package org.wso2.carbon.identity.secret.mgt.core;

import com.google.gson.Gson;
import org.apache.commons.lang.StringUtils;
import org.wso2.carbon.identity.application.common.model.FederatedAuthenticatorConfig;
import org.wso2.carbon.identity.application.common.model.IdentityProvider;
import org.wso2.carbon.identity.application.common.model.Property;
import org.wso2.carbon.identity.secret.mgt.core.constant.SecretConstants;
import org.wso2.carbon.identity.secret.mgt.core.exception.SecretManagementException;
import org.wso2.carbon.identity.secret.mgt.core.model.Secret;

/* loaded from: input_file:org/wso2/carbon/identity/secret/mgt/core/IdPSecretsProcessor.class */
public class IdPSecretsProcessor implements SecretsProcessor<IdentityProvider> {
    private final SecretManager secretManager = new SecretManagerImpl();
    private final SecretResolveManager secretResolveManager = new SecretResolveManagerImpl();
    private final Gson gson = new Gson();

    @Override // org.wso2.carbon.identity.secret.mgt.core.SecretsProcessor
    public IdentityProvider decryptAssociatedSecrets(IdentityProvider identityProvider) throws SecretManagementException {
        IdentityProvider identityProvider2 = (IdentityProvider) this.gson.fromJson(this.gson.toJson(identityProvider), IdentityProvider.class);
        for (FederatedAuthenticatorConfig federatedAuthenticatorConfig : identityProvider2.getFederatedAuthenticatorConfigs()) {
            for (Property property : federatedAuthenticatorConfig.getProperties()) {
                if (property.isConfidential()) {
                    String buildSecretName = buildSecretName(identityProvider2.getId(), federatedAuthenticatorConfig.getName(), property.getName());
                    if (this.secretManager.isSecretExist(SecretConstants.IDN_SECRET_TYPE_IDP_SECRETS, buildSecretName)) {
                        property.setValue(this.secretResolveManager.getResolvedSecret(SecretConstants.IDN_SECRET_TYPE_IDP_SECRETS, buildSecretName).getResolvedSecretValue());
                    }
                }
            }
        }
        return identityProvider2;
    }

    @Override // org.wso2.carbon.identity.secret.mgt.core.SecretsProcessor
    public IdentityProvider encryptAssociatedSecrets(IdentityProvider identityProvider) throws SecretManagementException {
        IdentityProvider identityProvider2 = (IdentityProvider) this.gson.fromJson(this.gson.toJson(identityProvider), IdentityProvider.class);
        for (FederatedAuthenticatorConfig federatedAuthenticatorConfig : identityProvider2.getFederatedAuthenticatorConfigs()) {
            for (Property property : federatedAuthenticatorConfig.getProperties()) {
                if (property.isConfidential()) {
                    String buildSecretName = buildSecretName(identityProvider2.getId(), federatedAuthenticatorConfig.getName(), property.getName());
                    if (this.secretManager.isSecretExist(SecretConstants.IDN_SECRET_TYPE_IDP_SECRETS, buildSecretName)) {
                        updateExistingSecretProperty(buildSecretName, property);
                        property.setValue(buildSecretReference(buildSecretName));
                    } else if (!StringUtils.isEmpty(property.getValue())) {
                        addNewIdpSecretProperty(buildSecretName, property);
                        property.setValue(buildSecretReference(buildSecretName));
                    }
                }
            }
        }
        return identityProvider2;
    }

    @Override // org.wso2.carbon.identity.secret.mgt.core.SecretsProcessor
    public void deleteAssociatedSecrets(IdentityProvider identityProvider) throws SecretManagementException {
        for (FederatedAuthenticatorConfig federatedAuthenticatorConfig : identityProvider.getFederatedAuthenticatorConfigs()) {
            for (Property property : federatedAuthenticatorConfig.getProperties()) {
                if (property.isConfidential()) {
                    String buildSecretName = buildSecretName(identityProvider.getId(), federatedAuthenticatorConfig.getName(), property.getName());
                    if (this.secretManager.isSecretExist(SecretConstants.IDN_SECRET_TYPE_IDP_SECRETS, buildSecretName)) {
                        this.secretManager.deleteSecret(SecretConstants.IDN_SECRET_TYPE_IDP_SECRETS, buildSecretName);
                    }
                }
            }
        }
    }

    private String buildSecretName(String str, String str2, String str3) {
        return str + ":" + str2 + ":" + str3;
    }

    private String buildSecretReference(String str) throws SecretManagementException {
        return this.secretManager.getSecretType(SecretConstants.IDN_SECRET_TYPE_IDP_SECRETS).getId() + ":" + str;
    }

    private void addNewIdpSecretProperty(String str, Property property) throws SecretManagementException {
        Secret secret = new Secret();
        secret.setSecretName(str);
        secret.setSecretValue(property.getValue());
        this.secretManager.addSecret(SecretConstants.IDN_SECRET_TYPE_IDP_SECRETS, secret);
    }

    private void updateExistingSecretProperty(String str, Property property) throws SecretManagementException {
        if (this.secretResolveManager.getResolvedSecret(SecretConstants.IDN_SECRET_TYPE_IDP_SECRETS, str).getResolvedSecretValue().equals(property.getValue())) {
            return;
        }
        this.secretManager.updateSecretValue(SecretConstants.IDN_SECRET_TYPE_IDP_SECRETS, str, property.getValue());
    }
}
