package org.wso2.carbon.identity.oauth2.dao;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.TimeZone;
import java.util.UUID;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang3.tuple.Pair;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
import org.wso2.carbon.identity.core.util.IdentityDatabaseUtil;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.oauth.dao.SQLQueries;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.Oauth2ScopeConstants;
import org.wso2.carbon.identity.oauth2.device.constants.Constants;
import org.wso2.carbon.identity.oauth2.internal.OAuth2ServiceComponentHolder;
import org.wso2.carbon.identity.oauth2.internal.OAuthApplicationMgtListener;
import org.wso2.carbon.identity.oauth2.model.AccessTokenDO;
import org.wso2.carbon.identity.oauth2.model.RefreshTokenValidationDataDO;
import org.wso2.carbon.identity.oauth2.util.OAuth2Util;

/* loaded from: input_file:org/wso2/carbon/identity/oauth2/dao/TokenManagementDAOImpl.class */
public class TokenManagementDAOImpl extends AbstractOAuthDAO implements TokenManagementDAO {
    private static final Log log = LogFactory.getLog(TokenManagementDAOImpl.class);
    public static final String AUTHZ_USER = "AUTHZ_USER";
    public static final String LOWER_AUTHZ_USER = "LOWER(AUTHZ_USER)";
    private static final String UTC = "UTC";
    private boolean isHashDisabled = OAuth2Util.isHashDisabled();
    private static final String IDN_OAUTH2_ACCESS_TOKEN = "IDN_OAUTH2_ACCESS_TOKEN";

    @Override // org.wso2.carbon.identity.oauth2.dao.TokenManagementDAO
    public RefreshTokenValidationDataDO validateRefreshToken(String str, String str2) throws IdentityOAuth2Exception {
        if (log.isDebugEnabled()) {
            if (IdentityUtil.isTokenLoggable("RefreshToken")) {
                log.debug("Validating refresh token(hashed): " + DigestUtils.sha256Hex(str2) + " client: " + str);
            } else {
                log.debug("Validating refresh token for client: " + str);
            }
        }
        RefreshTokenValidationDataDO refreshTokenValidationDataDO = new RefreshTokenValidationDataDO();
        Connection dBConnection = IdentityDatabaseUtil.getDBConnection(false);
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                String driverName = dBConnection.getMetaData().getDriverName();
                String tokenPartitionedSqlByToken = OAuth2Util.getTokenPartitionedSqlByToken(OAuth2ServiceComponentHolder.isIDPIdColumnEnabled() ? (driverName.contains("MySQL") || driverName.contains("MariaDB") || driverName.contains("H2")) ? SQLQueries.RETRIEVE_ACCESS_TOKEN_VALIDATION_DATA_IDP_NAME_MYSQL : dBConnection.getMetaData().getDatabaseProductName().contains("DB2") ? SQLQueries.RETRIEVE_ACCESS_TOKEN_VALIDATION_DATA_IDP_NAME_DB2SQL : (driverName.contains("MS SQL") || driverName.contains("Microsoft")) ? SQLQueries.RETRIEVE_ACCESS_TOKEN_VALIDATION_DATA_IDP_NAME_MSSQL : driverName.contains("PostgreSQL") ? SQLQueries.RETRIEVE_ACCESS_TOKEN_VALIDATION_DATA_IDP_NAME_POSTGRESQL : driverName.contains("INFORMIX") ? SQLQueries.RETRIEVE_ACCESS_TOKEN_VALIDATION_DATA_IDP_NAME_INFORMIX : SQLQueries.RETRIEVE_ACCESS_TOKEN_VALIDATION_DATA_IDP_NAME_ORACLE : (driverName.contains("MySQL") || driverName.contains("MariaDB") || driverName.contains("H2")) ? SQLQueries.RETRIEVE_ACCESS_TOKEN_VALIDATION_DATA_MYSQL : dBConnection.getMetaData().getDatabaseProductName().contains("DB2") ? SQLQueries.RETRIEVE_ACCESS_TOKEN_VALIDATION_DATA_DB2SQL : (driverName.contains("MS SQL") || driverName.contains("Microsoft")) ? SQLQueries.RETRIEVE_ACCESS_TOKEN_VALIDATION_DATA_MSSQL : driverName.contains("PostgreSQL") ? SQLQueries.RETRIEVE_ACCESS_TOKEN_VALIDATION_DATA_POSTGRESQL : driverName.contains("INFORMIX") ? SQLQueries.RETRIEVE_ACCESS_TOKEN_VALIDATION_DATA_INFORMIX : SQLQueries.RETRIEVE_ACCESS_TOKEN_VALIDATION_DATA_ORACLE, str2);
                if (str2 == null) {
                    tokenPartitionedSqlByToken = tokenPartitionedSqlByToken.replace("REFRESH_TOKEN = ?", "REFRESH_TOKEN IS NULL");
                }
                preparedStatement = dBConnection.prepareStatement(tokenPartitionedSqlByToken);
                preparedStatement.setString(1, getPersistenceProcessor().getProcessedClientId(str));
