package org.wso2.carbon.identity.application.authenticator.totp.util;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.commons.io.Charsets;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.owasp.encoder.Encode;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.context.RegistryType;
import org.wso2.carbon.core.util.CryptoException;
import org.wso2.carbon.core.util.CryptoUtil;
import org.wso2.carbon.extension.identity.helper.util.IdentityHelperUtil;
import org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade;
import org.wso2.carbon.identity.application.authentication.framework.config.builder.FileBasedConfigurationBuilder;
import org.wso2.carbon.identity.application.authentication.framework.config.model.ExternalIdPConfig;
import org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils;
import org.wso2.carbon.identity.application.authenticator.totp.TOTPAuthenticatorConstants;
import org.wso2.carbon.identity.application.authenticator.totp.exception.TOTPException;
import org.wso2.carbon.identity.application.authenticator.totp.internal.TOTPDataHolder;
import org.wso2.carbon.identity.application.common.model.ClaimMapping;
import org.wso2.carbon.identity.application.common.model.Property;
import org.wso2.carbon.identity.claim.metadata.mgt.ClaimMetadataHandler;
import org.wso2.carbon.identity.claim.metadata.mgt.exception.ClaimMetadataException;
import org.wso2.carbon.identity.core.ServiceURLBuilder;
import org.wso2.carbon.identity.core.URLBuilderException;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.governance.IdentityGovernanceException;
import org.wso2.carbon.identity.handler.event.account.lock.exception.AccountLockServiceException;
import org.wso2.carbon.idp.mgt.IdentityProviderManagementException;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.util.UserCoreUtil;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;
import org.xml.sax.SAXException;

/* loaded from: input_file:org/wso2/carbon/identity/application/authenticator/totp/util/TOTPUtil.class */
public class TOTPUtil {
    private static final Log log = LogFactory.getLog(TOTPUtil.class);

    public static String encrypt(String str) throws CryptoException {
        return CryptoUtil.getDefaultCryptoUtil().encryptAndBase64Encode(str.getBytes(Charsets.UTF_8));
    }

    public static String decrypt(String str) throws CryptoException {
        return new String(CryptoUtil.getDefaultCryptoUtil().base64DecodeAndDecrypt(str), Charsets.UTF_8);
    }

    public static String getTOTPIssuerDisplayName(String str, AuthenticationContext authenticationContext) throws TOTPException {
        String str2 = null;
        if ("carbon.super".equals(str) || Boolean.parseBoolean(getTOTPParameters().get(TOTPAuthenticatorConstants.TOTP_COMMON_ISSUER))) {
            str2 = getTOTPParameters().get(TOTPAuthenticatorConstants.TOTP_ISSUER);
        } else if (authenticationContext == null) {
            str2 = getIssuerFromRegistry(str);
        } else if (authenticationContext.getProperty(TOTPAuthenticatorConstants.TOTP_ISSUER) != null) {
            str2 = (String) authenticationContext.getProperty(TOTPAuthenticatorConstants.TOTP_ISSUER);
        }
        if (StringUtils.isBlank(str2)) {
            str2 = str;
        }
        return str2;
    }

    public static String getTOTPDisplayUsername(String str) {
        return Boolean.parseBoolean(getTOTPParameters().get(TOTPAuthenticatorConstants.TOTP_HIDE_USERSTORE_FROM_USERNAME)) ? UserCoreUtil.removeDomainFromName(str) : str;
    }

    private static String getIssuerFromRegistry(String str) throws TOTPException {
        String str2;
        try {
            try {
                try {
                    str2 = getAttributeFromRegistry(getAuthenticationConfigNodeList(str, IdentityTenantUtil.getTenantId(str)), TOTPAuthenticatorConstants.TOTP_ISSUER);
                    PrivilegedCarbonContext.endTenantFlow();
                } catch (IOException e) {
                    throw new TOTPException("Error while parsing the content as XML via ByteArrayInputStream", e);
                } catch (SAXException e2) {
                    throw new TOTPException("Error while parsing the content as XML", e2);
                }
            } catch (ParserConfigurationException e3) {
                throw new TOTPException("Error while creating new Document Builder", e3);
            } catch (RegistryException e4) {
                str2 = str;
                PrivilegedCarbonContext.endTenantFlow();
            }
            return str2;
        } catch (Throwable th) {
            PrivilegedCarbonContext.endTenantFlow();
            throw th;
        }
    }

