package com.wso2.openbanking.accelerator.keymanager;

import com.wso2.openbanking.accelerator.common.config.OpenBankingConfigParser;
import com.wso2.openbanking.accelerator.common.exception.OpenBankingException;
import com.wso2.openbanking.accelerator.common.util.Generated;
import com.wso2.openbanking.accelerator.common.util.ServiceProviderUtils;
import com.wso2.openbanking.accelerator.keymanager.internal.KeyManagerDataHolder;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import net.minidev.json.JSONObject;
import net.minidev.json.parser.JSONParser;
import net.minidev.json.parser.ParseException;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.api.ExceptionCodes;
import org.wso2.carbon.apimgt.api.model.AccessTokenInfo;
import org.wso2.carbon.apimgt.api.model.AccessTokenRequest;
import org.wso2.carbon.apimgt.api.model.ConfigurationDto;
import org.wso2.carbon.apimgt.api.model.KeyManagerConnectorConfiguration;
import org.wso2.carbon.apimgt.api.model.OAuthAppRequest;
import org.wso2.carbon.apimgt.api.model.OAuthApplicationInfo;
import org.wso2.carbon.apimgt.impl.AMDefaultKeyManagerImpl;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
import org.wso2.carbon.identity.application.common.model.ServiceProvider;
import org.wso2.carbon.identity.application.common.model.ServiceProviderProperty;
import org.wso2.carbon.identity.application.mgt.ApplicationManagementServiceImpl;
import org.wso2.carbon.identity.oauth.IdentityOAuthAdminException;
import org.wso2.carbon.identity.oauth.OAuthAdminService;
import org.wso2.carbon.identity.oauth.dto.OAuthConsumerAppDTO;

/* loaded from: input_file:com/wso2/openbanking/accelerator/keymanager/OBKeyManagerImpl.class */
public class OBKeyManagerImpl extends AMDefaultKeyManagerImpl implements OBKeyManagerExtensionInterface {
    private static final Log log = LogFactory.getLog(OBKeyManagerImpl.class);
    public static final String OAUTH2 = "oauth2";

    public AccessTokenInfo getNewApplicationAccessToken(AccessTokenRequest accessTokenRequest) throws APIManagementException {
        ServiceProviderProperty serviceProviderProperty;
        try {
            ServiceProvider serviceProviderByClientId = getApplicationMgmtServiceImpl().getServiceProviderByClientId(accessTokenRequest.getClientId(), OAUTH2, this.tenantDomain);
            if (serviceProviderByClientId != null && (serviceProviderProperty = (ServiceProviderProperty) Arrays.stream(serviceProviderByClientId.getSpProperties()).filter(serviceProviderProperty2 -> {
                return serviceProviderProperty2.getName().equalsIgnoreCase("regulatory");
            }).findAny().orElse(null)) != null) {
                if ("true".equalsIgnoreCase(serviceProviderProperty.getValue())) {
                    return null;
                }
            }
        } catch (IdentityApplicationManagementException e) {
            log.error("Error while generating keys. ", e);
        }
        return super.getNewApplicationAccessToken(accessTokenRequest);
    }

    public String getType() {
        return OBKeyManagerConstants.CUSTOM_KEYMANAGER_TYPE;
    }

