package org.wso2.carbon.identity.user.registration;

import java.io.IOException;
import java.io.StringReader;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.context.RegistryType;
import org.wso2.carbon.identity.base.IdentityConstants;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.core.IdentityClaimManager;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.user.registration.dto.PasswordRegExDTO;
import org.wso2.carbon.identity.user.registration.dto.TenantRegistrationConfig;
import org.wso2.carbon.identity.user.registration.dto.UserDTO;
import org.wso2.carbon.identity.user.registration.dto.UserFieldDTO;
import org.wso2.carbon.registry.core.Registry;
import org.wso2.carbon.registry.core.Resource;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.Permission;
import org.wso2.carbon.user.core.UserCoreConstants;
import org.wso2.carbon.user.core.UserRealm;
import org.wso2.carbon.user.core.UserStoreManager;
import org.wso2.carbon.user.core.claim.Claim;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;

/* loaded from: input_file:org/wso2/carbon/identity/user/registration/UserRegistrationService.class */
public class UserRegistrationService {
    private static final Log log = LogFactory.getLog(UserRegistrationService.class);

    public PasswordRegExDTO[] getPasswordRegularExpressions() throws IdentityException {
        UserRealm realm = IdentityTenantUtil.getRealm((String) null, (String) null);
        ArrayList arrayList = new ArrayList();
        try {
            for (UserStoreManager userStoreManager = realm.getUserStoreManager(); userStoreManager != null; userStoreManager = userStoreManager.getSecondaryUserStoreManager()) {
                String userStoreProperty = userStoreManager.getRealmConfiguration().getUserStoreProperty("DomainName");
                String userStoreProperty2 = userStoreManager.getRealmConfiguration().getUserStoreProperty("PasswordJavaScriptRegEx");
                if (userStoreProperty2 != null && userStoreProperty2.length() > 0) {
                    PasswordRegExDTO passwordRegExDTO = new PasswordRegExDTO();
                    passwordRegExDTO.setDomainName(userStoreProperty);
                    passwordRegExDTO.setRegEx(userStoreProperty2);
                    arrayList.add(passwordRegExDTO);
                }
            }
            return (PasswordRegExDTO[]) arrayList.toArray(new PasswordRegExDTO[arrayList.size()]);
        } catch (UserStoreException e) {
            log.error(e);
            throw IdentityException.error("Error occured while loading password validation regular expressions.");
        }
    }

    public UserFieldDTO[] readUserFieldsForUserRegistration(String str) throws IdentityException {
        Claim[] allSupportedClaims = IdentityClaimManager.getInstance().getAllSupportedClaims(str, IdentityTenantUtil.getRealm((String) null, (String) null));
        if (allSupportedClaims == null || allSupportedClaims.length == 0) {
            return new UserFieldDTO[0];
        }
        ArrayList arrayList = new ArrayList();
        for (Claim claim : allSupportedClaims) {
            if (claim.getDisplayTag() != null && !IdentityConstants.PPID_DISPLAY_VALUE.equals(claim.getDisplayTag()) && !"http://wso2.org/claims/identity/accountLock".equals(claim.getClaimUri()) && !claim.isReadOnly()) {
                arrayList.add(getUserFieldDTO(claim.getClaimUri(), claim.getDisplayTag(), claim.isRequired(), claim.getDisplayOrder(), claim.getRegEx(), claim.isSupportedByDefault()));
            }
        }
        return (UserFieldDTO[]) arrayList.toArray(new UserFieldDTO[arrayList.size()]);
    }

    public void addUser(UserDTO userDTO) throws Exception {
        UserFieldDTO[] userFields = userDTO.getUserFields();
        HashMap hashMap = new HashMap();
        if (userFields != null) {
            for (UserFieldDTO userFieldDTO : userFields) {
                hashMap.put(userFieldDTO.getClaimUri(), userFieldDTO.getFieldValue());
            }
        }
        addUser(MultitenantUtils.getTenantAwareUsername(userDTO.getUserName()), userDTO.getPassword(), hashMap, null, IdentityTenantUtil.getRealm(MultitenantUtils.getTenantDomain(userDTO.getUserName()), (String) null));
    }

    public boolean isAddUserEnabled() throws Exception {
        UserStoreManager userStoreManager;
        UserRealm realm = IdentityTenantUtil.getRealm((String) null, (String) null);
        return (realm == null || (userStoreManager = realm.getUserStoreManager()) == null || userStoreManager.isReadOnly()) ? false : true;
    }