    private static String getAttributeFromRegistry(NodeList nodeList, String str) {
        String str2 = null;
        int i = 0;
        while (true) {
            if (i >= nodeList.getLength()) {
                break;
            }
            Node item = nodeList.item(i);
            if (item.getNodeType() == 1) {
                Element element = (Element) item;
                if (element.getAttribute(TOTPAuthenticatorConstants.NAME).equals("totp")) {
                    NodeList childNodes = element.getChildNodes();
                    for (int i2 = 0; i2 < childNodes.getLength(); i2++) {
                        Node item2 = childNodes.item(i2);
                        if (item2.getNodeType() == 1) {
                            Element element2 = (Element) item2;
                            if (childNodes.item(i2).getAttributes().getNamedItem(TOTPAuthenticatorConstants.NAME).getNodeValue().equals(str)) {
                                str2 = element2.getTextContent();
                            }
                        }
                    }
                }
            }
            i++;
        }
        return str2;
    }

    private static NodeList getAuthenticationConfigNodeList(String str, int i) throws RegistryException, ParserConfigurationException, SAXException, IOException {
        String authenticationConfigFromRegistry = getAuthenticationConfigFromRegistry(str, i);
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        return newInstance.newDocumentBuilder().parse(new ByteArrayInputStream(authenticationConfigFromRegistry.getBytes())).getElementsByTagName("AuthenticatorConfig");
    }

    private static String getAuthenticationConfigFromRegistry(String str, int i) throws RegistryException {
        PrivilegedCarbonContext.startTenantFlow();
        PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
        threadLocalCarbonContext.setTenantId(i);
        threadLocalCarbonContext.setTenantDomain(str);
        return new String((byte[]) threadLocalCarbonContext.getRegistry(RegistryType.SYSTEM_GOVERNANCE).get("totp/application-authentication.xml").getContent());
    }

    public static String getEncodingMethod(String str, AuthenticationContext authenticationContext) {
        String str2 = null;
        if ("carbon.super".equals(str)) {
            str2 = String.valueOf(getTOTPParameters().get(TOTPAuthenticatorConstants.ENCODING_METHOD));
        } else if (authenticationContext.getProperty(TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG) == null) {
            if (authenticationContext.getProperty(TOTPAuthenticatorConstants.ENCODING_METHOD) != null) {
                str2 = authenticationContext.getProperty(TOTPAuthenticatorConstants.ENCODING_METHOD).toString();
            }
        } else if (IdentityHelperUtil.getAuthenticatorParameters("totp").get(TOTPAuthenticatorConstants.ENCODING_METHOD) != null) {
            str2 = String.valueOf(IdentityHelperUtil.getAuthenticatorParameters("totp").get(TOTPAuthenticatorConstants.ENCODING_METHOD));
        }
        return TOTPAuthenticatorConstants.BASE64.equals(str2) ? TOTPAuthenticatorConstants.BASE64 : TOTPAuthenticatorConstants.BASE32;
    }

    public static String getEncodingMethod(String str) throws AuthenticationFailedException {
        String encodingMethodFromRegistry;
        if ("carbon.super".equals(str)) {
            encodingMethodFromRegistry = String.valueOf(getTOTPParameters().get(TOTPAuthenticatorConstants.ENCODING_METHOD));
        } else {
            try {
                encodingMethodFromRegistry = getEncodingMethodFromRegistry(str, null);
                if (StringUtils.isEmpty(encodingMethodFromRegistry)) {
                    encodingMethodFromRegistry = String.valueOf(IdentityHelperUtil.getAuthenticatorParameters("totp").get(TOTPAuthenticatorConstants.ENCODING_METHOD));
                }
            } catch (TOTPException e) {
                throw new AuthenticationFailedException("Cannot find the property value for encodingMethod", e);
            }
        }
        return TOTPAuthenticatorConstants.BASE64.equals(encodingMethodFromRegistry) ? TOTPAuthenticatorConstants.BASE64 : TOTPAuthenticatorConstants.BASE32;
    }

