package com.wso2.openbanking.accelerator.identity.auth.extensions.response.handler.impl;

import com.wso2.openbanking.accelerator.identity.auth.extensions.response.handler.OBResponseTypeHandler;
import com.wso2.openbanking.accelerator.identity.internal.IdentityExtensionsDataHolder;
import com.wso2.openbanking.accelerator.identity.util.IdentityCommonConstants;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.oauth2.RequestObjectException;
import org.wso2.carbon.identity.oauth2.authz.OAuthAuthzReqMessageContext;
import org.wso2.carbon.identity.openidconnect.RequestObjectService;
import org.wso2.carbon.identity.openidconnect.model.RequestedClaim;

/* loaded from: input_file:com/wso2/openbanking/accelerator/identity/auth/extensions/response/handler/impl/OBDefaultResponseTypeHandlerImpl.class */
public class OBDefaultResponseTypeHandlerImpl implements OBResponseTypeHandler {
    private static final String OPENBANKING_INTENT_ID = "openbanking_intent_id";
    private static final Log log = LogFactory.getLog(OBDefaultResponseTypeHandlerImpl.class);

    @Override // com.wso2.openbanking.accelerator.identity.auth.extensions.response.handler.OBResponseTypeHandler
    public long updateRefreshTokenValidityPeriod(OAuthAuthzReqMessageContext oAuthAuthzReqMessageContext) {
        return oAuthAuthzReqMessageContext.getRefreshTokenvalidityPeriod();
    }

    @Override // com.wso2.openbanking.accelerator.identity.auth.extensions.response.handler.OBResponseTypeHandler
    public String[] updateApprovedScopes(OAuthAuthzReqMessageContext oAuthAuthzReqMessageContext) {
        if (oAuthAuthzReqMessageContext == null || oAuthAuthzReqMessageContext.getAuthorizationReqDTO() == null) {
            return new String[0];
        }
        String[] approvedScope = oAuthAuthzReqMessageContext.getApprovedScope();
        if (approvedScope != null && !Arrays.asList(approvedScope).contains("api_store")) {
            String consentIDFromSessionData = getConsentIDFromSessionData(oAuthAuthzReqMessageContext.getAuthorizationReqDTO().getSessionDataKey());
            if (consentIDFromSessionData.isEmpty()) {
                log.error("Consent-ID retrieved from request object claims is empty");
                return approvedScope;
            }
            String str = IdentityExtensionsDataHolder.getInstance().getConfigurationMap().get(IdentityCommonConstants.CONSENT_ID_CLAIM_NAME).toString() + consentIDFromSessionData;
            if (!Arrays.asList(approvedScope).contains(str)) {
                String[] strArr = (String[]) ArrayUtils.addAll(approvedScope, new String[]{str});
                if (log.isDebugEnabled()) {
                    log.debug("Updated scopes: " + Arrays.toString(strArr));
                }
                return strArr;
            }
        }
        return oAuthAuthzReqMessageContext.getApprovedScope();
    }

    String getConsentIDFromSessionData(String str) {
        String str2 = "";
        if (str == null || str.isEmpty()) {
            log.error("Invalid Session Data Key");
        } else {
            RequestObjectService requestObjectService = IdentityExtensionsDataHolder.getInstance().getRequestObjectService();
            if (requestObjectService != null) {
                str2 = retrieveConsentIDFromReqObjService(requestObjectService, str);
                if (str2.isEmpty()) {
                    log.error("Failed to retrieve ConsentID from query parameters");
                }
            } else {
                log.error("Failed to retrieve Request Object Service");
            }
        }
        return str2;
    }

    String retrieveConsentIDFromReqObjService(RequestObjectService requestObjectService, String str) {
        String str2 = "";
        try {
            str2 = iterateClaims(requestObjectService.getRequestedClaimsForSessionDataKey(str, false));
            if (str2.isEmpty()) {
                str2 = iterateClaims(requestObjectService.getRequestedClaimsForSessionDataKey(str, true));
            }
        } catch (RequestObjectException e) {
            log.error("Exception occurred", e);
        }
        return str2;
    }

    String iterateClaims(List<RequestedClaim> list) {
        String str = "";
        Iterator<RequestedClaim> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            RequestedClaim next = it.next();
            if (log.isDebugEnabled()) {
                log.debug("Claim: " + next.getName() + ", value: " + next.getValue());
            }
            if (OPENBANKING_INTENT_ID.equals(next.getName())) {
                str = next.getValue();
                if (log.isDebugEnabled()) {
                    log.debug("Consent-ID retrieved: " + str);
                }
            }
        }
        return str;
    }
}
