package org.wso2.carbon.identity.application.authentication.framework.inbound;

import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import java.util.UUID;
import java.util.concurrent.TimeUnit;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationRequestCacheEntry;
import org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationResultCacheEntry;
import org.wso2.carbon.identity.application.authentication.framework.exception.FrameworkException;
import org.wso2.carbon.identity.application.authentication.framework.inbound.FrameworkLoginResponse;
import org.wso2.carbon.identity.application.authentication.framework.inbound.FrameworkLogoutResponse;
import org.wso2.carbon.identity.application.authentication.framework.inbound.IdentityResponse;
import org.wso2.carbon.identity.application.authentication.framework.inbound.InboundConstants;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationRequest;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationResult;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils;
import org.wso2.carbon.identity.core.ServiceURLBuilder;
import org.wso2.carbon.identity.core.URLBuilderException;
import org.wso2.carbon.identity.core.handler.AbstractIdentityHandler;
import org.wso2.carbon.identity.core.handler.InitConfig;
import org.wso2.carbon.identity.core.model.IdentityEventListenerConfig;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.core.util.IdentityUtil;

/* loaded from: input_file:org/wso2/carbon/identity/application/authentication/framework/inbound/IdentityProcessor.class */
public abstract class IdentityProcessor extends AbstractIdentityHandler {
    private static Log log = LogFactory.getLog(IdentityProcessor.class);
    protected final Properties properties = new Properties();
    protected InitConfig initConfig;

    public void init(InitConfig initConfig) {
        if (initConfig != null) {
            this.initConfig = initConfig;
        }
        IdentityEventListenerConfig readEventListenerProperty = IdentityUtil.readEventListenerProperty(IdentityProcessor.class.getName(), getClass().getName());
        if (readEventListenerProperty == null || readEventListenerProperty.getProperties() == null) {
            return;
        }
        for (Map.Entry entry : readEventListenerProperty.getProperties().entrySet()) {
            String str = (String) entry.getKey();
            String str2 = (String) entry.getValue();
            if (this.properties.containsKey(str)) {
                log.warn("Property key " + str + " already exists. Cannot add property!!");
            } else {
                this.properties.setProperty(str, str2);
            }
        }
    }

    public abstract IdentityResponse.IdentityResponseBuilder process(IdentityRequest identityRequest) throws FrameworkException;

    public abstract String getCallbackPath(IdentityMessageContext identityMessageContext);

    protected String getTenantQualifiedCallbackPath(IdentityMessageContext identityMessageContext) {
        String callbackPath = getCallbackPath(identityMessageContext);
        try {
            if (!isAbsoluteURI(callbackPath) && !isTenantQualifiedURI(callbackPath)) {
                if (IdentityTenantUtil.isTenantQualifiedUrlsEnabled()) {
                    callbackPath = ServiceURLBuilder.create().addPath(new String[]{getCallbackPath(identityMessageContext)}).build().getAbsolutePublicURL();
                } else {
                    String absolutePublicURL = ServiceURLBuilder.create().build().getAbsolutePublicURL();
                    String tenantDomainFromContext = getTenantDomainFromContext();
                    callbackPath = !isSuperTenantFlow(tenantDomainFromContext) ? absolutePublicURL + FrameworkConstants.TENANT_CONTEXT_PREFIX + tenantDomainFromContext + FrameworkUtils.ROOT_DOMAIN + callbackPath : absolutePublicURL + FrameworkUtils.ROOT_DOMAIN + callbackPath;
                }
            }
            return callbackPath;
        } catch (URISyntaxException | URLBuilderException e) {
            throw new RuntimeException("Error while building tenant qualified Callback Path.", e);
        }
    }

    private boolean isAbsoluteURI(String str) throws URISyntaxException {
        return new URI(str).isAbsolute();
    }

    private boolean isTenantQualifiedURI(String str) {
        return str.startsWith(FrameworkConstants.TENANT_CONTEXT_PREFIX) || str.startsWith("t/");
    }

    private String getTenantDomainFromContext() {
        String tenantDomainFromContext = IdentityTenantUtil.getTenantDomainFromContext();
        if (StringUtils.isBlank(tenantDomainFromContext)) {
            tenantDomainFromContext = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
        }
        return tenantDomainFromContext;
    }

    private boolean isSuperTenantFlow(String str) {
        return "carbon.super".equals(str);
    }