    private static Map<String, String> getTOTPParameters() {
        return FileBasedConfigurationBuilder.getInstance().getAuthenticatorBean("totp").getParameterMap();
    }

    private static String getEncodingMethodFromRegistry(String str, AuthenticationContext authenticationContext) throws TOTPException {
        String str2 = null;
        try {
            try {
                try {
                    str2 = getAttributeFromRegistry(getAuthenticationConfigNodeList(str, IdentityTenantUtil.getTenantId(str)), TOTPAuthenticatorConstants.ENCODING_METHOD);
                    PrivilegedCarbonContext.endTenantFlow();
                } catch (IOException e) {
                    throw new TOTPException("Error while parsing the content as XML via ByteArrayInputStream", e);
                } catch (RegistryException e2) {
                    if (authenticationContext == null) {
                        PrivilegedCarbonContext.endTenantFlow();
                        return "";
                    }
                    authenticationContext.setProperty(TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG, TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG);
                    PrivilegedCarbonContext.endTenantFlow();
                }
                return str2;
            } catch (ParserConfigurationException e3) {
                throw new TOTPException("Error while creating new Document Builder", e3);
            } catch (SAXException e4) {
                throw new TOTPException("Error while parsing the content as XML", e4);
            }
        } catch (Throwable th) {
            PrivilegedCarbonContext.endTenantFlow();
            throw th;
        }
    }

    public static long getTimeStepSize(String str) throws AuthenticationFailedException {
        long timeStepSizeFromRegistry;
        if ("carbon.super".equals(str)) {
            timeStepSizeFromRegistry = Long.parseLong(getTOTPParameters().get(TOTPAuthenticatorConstants.TIME_STEP_SIZE));
        } else {
            try {
                timeStepSizeFromRegistry = getTimeStepSizeFromRegistry(str, null);
                if (timeStepSizeFromRegistry == -1) {
                    timeStepSizeFromRegistry = Long.parseLong((String) IdentityHelperUtil.getAuthenticatorParameters("totp").get(TOTPAuthenticatorConstants.TIME_STEP_SIZE));
                }
            } catch (TOTPException e) {
                throw new AuthenticationFailedException("Cannot find the property value for timeStepSize", e);
            }
        }
        return timeStepSizeFromRegistry;
    }

    public static long getTimeStepSize(AuthenticationContext authenticationContext) {
        if (log.isDebugEnabled()) {
            log.debug("Read the user Time Step Size value from application authentication xml file");
        }
        return (authenticationContext.getProperty(TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG) != null || authenticationContext.getTenantDomain().equals("carbon.super")) ? Long.parseLong((String) IdentityHelperUtil.getAuthenticatorParameters(authenticationContext.getProperty(TOTPAuthenticatorConstants.AUTHENTICATION).toString()).get(TOTPAuthenticatorConstants.TIME_STEP_SIZE)) : Long.parseLong(authenticationContext.getProperty(TOTPAuthenticatorConstants.TIME_STEP_SIZE).toString());
    }

    public static long getTimeStepSizeFromRegistry(String str, AuthenticationContext authenticationContext) throws TOTPException {
        long j = -1;
        try {
            try {
                try {
                    j = Long.parseLong(getAttributeFromRegistry(getAuthenticationConfigNodeList(str, IdentityTenantUtil.getTenantId(str)), TOTPAuthenticatorConstants.TIME_STEP_SIZE));
                    PrivilegedCarbonContext.endTenantFlow();
                } catch (IOException e) {
                    throw new TOTPException("Error while parsing the content as XML via ByteArrayInputStream", e);
                } catch (SAXException e2) {
                    throw new TOTPException("Error while parsing the content as XML", e2);
                }
            } catch (ParserConfigurationException e3) {
                throw new TOTPException("Error while creating new Document Builder", e3);
            } catch (RegistryException e4) {
                if (authenticationContext == null) {
                    PrivilegedCarbonContext.endTenantFlow();
                    return -1L;
                }
                authenticationContext.setProperty(TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG, TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG);
                PrivilegedCarbonContext.endTenantFlow();
            }
            return j;
        } catch (Throwable th) {
            PrivilegedCarbonContext.endTenantFlow();
            throw th;
        }
    }