                if (str2 != null) {
                    preparedStatement.setString(2, getHashingPersistenceProcessor().getProcessedRefreshToken(str2));
                }
                resultSet = preparedStatement.executeQuery();
                int i = 0;
                ArrayList arrayList = new ArrayList();
                while (resultSet.next()) {
                    if (i == 0) {
                        if (this.isHashDisabled) {
                            refreshTokenValidationDataDO.setAccessToken(getPersistenceProcessor().getPreprocessedAccessTokenIdentifier(resultSet.getString(1)));
                        } else {
                            refreshTokenValidationDataDO.setAccessToken(resultSet.getString(1));
                        }
                        String string = resultSet.getString(2);
                        int i2 = resultSet.getInt(3);
                        String string2 = resultSet.getString(4);
                        String tenantDomain = OAuth2Util.getTenantDomain(i2);
                        refreshTokenValidationDataDO.setRefreshToken(str2);
                        refreshTokenValidationDataDO.setScope(OAuth2Util.buildScopeArray(resultSet.getString(5)));
                        refreshTokenValidationDataDO.setRefreshTokenState(resultSet.getString(6));
                        refreshTokenValidationDataDO.setIssuedTime(resultSet.getTimestamp(7, Calendar.getInstance(TimeZone.getTimeZone("UTC"))));
                        refreshTokenValidationDataDO.setValidityPeriodInMillis(resultSet.getLong(8));
                        refreshTokenValidationDataDO.setTokenId(resultSet.getString(9));
                        refreshTokenValidationDataDO.setGrantType(resultSet.getString(10));
                        String string3 = resultSet.getString(11);
                        refreshTokenValidationDataDO.setTokenBindingReference(resultSet.getString(12));
                        refreshTokenValidationDataDO.setAccessTokenIssuedTime(resultSet.getTimestamp(13, Calendar.getInstance(TimeZone.getTimeZone("UTC"))));
                        refreshTokenValidationDataDO.setAccessTokenValidityInMillis(resultSet.getLong(14));
                        String str3 = null;
                        if (OAuth2ServiceComponentHolder.isIDPIdColumnEnabled()) {
                            str3 = resultSet.getString(15);
                        }
                        AuthenticatedUser createAuthenticatedUser = OAuth2Util.createAuthenticatedUser(string, string2, tenantDomain, str3);
                        createAuthenticatedUser.setAuthenticatedSubjectIdentifier(string3);
                        refreshTokenValidationDataDO.setAuthorizedUser(createAuthenticatedUser);
                    } else {
                        arrayList.add(resultSet.getString(5));
                    }
                    i++;
                }
                if (arrayList.size() > 0 && refreshTokenValidationDataDO != null) {
                    refreshTokenValidationDataDO.setScope((String[]) ArrayUtils.addAll(refreshTokenValidationDataDO.getScope(), arrayList.toArray(new String[arrayList.size()])));
                }
                IdentityDatabaseUtil.closeAllConnections(dBConnection, resultSet, preparedStatement);
                return refreshTokenValidationDataDO;
            } catch (SQLException e) {
                throw new IdentityOAuth2Exception("Error when validating a refresh token", e);
            }
        } catch (Throwable th) {
            IdentityDatabaseUtil.closeAllConnections(dBConnection, resultSet, preparedStatement);
            throw th;
        }
    }

    @Override // org.wso2.carbon.identity.oauth2.dao.TokenManagementDAO
    public AccessTokenDO getRefreshToken(String str) throws IdentityOAuth2Exception {
        if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable("RefreshToken")) {
            log.debug("Validating refresh token(hashed): " + DigestUtils.sha256Hex(str));
        }
        AccessTokenDO accessTokenDO = null;
        Connection dBConnection = IdentityDatabaseUtil.getDBConnection(false);
        try {
            try {
