package org.wso2.is.data.sync.system.pipeline.transform.v570;

import java.util.List;
import org.apache.commons.lang.StringUtils;
import org.json.JSONException;
import org.json.JSONObject;
import org.wso2.carbon.core.util.CryptoException;
import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.is.data.sync.system.exception.SyncClientException;
import org.wso2.is.data.sync.system.pipeline.JournalEntry;
import org.wso2.is.data.sync.system.pipeline.PipelineContext;
import org.wso2.is.data.sync.system.pipeline.transform.DataTransformer;
import org.wso2.is.data.sync.system.pipeline.transform.VersionAdvice;
import org.wso2.is.data.sync.system.pipeline.transform.model.TokenInfo;
import org.wso2.is.data.sync.system.util.CommonUtil;
import org.wso2.is.data.sync.system.util.Constant;
import org.wso2.is.data.sync.system.util.OAuth2Util;

@VersionAdvice(version = Constant.PRODUCT_VERSION_V570, tableName = Constant.TABLE_IDN_OAUTH2_ACCESS_TOKEN)
/* loaded from: input_file:org/wso2/is/data/sync/system/pipeline/transform/v570/OAuthTokenDataTransformerV570.class */
public class OAuthTokenDataTransformerV570 implements DataTransformer {
    private static String hashingAlgorithm = OAuthServerConfiguration.getInstance().getHashAlgorithm();

    @Override // org.wso2.is.data.sync.system.pipeline.transform.DataTransformer
    public List<JournalEntry> transform(List<JournalEntry> list, PipelineContext pipelineContext) throws SyncClientException {
        try {
            boolean isEncryptionWithTransformationEnabled = OAuth2Util.isEncryptionWithTransformationEnabled();
            boolean isTokenEncryptionEnabled = OAuth2Util.isTokenEncryptionEnabled();
            boolean isIdentifierNamesMaintainedInLowerCase = CommonUtil.isIdentifierNamesMaintainedInLowerCase(pipelineContext.getTargetConnection());
            for (JournalEntry journalEntry : list) {
                String str = (String) CommonUtil.getObjectValueFromEntry(journalEntry, Constant.COLUMN_ACCESS_TOKEN, isIdentifierNamesMaintainedInLowerCase);
                String str2 = (String) CommonUtil.getObjectValueFromEntry(journalEntry, Constant.COLUMN_REFRESH_TOKEN, isIdentifierNamesMaintainedInLowerCase);
                String str3 = (String) CommonUtil.getObjectValueFromEntry(journalEntry, Constant.COLUMN_ACCESS_TOKEN_HASH, isIdentifierNamesMaintainedInLowerCase);
                TokenInfo tokenInfo = new TokenInfo(str, str2, str3, (String) CommonUtil.getObjectValueFromEntry(journalEntry, Constant.COLUMN_REFRESH_TOKEN_HASH, isIdentifierNamesMaintainedInLowerCase));
                if (isEncryptionWithTransformationEnabled) {
                    try {
                        OAuth2Util.transformEncryptedTokens(tokenInfo);
                        if (StringUtils.isBlank(str3)) {
                            OAuth2Util.hashTokens(tokenInfo);
                        } else {
                            reHashWithHashingAlgorithm(tokenInfo, hashingAlgorithm);
                        }
                        OAuth2Util.updateJournalEntryForToken(journalEntry, tokenInfo, isIdentifierNamesMaintainedInLowerCase);
                    } catch (CryptoException e) {
                        throw new SyncClientException("Error while transforming encrypted tokens", (Throwable) e);
                    }
                } else if (!isTokenEncryptionEnabled) {
                    if (StringUtils.isBlank(str3)) {
                        OAuth2Util.hashTokens(tokenInfo);
                    } else {
                        reHashWithHashingAlgorithm(tokenInfo, hashingAlgorithm);
                    }
                    OAuth2Util.updateJournalEntryForToken(journalEntry, tokenInfo, isIdentifierNamesMaintainedInLowerCase);
                }
            }
            return list;
        } catch (IdentityOAuth2Exception e2) {
            throw new SyncClientException("Error while checking token encryption server configurations", (Throwable) e2);
        }
    }

    private void reHashWithHashingAlgorithm(TokenInfo tokenInfo, String str) {
        String accessTokenHash = tokenInfo.getAccessTokenHash();
        String refreshTokenHash = tokenInfo.getRefreshTokenHash();
        try {
            new JSONObject(accessTokenHash);
        } catch (JSONException e) {
            tokenInfo.setAccessTokenHash(getJsonObjectWithHash(str, accessTokenHash).toString());
            tokenInfo.setRefreshTokenHash(getJsonObjectWithHash(str, refreshTokenHash).toString());
        }
    }

    private JSONObject getJsonObjectWithHash(String str, String str2) {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put(Constant.PROPERTY_NAME_ALGORITHM, str);
        jSONObject.put(Constant.PROPERTY_NAME_HASH, str2);
        return jSONObject;
    }
}