    public static int getWindowSize(AuthenticationContext authenticationContext) {
        if (log.isDebugEnabled()) {
            log.debug("Read the user window size value from application authentication xml file");
        }
        return (authenticationContext.getProperty(TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG) != null || authenticationContext.getTenantDomain().equals("carbon.super")) ? Integer.parseInt((String) IdentityHelperUtil.getAuthenticatorParameters(authenticationContext.getProperty(TOTPAuthenticatorConstants.AUTHENTICATION).toString()).get(TOTPAuthenticatorConstants.WINDOW_SIZE)) : Integer.parseInt(authenticationContext.getProperty(TOTPAuthenticatorConstants.WINDOW_SIZE).toString());
    }

    public static int getWindowSize(String str) throws AuthenticationFailedException {
        int windowSizeFromRegistry;
        if ("carbon.super".equals(str)) {
            windowSizeFromRegistry = Integer.parseInt(getTOTPParameters().get(TOTPAuthenticatorConstants.WINDOW_SIZE));
        } else {
            try {
                windowSizeFromRegistry = getWindowSizeFromRegistry(str, null);
                if (windowSizeFromRegistry == -1) {
                    windowSizeFromRegistry = Integer.parseInt((String) IdentityHelperUtil.getAuthenticatorParameters("totp").get(TOTPAuthenticatorConstants.WINDOW_SIZE));
                }
            } catch (TOTPException e) {
                throw new AuthenticationFailedException("Cannot find the property value for windowSize", e);
            }
        }
        return windowSizeFromRegistry;
    }

    public static int getWindowSizeFromRegistry(String str, AuthenticationContext authenticationContext) throws TOTPException {
        int i = -1;
        try {
            try {
                try {
                    try {
                        i = Integer.parseInt(getAttributeFromRegistry(getAuthenticationConfigNodeList(str, IdentityTenantUtil.getTenantId(str)), TOTPAuthenticatorConstants.WINDOW_SIZE));
                        PrivilegedCarbonContext.endTenantFlow();
                    } catch (IOException e) {
                        throw new TOTPException("Error while parsing the content as XML via ByteArrayInputStream", e);
                    }
                } catch (SAXException e2) {
                    throw new TOTPException("Error while parsing the content as XML", e2);
                }
            } catch (ParserConfigurationException e3) {
                throw new TOTPException("Error while creating new Document Builder", e3);
            } catch (RegistryException e4) {
                if (authenticationContext == null) {
                    PrivilegedCarbonContext.endTenantFlow();
                    return -1;
                }
                authenticationContext.setProperty(TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG, TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG);
                PrivilegedCarbonContext.endTenantFlow();
            }
            return i;
        } catch (Throwable th) {
            PrivilegedCarbonContext.endTenantFlow();
            throw th;
        }
    }

    public static boolean isEnrolUserInAuthenticationFlowEnabled(AuthenticationContext authenticationContext) {
        if (log.isDebugEnabled()) {
            log.debug("Read the EnrolUserInAuthenticationFlow value from application authentication xml file");
        }
        return (authenticationContext.getProperty(TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG) != null || "carbon.super".equals(authenticationContext.getTenantDomain())) ? Boolean.parseBoolean((String) IdentityHelperUtil.getAuthenticatorParameters(authenticationContext.getProperty(TOTPAuthenticatorConstants.AUTHENTICATION).toString()).get(TOTPAuthenticatorConstants.ENROL_USER_IN_AUTHENTICATIONFLOW)) : Boolean.parseBoolean(authenticationContext.getProperty(TOTPAuthenticatorConstants.ENROL_USER_IN_AUTHENTICATIONFLOW).toString());
    }