                PreparedStatement prepareStatement = dBConnection.prepareStatement(OAuth2Util.getTokenPartitionedSqlByToken(OAuth2ServiceComponentHolder.isIDPIdColumnEnabled() ? SQLQueries.RETRIEVE_REFRESH_TOKEN_WITH_IDP_NAME : SQLQueries.RETRIEVE_REFRESH_TOKEN, str));
                prepareStatement.setString(1, getHashingPersistenceProcessor().getProcessedRefreshToken(str));
                ResultSet executeQuery = prepareStatement.executeQuery();
                int i = 0;
                ArrayList arrayList = new ArrayList();
                while (executeQuery.next()) {
                    if (i == 0) {
                        String preprocessedClientId = getPersistenceProcessor().getPreprocessedClientId(executeQuery.getString(1));
                        String string = executeQuery.getString(2);
                        int i2 = executeQuery.getInt(3);
                        String tenantDomain = OAuth2Util.getTenantDomain(i2);
                        String string2 = executeQuery.getString(4);
                        String[] buildScopeArray = OAuth2Util.buildScopeArray(executeQuery.getString(5));
                        Timestamp timestamp = executeQuery.getTimestamp(6, Calendar.getInstance(TimeZone.getTimeZone("UTC")));
                        Timestamp timestamp2 = executeQuery.getTimestamp(7, Calendar.getInstance(TimeZone.getTimeZone("UTC")));
                        long j = executeQuery.getLong(8);
                        long j2 = executeQuery.getLong(9);
                        String string3 = executeQuery.getString(10);
                        String string4 = executeQuery.getString(11);
                        String string5 = executeQuery.getString(12);
                        String string6 = executeQuery.getString(13);
                        String string7 = executeQuery.getString(14);
                        String str2 = null;
                        if (OAuth2ServiceComponentHolder.isIDPIdColumnEnabled()) {
                            str2 = executeQuery.getString(15);
                        }
                        AuthenticatedUser createAuthenticatedUser = OAuth2Util.createAuthenticatedUser(string, string2, tenantDomain, str2);
                        try {
                            createAuthenticatedUser.setAuthenticatedSubjectIdentifier(string7, OAuth2ServiceComponentHolder.getApplicationMgtService().getServiceProviderByClientId(preprocessedClientId, OAuthApplicationMgtListener.OAUTH2, tenantDomain));
                            accessTokenDO = new AccessTokenDO(preprocessedClientId, createAuthenticatedUser, buildScopeArray, timestamp, timestamp2, j, j2, string3);
                            accessTokenDO.setAccessToken(string4);
                            accessTokenDO.setTokenId(string5);
                            accessTokenDO.setGrantType(string6);
                            accessTokenDO.setTenantID(i2);
                            accessTokenDO.setRefreshToken(str);
                        } catch (IdentityApplicationManagementException e) {
                            throw new IdentityOAuth2Exception("Error occurred while retrieving OAuth2 application data for client id " + preprocessedClientId, (Throwable) e);
                        }
                    } else {
                        arrayList.add(executeQuery.getString(5));
                    }
                    i++;
                }
                if (arrayList.size() > 0 && accessTokenDO != null) {
                    accessTokenDO.setScope((String[]) ArrayUtils.addAll(accessTokenDO.getScope(), arrayList.toArray(new String[arrayList.size()])));
                }
                IdentityDatabaseUtil.closeAllConnections(dBConnection, executeQuery, prepareStatement);
                return accessTokenDO;
            } catch (SQLException e2) {
                throw new IdentityOAuth2Exception("Error while retrieving Refresh Token", e2);
            }
        } catch (Throwable th) {
            IdentityDatabaseUtil.closeAllConnections(dBConnection, (ResultSet) null, (PreparedStatement) null);
            throw th;
        }
    }

    @Override // org.wso2.carbon.identity.oauth2.dao.TokenManagementDAO
    public Pair<String, Integer> findTenantAndScopeOfResource(String str) throws IdentityOAuth2Exception {
        if (log.isDebugEnabled()) {