    @Deprecated
    public abstract String getRelyingPartyId();

    public abstract String getRelyingPartyId(IdentityMessageContext identityMessageContext);

    public String getType(IdentityMessageContext identityMessageContext) {
        return getName();
    }

    public abstract boolean canHandle(IdentityRequest identityRequest);

    protected FrameworkLoginResponse.FrameworkLoginResponseBuilder buildResponseForFrameworkLogin(IdentityMessageContext identityMessageContext) {
        IdentityRequest request = identityMessageContext.getRequest();
        Map<String, String[]> parameterMap = request.getParameterMap();
        AuthenticationRequest authenticationRequest = new AuthenticationRequest();
        authenticationRequest.appendRequestQueryParams(parameterMap);
        for (Map.Entry entry : new HashMap(request.getHeaderMap()).entrySet()) {
            authenticationRequest.addHeader((String) entry.getKey(), (String) entry.getValue());
        }
        authenticationRequest.setTenantDomain(request.getTenantDomain());
        authenticationRequest.setRelyingParty(getRelyingPartyId(identityMessageContext));
        authenticationRequest.setType(getType(identityMessageContext));
        authenticationRequest.setPassiveAuth(Boolean.parseBoolean(String.valueOf(identityMessageContext.getParameter("passiveAuth"))));
        authenticationRequest.setForceAuth(Boolean.parseBoolean(String.valueOf(identityMessageContext.getParameter("forceAuth"))));
        try {
            authenticationRequest.setCommonAuthCallerPath(URLEncoder.encode(getTenantQualifiedCallbackPath(identityMessageContext), StandardCharsets.UTF_8.name()));
            AuthenticationRequestCacheEntry authenticationRequestCacheEntry = new AuthenticationRequestCacheEntry(authenticationRequest);
            String uuid = UUID.randomUUID().toString();
            authenticationRequestCacheEntry.setValidityPeriod(TimeUnit.MINUTES.toNanos(IdentityUtil.getOperationCleanUpTimeout()));
            FrameworkUtils.addAuthenticationRequestToCache(uuid, authenticationRequestCacheEntry);
            InboundUtil.addContextToCache(uuid, identityMessageContext);
            FrameworkLoginResponse.FrameworkLoginResponseBuilder frameworkLoginResponseBuilder = new FrameworkLoginResponse.FrameworkLoginResponseBuilder(identityMessageContext);
            frameworkLoginResponseBuilder.setAuthName(getType(identityMessageContext));
            frameworkLoginResponseBuilder.setContextKey(uuid);
            frameworkLoginResponseBuilder.setCallbackPath(getTenantQualifiedCallbackPath(identityMessageContext));
            frameworkLoginResponseBuilder.setRelyingParty(getRelyingPartyId(identityMessageContext));
            frameworkLoginResponseBuilder.setAuthType(getType(identityMessageContext));
            frameworkLoginResponseBuilder.setRedirectURL(IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, true, true));
            return frameworkLoginResponseBuilder;
        } catch (UnsupportedEncodingException e) {
            throw FrameworkRuntimeException.error("Error occurred while URL encoding callback path " + getTenantQualifiedCallbackPath(identityMessageContext), e);
        }
    }