    public static void redirectToEnableTOTPReqPage(HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext, String str) throws AuthenticationFailedException {
        redirectToEnableTOTPReqPage(null, httpServletResponse, authenticationContext, str);
    }

    public static void redirectToEnableTOTPReqPage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext, String str) throws AuthenticationFailedException {
        if (!isEnrolUserInAuthenticationFlowEnabled(authenticationContext)) {
            throw new AuthenticationFailedException("Error while getting value for EnrolUserInAuthenticationFlow");
        }
        try {
            httpServletResponse.sendRedirect(FrameworkUtils.appendQueryParamsStringToUrl(getEnableTOTPPage(authenticationContext), "t=" + authenticationContext.getLoginTenantDomain() + "&sessionDataKey=" + authenticationContext.getContextIdentifier() + "&authenticators=totp&type=totp&sp=" + Encode.forUriComponent(authenticationContext.getServiceProviderName()) + "&ske=" + str + getMultiOptionURIQueryParam(httpServletRequest)));
        } catch (IOException e) {
            throw new AuthenticationFailedException("Error while redirecting the request to get enableTOTP request page. ", e);
        }
    }

    public static String getMultiOptionURIQueryParam(HttpServletRequest httpServletRequest) {
        String str = "";
        if (httpServletRequest != null) {
            String parameter = httpServletRequest.getParameter("multiOptionURI");
            str = parameter != null ? "&multiOptionURI=" + Encode.forUriComponent(parameter) : "";
        }
        return str;
    }

    public static UserRealm getUserRealm(String str) throws AuthenticationFailedException {
        UserRealm userRealm = null;
        if (str != null) {
            try {
                userRealm = TOTPDataHolder.getInstance().getRealmService().getTenantUserRealm(IdentityTenantUtil.getTenantId(MultitenantUtils.getTenantDomain(str)));
            } catch (UserStoreException e) {
                throw new AuthenticationFailedException("Cannot find the user realm for the username: " + str, e);
            }
        }
        return userRealm;
    }

    public static String getLoginPageFromXMLFile(AuthenticationContext authenticationContext, String str) throws AuthenticationFailedException {
        String str2;
        Object obj = null;
        String tenantDomain = authenticationContext.getTenantDomain();
        if (!"carbon.super".equals(tenantDomain)) {
            obj = authenticationContext.getProperty(TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG);
        }
        if ((obj != null || "carbon.super".equals(tenantDomain)) && getTOTPParameters().containsKey(TOTPAuthenticatorConstants.TOTP_AUTHENTICATION_ENDPOINT_URL)) {
            str2 = getTOTPParameters().get(TOTPAuthenticatorConstants.TOTP_AUTHENTICATION_ENDPOINT_URL);
        } else if (authenticationContext.getProperty(TOTPAuthenticatorConstants.TOTP_AUTHENTICATION_ENDPOINT_URL) != null) {
            str2 = String.valueOf(authenticationContext.getProperty(TOTPAuthenticatorConstants.TOTP_AUTHENTICATION_ENDPOINT_URL));
        } else {
            str2 = ConfigurationFacade.getInstance().getAuthenticationEndpointURL().replace(TOTPAuthenticatorConstants.LOGIN_PAGE, TOTPAuthenticatorConstants.TOTP_LOGIN_PAGE);
            if (log.isDebugEnabled()) {
                log.debug("Default totp login page: " + str2 + " is used.");
            }
        }
        return str2;
    }