    protected void validateOAuthAppCreationProperties(OAuthApplicationInfo oAuthApplicationInfo) throws APIManagementException {
        String type = getType();
        ArrayList arrayList = new ArrayList();
        HashMap hashMap = new HashMap();
        KeyManagerConnectorConfiguration keyManagerConnectorConfiguration = KeyManagerDataHolder.getInstance().getKeyManagerConnectorConfiguration(type);
        Map keyManagerAdditionalProperties = OpenBankingConfigParser.getInstance().getKeyManagerAdditionalProperties();
        if (keyManagerConnectorConfiguration == null) {
            throw new APIManagementException("Invalid Key Manager Type " + type, ExceptionCodes.KEY_MANAGER_NOT_FOUND);
        }
        List<ConfigurationDto> applicationConfigurations = keyManagerConnectorConfiguration.getApplicationConfigurations();
        Object parameter = oAuthApplicationInfo.getParameter("additionalProperties");
        if (parameter != null) {
            try {
                Object parse = new JSONParser(-1).parse(parameter.toString());
                if (!(parse instanceof JSONObject)) {
                    log.error("Additional properties is not a valid json object");
                    throw new APIManagementException("Additional properties is not a valid json object", ExceptionCodes.from(ExceptionCodes.INVALID_APPLICATION_ADDITIONAL_PROPERTIES, new String[]{"Additional properties is not a valid json object"}));
                }
                for (ConfigurationDto configurationDto : applicationConfigurations) {
                    String name = configurationDto.getName();
                    String asString = ((JSONObject) parse).getAsString(name);
                    if (asString == null) {
                        if (configurationDto.isRequired()) {
                            arrayList.add(configurationDto.getName());
                        }
                    } else if (keyManagerAdditionalProperties.containsKey(name)) {
                        configurationDto.setValues(Arrays.asList(asString));
                        hashMap.put(name, configurationDto);
                    } else if (StringUtils.isNotBlank(asString) && !StringUtils.equals(asString, "N/A")) {
                        try {
                            if (Long.valueOf(Long.parseLong(asString)).longValue() < 0) {
                                throw new APIManagementException("Application configuration values cannot have negative values.", ExceptionCodes.from(ExceptionCodes.INVALID_APPLICATION_ADDITIONAL_PROPERTIES, new String[]{"Application configuration values cannot have negative values."}));
                            }
                        } catch (NumberFormatException e) {
                            throw new APIManagementException("Application configuration values cannot have string values.", e, ExceptionCodes.from(ExceptionCodes.INVALID_APPLICATION_ADDITIONAL_PROPERTIES, new String[]{"Application configuration values cannot have string values."}));
                        }
                    }
                }
                if (!arrayList.isEmpty()) {
                    throw new APIManagementException("Missing required properties to create/update oauth application", ExceptionCodes.KEY_MANAGER_MISSING_REQUIRED_PROPERTIES_IN_APPLICATION);
                }
                if (hashMap.size() != 0) {
                    validateAdditionalProperties(hashMap);
                }
            } catch (ParseException e2) {
                throw new APIManagementException("Additional properties is not a valid JSON string", e2, ExceptionCodes.from(ExceptionCodes.INVALID_APPLICATION_ADDITIONAL_PROPERTIES, new String[]{"Additional properties is not a valid JSON string"}));
            }
        }
    }

    @Generated(message = "Excluding from code coverage since it is covered from other method")
    public OAuthApplicationInfo createApplication(OAuthAppRequest oAuthAppRequest) throws APIManagementException {
        HashMap<String, String> valuesForAdditionalProperties = KeyManagerUtil.getValuesForAdditionalProperties(oAuthAppRequest);
        if (Boolean.parseBoolean(valuesForAdditionalProperties.get("regulatory"))) {
            valuesForAdditionalProperties.put("AppCreateRequest", "true");
        }
        doPreCreateApplication(oAuthAppRequest, valuesForAdditionalProperties);
        String str = (String) oAuthAppRequest.getOAuthApplicationInfo().getParameter("username");
        OAuthApplicationInfo createApplication = super.createApplication(oAuthAppRequest);
        String clientName = createApplication.getClientName();
        KeyManagerUtil.addApplicationRoleToAdmin(clientName);
        try {
            String spTenantDomain = ServiceProviderUtils.getSpTenantDomain(createApplication.getClientId());
            updateSpProperties(clientName, spTenantDomain, str, valuesForAdditionalProperties, true);
            ServiceProvider serviceProvider = getApplicationMgmtServiceImpl().getServiceProvider(clientName, spTenantDomain);
            ServiceProviderProperty spPropertyFromSPMetaData = getSpPropertyFromSPMetaData("regulatory", serviceProvider.getSpProperties());
            if (spPropertyFromSPMetaData != null && Boolean.parseBoolean(spPropertyFromSPMetaData.getValue())) {
                ServiceProviderProperty spPropertyFromSPMetaData2 = getSpPropertyFromSPMetaData("DisplayName", serviceProvider.getSpProperties());
                if (spPropertyFromSPMetaData2 != null) {
                    oAuthAppRequest.getOAuthApplicationInfo().setClientName(spPropertyFromSPMetaData2.getValue());
                }
                oAuthAppRequest.getOAuthApplicationInfo().addParameter("tokenScope", (Object) null);
                super.updateApplication(oAuthAppRequest);
            }
            return createApplication;
        } catch (OpenBankingException | APIManagementException e) {
            throw new APIManagementException(ExceptionCodes.OAUTH2_APP_CREATION_FAILED.getErrorMessage(), e, ExceptionCodes.OAUTH2_APP_CREATION_FAILED);
        } catch (IdentityApplicationManagementException e2) {
            String str2 = "error occurred in retrieving service provider for app " + clientName;
            log.error(str2);
            throw new APIManagementException(str2, e2, ExceptionCodes.OAUTH2_APP_UPDATE_FAILED);
        }
    }

