package org.wso2.carbon.identity.provisioning.listener;

import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
import org.wso2.carbon.identity.application.common.model.ClaimMapping;
import org.wso2.carbon.identity.application.common.model.ProvisioningServiceProviderType;
import org.wso2.carbon.identity.application.common.model.ThreadLocalProvisioningServiceProvider;
import org.wso2.carbon.identity.application.common.util.IdentityApplicationManagementUtil;
import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
import org.wso2.carbon.identity.core.AbstractIdentityUserMgtFailureEventListener;
import org.wso2.carbon.identity.core.model.IdentityEventListenerConfig;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.provisioning.IdentityProvisioningConstants;
import org.wso2.carbon.identity.provisioning.IdentityProvisioningException;
import org.wso2.carbon.identity.provisioning.OutboundProvisioningManager;
import org.wso2.carbon.identity.provisioning.ProvisioningEntity;
import org.wso2.carbon.identity.provisioning.ProvisioningEntityType;
import org.wso2.carbon.identity.provisioning.ProvisioningOperation;
import org.wso2.carbon.identity.provisioning.internal.ProvisioningServiceDataHolder;
import org.wso2.carbon.user.api.Permission;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.carbon.user.core.UserStoreManager;
import org.wso2.carbon.user.core.constants.UserCoreErrorConstants;
import org.wso2.carbon.user.core.listener.UserManagementErrorEventListener;
import org.wso2.carbon.user.core.util.UserCoreUtil;

/* loaded from: input_file:org/wso2/carbon/identity/provisioning/listener/ProvisioningErrorListener.class */
public class ProvisioningErrorListener extends AbstractIdentityUserMgtFailureEventListener {
    private static final Log log = LogFactory.getLog(ProvisioningErrorListener.class);

    public boolean onAddUserFailureWithID(String str, String str2, String str3, Object obj, String[] strArr, Map<String, String> map, String str4, UserStoreManager userStoreManager) throws UserStoreException {
        if (str.equalsIgnoreCase(UserCoreErrorConstants.ErrorMessages.ERROR_CODE_ERROR_DURING_POST_ADD_USER.getCode())) {
            return true;
        }
        return deleteOutboundProvisionedUser(str3, userStoreManager);
    }

    public boolean onAddRoleFailure(String str, String str2, String str3, String[] strArr, Permission[] permissionArr, UserStoreManager userStoreManager) throws UserStoreException {
        if (str.equalsIgnoreCase(UserCoreErrorConstants.ErrorMessages.ERROR_CODE_ERROR_DURING_POST_ADD_ROLE.getCode())) {
            return true;
        }
        return deleteOutboundProvisionedRole(str3, permissionArr, userStoreManager);
    }

    public boolean onSetUserClaimValuesFailure(String str, String str2, String str3, Map<String, String> map, String str4, UserStoreManager userStoreManager) throws UserStoreException {
        if (str.equalsIgnoreCase(UserCoreErrorConstants.ErrorMessages.ERROR_CODE_ERROR_DURING_POST_SET_USER_CLAIM_VALUES.getCode()) || map.isEmpty()) {
            return true;
        }
        Set<String> keySet = map.keySet();
        return setOutboundProvisionedUserClaimValues(str3, userStoreManager.getUserClaimValues(str3, (String[]) keySet.toArray(new String[keySet.size()]), "default"), userStoreManager);
    }

    public boolean onDeleteRoleFailure(String str, String str2, String str3, UserStoreManager userStoreManager) throws UserStoreException {
        if (str.equalsIgnoreCase(UserCoreErrorConstants.ErrorMessages.ERROR_CODE_ERROR_DURING_POST_DELETE_ROLE.getCode())) {
            return true;
        }
        Permission[] permissionArr = null;
        String[] userListOfRole = userStoreManager.getUserListOfRole(str3);
        try {
            String[] rolePermissions = ProvisioningServiceDataHolder.getInstance().getRolePermissionManagementService().getRolePermissions(str3, IdentityTenantUtil.getTenantId(CarbonContext.getThreadLocalCarbonContext().getTenantDomain()));
            if (rolePermissions.length > 0) {
                permissionArr = new Permission[rolePermissions.length];
                for (int i = 0; i < rolePermissions.length; i++) {
                    permissionArr[i] = new Permission(rolePermissions[i], "ui.execute");
                }
            }
        } catch (Exception e) {
            if (log.isDebugEnabled()) {
                log.debug("Error while getting the permissions for a role.", e);
            }
        }
        if (permissionArr == null) {
            Permission[] permissionArr2 = new Permission[0];
        }
        return addOutboundProvisioningRole(str3, userListOfRole, userStoreManager);
    }