    public static String getErrorPageFromXMLFile(AuthenticationContext authenticationContext, String str) throws AuthenticationFailedException {
        String str2;
        Object obj = null;
        String tenantDomain = authenticationContext.getTenantDomain();
        if (!"carbon.super".equals(tenantDomain)) {
            obj = authenticationContext.getProperty(TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG);
        }
        if ((obj != null || "carbon.super".equals(tenantDomain)) && getTOTPParameters().containsKey(TOTPAuthenticatorConstants.TOTP_AUTHENTICATION_ERROR_PAGE_URL)) {
            str2 = getTOTPParameters().get(TOTPAuthenticatorConstants.TOTP_AUTHENTICATION_ERROR_PAGE_URL);
        } else if (authenticationContext.getProperty(TOTPAuthenticatorConstants.TOTP_AUTHENTICATION_ERROR_PAGE_URL) != null) {
            str2 = String.valueOf(authenticationContext.getProperty(TOTPAuthenticatorConstants.TOTP_AUTHENTICATION_ERROR_PAGE_URL));
        } else {
            str2 = ConfigurationFacade.getInstance().getAuthenticationEndpointURL().replace(TOTPAuthenticatorConstants.LOGIN_PAGE, TOTPAuthenticatorConstants.ERROR_PAGE);
            if (log.isDebugEnabled()) {
                log.debug("Default error page: " + str2 + " is used.");
            }
        }
        return str2;
    }

    public static String getTOTPLoginPage(AuthenticationContext authenticationContext) throws AuthenticationFailedException {
        String loginPageFromXMLFile = getLoginPageFromXMLFile(authenticationContext, "totp");
        return IdentityTenantUtil.isTenantQualifiedUrlsEnabled() ? getTenantQualifiedURL(loginPageFromXMLFile, TOTPAuthenticatorConstants.TOTP_LOGIN_PAGE) : loginPageFromXMLFile;
    }

    public static String getTOTPErrorPage(AuthenticationContext authenticationContext) throws AuthenticationFailedException {
        String errorPageFromXMLFile = getErrorPageFromXMLFile(authenticationContext, "totp");
        return IdentityTenantUtil.isTenantQualifiedUrlsEnabled() ? getTenantQualifiedURL(errorPageFromXMLFile, TOTPAuthenticatorConstants.ERROR_PAGE) : errorPageFromXMLFile;
    }

    public static String getEnableTOTPPage(AuthenticationContext authenticationContext) throws AuthenticationFailedException {
        String enableTOTPPageFromXMLFile = getEnableTOTPPageFromXMLFile(authenticationContext, "totp");
        return IdentityTenantUtil.isTenantQualifiedUrlsEnabled() ? getTenantQualifiedURL(enableTOTPPageFromXMLFile, TOTPAuthenticatorConstants.ENABLE_TOTP_REQUEST_PAGE) : enableTOTPPageFromXMLFile;
    }

    public static String getEnableTOTPPageFromXMLFile(AuthenticationContext authenticationContext, String str) throws AuthenticationFailedException {
        String str2;
        Object obj = null;
        String tenantDomain = authenticationContext.getTenantDomain();
        if (!"carbon.super".equals(tenantDomain)) {
            obj = authenticationContext.getProperty(TOTPAuthenticatorConstants.GET_PROPERTY_FROM_IDENTITY_CONFIG);
        }
        if ((obj != null || "carbon.super".equals(tenantDomain)) && getTOTPParameters().containsKey(TOTPAuthenticatorConstants.ENABLE_TOTP_REQUEST_PAGE_URL)) {
            str2 = getTOTPParameters().get(TOTPAuthenticatorConstants.ENABLE_TOTP_REQUEST_PAGE_URL);
        } else if (authenticationContext.getProperty(TOTPAuthenticatorConstants.ENABLE_TOTP_REQUEST_PAGE_URL) != null) {
            str2 = String.valueOf(authenticationContext.getProperty(TOTPAuthenticatorConstants.ENABLE_TOTP_REQUEST_PAGE_URL));
        } else {
            str2 = ConfigurationFacade.getInstance().getAuthenticationEndpointURL().replace(TOTPAuthenticatorConstants.LOGIN_PAGE, TOTPAuthenticatorConstants.ENABLE_TOTP_REQUEST_PAGE);
            if (log.isDebugEnabled()) {
                log.debug("Default TOTP enrollment page: " + str2 + " is used.");
            }
        }
        return str2;
    }

    public static boolean isEventHandlerBasedEmailSenderEnabled() {
        return Boolean.parseBoolean(getTOTPParameters().get(TOTPAuthenticatorConstants.USE_EVENT_HANDLER_BASED_EMAIL_SENDER));
    }

