package org.wso2.carbon.identity.recovery.internal.service.impl.username;

import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URLDecoder;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import org.apache.commons.collections.MapUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.common.model.User;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.event.IdentityEventException;
import org.wso2.carbon.identity.event.event.Event;
import org.wso2.carbon.identity.governance.service.notification.NotificationChannels;
import org.wso2.carbon.identity.recovery.IdentityRecoveryClientException;
import org.wso2.carbon.identity.recovery.IdentityRecoveryConstants;
import org.wso2.carbon.identity.recovery.IdentityRecoveryException;
import org.wso2.carbon.identity.recovery.IdentityRecoveryServerException;
import org.wso2.carbon.identity.recovery.RecoveryScenarios;
import org.wso2.carbon.identity.recovery.RecoverySteps;
import org.wso2.carbon.identity.recovery.dto.RecoveryInformationDTO;
import org.wso2.carbon.identity.recovery.dto.UsernameRecoverDTO;
import org.wso2.carbon.identity.recovery.internal.IdentityRecoveryServiceDataHolder;
import org.wso2.carbon.identity.recovery.internal.service.impl.UserAccountRecoveryManager;
import org.wso2.carbon.identity.recovery.model.UserRecoveryData;
import org.wso2.carbon.identity.recovery.services.username.UsernameRecoveryManager;
import org.wso2.carbon.identity.recovery.store.JDBCRecoveryDataStore;
import org.wso2.carbon.identity.recovery.util.Utils;
import org.wso2.carbon.user.core.util.UserCoreUtil;

/* loaded from: input_file:org/wso2/carbon/identity/recovery/internal/service/impl/username/UsernameRecoveryManagerImpl.class */
public class UsernameRecoveryManagerImpl implements UsernameRecoveryManager {
    private static final Log log = LogFactory.getLog(UsernameRecoveryManagerImpl.class);

    @Override // org.wso2.carbon.identity.recovery.services.username.UsernameRecoveryManager
    public RecoveryInformationDTO initiate(Map<String, String> map, String str, Map<String, String> map2) throws IdentityRecoveryException {
        validateTenantDomain(str);
        validateConfigurations(str);
        UserAccountRecoveryManager userAccountRecoveryManager = UserAccountRecoveryManager.getInstance();
        RecoveryInformationDTO recoveryInformationDTO = new RecoveryInformationDTO();
        boolean useLegacyAPIApproach = useLegacyAPIApproach(map2);
        boolean isNotificationsInternallyManaged = Utils.isNotificationsInternallyManaged(str, map2);
        if (!useLegacyAPIApproach) {
            HashMap hashMap = new HashMap();
            hashMap.put(IdentityRecoveryConstants.MANAGE_NOTIFICATIONS_INTERNALLY_PROPERTY_KEY, Boolean.toString(isNotificationsInternallyManaged));
            recoveryInformationDTO.setRecoveryChannelInfoDTO(userAccountRecoveryManager.retrieveUserRecoveryInformation(map, str, RecoveryScenarios.USERNAME_RECOVERY, hashMap));
            return recoveryInformationDTO;
        }
        String usernameByClaims = userAccountRecoveryManager.getUsernameByClaims(map, str);
        if (!StringUtils.isNotEmpty(usernameByClaims)) {
            if (log.isDebugEnabled()) {
                log.debug("No user found for the given claims in tenant domain : " + str);
            }
            if (Boolean.parseBoolean(IdentityUtil.getProperty(IdentityRecoveryConstants.ConnectorConfig.NOTIFY_USER_EXISTENCE))) {
                throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_NO_USER_FOUND, null);
            }
            return null;
        }
        if (!isNotificationsInternallyManaged) {
            if (log.isDebugEnabled()) {
                log.debug("Successful username recovery for user: " + usernameByClaims + ". User notified Externally");
            }
            recoveryInformationDTO.setUsername(usernameByClaims);
            return recoveryInformationDTO;
        }
        triggerNotification(createUser(usernameByClaims, str), NotificationChannels.EMAIL_CHANNEL.getChannelType(), "TRIGGER_NOTIFICATION", null);
        if (!log.isDebugEnabled()) {
            return null;
        }
        log.debug("Successful username recovery for user: " + usernameByClaims + ". User notified Internally");
        return null;
    }