            log.debug("Retrieving tenant and scope for resource: " + str);
        }
        try {
            Connection dBConnection = IdentityDatabaseUtil.getDBConnection(false);
            try {
                PreparedStatement prepareStatement = dBConnection.prepareStatement(dBConnection.getMetaData().getDriverName().contains(Oauth2ScopeConstants.DataBaseType.ORACLE) ? SQLQueries.RETRIEVE_SCOPE_WITH_TENANT_FOR_RESOURCE_ORACLE : SQLQueries.RETRIEVE_SCOPE_WITH_TENANT_FOR_RESOURCE);
                try {
                    prepareStatement.setString(1, str);
                    ResultSet executeQuery = prepareStatement.executeQuery();
                    try {
                        if (!executeQuery.next()) {
                            if (executeQuery != null) {
                                executeQuery.close();
                            }
                            if (prepareStatement != null) {
                                prepareStatement.close();
                            }
                            if (dBConnection != null) {
                                dBConnection.close();
                            }
                            return null;
                        }
                        String string = executeQuery.getString("NAME");
                        int i = executeQuery.getInt("TENANT_ID");
                        if (log.isDebugEnabled()) {
                            log.debug("Found tenant id: " + i + " and scope: " + string + " for resource: " + str);
                        }
                        Pair<String, Integer> of = Pair.of(string, Integer.valueOf(i));
                        if (executeQuery != null) {
                            executeQuery.close();
                        }
                        if (prepareStatement != null) {
                            prepareStatement.close();
                        }
                        if (dBConnection != null) {
                            dBConnection.close();
                        }
                        return of;
                    } catch (Throwable th) {
                        if (executeQuery != null) {
                            try {
                                executeQuery.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                    }
                } catch (Throwable th3) {
                    if (prepareStatement != null) {
                        try {
                            prepareStatement.close();
                        } catch (Throwable th4) {
                            th3.addSuppressed(th4);
                        }
                    }
                    throw th3;
                }
            } catch (Throwable th5) {
                if (dBConnection != null) {
                    try {
                        dBConnection.close();
                    } catch (Throwable th6) {
                        th5.addSuppressed(th6);
                    }
                }
                throw th5;
            }
        } catch (SQLException e) {
            throw new IdentityOAuth2Exception("Error getting scopes for resource - " + str, e);
        }
    }

    public void revokeOAuthConsentByApplicationAndUser(String str, String str2) throws IdentityOAuth2Exception {
        if (log.isDebugEnabled()) {
            log.debug("Revoking OAuth consent for application: " + str2 + " by user: " + str);
        }
        if (str == null || str2 == null) {
            if (log.isDebugEnabled()) {
                log.debug("Could not remove consent of user " + str + " for application " + str2);
                return;
            }
            return;
        }
        Connection dBConnection = IdentityDatabaseUtil.getDBConnection();
        PreparedStatement preparedStatement = null;
        try {
            try {
                preparedStatement = dBConnection.prepareStatement(SQLQueries.DELETE_USER_RPS);
                preparedStatement.setString(1, str);
                preparedStatement.setString(2, str2);
                preparedStatement.execute();
                IdentityDatabaseUtil.commitTransaction(dBConnection);
                IdentityDatabaseUtil.closeAllConnections(dBConnection, (ResultSet) null, preparedStatement);
