package com.wso2.openbanking.accelerator.identity.app2app.utils;

import com.wso2.openbanking.accelerator.common.exception.OpenBankingException;
import com.wso2.openbanking.accelerator.common.validator.OpenBankingValidator;
import com.wso2.openbanking.accelerator.identity.app2app.exception.JWTValidationException;
import com.wso2.openbanking.accelerator.identity.app2app.model.DeviceVerificationToken;
import com.wso2.openbanking.accelerator.identity.app2app.validations.validationorder.App2AppValidationOrder;
import com.wso2.openbanking.accelerator.identity.internal.IdentityExtensionsDataHolder;
import org.apache.commons.lang.StringUtils;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.authenticator.push.device.handler.DeviceHandler;
import org.wso2.carbon.identity.application.authenticator.push.device.handler.exception.PushDeviceHandlerClientException;
import org.wso2.carbon.identity.application.authenticator.push.device.handler.exception.PushDeviceHandlerServerException;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;

/* loaded from: input_file:com/wso2/openbanking/accelerator/identity/app2app/utils/App2AppAuthUtils.class */
public class App2AppAuthUtils {
    public static AuthenticatedUser getAuthenticatedUserFromSubjectIdentifier(String str) {
        return AuthenticatedUser.createLocalAuthenticatedUserFromSubjectIdentifier(str);
    }

    public static UserRealm getUserRealm(AuthenticatedUser authenticatedUser) throws UserStoreException {
        UserRealm userRealm = null;
        if (authenticatedUser != null) {
            userRealm = IdentityExtensionsDataHolder.getInstance().getRealmService().getTenantUserRealm(IdentityTenantUtil.getTenantId(authenticatedUser.getTenantDomain()));
        }
        return userRealm;
    }

    public static String getUserIdFromUsername(String str, UserRealm userRealm) throws UserStoreException, OpenBankingException {
        if (userRealm != null) {
            return userRealm.getUserStoreManager().getUserIDFromUserName(str);
        }
        throw new OpenBankingException("UserRealm service can not be null.");
    }

    public static String getPublicKey(String str, String str2, DeviceHandler deviceHandler) throws PushDeviceHandlerServerException, IllegalArgumentException, PushDeviceHandlerClientException, OpenBankingException {
        deviceHandler.listDevices(str2).stream().filter(device -> {
            return StringUtils.equals(device.getDeviceId(), str);
        }).findFirst().orElseThrow(() -> {
            return new OpenBankingException("Provided Device ID doesn't match any device registered under user.");
        });
        return deviceHandler.getPublicKey(str);
    }

    public static void validateToken(DeviceVerificationToken deviceVerificationToken) throws JWTValidationException {
        String firstViolation = OpenBankingValidator.getInstance().getFirstViolation(deviceVerificationToken, App2AppValidationOrder.class);
        if (firstViolation != null) {
            throw new JWTValidationException(firstViolation);
        }
    }
}