    public boolean isAddUserWithOpenIDEnabled() throws Exception {
        return false;
    }

    public boolean isAddUserWithInfoCardEnabled() throws Exception {
        return false;
    }

    public boolean isUserExist(String str) throws UserRegistrationException {
        try {
            return CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager().isExistingUser(str);
        } catch (UserStoreException e) {
            log.error("Unable to connect to the user store.", e);
            throw new UserRegistrationException("Internal error occurred while connecting to the user store.", e);
        }
    }

    private UserFieldDTO getUserFieldDTO(String str, String str2, boolean z, int i, String str3, boolean z2) {
        UserFieldDTO userFieldDTO = new UserFieldDTO();
        userFieldDTO.setClaimUri(str);
        userFieldDTO.setFieldName(str2);
        userFieldDTO.setRequired(z);
        userFieldDTO.setDisplayOrder(i);
        userFieldDTO.setSupportedByDefault(z2);
        userFieldDTO.setRegEx(str3);
        return userFieldDTO;
    }

    private void addUser(String str, String str2, Map<String, String> map, String str3, UserRealm userRealm) throws IdentityException {
        try {
            TenantRegistrationConfig tenantSignUpConfig = getTenantSignUpConfig(userRealm.getUserStoreManager().getTenantId());
            if (tenantSignUpConfig != null && !"".equals(tenantSignUpConfig.getSignUpDomain())) {
                int indexOf = str.indexOf(UserCoreConstants.DOMAIN_SEPARATOR);
                str = indexOf > 0 ? tenantSignUpConfig.getSignUpDomain().toUpperCase() + UserCoreConstants.DOMAIN_SEPARATOR + str.substring(indexOf + 1) : tenantSignUpConfig.getSignUpDomain().toUpperCase() + UserCoreConstants.DOMAIN_SEPARATOR + str;
            }
            UserStoreManager userStoreManager = userRealm.getUserStoreManager();
            if (!isUserNameWithAllowedDomainName(str, userRealm)) {
                throw IdentityException.error("Domain does not permit self registration");
            }
            userStoreManager.addUser(str, str2, (String[]) null, map, str3);
            List<String> roleName = getRoleName(str, tenantSignUpConfig);
            if (map.get(SelfRegistrationConstants.SIGN_UP_ROLE_CLAIM_URI) != null) {
                if (tenantSignUpConfig != null) {
                    roleName.add(tenantSignUpConfig.getSignUpDomain().toUpperCase() + UserCoreConstants.DOMAIN_SEPARATOR + map.get(SelfRegistrationConstants.SIGN_UP_ROLE_CLAIM_URI));
                } else {
                    roleName.add("Internal" + UserCoreConstants.DOMAIN_SEPARATOR + map.get(SelfRegistrationConstants.SIGN_UP_ROLE_CLAIM_URI));
                }
            }
            String[] strArr = (String[]) roleName.toArray(new String[roleName.size()]);
            for (int i = 0; i < strArr.length; i++) {
                doAddUser(i, userStoreManager, strArr, str, null);
            }
        } catch (UserStoreException e) {
            throw IdentityException.error("Error occurred while adding user : " + str + ". " + e.getMessage(), e);
        }
    }

    private void doAddUser(int i, UserStoreManager userStoreManager, String[] strArr, String str, Permission permission) throws IdentityException, UserStoreException {
        try {
            if (userStoreManager.isExistingRole(strArr[i], false)) {
                userStoreManager.updateUserListOfRole(strArr[i], new String[0], new String[]{str});
            } else {
                userStoreManager.addRole(strArr[i], new String[]{str}, new Permission[]{new Permission("/permission/admin/login", "ui.execute")}, false);
            }
        } catch (UserStoreException e) {
            userStoreManager.deleteUser(str);
            throw IdentityException.error("Error occurred while adding user : " + str + ". " + e.getMessage(), e);
        }
    }

    private boolean isUserNameWithAllowedDomainName(String str, UserRealm userRealm) throws IdentityException {
        int indexOf = str.indexOf("/");
        if (indexOf <= 0) {
            return true;
        }
        try {
            return !userRealm.getRealmConfiguration().isRestrictedDomainForSlefSignUp(str.substring(0, indexOf));
        } catch (UserStoreException e) {
            throw IdentityException.error(e.getMessage(), e);
        }
    }