            } catch (SQLException e) {
                IdentityDatabaseUtil.rollbackTransaction(dBConnection);
                throw new IdentityOAuth2Exception("Error deleting OAuth consent of Application " + str2 + " and User " + str, e);
            }
        } catch (Throwable th) {
            IdentityDatabaseUtil.closeAllConnections(dBConnection, (ResultSet) null, preparedStatement);
            throw th;
        }
    }

    @Override // org.wso2.carbon.identity.oauth2.dao.TokenManagementDAO
    public void revokeOAuthConsentByApplicationAndUser(String str, String str2, String str3) throws IdentityOAuth2Exception {
        if (log.isDebugEnabled()) {
            log.debug("Revoking OAuth consent for application: " + str3 + " by user: " + str + " tenant: " + str2);
        }
        if (str == null || str3 == null) {
            if (log.isDebugEnabled()) {
                log.debug("Could not remove consent of user " + str + " for application " + str3);
                return;
            }
            return;
        }
        Connection dBConnection = IdentityDatabaseUtil.getDBConnection();
        PreparedStatement preparedStatement = null;
        try {
            try {
                preparedStatement = dBConnection.prepareStatement(SQLQueries.DELETE_USER_RPS_IN_TENANT);
                preparedStatement.setString(1, str);
                preparedStatement.setInt(2, IdentityTenantUtil.getTenantId(str2));
                preparedStatement.setString(3, str3);
                preparedStatement.execute();
                IdentityDatabaseUtil.commitTransaction(dBConnection);
                IdentityDatabaseUtil.closeAllConnections(dBConnection, (ResultSet) null, preparedStatement);
            } catch (SQLException e) {
                IdentityDatabaseUtil.rollbackTransaction(dBConnection);
                throw new IdentityOAuth2Exception("Error deleting OAuth consent of Application " + str3 + " and User " + str, e);
            }
        } catch (Throwable th) {
            IdentityDatabaseUtil.closeAllConnections(dBConnection, (ResultSet) null, preparedStatement);
            throw th;
        }
    }

    @Override // org.wso2.carbon.identity.oauth2.dao.TokenManagementDAO
    public void revokeOAuthConsentsByApplication(String str, String str2) throws IdentityOAuth2Exception {
        if (log.isDebugEnabled()) {
            log.debug(String.format("Revoking all OAuth consents given for application: %s in tenant domain: %s.", str, str2));
        }
        int tenantId = IdentityTenantUtil.getTenantId(str2);
        try {
            Connection dBConnection = IdentityDatabaseUtil.getDBConnection(true);
            try {
                PreparedStatement prepareStatement = dBConnection.prepareStatement(SQLQueries.DELETE_USER_RPS_OF_APPLICATION);
                try {
                    prepareStatement.setInt(1, tenantId);
                    prepareStatement.setString(2, str);
                    prepareStatement.execute();
                    IdentityDatabaseUtil.commitTransaction(dBConnection);
                    if (prepareStatement != null) {
                        prepareStatement.close();
                    }
                    if (dBConnection != null) {
                        dBConnection.close();
                    }
                } catch (Throwable th) {
                    if (prepareStatement != null) {
                        try {
                            prepareStatement.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } finally {
            }
        } catch (SQLException e) {
            throw new IdentityOAuth2Exception(String.format("Error revoking all OAuth consents given for application: %s in tenant domain: %s.", str, str2), e);
        }
    }

    @Override // org.wso2.carbon.identity.oauth2.dao.TokenManagementDAO
    public void updateApproveAlwaysForAppConsentByResourceOwner(String str, String str2, String str3, String str4) throws IdentityOAuth2Exception {
        if (log.isDebugEnabled()) {
            log.debug("Setting consent for " + str4 + " OAuth consent for application: " + str3 + " by user: " + str + " tenant: " + str2);
        }
        if (str == null || str3 == null) {
