package org.wso2.carbon.identity.secret.mgt.core;

import java.util.List;
import org.apache.commons.codec.Charsets;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.core.util.CryptoException;
import org.wso2.carbon.core.util.CryptoUtil;
import org.wso2.carbon.identity.secret.mgt.core.constant.SecretConstants;
import org.wso2.carbon.identity.secret.mgt.core.dao.SecretDAO;
import org.wso2.carbon.identity.secret.mgt.core.exception.SecretManagementClientException;
import org.wso2.carbon.identity.secret.mgt.core.exception.SecretManagementException;
import org.wso2.carbon.identity.secret.mgt.core.exception.SecretManagementServerException;
import org.wso2.carbon.identity.secret.mgt.core.internal.SecretManagerComponentDataHolder;
import org.wso2.carbon.identity.secret.mgt.core.model.Secret;
import org.wso2.carbon.identity.secret.mgt.core.model.SecretType;
import org.wso2.carbon.identity.secret.mgt.core.model.Secrets;
import org.wso2.carbon.identity.secret.mgt.core.util.SecretUtils;

/* loaded from: input_file:org/wso2/carbon/identity/secret/mgt/core/SecretManagerImpl.class */
public class SecretManagerImpl implements SecretManager {
    private static final Log log = LogFactory.getLog(SecretManagerImpl.class);
    private final List<SecretDAO> secretDAOS = SecretManagerComponentDataHolder.getInstance().getSecretDAOS();

    @Override // org.wso2.carbon.identity.secret.mgt.core.SecretManager
    public Secret addSecret(String str, Secret secret) throws SecretManagementException {
        validateSecretManagerEnabled();
        validateSecretCreateRequest(str, secret);
        secret.setSecretId(SecretUtils.generateUniqueID());
        secret.setSecretType(str);
        secret.setSecretValue(getEncryptedSecret(secret.getSecretValue(), secret.getSecretName()));
        getSecretDAO().addSecret(secret);
        if (log.isDebugEnabled()) {
            log.debug("Secret: " + secret.getSecretName() + " added successfully");
        }
        return secret;
    }

    @Override // org.wso2.carbon.identity.secret.mgt.core.SecretManager
    public Secret getSecret(String str, String str2) throws SecretManagementException {
        validateSecretManagerEnabled();
        validateSecretRetrieveRequest(str, str2);
        Secret secretByName = getSecretDAO().getSecretByName(str2, getSecretType(str), getTenantId());
        if (secretByName == null) {
            if (log.isDebugEnabled()) {
                log.debug("No secret found for the secretName: " + str2);
            }
            throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_DOES_NOT_EXISTS, str2, null);
        }
        if (log.isDebugEnabled()) {
            log.debug("Secret: " + str2 + " is retrieved successfully.");
        }
        return secretByName;
    }

    @Override // org.wso2.carbon.identity.secret.mgt.core.SecretManager
    public Secrets getSecrets(String str) throws SecretManagementException {
        validateSecretManagerEnabled();
        validateSecretsRetrieveRequest(str);
        List secrets = getSecretDAO().getSecrets(getSecretType(str), getTenantId());
        if (secrets == null) {
            if (log.isDebugEnabled()) {
                log.debug("No secret found for the secretTypeName: " + str + "for the tenant: " + getTenantDomain());
            }
            throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRETS_DOES_NOT_EXISTS, null);
        }
        if (log.isDebugEnabled()) {
            log.debug("All secrets of tenant: " + getTenantDomain() + " are retrieved successfully.");
        }
        return new Secrets(secrets);
    }

    @Override // org.wso2.carbon.identity.secret.mgt.core.SecretManager
    public Secret getSecretById(String str) throws SecretManagementException {
        validateSecretManagerEnabled();
        if (StringUtils.isBlank(str)) {
            throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_INVALID_SECRET_ID, str);
        }
        Secret secretById = getSecretDAO().getSecretById(str, getTenantId());
        if (secretById == null) {
            if (log.isDebugEnabled()) {
                log.debug("No secret found for the secretId: " + str);
            }
            throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_ID_DOES_NOT_EXISTS, str);
        }
        if (log.isDebugEnabled()) {
            log.debug("Secret: " + secretById.getSecretName() + " is retrieved successfully.");
        }
        return secretById;
    }