    public static Property[] getAccountLockConnectorConfigs(String str) throws AuthenticationFailedException {
        try {
            return TOTPDataHolder.getInstance().getIdentityGovernanceService().getConfiguration(new String[]{TOTPAuthenticatorConstants.PROPERTY_ACCOUNT_LOCK_ON_FAILURE, TOTPAuthenticatorConstants.PROPERTY_ACCOUNT_LOCK_ON_FAILURE_MAX, TOTPAuthenticatorConstants.PROPERTY_ACCOUNT_LOCK_TIME, TOTPAuthenticatorConstants.PROPERTY_LOGIN_FAIL_TIMEOUT_RATIO}, str);
        } catch (IdentityGovernanceException e) {
            throw new AuthenticationFailedException("Error occurred while retrieving account lock connector configuration", e);
        }
    }

    public static boolean isAccountLockingEnabledForTotp() {
        return Boolean.parseBoolean(getTOTPParameters().get(TOTPAuthenticatorConstants.ENABLE_ACCOUNT_LOCKING_FOR_FAILED_ATTEMPTS));
    }

    public static boolean isAccountLocked(String str, String str2, String str3) throws AuthenticationFailedException {
        try {
            return TOTPDataHolder.getInstance().getAccountLockService().isAccountLocked(str, str2, str3);
        } catch (AccountLockServiceException e) {
            throw new AuthenticationFailedException(String.format("Error while validating account lock status of user: %s.", str), e);
        }
    }

    public static boolean isLocalUser(AuthenticationContext authenticationContext) {
        Map stepMap = authenticationContext.getSequenceConfig().getStepMap();
        if (stepMap == null) {
            return false;
        }
        for (StepConfig stepConfig : stepMap.values()) {
            if (stepConfig.getAuthenticatedUser() != null && stepConfig.isSubjectAttributeStep() && StringUtils.equals(TOTPAuthenticatorConstants.LOCAL_AUTHENTICATOR, stepConfig.getAuthenticatedIdP())) {
                return true;
            }
        }
        return false;
    }

    public static AuthenticatedUser getAuthenticatedUser(AuthenticationContext authenticationContext) {
        AuthenticatedUser authenticatedUser = null;
        Map stepMap = authenticationContext.getSequenceConfig().getStepMap();
        if (stepMap != null) {
            Iterator it = stepMap.values().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                StepConfig stepConfig = (StepConfig) it.next();
                AuthenticatedUser authenticatedUser2 = stepConfig.getAuthenticatedUser();
                if (stepConfig.isSubjectAttributeStep() && authenticatedUser2 != null) {
                    authenticatedUser = new AuthenticatedUser(stepConfig.getAuthenticatedUser());
                    break;
                }
            }
        }
        return authenticatedUser;
    }

    public static boolean isSendVerificationCodeByEmailEnabled() {
        return Boolean.parseBoolean(getTOTPParameters().getOrDefault(TOTPAuthenticatorConstants.ENABLE_SEND_VERIFICATION_CODE_BY_EMAIL, "false"));
    }

    private static String getTenantQualifiedURL(String str, String str2) throws AuthenticationFailedException {
        try {
            return StringUtils.isNotBlank(str) ? isURLRelative(str) ? buildTenantQualifiedURL(str) : str : buildTenantQualifiedURL(str2);
        } catch (URLBuilderException | URISyntaxException e) {
            throw new AuthenticationFailedException("Error while building tenant qualified URL for context: " + ((String) null), e);
        }
    }

    private static String buildTenantQualifiedURL(String str) throws URLBuilderException {
        return ServiceURLBuilder.create().addPath(new String[]{str}).build().getAbsolutePublicURL();
    }

    private static boolean isURLRelative(String str) throws URISyntaxException {
        return !new URI(str).isAbsolute();
    }