            if (log.isDebugEnabled()) {
                log.debug("Could not remove consent of user " + str + " for application " + str3);
                return;
            }
            return;
        }
        Connection dBConnection = IdentityDatabaseUtil.getDBConnection();
        PreparedStatement preparedStatement = null;
        try {
            try {
                preparedStatement = dBConnection.prepareStatement(SQLQueries.UPDATE_TRUSTED_ALWAYS_IDN_OPENID_USER_RPS);
                preparedStatement.setString(1, str4);
                preparedStatement.setString(2, str);
                preparedStatement.setInt(3, IdentityTenantUtil.getTenantId(str2));
                preparedStatement.setString(4, str3);
                preparedStatement.execute();
                IdentityDatabaseUtil.commitTransaction(dBConnection);
                IdentityDatabaseUtil.closeAllConnections(dBConnection, (ResultSet) null, preparedStatement);
            } catch (SQLException e) {
                IdentityDatabaseUtil.rollbackTransaction(dBConnection);
                throw new IdentityOAuth2Exception("Error updating trusted always in a consent of Application " + str3 + " and User " + str, e);
            }
        } catch (Throwable th) {
            IdentityDatabaseUtil.closeAllConnections(dBConnection, (ResultSet) null, preparedStatement);
            throw th;
        }
    }

    @Override // org.wso2.carbon.identity.oauth2.dao.TokenManagementDAO
    public void updateAppAndRevokeTokensAndAuthzCodes(String str, Properties properties, String[] strArr, String[] strArr2) throws IdentityOAuth2Exception, IdentityApplicationManagementException {
        if (log.isDebugEnabled()) {
            log.debug("Updating state of client: " + str + " and revoking all access tokens and authorization codes.");
        }
        if (!properties.containsKey("action")) {
            throw new IdentityOAuth2Exception("Invalid operation.");
        }
        String property = properties.getProperty("action");
        PreparedStatement preparedStatement = null;
        PreparedStatement preparedStatement2 = null;
        try {
            try {
                Connection dBConnection = IdentityDatabaseUtil.getDBConnection();
                if ("revoke".equals(property)) {
                    if (!properties.containsKey("new_state")) {
                        throw new IdentityOAuth2Exception("New App State is not specified.");
                    }
                    String property2 = properties.getProperty("new_state");
                    if (log.isDebugEnabled()) {
                        log.debug("Changing the state of the client: " + str + " to " + property2 + " state.");
                    }
                    preparedStatement = dBConnection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.UPDATE_APPLICATION_STATE);
                    preparedStatement.setString(1, property2);
                    preparedStatement.setString(2, str);
                    preparedStatement.execute();
                } else if ("regenerate".equals(property)) {
                    if (!properties.containsKey("new_secretKey")) {
                        throw new IdentityOAuth2Exception("New Consumer Secret is not specified.");
                    }
                    String property3 = properties.getProperty("new_secretKey");
                    if (properties.containsKey("new_state")) {
                        preparedStatement = dBConnection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.UPDATE_OAUTH_SECRET_KEY_AND_STATE);
                        preparedStatement.setString(1, getPersistenceProcessor().getProcessedClientSecret(property3));
                        preparedStatement.setString(2, properties.getProperty("new_state"));
                        preparedStatement.setString(3, str);
                    } else {
                        preparedStatement = dBConnection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.UPDATE_OAUTH_SECRET_KEY);
                        preparedStatement.setString(1, getPersistenceProcessor().getProcessedClientSecret(property3));
                        preparedStatement.setString(2, str);
                    }
                    preparedStatement.execute();