    @Override // org.wso2.carbon.identity.secret.mgt.core.SecretManager
    public void deleteSecret(String str, String str2) throws SecretManagementException {
        validateSecretManagerEnabled();
        validateSecretDeleteRequest(str, str2);
        SecretType secretType = getSecretType(str);
        if (!isSecretExist(str, str2)) {
            throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_DOES_NOT_EXISTS, str2);
        }
        getSecretDAO().deleteSecretByName(str2, secretType.getId(), getTenantId());
        if (log.isDebugEnabled()) {
            log.debug("Secret: " + str2 + " is deleted successfully.");
        }
    }

    @Override // org.wso2.carbon.identity.secret.mgt.core.SecretManager
    public void deleteSecretById(String str) throws SecretManagementException {
        validateSecretManagerEnabled();
        if (StringUtils.isBlank(str)) {
            throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_INVALID_SECRET_ID, str);
        }
        if (!isSecretExistsById(str)) {
            throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_ID_DOES_NOT_EXISTS, str);
        }
        getSecretDAO().deleteSecretById(str, getTenantId());
        if (log.isDebugEnabled()) {
            log.debug("Secret id: " + str + " in tenant: " + getTenantDomain() + " deleted successfully.");
        }
    }

    @Override // org.wso2.carbon.identity.secret.mgt.core.SecretManager
    public Secret replaceSecret(String str, Secret secret) throws SecretManagementException {
        validateSecretManagerEnabled();
        validateSecretReplaceRequest(str, secret);
        secret.setSecretId(retrieveOrGenerateSecretId(str, secret.getSecretName()));
        secret.setSecretType(str);
        secret.setSecretValue(getEncryptedSecret(secret.getSecretValue(), secret.getSecretName()));
        getSecretDAO().replaceSecret(secret);
        if (log.isDebugEnabled()) {
            log.debug(secret.getSecretName() + " secret replaced successfully.");
        }
        return secret;
    }

    @Override // org.wso2.carbon.identity.secret.mgt.core.SecretManager
    public Secret updateSecretValue(String str, String str2, String str3) throws SecretManagementException {
        validateSecretManagerEnabled();
        Secret secret = getSecret(str, str2);
        try {
            Secret updateSecretValue = getSecretDAO().updateSecretValue(secret, encrypt(str3));
            if (log.isDebugEnabled()) {
                log.debug(secret.getSecretName() + " secret value updated successfully.");
            }
            return updateSecretValue;
        } catch (CryptoException e) {
            throw SecretUtils.handleServerException(SecretConstants.ErrorMessages.ERROR_CODE_UPDATE_SECRET, str3, e);
        }
    }

    @Override // org.wso2.carbon.identity.secret.mgt.core.SecretManager
    public Secret updateSecretDescription(String str, String str2, String str3) throws SecretManagementException {
        validateSecretManagerEnabled();
        Secret updateSecretDescription = getSecretDAO().updateSecretDescription(getSecret(str, str2), str3);
        if (log.isDebugEnabled()) {
            log.debug(str2 + "secret description updated successfully.");
        }
        return updateSecretDescription;
    }

    @Override // org.wso2.carbon.identity.secret.mgt.core.SecretManager
    public SecretType addSecretType(SecretType secretType) throws SecretManagementException {
        validateSecretTypeCreateRequest(secretType);
        secretType.setId(SecretUtils.generateUniqueID());
        getSecretDAO().addSecretType(secretType);
        if (log.isDebugEnabled()) {
            log.debug("Secret type: " + secretType.getName() + " successfully created with the id: " + secretType.getId());
        }
        return new SecretType(secretType.getName(), secretType.getId(), secretType.getDescription());
    }

    @Override // org.wso2.carbon.identity.secret.mgt.core.SecretManager
    public SecretType replaceSecretType(SecretType secretType) throws SecretManagementException {
        validateSecretTypeReplaceRequest(secretType);
        secretType.setId(retrieveOrGenerateSecretTypeId(secretType.getName()));
        getSecretDAO().replaceSecretType(secretType);
        if (log.isDebugEnabled()) {
            log.debug("Secret type: " + secretType.getName() + " successfully replaced with the id: " + secretType.getId());
        }
        return new SecretType(secretType.getName(), secretType.getId(), secretType.getDescription());
    }