    public static String createDisplayNameForFederatedUsers(AuthenticationContext authenticationContext, String str) throws TOTPException {
        Iterator it = authenticationContext.getSequenceConfig().getStepMap().entrySet().iterator();
        while (it.hasNext()) {
            StepConfig stepConfig = (StepConfig) ((Map.Entry) it.next()).getValue();
            if (stepConfig.getAuthenticatedAutenticator().getApplicationAuthenticator() instanceof FederatedApplicationAuthenticator) {
                try {
                    ExternalIdPConfig idPConfigByName = ConfigurationFacade.getInstance().getIdPConfigByName(stepConfig.getAuthenticatedIdP(), authenticationContext.getTenantDomain());
                    if (stepConfig.isSubjectAttributeStep() && idPConfigByName != null) {
                        Map<String, String> mapFederateClaimsToLocal = mapFederateClaimsToLocal(idPConfigByName, stepConfig, authenticationContext);
                        if (mapFederateClaimsToLocal.size() == 0 || idPConfigByName.getIdentityProvider() == null || idPConfigByName.getIdentityProvider().getDefaultAuthenticatorConfig() == null || StringUtils.isBlank(idPConfigByName.getIdentityProvider().getDefaultAuthenticatorConfig().getDisplayName())) {
                            return null;
                        }
                        String orDefault = mapFederateClaimsToLocal.containsKey(TOTPAuthenticatorConstants.EMAIL_CLAIM_URL) ? mapFederateClaimsToLocal.get(TOTPAuthenticatorConstants.EMAIL_CLAIM_URL) : mapFederateClaimsToLocal.containsKey(TOTPAuthenticatorConstants.FIRST_NAME_CLAIM_URL) ? mapFederateClaimsToLocal.get(TOTPAuthenticatorConstants.FIRST_NAME_CLAIM_URL) : mapFederateClaimsToLocal.getOrDefault(TOTPAuthenticatorConstants.LAST_NAME_CLAIM_URL, str);
                        String identityProviderName = idPConfigByName.getIdentityProvider().getIdentityProviderName();
                        if (StringUtils.isNotBlank(orDefault) && StringUtils.isNotBlank(identityProviderName)) {
                            return identityProviderName.concat(":").concat(orDefault);
                        }
                    }
                } catch (IdentityProviderManagementException e) {
                    throw new TOTPException("TOTP Display name creation failed!. Error while getting External IDP config. ", e);
                }
            }
        }
        return null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v52, types: [java.util.Map] */
    private static Map<String, String> mapFederateClaimsToLocal(ExternalIdPConfig externalIdPConfig, StepConfig stepConfig, AuthenticationContext authenticationContext) throws TOTPException {
        boolean useDefaultLocalIdpDialect = externalIdPConfig.useDefaultLocalIdpDialect();
        String claimDialectURI = stepConfig.getAuthenticatedAutenticator().getApplicationAuthenticator().getClaimDialectURI();
        Map claimMappings = FrameworkUtils.getClaimMappings(stepConfig.getAuthenticatedUser().getUserAttributes(), false);
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        if (useDefaultLocalIdpDialect && StringUtils.isNotBlank(claimDialectURI)) {
            try {
                hashMap = ClaimMetadataHandler.getInstance().getMappingsMapFromOtherDialectToCarbon(claimDialectURI, claimMappings.keySet(), authenticationContext.getTenantDomain(), true);
            } catch (ClaimMetadataException e) {
                throw new TOTPException("TOTP Display name creation failed!. Error while handling claim mappings. ", e);
            }
        } else {
            ClaimMapping[] claimMappings2 = externalIdPConfig.getClaimMappings();
            if (ArrayUtils.isNotEmpty(claimMappings2)) {
                for (ClaimMapping claimMapping : claimMappings2) {
                    if (claimMappings.containsKey(claimMapping.getRemoteClaim().getClaimUri())) {
                        hashMap.put(claimMapping.getLocalClaim().getClaimUri(), claimMapping.getRemoteClaim().getClaimUri());
                    }
                }
            }
        }
        if (hashMap != null) {
            for (Map.Entry entry : hashMap.entrySet()) {
                if (claimMappings.containsKey(entry.getValue()) && StringUtils.isNotBlank((String) claimMappings.get(entry.getValue()))) {
                    hashMap2.put((String) entry.getKey(), (String) claimMappings.get(entry.getValue()));
                }
            }
        }
        return hashMap2;
    }
}