    private boolean addOutboundProvisioningRole(String str, String[] strArr, UserStoreManager userStoreManager) throws UserStoreException {
        HashMap hashMap = new HashMap();
        if (StringUtils.isNotEmpty(str)) {
            hashMap.put(ClaimMapping.build(IdentityProvisioningConstants.GROUP_CLAIM_URI, (String) null, (String) null, false), Arrays.asList(str));
        }
        if (strArr != null && strArr.length > 0) {
            hashMap.put(ClaimMapping.build(IdentityProvisioningConstants.USERNAME_CLAIM_URI, (String) null, (String) null, false), Arrays.asList(strArr));
        }
        String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration());
        if (log.isDebugEnabled()) {
            log.debug("Adding domain name : " + domainName + " to role : " + str);
        }
        return outboundProvisionEntity(new ProvisioningEntity(ProvisioningEntityType.GROUP, UserCoreUtil.addDomainToName(str, domainName), ProvisioningOperation.POST, hashMap));
    }

    private boolean setOutboundProvisionedUserClaimValues(String str, Map<String, String> map, UserStoreManager userStoreManager) throws IdentityProvisioningException {
        HashMap hashMap = new HashMap();
        if (StringUtils.isNotEmpty(str)) {
            hashMap.put(ClaimMapping.build(IdentityProvisioningConstants.USERNAME_CLAIM_URI, (String) null, (String) null, false), Arrays.asList(str));
        }
        String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration());
        if (log.isDebugEnabled()) {
            log.debug("Adding domain name : " + domainName + " to user : " + str);
        }
        ProvisioningEntity provisioningEntity = new ProvisioningEntity(ProvisioningEntityType.USER, UserCoreUtil.addDomainToName(str, domainName), ProvisioningOperation.PUT, hashMap);
        provisioningEntity.setInboundAttributes(map);
        return outboundProvisionEntity(provisioningEntity);
    }

    private boolean deleteOutboundProvisionedRole(String str, Permission[] permissionArr, UserStoreManager userStoreManager) throws UserStoreException {
        HashMap hashMap = new HashMap();
        if (StringUtils.isNotEmpty(str)) {
            hashMap.put(ClaimMapping.build(IdentityProvisioningConstants.GROUP_CLAIM_URI, (String) null, (String) null, false), Arrays.asList(str));
        }
        String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration());
        if (log.isDebugEnabled()) {
            log.debug("Adding domain name : " + domainName + " to user : " + str);
        }
        return outboundProvisionEntity(new ProvisioningEntity(ProvisioningEntityType.GROUP, UserCoreUtil.addDomainToName(str, domainName), ProvisioningOperation.DELETE, hashMap));
    }

    private boolean deleteOutboundProvisionedUser(String str, UserStoreManager userStoreManager) throws UserStoreException {
        HashMap hashMap = new HashMap();
        hashMap.put(ClaimMapping.build(IdentityProvisioningConstants.USERNAME_CLAIM_URI, (String) null, (String) null, false), Arrays.asList(str));
        String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration());
        if (log.isDebugEnabled()) {
            log.debug("Adding domain name : " + domainName + " to user : " + str);
        }
        return outboundProvisionEntity(new ProvisioningEntity(ProvisioningEntityType.USER, UserCoreUtil.addDomainToName(str, domainName), ProvisioningOperation.DELETE, hashMap));
    }

    public int getExecutionOrderId() {
        IdentityEventListenerConfig readEventListenerProperty = IdentityUtil.readEventListenerProperty(UserManagementErrorEventListener.class.getName(), getClass().getName());
        if (readEventListenerProperty == null) {
            return -1;
        }
        return readEventListenerProperty.getOrder();
    }

    private boolean outboundProvisionEntity(ProvisioningEntity provisioningEntity) throws IdentityProvisioningException {
        String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
        ThreadLocalProvisioningServiceProvider threadLocalProvisioningServiceProvider = IdentityApplicationManagementUtil.getThreadLocalProvisioningServiceProvider();
        if (threadLocalProvisioningServiceProvider == null) {
            OutboundProvisioningManager.getInstance().provision(provisioningEntity, IdentityProvisioningConstants.LOCAL_SP, "http://wso2.org/claims", tenantDomain, false);
            return true;
        }
        String serviceProviderName = threadLocalProvisioningServiceProvider.getServiceProviderName();
        String tenantDomain2 = threadLocalProvisioningServiceProvider.getTenantDomain();
        if (threadLocalProvisioningServiceProvider.getServiceProviderType() == ProvisioningServiceProviderType.OAUTH) {
            try {
                serviceProviderName = ApplicationManagementService.getInstance().getServiceProviderNameByClientId(threadLocalProvisioningServiceProvider.getServiceProviderName(), "oauth2", tenantDomain2);
            } catch (IdentityApplicationManagementException e) {
                log.error("Error while provisioning", e);
                return true;
            }
        }
        OutboundProvisioningManager.getInstance().provision(provisioningEntity, serviceProviderName, threadLocalProvisioningServiceProvider.getClaimDialect(), tenantDomain2, threadLocalProvisioningServiceProvider.isJustInTimeProvisioning());
        return true;
    }
}