                    if (log.isDebugEnabled()) {
                        log.debug("Regenerating the client secret of: " + str);
                    }
                }
                if (ArrayUtils.isNotEmpty(strArr2)) {
                    if (OAuth2Util.checkAccessTokenPartitioningEnabled() && OAuth2Util.checkUserNameAssertionEnabled()) {
                        for (String str2 : strArr2) {
                            preparedStatement2 = dBConnection.prepareStatement(OAuth2Util.getTokenPartitionedSqlByToken(SQLQueries.REVOKE_APP_ACCESS_TOKEN, str2));
                            preparedStatement2.setString(1, "REVOKED");
                            preparedStatement2.setString(2, UUID.randomUUID().toString());
                            preparedStatement2.setString(3, str);
                            int executeUpdate = preparedStatement2.executeUpdate();
                            if (log.isDebugEnabled()) {
                                log.debug("Number of rows being updated : " + executeUpdate);
                            }
                        }
                    } else {
                        preparedStatement2 = dBConnection.prepareStatement(SQLQueries.REVOKE_APP_ACCESS_TOKEN);
                        preparedStatement2.setString(1, "REVOKED");
                        preparedStatement2.setString(2, UUID.randomUUID().toString());
                        preparedStatement2.setString(3, str);
                        preparedStatement2.setString(4, "ACTIVE");
                        preparedStatement2.execute();
                    }
                }
                PreparedStatement prepareStatement = dBConnection.prepareStatement(SQLQueries.UPDATE_AUTHORIZATION_CODE_STATE_FOR_CONSUMER_KEY);
                prepareStatement.setString(1, "REVOKED");
                prepareStatement.setString(2, str);
                prepareStatement.executeUpdate();
                IdentityDatabaseUtil.commitTransaction(dBConnection);
                IdentityDatabaseUtil.closeStatement(preparedStatement);
                IdentityDatabaseUtil.closeStatement(preparedStatement2);
                IdentityDatabaseUtil.closeAllConnections(dBConnection, (ResultSet) null, prepareStatement);
            } catch (SQLException e) {
                IdentityDatabaseUtil.rollbackTransaction((Connection) null);
                throw new IdentityApplicationManagementException("Error while executing the SQL statement.", e);
            }
        } catch (Throwable th) {
            IdentityDatabaseUtil.closeStatement((PreparedStatement) null);
            IdentityDatabaseUtil.closeStatement((PreparedStatement) null);
            IdentityDatabaseUtil.closeAllConnections((Connection) null, (ResultSet) null, (PreparedStatement) null);
            throw th;
        }
    }

    @Override // org.wso2.carbon.identity.oauth2.dao.TokenManagementDAO
    public void revokeSaaSTokensOfOtherTenants(String str, int i) throws IdentityOAuth2Exception {
        if (log.isDebugEnabled()) {
            log.debug("Revoking access tokens of client: " + str + " tenant id: " + i + " issued for other tenants");
        }
        if (str == null) {
            if (log.isDebugEnabled()) {
                log.debug("Couldn't revoke token for tenant ID: " + i + " because of null consumer key");
                return;
            }
            return;
        }
        revokeSaaSTokensOfOtherTenants(str, IdentityUtil.getPrimaryDomainName(), i);
        if (OAuth2Util.checkAccessTokenPartitioningEnabled() && OAuth2Util.checkUserNameAssertionEnabled()) {
            Iterator<Map.Entry<String, String>> it = OAuth2Util.getAvailableUserStoreDomainMappings().entrySet().iterator();
            while (it.hasNext()) {
                revokeSaaSTokensOfOtherTenants(str, it.next().getKey(), i);
            }
        }
    }

    @Override // org.wso2.carbon.identity.oauth2.dao.TokenManagementDAO
    public void revokeSaaSTokensOfOtherTenants(String str, String str2, int i) throws IdentityOAuth2Exception {
        Connection dBConnection = IdentityDatabaseUtil.getDBConnection();
        PreparedStatement preparedStatement = null;
        try {
            try {
