package org.wso2.carbon.identity.oauth.listener;

import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.core.handler.AbstractIdentityHandler;
import org.wso2.carbon.identity.core.model.IdentityEventListenerConfig;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.oauth.OAuthAdminServiceImpl;
import org.wso2.carbon.identity.oauth.cache.AuthorizationGrantCache;
import org.wso2.carbon.identity.oauth.cache.AuthorizationGrantCacheEntry;
import org.wso2.carbon.identity.oauth.cache.AuthorizationGrantCacheKey;
import org.wso2.carbon.identity.oauth.event.AbstractOAuthEventInterceptor;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.authz.OAuthAuthzReqMessageContext;
import org.wso2.carbon.identity.oauth2.dao.OAuthTokenPersistenceFactory;
import org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2AuthorizeRespDTO;
import org.wso2.carbon.identity.oauth2.model.AccessTokenDO;
import org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext;
import org.wso2.carbon.identity.oauth2.util.OAuth2Util;

/* loaded from: input_file:org/wso2/carbon/identity/oauth/listener/OAuthTokenSessionMappingEventHandler.class */
public class OAuthTokenSessionMappingEventHandler extends AbstractOAuthEventInterceptor {
    private static final Log log = LogFactory.getLog(OAuthTokenSessionMappingEventHandler.class);

    @Override // org.wso2.carbon.identity.oauth.event.AbstractOAuthEventInterceptor, org.wso2.carbon.identity.oauth.event.OAuthEventInterceptor
    public void onPostTokenIssue(OAuth2AccessTokenReqDTO oAuth2AccessTokenReqDTO, OAuth2AccessTokenRespDTO oAuth2AccessTokenRespDTO, OAuthTokenReqMessageContext oAuthTokenReqMessageContext, Map<String, Object> map) throws IdentityOAuth2Exception {
        if (log.isDebugEnabled()) {
            log.debug(String.format("Listening to the post token issue event with the grant type: %s for the application: %s", oAuth2AccessTokenReqDTO.getGrantType(), oAuth2AccessTokenReqDTO.getClientId()));
        }
        String str = null;
        if (StringUtils.equals(OAuthAdminServiceImpl.AUTHORIZATION_CODE, oAuth2AccessTokenReqDTO.getGrantType())) {
            str = oAuth2AccessTokenReqDTO.getAuthorizationCode();
        }
        if (StringUtils.isBlank(str)) {
            if (log.isDebugEnabled()) {
                log.debug("Since Authorization code is null, couldn't find session context identifier for the application: " + oAuth2AccessTokenReqDTO.getClientId());
            }
        } else if (StringUtils.isBlank(oAuth2AccessTokenReqDTO.getTenantDomain())) {
            if (log.isDebugEnabled()) {
                log.debug("Could not find the tenant domain of the application: " + oAuth2AccessTokenReqDTO.getClientId());
            }
        } else if (oAuth2AccessTokenRespDTO != null) {
            persistTokenToSessionMapping(getSessionContextIdentifier(str), oAuth2AccessTokenRespDTO.getTokenId(), OAuth2Util.getTenantId(oAuth2AccessTokenReqDTO.getTenantDomain()), oAuth2AccessTokenReqDTO.getClientId());
        } else if (log.isDebugEnabled()) {
            log.debug("TokenRespDTO passed was null. Cannot proceed further to build the token session mapping.");
        }
    }