    @Override // org.wso2.carbon.identity.secret.mgt.core.SecretManager
    public SecretType getSecretType(String str) throws SecretManagementException {
        validateSecretTypeRetrieveRequest(str);
        SecretType secretTypeByName = getSecretDAO().getSecretTypeByName(str);
        if (secretTypeByName == null || secretTypeByName.getId() == null) {
            if (log.isDebugEnabled()) {
                log.debug("Secret Type: " + str + " does not exist.");
            }
            throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_TYPE_DOES_NOT_EXISTS, str);
        }
        if (log.isDebugEnabled()) {
            log.debug("Secret type: " + secretTypeByName.getName() + " retrieved successfully.");
        }
        return secretTypeByName;
    }

    @Override // org.wso2.carbon.identity.secret.mgt.core.SecretManager
    public void deleteSecretType(String str) throws SecretManagementException {
        validateSecretTypeDeleteRequest(str);
        getSecretDAO().deleteSecretTypeByName(str);
        if (log.isDebugEnabled()) {
            log.debug("Secret type: " + str + " is successfully deleted.");
        }
    }

    private void validateSecretRetrieveRequest(String str, String str2) throws SecretManagementException {
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2)) {
            if (log.isDebugEnabled()) {
                log.debug("Invalid secret identifier with secretName: " + str2 + " and secretTypeName: " + str2 + ".");
            }
            throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_GET_REQUEST_INVALID, null);
        }
    }

    private void validateSecretsRetrieveRequest(String str) throws SecretManagementException {
        if (StringUtils.isEmpty(str)) {
            if (log.isDebugEnabled()) {
                log.debug("Invalid secret identifier with secretTypeName: " + str + ".");
            }
            throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_GET_REQUEST_INVALID, null);
        }
    }

    private void validateSecretDeleteRequest(String str, String str2) throws SecretManagementException {
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2)) {
            if (log.isDebugEnabled()) {
                log.debug("Error identifying the secret with secret name: " + str2 + " and secret type: " + str + ".");
            }
            throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_DELETE_REQUEST_REQUIRED, null);
        }
        if (isSecretExist(str, str2)) {
            return;
        }
        if (log.isDebugEnabled()) {
            log.debug("A secret with the name: " + str2 + " does not exists.");
        }
        throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_DOES_NOT_EXISTS, str2);
    }

    private void validateSecretCreateRequest(String str, Secret secret) throws SecretManagementException {
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(secret.getSecretName()) || StringUtils.isEmpty(secret.getSecretValue())) {
            throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_ADD_REQUEST_INVALID, null);
        }
        if (isSecretExist(str, secret.getSecretName())) {
            if (log.isDebugEnabled()) {
                log.debug("A secret with the name: " + secret.getSecretName() + " does exists.");
            }
            throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_ALREADY_EXISTS, secret.getSecretName());
        }
        if (StringUtils.isEmpty(secret.getTenantDomain())) {
            secret.setTenantDomain(getTenantDomain());
        }
    }

    private void validateSecretReplaceRequest(String str, Secret secret) throws SecretManagementException {
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(secret.getSecretName()) || StringUtils.isEmpty(secret.getSecretValue())) {
            throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_REPLACE_REQUEST_INVALID, null);
        }
        if (!isSecretExist(str, secret.getSecretName())) {
            if (log.isDebugEnabled()) {
                log.debug("A secret with the name: " + secret.getSecretName() + " does not exists.");
            }
            throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_DOES_NOT_EXISTS, secret.getSecretName());
        }
        if (StringUtils.isEmpty(secret.getTenantDomain())) {
            secret.setTenantDomain(getTenantDomain());
        }
    }

    private SecretDAO getSecretDAO() throws SecretManagementException {
        if (this.secretDAOS.isEmpty()) {
            throw SecretUtils.handleServerException(SecretConstants.ErrorMessages.ERROR_CODE_GET_DAO, "secretDAOs");
        }
        return this.secretDAOS.get(this.secretDAOS.size() - 1);
    }

    private void validateSecretManagerEnabled() throws SecretManagementServerException {
        if (!SecretManagerComponentDataHolder.getInstance().isSecretManagementEnabled()) {
            throw SecretUtils.handleServerException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_MANAGER_NOT_ENABLED, new String[0]);
        }
    }

    private int getTenantId() {
        return PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
    }

    private String getTenantDomain() {
        return PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
    }