    @Generated(message = "Excluding from code coverage since it is covered from other method")
    public OAuthApplicationInfo updateApplication(OAuthAppRequest oAuthAppRequest) throws APIManagementException {
        HashMap<String, String> valuesForAdditionalProperties = KeyManagerUtil.getValuesForAdditionalProperties(oAuthAppRequest);
        valuesForAdditionalProperties.put("AppCreateRequest", "false");
        OAuthApplicationInfo oAuthApplicationInfo = oAuthAppRequest.getOAuthApplicationInfo();
        String clientId = oAuthApplicationInfo.getClientId();
        try {
            ServiceProvider serviceProviderByClientId = getApplicationMgmtServiceImpl().getServiceProviderByClientId(clientId, OAUTH2, this.tenantDomain);
            doPreUpdateApplication(oAuthAppRequest, valuesForAdditionalProperties, serviceProviderByClientId);
            updateSpProperties(serviceProviderByClientId.getApplicationName(), this.tenantDomain, (String) oAuthApplicationInfo.getParameter("username"), valuesForAdditionalProperties, false);
            return super.updateApplication(oAuthAppRequest);
        } catch (IdentityApplicationManagementException e) {
            String str = "Cannot find Service provider application for client Id " + clientId;
            log.error(str);
            throw new APIManagementException(str, ExceptionCodes.OAUTH2_APP_RETRIEVAL_FAILED);
        }
    }

    @Generated(message = "Excluding from code coverage since it is covered from other method")
    public OAuthApplicationInfo retrieveApplication(String str) throws APIManagementException {
        OAuthApplicationInfo retrieveApplication = super.retrieveApplication(str);
        try {
            return updateAdditionalProperties(retrieveApplication, new ArrayList(Arrays.asList(getApplicationMgmtServiceImpl().getServiceProvider(retrieveApplication.getClientName(), ServiceProviderUtils.getSpTenantDomain(str)).getSpProperties())));
        } catch (IdentityApplicationManagementException | OpenBankingException e) {
            throw new APIManagementException(ExceptionCodes.OAUTH2_APP_RETRIEVAL_FAILED.getErrorMessage(), e, ExceptionCodes.OAUTH2_APP_RETRIEVAL_FAILED);
        }
    }

    protected void updateSpProperties(String str, String str2, String str3, HashMap<String, String> hashMap, boolean z) throws APIManagementException {
        try {
            OAuthConsumerAppDTO oAuthApplicationDataByAppName = getOAuthAdminService().getOAuthApplicationDataByAppName(str);
            ServiceProvider serviceProvider = getApplicationMgmtServiceImpl().getServiceProvider(str, str2);
            doPreUpdateSpApp(oAuthApplicationDataByAppName, serviceProvider, hashMap, z);
            ArrayList arrayList = new ArrayList(Arrays.asList(serviceProvider.getSpProperties()));
            for (Map.Entry<String, String> entry : hashMap.entrySet()) {
                ServiceProviderProperty serviceProviderProperty = (ServiceProviderProperty) arrayList.stream().filter(serviceProviderProperty2 -> {
                    return serviceProviderProperty2.getName().equalsIgnoreCase((String) entry.getKey());
                }).findAny().orElse(null);
                if (serviceProviderProperty != null) {
                    arrayList.remove(serviceProviderProperty);
                    serviceProviderProperty.setValue(entry.getValue());
                    arrayList.add(serviceProviderProperty);
                } else {
                    ServiceProviderProperty serviceProviderProperty3 = new ServiceProviderProperty();
                    serviceProviderProperty3.setName(entry.getKey());
                    serviceProviderProperty3.setValue(entry.getValue());
                    arrayList.add(serviceProviderProperty3);
                }
            }
            serviceProvider.setSpProperties((ServiceProviderProperty[]) arrayList.toArray(new ServiceProviderProperty[0]));
            try {
                getApplicationMgmtServiceImpl().updateApplication(serviceProvider, str2, str3);
                if (log.isDebugEnabled()) {
                    log.debug("Successfully updated service provider properties for app " + str);
                }
                try {
                    getOAuthAdminService().updateConsumerApplication(oAuthApplicationDataByAppName);
                    if (log.isDebugEnabled()) {
                        log.debug("Successfully updated oAuth application DTO for app " + str);
                    }
                } catch (IdentityOAuthAdminException e) {
                    String str4 = "error occurred while updating oAuth Application data for app " + str;
                    log.error(str4);
                    throw new APIManagementException(str4, e, ExceptionCodes.OAUTH2_APP_UPDATE_FAILED);
                }
            } catch (IdentityApplicationManagementException e2) {
                String str5 = "error occurred while updating service provider " + str;
                log.error(str5);
                throw new APIManagementException(str5, e2, ExceptionCodes.OAUTH2_APP_UPDATE_FAILED);
            }
        } catch (IdentityApplicationManagementException | IdentityOAuthAdminException e3) {
            String str6 = "error occurred in retrieving service provider or oAuth app " + str;
            log.error(str6);
            throw new APIManagementException(str6, e3, ExceptionCodes.OAUTH2_APP_UPDATE_FAILED);
        }
    }