    @Override // org.wso2.carbon.identity.oauth.event.AbstractOAuthEventInterceptor, org.wso2.carbon.identity.oauth.event.OAuthEventInterceptor
    public void onPostTokenRenewal(OAuth2AccessTokenReqDTO oAuth2AccessTokenReqDTO, OAuth2AccessTokenRespDTO oAuth2AccessTokenRespDTO, OAuthTokenReqMessageContext oAuthTokenReqMessageContext, Map<String, Object> map) throws IdentityOAuth2Exception {
        if (log.isDebugEnabled()) {
            log.debug("Listening to the token renewal event for the application: " + oAuth2AccessTokenReqDTO.getClientId());
        }
        if (StringUtils.isBlank(oAuth2AccessTokenRespDTO.getAccessToken())) {
            if (log.isDebugEnabled()) {
                log.debug("Since the access token is invalid, couldn't find session context identifier for the application: " + oAuth2AccessTokenReqDTO.getClientId());
            }
        } else if (!StringUtils.isBlank(oAuth2AccessTokenReqDTO.getTenantDomain())) {
            persistTokenToSessionMapping(getSessionContextIdentifier(oAuth2AccessTokenRespDTO.getAccessToken()), oAuth2AccessTokenRespDTO.getTokenId(), OAuth2Util.getTenantId(oAuth2AccessTokenReqDTO.getTenantDomain()), oAuth2AccessTokenReqDTO.getClientId());
        } else if (log.isDebugEnabled()) {
            log.debug("Could not find the tenant domain of the application: " + oAuth2AccessTokenReqDTO.getClientId());
        }
    }

    @Override // org.wso2.carbon.identity.oauth.event.AbstractOAuthEventInterceptor, org.wso2.carbon.identity.oauth.event.OAuthEventInterceptor
    public void onPostTokenIssue(OAuthAuthzReqMessageContext oAuthAuthzReqMessageContext, AccessTokenDO accessTokenDO, OAuth2AuthorizeRespDTO oAuth2AuthorizeRespDTO, Map<String, Object> map) throws IdentityOAuth2Exception {
        if (log.isDebugEnabled()) {
            log.debug(String.format("Listening to the post token issue event with the response type: %s for the application: %s", oAuthAuthzReqMessageContext.getAuthorizationReqDTO().getResponseType(), accessTokenDO.getConsumerKey()));
        }
        persistTokenToSessionMapping(oAuthAuthzReqMessageContext.getAuthorizationReqDTO().getIdpSessionIdentifier(), accessTokenDO.getTokenId(), accessTokenDO.getTenantID(), accessTokenDO.getConsumerKey());
    }

    @Override // org.wso2.carbon.identity.oauth.event.AbstractOAuthEventInterceptor
    public boolean isEnabled() {
        IdentityEventListenerConfig readEventListenerProperty = IdentityUtil.readEventListenerProperty(AbstractIdentityHandler.class.getName(), getClass().getName());
        return readEventListenerProperty == null || Boolean.parseBoolean(readEventListenerProperty.getEnable());
    }

    private String getSessionContextIdentifier(String str) {
        AuthorizationGrantCacheEntry valueFromCacheByToken;
        String str2 = null;
        if (StringUtils.isNotBlank(str) && (valueFromCacheByToken = AuthorizationGrantCache.getInstance().getValueFromCacheByToken(new AuthorizationGrantCacheKey(str))) != null) {
            str2 = valueFromCacheByToken.getSessionContextIdentifier();
            if (log.isDebugEnabled()) {
                log.debug(String.format("Found session context identifier: %s for the obtained authorization code", str2));
            }
        }
        return str2;
    }

    private void persistTokenToSessionMapping(String str, String str2, int i, String str3) throws IdentityOAuth2Exception {
        if (OAuthTokenPersistenceFactory.getInstance().getAccessTokenDAO().getTokenIdBySessionIdentifier(str).contains(str2)) {
            if (log.isDebugEnabled()) {
                log.debug("This token to session mapping is already persisted in the DB");
                return;
            }
            return;
        }
        if (StringUtils.isBlank(str2)) {
            if (log.isDebugEnabled()) {
                log.debug("Could not find the tokenId of the application: " + str3);
            }
        } else if (StringUtils.isBlank(str)) {
            if (log.isDebugEnabled()) {
                log.debug("Could not find the session context identifier for the application: " + str3);
            }
        } else if (i != 0) {
            OAuthTokenPersistenceFactory.getInstance().getAccessTokenDAO().storeTokenToSessionMapping(str, str2, i);
        } else if (log.isDebugEnabled()) {
            log.debug("Tenant id is not valid for the client: " + str3);
        }
    }

    public String getName() {
        return "OAuthTokenSessionMappingEventHandler";
    }
}