    @Override // org.wso2.carbon.identity.secret.mgt.core.SecretManager
    public boolean isSecretExist(String str, String str2) throws SecretManagementException {
        try {
            getSecret(str, str2);
            return true;
        } catch (SecretManagementClientException e) {
            if (SecretConstants.ErrorMessages.ERROR_CODE_SECRET_DOES_NOT_EXISTS.getCode().equals(e.getErrorCode())) {
                return false;
            }
            throw e;
        }
    }

    private boolean isSecretExistsById(String str) throws SecretManagementException {
        if (!StringUtils.isBlank(str)) {
            return getSecretDAO().isExistingSecret(str, getTenantId());
        }
        if (log.isDebugEnabled()) {
            log.debug("A secret with the id: " + str + " does not exists.");
        }
        throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_INVALID_SECRET_ID, str);
    }

    private String retrieveOrGenerateSecretId(String str, String str2) throws SecretManagementException {
        String generateUniqueID;
        if (isSecretExist(str, str2)) {
            generateUniqueID = getSecret(str, str2).getSecretId();
        } else {
            generateUniqueID = SecretUtils.generateUniqueID();
            if (log.isDebugEnabled()) {
                log.debug("Secret id generated: " + generateUniqueID);
            }
        }
        return generateUniqueID;
    }

    private String getEncryptedSecret(String str, String str2) throws SecretManagementServerException {
        try {
            return encrypt(str);
        } catch (CryptoException e) {
            throw SecretUtils.handleServerException(SecretConstants.ErrorMessages.ERROR_CODE_ADD_SECRET, str2, e);
        }
    }

    private String encrypt(String str) throws CryptoException {
        return CryptoUtil.getDefaultCryptoUtil().encryptAndBase64Encode(str.getBytes(Charsets.UTF_8));
    }

    private void validateSecretTypeCreateRequest(SecretType secretType) throws SecretManagementException {
        if (StringUtils.isEmpty(secretType.getName())) {
            throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_TYPE_NAME_REQUIRED, null);
        }
        if (isSecretTypeExists(secretType.getName())) {
            if (log.isDebugEnabled()) {
                log.debug("A secret type with the name: " + secretType.getName() + " already exists.");
            }
            throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_TYPE_ALREADY_EXISTS, secretType.getName());
        }
    }

    private boolean isSecretTypeExists(String str) throws SecretManagementException {
        try {
            getSecretType(str);
            return true;
        } catch (SecretManagementClientException e) {
            if (isSecretTypeNotExistError(e)) {
                return false;
            }
            throw e;
        }
    }

    private boolean isSecretTypeNotExistError(SecretManagementClientException secretManagementClientException) {
        return SecretConstants.ErrorMessages.ERROR_CODE_SECRET_TYPE_DOES_NOT_EXISTS.getCode().equals(secretManagementClientException.getErrorCode());
    }

    private void validateSecretTypeRetrieveRequest(String str) throws SecretManagementException {
        if (StringUtils.isEmpty(str)) {
            if (log.isDebugEnabled()) {
                log.debug("Invalid secret type name: " + str + ".");
            }
            throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_TYPE_NAME_REQUIRED, null);
        }
    }

    private void validateSecretTypeDeleteRequest(String str) throws SecretManagementException {
        if (StringUtils.isEmpty(str)) {
            if (log.isDebugEnabled()) {
                log.debug("Invalid secret type name: " + str + ".");
            }
            throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_TYPE_NAME_REQUIRED, str, null);
        }
        if (isSecretTypeExists(str)) {
            return;
        }
        if (log.isDebugEnabled()) {
            log.debug("A secret type with the name: " + str + " does not exists.");
        }
        throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_TYPE_DOES_NOT_EXISTS, str);
    }

    private String retrieveOrGenerateSecretTypeId(String str) throws SecretManagementException {
        String generateUniqueID;
        if (isSecretTypeExists(str)) {
            generateUniqueID = getSecretType(str).getId();
        } else {
            generateUniqueID = SecretUtils.generateUniqueID();
            if (log.isDebugEnabled()) {
                log.debug("Secret type id generated: " + generateUniqueID);
            }
        }
        return generateUniqueID;
    }

    private void validateSecretTypeReplaceRequest(SecretType secretType) throws SecretManagementException {
        if (StringUtils.isEmpty(secretType.getName())) {
            throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_TYPE_NAME_REQUIRED, null);
        }
        if (isSecretTypeExists(secretType.getName())) {
            return;
        }
        if (log.isDebugEnabled()) {
            log.debug("A secret type with the name: " + secretType.getName() + " does not exists.");
        }
        throw SecretUtils.handleClientException(SecretConstants.ErrorMessages.ERROR_CODE_SECRET_TYPE_DOES_NOT_EXISTS, secretType.getName());
    }
}