    @Override // org.wso2.carbon.identity.recovery.services.username.UsernameRecoveryManager
    public UsernameRecoverDTO notify(String str, String str2, String str3, Map<String, String> map) throws IdentityRecoveryException {
        validateTenantDomain(str3);
        int validateChannelID = validateChannelID(str2);
        validateConfigurations(str3);
        UserRecoveryData userRecoveryData = UserAccountRecoveryManager.getInstance().getUserRecoveryData(str, RecoverySteps.SEND_RECOVERY_INFORMATION);
        invalidateRecoveryCode(str);
        String extractNotificationChannelDetails = extractNotificationChannelDetails(userRecoveryData.getRemainingSetIds(), validateChannelID);
        if (!NotificationChannels.EXTERNAL_CHANNEL.getChannelType().equals(extractNotificationChannelDetails)) {
            String resolveEventName = Utils.resolveEventName(extractNotificationChannelDetails);
            validateCallbackURL(map, userRecoveryData.getUser());
            triggerNotification(userRecoveryData.getUser(), extractNotificationChannelDetails, resolveEventName, map);
        }
        return buildUserNameRecoveryResponseDTO(userRecoveryData.getUser(), extractNotificationChannelDetails);
    }

    private boolean useLegacyAPIApproach(Map<String, String> map) {
        if (!MapUtils.isNotEmpty(map)) {
            return false;
        }
        try {
            return Boolean.parseBoolean(map.get(IdentityRecoveryConstants.USE_LEGACY_API_PROPERTY_KEY));
        } catch (NumberFormatException e) {
            if (!log.isDebugEnabled()) {
                return false;
            }
            log.debug(String.format("Invalid boolean value : %s to enable legacyAPIs", map.get(IdentityRecoveryConstants.USE_LEGACY_API_PROPERTY_KEY)));
            return false;
        }
    }

    private User createUser(String str, String str2) {
        User user = new User();
        user.setUserName(UserCoreUtil.removeDomainFromName(str));
        user.setTenantDomain(str2);
        user.setUserStoreDomain(IdentityUtil.extractDomainFromName(str));
        return user;
    }

    private int validateChannelID(String str) throws IdentityRecoveryClientException {
        try {
            int parseInt = Integer.parseInt(str);
            if (parseInt < 1) {
                throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_CHANNEL_ID, null);
            }
            return parseInt;
        } catch (NumberFormatException e) {
            throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_CHANNEL_ID, null);
        }
    }

    private UsernameRecoverDTO buildUserNameRecoveryResponseDTO(User user, String str) {
        UsernameRecoverDTO usernameRecoverDTO = new UsernameRecoverDTO();
        usernameRecoverDTO.setNotificationChannel(str);
        if (NotificationChannels.EXTERNAL_CHANNEL.getChannelType().equals(str)) {
            usernameRecoverDTO.setCode(IdentityRecoveryConstants.SuccessEvents.SUCCESS_STATUS_CODE_USERNAME_EXTERNALLY_NOTIFIED.getCode());
            usernameRecoverDTO.setMessage(IdentityRecoveryConstants.SuccessEvents.SUCCESS_STATUS_CODE_USERNAME_EXTERNALLY_NOTIFIED.getMessage());
            usernameRecoverDTO.setUsername(String.format("%s@%s", user.getUserName(), user.getTenantDomain()));
        } else {
            usernameRecoverDTO.setCode(IdentityRecoveryConstants.SuccessEvents.SUCCESS_STATUS_CODE_USERNAME_INTERNALLY_NOTIFIED.getCode());
            usernameRecoverDTO.setMessage(IdentityRecoveryConstants.SuccessEvents.SUCCESS_STATUS_CODE_USERNAME_INTERNALLY_NOTIFIED.getMessage());
            usernameRecoverDTO.setUsername("");
        }
        return usernameRecoverDTO;
    }