    protected OAuthApplicationInfo updateAdditionalProperties(OAuthApplicationInfo oAuthApplicationInfo, List<ServiceProviderProperty> list) {
        for (String str : OpenBankingConfigParser.getInstance().getKeyManagerAdditionalProperties().keySet()) {
            for (ServiceProviderProperty serviceProviderProperty : list) {
                if (serviceProviderProperty.getName().equalsIgnoreCase(str)) {
                    ((HashMap) oAuthApplicationInfo.getParameter("additionalProperties")).put(str, serviceProviderProperty.getValue());
                }
            }
        }
        return oAuthApplicationInfo;
    }

    @Override // com.wso2.openbanking.accelerator.keymanager.OBKeyManagerExtensionInterface
    @Generated(message = "Excluding from code coverage since the method body is at toolkit")
    public void validateAdditionalProperties(Map<String, ConfigurationDto> map) throws APIManagementException {
        OBKeyManagerExtensionInterface oBKeyManagerExtensionImpl = KeyManagerUtil.getOBKeyManagerExtensionImpl();
        if (oBKeyManagerExtensionImpl != null) {
            oBKeyManagerExtensionImpl.validateAdditionalProperties(map);
        }
    }

    @Override // com.wso2.openbanking.accelerator.keymanager.OBKeyManagerExtensionInterface
    @Generated(message = "Excluding from code coverage since the method body is at toolkit")
    public void doPreCreateApplication(OAuthAppRequest oAuthAppRequest, HashMap<String, String> hashMap) throws APIManagementException {
        OBKeyManagerExtensionInterface oBKeyManagerExtensionImpl = KeyManagerUtil.getOBKeyManagerExtensionImpl();
        if (oBKeyManagerExtensionImpl != null) {
            oBKeyManagerExtensionImpl.doPreCreateApplication(oAuthAppRequest, hashMap);
        }
    }

    @Override // com.wso2.openbanking.accelerator.keymanager.OBKeyManagerExtensionInterface
    @Generated(message = "Excluding from code coverage since the method body is at toolkit")
    public void doPreUpdateApplication(OAuthAppRequest oAuthAppRequest, HashMap<String, String> hashMap, ServiceProvider serviceProvider) throws APIManagementException {
        OBKeyManagerExtensionInterface oBKeyManagerExtensionImpl = KeyManagerUtil.getOBKeyManagerExtensionImpl();
        if (oBKeyManagerExtensionImpl != null) {
            oBKeyManagerExtensionImpl.doPreUpdateApplication(oAuthAppRequest, hashMap, serviceProvider);
        }
    }

    @Override // com.wso2.openbanking.accelerator.keymanager.OBKeyManagerExtensionInterface
    @Generated(message = "Excluding from code coverage since the method body is at toolkit")
    public void doPreUpdateSpApp(OAuthConsumerAppDTO oAuthConsumerAppDTO, ServiceProvider serviceProvider, HashMap<String, String> hashMap, boolean z) throws APIManagementException {
        OBKeyManagerExtensionInterface oBKeyManagerExtensionImpl = KeyManagerUtil.getOBKeyManagerExtensionImpl();
        if (oBKeyManagerExtensionImpl != null) {
            oBKeyManagerExtensionImpl.doPreUpdateSpApp(oAuthConsumerAppDTO, serviceProvider, hashMap, z);
        }
    }

    @Generated(message = "Added for unit testing purposes")
    protected ApplicationManagementServiceImpl getApplicationMgmtServiceImpl() {
        return ApplicationManagementServiceImpl.getInstance();
    }

    @Generated(message = "Added for unit testing purposes")
    protected OAuthAdminService getOAuthAdminService() {
        return new OAuthAdminService();
    }

    protected ServiceProviderProperty getSpPropertyFromSPMetaData(String str, ServiceProviderProperty[] serviceProviderPropertyArr) {
        return (ServiceProviderProperty) Arrays.asList(serviceProviderPropertyArr).stream().filter(serviceProviderProperty -> {
            return serviceProviderProperty.getName().equalsIgnoreCase(str);
        }).findAny().orElse(null);
    }
}
