FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_ADDING_CONSENT.getCode(), e);
        }
    }

    private void setIDPData(String str, ReceiptServiceInput receiptServiceInput) throws PostAuthenticationFailedException {
        IdentityProvider identityProvider = null;
        try {
            identityProvider = IdentityProviderManager.getInstance().getResidentIdP(str);
        } catch (IdentityProviderManagementException e) {
            handleExceptions(String.format(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_SETTING_IDP_DATA.getMessage(), str), FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_SETTING_IDP_DATA.getCode(), e);
        }
        if (identityProvider == null) {
            throw new PostAuthenticationFailedException(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_SETTING_IDP_DATA_IDP_IS_NULL.getCode(), String.format(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_SETTING_IDP_DATA_IDP_IS_NULL.getMessage(), str));
        }
        if (StringUtils.isEmpty(receiptServiceInput.getService())) {
            if (log.isDebugEnabled()) {
                log.debug("No service name found. Hence adding resident IDP home realm ID");
            }
            receiptServiceInput.setService(identityProvider.getHomeRealmId());
        }
        if (StringUtils.isEmpty(receiptServiceInput.getTenantDomain())) {
            receiptServiceInput.setTenantDomain(str);
        }
        if (StringUtils.isEmpty(receiptServiceInput.getSpDescription())) {
            if (StringUtils.isNotEmpty(identityProvider.getIdentityProviderDescription())) {
                receiptServiceInput.setSpDescription(identityProvider.getIdentityProviderDescription());
            } else {
                receiptServiceInput.setSpDescription("Resident IDP");
            }
        }
        if (StringUtils.isEmpty(receiptServiceInput.getSpDisplayName())) {
            if (StringUtils.isNotEmpty(identityProvider.getDisplayName())) {
                receiptServiceInput.setSpDisplayName(identityProvider.getDisplayName());
            } else {
                receiptServiceInput.setSpDisplayName("Resident IDP");
            }
        }
    }

    private String getUserIdClaimUriInLocalDialect(ExternalIdPConfig externalIdPConfig) {
        String userIdClaimUri = externalIdPConfig.getUserIdClaimUri();
        if (StringUtils.isBlank(userIdClaimUri)) {
            return null;
        }
        if (externalIdPConfig.useDefaultLocalIdpDialect()) {
            return userIdClaimUri;
        }
        org.wso2.carbon.identity.application.common.model.ClaimMapping[] claimMappings = externalIdPConfig.getClaimMappings();
        if (ArrayUtils.isEmpty(claimMappings)) {
            return null;
        }
        for (org.wso2.carbon.identity.application.common.model.ClaimMapping claimMapping : claimMappings) {
            if (userIdClaimUri.equals(claimMapping.getRemoteClaim().getClaimUri())) {
                return claimMapping.getLocalClaim().getClaimUri();
            }
        }
        return null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v51, types: [java.util.Map] */
    private Map<String, String> getLocalClaimValuesOfIDPInNonAttributeSelectionStep(AuthenticationContext authenticationContext, StepConfig stepConfig, ExternalIdPConfig externalIdPConfig) throws PostAuthenticationFailedException {
        boolean useDefaultLocalIdpDialect = externalIdPConfig.useDefaultLocalIdpDialect();
        String claimDialectURI = stepConfig.getAuthenticatedAutenticator().getApplicationAuthenticator().getClaimDialectURI();
        Map<String, String> claimMappings = FrameworkUtils.getClaimMappings(stepConfig.getAuthenticatedUser().getUserAttributes(), false);
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        if (useDefaultLocalIdpDialect && StringUtils.isNotBlank(claimDialectURI)) {
            try {
                hashMap = ClaimMetadataHandler.getInstance().getMappingsMapFromOtherDialectToCarbon(claimDialectURI, claimMappings.keySet(), authenticationContext.getTenantDomain(), true);
            } catch (ClaimMetadataException e) {
                throw new PostAuthenticationFailedException(FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_HANDLING_CLAIM_MAPPINGS.getCode(), FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_HANDLING_CLAIM_MAPPINGS.getMessage(), e);
            }
        } else {
            for (org.wso2.carbon.identity.application.common.model.ClaimMapping claimMapping : authenticationContext.getExternalIdP().getClaimMappings()) {
                if (claimMappings.containsKey(claimMapping.getRemoteClaim().getClaimUri())) {
                    hashMap.put(claimMapping.getLocalClaim().getClaimUri(), claimMapping.getRemoteClaim().getClaimUri());
                }
            }
        }
        if (hashMap != null && hashMap.size() > 0) {
            for (Map.Entry entry : hashMap.entrySet()) {
                if (claimMappings.containsKey(entry.getValue()) && claimMappings.get(entry.getValue()) != null) {
                    hashMap2.put((String) entry.getKey(), claimMappings.get(entry.getValue()));
                }
            }
        }
        return hashMap2;
    }

    private UserRealm getUserRealm(String str) throws UserStoreException {
        return FrameworkServiceComponent.getRealmService().getTenantUserRealm(IdentityTenantUtil.getTenantId(str));
    }