    private List<String> getRoleName(String str, TenantRegistrationConfig tenantRegistrationConfig) {
        if (tenantRegistrationConfig != null) {
            ArrayList arrayList = new ArrayList();
            for (Map.Entry<String, Boolean> entry : tenantRegistrationConfig.getRoles().entrySet()) {
                arrayList.add(entry.getValue().booleanValue() ? tenantRegistrationConfig.getSignUpDomain().toUpperCase() + UserCoreConstants.DOMAIN_SEPARATOR + entry.getKey() : "Internal" + UserCoreConstants.DOMAIN_SEPARATOR + entry.getKey());
            }
            return arrayList;
        }
        String property = IdentityUtil.getProperty(SelfRegistrationConstants.ROLE_NAME_PROPERTY);
        String extractDomainFromName = Boolean.parseBoolean(IdentityUtil.getProperty(SelfRegistrationConstants.ROLE_EXTERNAL_PROPERTY)) ? IdentityUtil.extractDomainFromName(str) : "Internal";
        if (property == null || property.trim().length() == 0) {
            property = "identity";
        }
        if (extractDomainFromName != null && extractDomainFromName.trim().length() > 0) {
            property = extractDomainFromName.toUpperCase() + CarbonConstants.DOMAIN_SEPARATOR + property;
        }
        return new ArrayList(Arrays.asList(property));
    }

    private TenantRegistrationConfig getTenantSignUpConfig(int i) throws IdentityException {
        try {
            try {
                try {
                    try {
                        PrivilegedCarbonContext.startTenantFlow();
                        PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(i, true);
                        PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
                        Registry registry = PrivilegedCarbonContext.getThreadLocalCarbonContext().getRegistry(RegistryType.SYSTEM_GOVERNANCE);
                        if (!registry.resourceExists(SelfRegistrationConstants.SIGN_UP_CONFIG_REG_PATH)) {
                            return null;
                        }
                        Resource resource = registry.get(SelfRegistrationConstants.SIGN_UP_CONFIG_REG_PATH);
                        DocumentBuilder securedDocumentBuilder = getSecuredDocumentBuilder();
                        String str = new String((byte[]) resource.getContent());
                        InputSource inputSource = new InputSource();
                        inputSource.setCharacterStream(new StringReader(str.trim()));
                        NodeList elementsByTagName = securedDocumentBuilder.parse(inputSource).getElementsByTagName(SelfRegistrationConstants.SELF_SIGN_UP_ELEMENT);
                        if (elementsByTagName.getLength() <= 0) {
                            PrivilegedCarbonContext.endTenantFlow();
                            return null;
                        }
                        TenantRegistrationConfig tenantRegistrationConfig = new TenantRegistrationConfig();
                        tenantRegistrationConfig.setSignUpDomain(((Element) elementsByTagName.item(0)).getElementsByTagName(SelfRegistrationConstants.SIGN_UP_DOMAIN_ELEMENT).item(0).getTextContent());
                        NodeList elementsByTagName2 = ((Element) elementsByTagName.item(0)).getElementsByTagName(SelfRegistrationConstants.SIGN_UP_ROLE_ELEMENT);
                        for (int i2 = 0; i2 < elementsByTagName2.getLength(); i2++) {
                            Element element = (Element) elementsByTagName2.item(i2);
                            tenantRegistrationConfig.getRoles().put(element.getElementsByTagName(SelfRegistrationConstants.ROLE_NAME_ELEMENT).item(0).getTextContent(), Boolean.valueOf(Boolean.parseBoolean(element.getElementsByTagName(SelfRegistrationConstants.IS_EXTERNAL_ELEMENT).item(0).getTextContent())));
                        }
                        PrivilegedCarbonContext.endTenantFlow();
                        return tenantRegistrationConfig;
                    } catch (SAXException e) {
                        throw IdentityException.error("Error parsing tenant sign up configuration " + e.getMessage(), e);
                    }
                } catch (IOException e2) {
                    throw IdentityException.error("Error parsing tenant sign up configuration " + e2.getMessage(), e2);
                }
            } catch (ParserConfigurationException e3) {
                throw IdentityException.error("Error parsing tenant sign up configuration " + e3.getMessage(), e3);
            } catch (RegistryException e4) {
                throw IdentityException.error("Error retrieving sign up config from registry " + e4.getMessage(), e4);
            }
        } finally {
            PrivilegedCarbonContext.endTenantFlow();
        }
    }

    private DocumentBuilder getSecuredDocumentBuilder() throws ParserConfigurationException {
        return IdentityUtil.getSecuredDocumentBuilderFactory().newDocumentBuilder();
    }
}