    private void invalidateRecoveryCode(String str) throws IdentityRecoveryException {
        JDBCRecoveryDataStore.getInstance().invalidate(str);
    }

    private void triggerNotification(User user, String str, String str2, Map<String, String> map) throws IdentityRecoveryException {
        HashMap hashMap = new HashMap();
        hashMap.put("user-name", user.getUserName());
        hashMap.put("tenant-domain", user.getTenantDomain());
        hashMap.put("userstore-domain", user.getUserStoreDomain());
        hashMap.put("notification-channel", str);
        if (map != null) {
            for (String str3 : map.keySet()) {
                String str4 = map.get(str3);
                if (StringUtils.isNotBlank(str3) && StringUtils.isNotBlank(str4)) {
                    hashMap.put(str3, str4);
                }
            }
        }
        hashMap.put(IdentityRecoveryConstants.TEMPLATE_TYPE, IdentityRecoveryConstants.NOTIFICATION_ACCOUNT_ID_RECOVERY);
        try {
            IdentityRecoveryServiceDataHolder.getInstance().getIdentityEventService().handleEvent(new Event(str2, hashMap));
        } catch (IdentityEventException e) {
            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_TRIGGER_NOTIFICATION, user.getUserName(), (Throwable) e);
        }
    }

    private String extractNotificationChannelDetails(String str, int i) throws IdentityRecoveryException {
        String[] split = str.split(",");
        if (split.length < i) {
            throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_CHANNEL_ID, null);
        }
        return split[i - 1].split(IdentityRecoveryConstants.CHANNEL_ATTRIBUTE_SEPARATOR)[0];
    }

    private void validateConfigurations(String str) throws IdentityRecoveryException {
        if (!Boolean.parseBoolean(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig.USERNAME_RECOVERY_ENABLE, str))) {
            throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_USERNAME_RECOVERY_NOT_ENABLED, null);
        }
    }

    private void validateCallbackURL(Map<String, String> map, User user) throws IdentityRecoveryException {
        String callbackURL = getCallbackURL(map);
        try {
            if (!StringUtils.isNotBlank(callbackURL) || Utils.validateCallbackURL(callbackURL, user.getTenantDomain(), IdentityRecoveryConstants.ConnectorConfig.RECOVERY_CALLBACK_REGEX)) {
            } else {
                throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CALLBACK_URL_NOT_VALID, callbackURL);
            }
        } catch (IdentityEventException e) {
            throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CALLBACK_URL_NOT_VALID, callbackURL);
        }
    }

    private String getCallbackURL(Map<String, String> map) throws IdentityRecoveryServerException {
        String str = null;
        try {
            if (MapUtils.isNotEmpty(map)) {
                Iterator<String> it = map.keySet().iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    String next = it.next();
                    if (IdentityRecoveryConstants.CALLBACK.equals(next)) {
                        str = URLDecoder.decode(map.get(next), IdentityRecoveryConstants.UTF_8);
                        break;
                    }
                }
                if (StringUtils.isNotBlank(str)) {
                    URI uri = new URI(str);
                    str = new URI(uri.getScheme(), uri.getAuthority(), uri.getPath(), null, null).toString();
                }
            }
            return str;
        } catch (UnsupportedEncodingException | URISyntaxException e) {
            if (log.isDebugEnabled()) {
                log.debug("Error getting callback url", e);
            }
            throw Utils.handleServerException(Utils.prependOperationScenarioToErrorCode(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CALLBACK_URL_NOT_VALID.getCode(), IdentityRecoveryConstants.USER_ACCOUNT_RECOVERY), IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CALLBACK_URL_NOT_VALID.getMessage(), str);
        }
    }

    private void validateTenantDomain(String str) throws IdentityRecoveryClientException {
        if (StringUtils.isBlank(str)) {
            throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_USERNAME_RECOVERY_EMPTY_TENANT_DOMAIN.getCode(), IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_USERNAME_RECOVERY_EMPTY_TENANT_DOMAIN.getMessage(), (String) null);
        }
    }
}