    /* JADX WARN: Removed duplicated region for block: B:11:0x0059  */
    /* JADX WARN: Removed duplicated region for block: B:8:0x004a  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private org.wso2.carbon.user.core.UserStoreManager getUserStoreManager(java.lang.String r6, org.wso2.carbon.user.core.UserRealm r7, java.lang.String r8) throws org.wso2.carbon.user.api.UserStoreException {
        /*
            r5 = this;
            r0 = r5
            r1 = r6
            r2 = r7
            r3 = r8
            java.lang.String r0 = r0.getUserStoreDomain(r1, r2, r3)
            r9 = r0
            r0 = r9
            if (r0 == 0) goto L28
            r0 = r9
            boolean r0 = r0.isEmpty()     // Catch: org.wso2.carbon.user.core.UserStoreException -> L33
            if (r0 != 0) goto L28
            r0 = r7
            org.wso2.carbon.user.core.UserStoreManager r0 = r0.getUserStoreManager()     // Catch: org.wso2.carbon.user.core.UserStoreException -> L33
            r1 = r9
            org.wso2.carbon.user.core.UserStoreManager r0 = r0.getSecondaryUserStoreManager(r1)     // Catch: org.wso2.carbon.user.core.UserStoreException -> L33
            r10 = r0
            goto L30
        L28:
            r0 = r7
            org.wso2.carbon.user.core.UserStoreManager r0 = r0.getUserStoreManager()     // Catch: org.wso2.carbon.user.core.UserStoreException -> L33
            r10 = r0
        L30:
            goto L45
        L33:
            r11 = move-exception
            org.wso2.carbon.user.api.UserStoreException r0 = new org.wso2.carbon.user.api.UserStoreException
            r1 = r0
            org.wso2.carbon.identity.application.authentication.framework.util.FrameworkErrorConstants$ErrorMessages r2 = org.wso2.carbon.identity.application.authentication.framework.util.FrameworkErrorConstants.ErrorMessages.ERROR_WHILE_GETTING_USER_STORE_MANAGER
            java.lang.String r2 = r2.getMessage()
            r3 = r11
            r1.<init>(r2, r3)
            throw r0
        L45:
            r0 = r10
            if (r0 != 0) goto L59
            org.wso2.carbon.user.api.UserStoreException r0 = new org.wso2.carbon.user.api.UserStoreException
            r1 = r0
            org.wso2.carbon.identity.application.authentication.framework.util.FrameworkErrorConstants$ErrorMessages r2 = org.wso2.carbon.identity.application.authentication.framework.util.FrameworkErrorConstants.ErrorMessages.ERROR_INVALID_USER_STORE
            java.lang.String r2 = r2.getMessage()
            r3 = 0
            r1.<init>(r2, r3)
            throw r0
        L59:
            r0 = r10
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.JITProvisioningPostAuthenticationHandler.getUserStoreManager(java.lang.String, org.wso2.carbon.user.core.UserRealm, java.lang.String):org.wso2.carbon.user.core.UserStoreManager");
    }

    private String getUserStoreDomain(String str, UserRealm userRealm, String str2) throws UserStoreException {
        String extractDomainFromName = "As in username".equalsIgnoreCase(str) ? UserCoreUtil.extractDomainFromName(str2) : str;
        if (extractDomainFromName != null) {
            try {
                if (userRealm.getUserStoreManager().getSecondaryUserStoreManager(extractDomainFromName) == null) {
                    throw new UserStoreException(String.format(FrameworkErrorConstants.ErrorMessages.ERROR_INVALID_USER_STORE_DOMAIN.getMessage(), extractDomainFromName), (Throwable) null);
                }
            } catch (org.wso2.carbon.user.core.UserStoreException e) {
                throw new UserStoreException(e.getMessage(), e);
            }
        }
        return extractDomainFromName;
    }
}