    protected FrameworkLogoutResponse.FrameworkLogoutResponseBuilder buildResponseForFrameworkLogout(IdentityMessageContext identityMessageContext) {
        IdentityRequest request = identityMessageContext.getRequest();
        Map<String, String[]> parameterMap = request.getParameterMap();
        AuthenticationRequest authenticationRequest = new AuthenticationRequest();
        authenticationRequest.appendRequestQueryParams(parameterMap);
        for (Map.Entry entry : new HashMap(request.getHeaderMap()).entrySet()) {
            authenticationRequest.addHeader((String) entry.getKey(), (String) entry.getValue());
        }
        authenticationRequest.setTenantDomain(request.getTenantDomain());
        authenticationRequest.setRelyingParty(getRelyingPartyId(identityMessageContext));
        authenticationRequest.setType(getType(identityMessageContext));
        try {
            authenticationRequest.setCommonAuthCallerPath(URLEncoder.encode(getTenantQualifiedCallbackPath(identityMessageContext), StandardCharsets.UTF_8.name()));
            authenticationRequest.addRequestQueryParam("commonAuthLogout", new String[]{"true"});
            AuthenticationRequestCacheEntry authenticationRequestCacheEntry = new AuthenticationRequestCacheEntry(authenticationRequest);
            String uuid = UUID.randomUUID().toString();
            authenticationRequestCacheEntry.setValidityPeriod(TimeUnit.MINUTES.toNanos(IdentityUtil.getOperationCleanUpTimeout()));
            FrameworkUtils.addAuthenticationRequestToCache(uuid, authenticationRequestCacheEntry);
            InboundUtil.addContextToCache(uuid, identityMessageContext);
            FrameworkLogoutResponse.FrameworkLogoutResponseBuilder frameworkLogoutResponseBuilder = new FrameworkLogoutResponse.FrameworkLogoutResponseBuilder(identityMessageContext);
            frameworkLogoutResponseBuilder.setAuthName(getType(identityMessageContext));
            frameworkLogoutResponseBuilder.setContextKey(uuid);
            frameworkLogoutResponseBuilder.setCallbackPath(getTenantQualifiedCallbackPath(identityMessageContext));
            frameworkLogoutResponseBuilder.setRelyingParty(getRelyingPartyId(identityMessageContext));
            frameworkLogoutResponseBuilder.setAuthType(getType(identityMessageContext));
            frameworkLogoutResponseBuilder.setRedirectURL(IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, true, true));
            return frameworkLogoutResponseBuilder;
        } catch (UnsupportedEncodingException e) {
            throw FrameworkRuntimeException.error("Error occurred while URL encoding callback path " + getTenantQualifiedCallbackPath(identityMessageContext), e);
        }
    }

    protected boolean isContextAvailable(IdentityRequest identityRequest) {
        String parameter = identityRequest.getParameter("sessionDataKey");
        if (StringUtils.isBlank(parameter)) {
            parameter = identityRequest.getParameter(InboundConstants.RequestProcessor.CONTEXT_KEY_CONSENT);
        }
        return StringUtils.isNotBlank(parameter) && InboundUtil.getContextFromCache(parameter) != null;
    }

    protected IdentityMessageContext getContextIfAvailable(IdentityRequest identityRequest) {
        String parameter = identityRequest.getParameter("sessionDataKey");
        if (StringUtils.isBlank(parameter)) {
            parameter = identityRequest.getParameter(InboundConstants.RequestProcessor.CONTEXT_KEY_CONSENT);
        }
        IdentityMessageContext identityMessageContext = null;
        if (StringUtils.isNotBlank(parameter)) {
            identityMessageContext = InboundUtil.getContextFromCache(parameter);
        }
        return identityMessageContext;
    }

    protected AuthenticationResult processResponseFromFrameworkLogin(IdentityMessageContext identityMessageContext, IdentityRequest identityRequest) {
        String parameter = identityRequest.getParameter("sessionDataKey");
        AuthenticationResultCacheEntry authenticationResultFromCache = FrameworkUtils.getAuthenticationResultFromCache(parameter);
        if (authenticationResultFromCache == null) {
            throw FrameworkRuntimeException.error("Cannot find AuthenticationResult from the cache");
        }
        AuthenticationResult result = authenticationResultFromCache.getResult();
        FrameworkUtils.removeAuthenticationResultFromCache(parameter);
        if (result.isAuthenticated()) {
            identityMessageContext.addParameter(InboundConstants.RequestProcessor.AUTHENTICATION_RESULT, result);
        }
        return result;
    }
}