                preparedStatement = dBConnection.prepareStatement(OAuth2Util.getTokenPartitionedSqlByUserStore(SQLQueries.REVOKE_SAAS_TOKENS_OF_OTHER_TENANTS, str2));
                preparedStatement.setString(1, "REVOKED");
                preparedStatement.setString(2, UUID.randomUUID().toString());
                preparedStatement.setString(3, "ACTIVE");
                preparedStatement.setString(4, str);
                preparedStatement.setInt(5, i);
                preparedStatement.executeUpdate();
                IdentityDatabaseUtil.commitTransaction(dBConnection);
                IdentityDatabaseUtil.closeAllConnections(dBConnection, (ResultSet) null, preparedStatement);
            } catch (SQLException e) {
                String str3 = "Error revoking access tokens for client ID: " + str + "and tenant ID:" + i;
                IdentityDatabaseUtil.rollbackTransaction(dBConnection);
                throw new IdentityOAuth2Exception(str3, e);
            }
        } catch (Throwable th) {
            IdentityDatabaseUtil.closeAllConnections(dBConnection, (ResultSet) null, preparedStatement);
            throw th;
        }
    }

    @Override // org.wso2.carbon.identity.oauth2.dao.TokenManagementDAO
    public Set<String> getAllTimeAuthorizedClientIds(AuthenticatedUser authenticatedUser) throws IdentityOAuth2Exception {
        if (log.isDebugEnabled()) {
            log.debug("Retrieving all authorized clients by user: " + authenticatedUser.toString());
        }
        PreparedStatement preparedStatement = null;
        Connection dBConnection = IdentityDatabaseUtil.getDBConnection();
        ResultSet resultSet = null;
        HashSet hashSet = new HashSet();
        boolean isUserStoreInUsernameCaseSensitive = IdentityUtil.isUserStoreInUsernameCaseSensitive(authenticatedUser.toString());
        String tenantDomain = authenticatedUser.getTenantDomain();
        String userName = authenticatedUser.getUserName();
        String sanitizedUserStoreDomain = OAuth2Util.getSanitizedUserStoreDomain(authenticatedUser.getUserStoreDomain());
        try {
            try {
                int tenantId = OAuth2Util.getTenantId(tenantDomain);
                String tokenPartitionedSqlByUserStore = OAuth2Util.getTokenPartitionedSqlByUserStore(SQLQueries.GET_DISTINCT_APPS_AUTHORIZED_BY_USER_ALL_TIME, authenticatedUser.getUserStoreDomain());
                if (!isUserStoreInUsernameCaseSensitive) {
                    tokenPartitionedSqlByUserStore = tokenPartitionedSqlByUserStore.replace("AUTHZ_USER", LOWER_AUTHZ_USER);
                }
                preparedStatement = dBConnection.prepareStatement(tokenPartitionedSqlByUserStore);
                if (isUserStoreInUsernameCaseSensitive) {
                    preparedStatement.setString(1, userName);
                } else {
                    preparedStatement.setString(1, userName.toLowerCase());
                }
                preparedStatement.setInt(2, tenantId);
                preparedStatement.setString(3, sanitizedUserStoreDomain);
                resultSet = preparedStatement.executeQuery();
                while (resultSet.next()) {
                    hashSet.add(getPersistenceProcessor().getPreprocessedClientId(resultSet.getString(1)));
                }
                IdentityDatabaseUtil.closeAllConnections(dBConnection, resultSet, preparedStatement);
                if (log.isDebugEnabled()) {
                    StringBuilder sb = new StringBuilder();
                    Iterator it = hashSet.iterator();
                    while (it.hasNext()) {
                        sb.append((String) it.next()).append(Constants.SEPARATED_WITH_SPACE);
                    }
                    log.debug("Found authorized clients " + sb.toString() + " for user: " + authenticatedUser.toString());
                }
                return hashSet;
            } catch (SQLException e) {
                throw new IdentityOAuth2Exception("Error occurred while retrieving all distinct Client IDs authorized by User ID : " + authenticatedUser + " until now", e);
            }
        } catch (Throwable th) {
            IdentityDatabaseUtil.closeAllConnections(dBConnection, resultSet, preparedStatement);
            throw th;
        }
    }
}
