package org.wso2.carbon.identity.openidconnect.dao;

import java.sql.SQLIntegrityConstraintViolationException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.database.utils.jdbc.JdbcTemplate;
import org.wso2.carbon.database.utils.jdbc.exceptions.DataAccessException;
import org.wso2.carbon.database.utils.jdbc.exceptions.TransactionException;
import org.wso2.carbon.identity.core.util.LambdaExceptionUtils;
import org.wso2.carbon.identity.oauth.dto.ScopeDTO;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2ClientException;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.OAuth2Constants;
import org.wso2.carbon.identity.oauth2.Oauth2ScopeConstants;
import org.wso2.carbon.identity.oauth2.util.JdbcUtils;

/* loaded from: input_file:org/wso2/carbon/identity/openidconnect/dao/ScopeClaimMappingDAOImpl.class */
public class ScopeClaimMappingDAOImpl implements ScopeClaimMappingDAO {
    private static final Log log = LogFactory.getLog(ScopeClaimMappingDAOImpl.class);
    private static final String OIDC_DIALECT_URI = "http://wso2.org/oidc/claim";

    @Override // org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAO
    public void addScopes(int i, List<ScopeDTO> list) throws IdentityOAuth2Exception {
        JdbcTemplate newTemplate = JdbcUtils.getNewTemplate();
        list.forEach(LambdaExceptionUtils.rethrowConsumer(scopeDTO -> {
            String name = scopeDTO.getName();
            String[] claim = scopeDTO.getClaim();
            if (isScopeExist(name, i, true)) {
                log.warn(String.format("Scope %s already exist in tenant %s.", name, Integer.valueOf(i)));
                throw new IdentityOAuth2ClientException(Oauth2ScopeConstants.ErrorMessages.ERROR_CODE_CONFLICT_REQUEST_EXISTING_SCOPE.getCode(), String.format(Oauth2ScopeConstants.ErrorMessages.ERROR_CODE_CONFLICT_REQUEST_EXISTING_SCOPE.getMessage(), name));
            }
            try {
                int executeInsert = newTemplate.executeInsert("INSERT INTO IDN_OAUTH2_SCOPE (NAME, DISPLAY_NAME, DESCRIPTION, TENANT_ID, SCOPE_TYPE) VALUES(?,?,?,?,?)", preparedStatement -> {
                    preparedStatement.setString(1, name);
                    preparedStatement.setString(2, scopeDTO.getDisplayName());
                    preparedStatement.setString(3, scopeDTO.getDescription());
                    preparedStatement.setInt(4, i);
                    preparedStatement.setString(5, Oauth2ScopeConstants.SCOPE_TYPE_OIDC);
                }, (Object) null, true, Oauth2ScopeConstants.SCOPE_ID);
                if (executeInsert > 0 && ArrayUtils.isNotEmpty(claim)) {
                    insertClaims(i, executeInsert, new HashSet(Arrays.asList(claim)));
                }
                if (log.isDebugEnabled() && ArrayUtils.isNotEmpty(claim)) {
                    log.debug("The scope: " + name + " and the claims: " + Arrays.asList(claim) + "are successfully inserted for the tenant: " + i);
                }
            } catch (DataAccessException e) {
                if (!(e.getCause() instanceof SQLIntegrityConstraintViolationException)) {
                    throw new IdentityOAuth2Exception("Error while persisting new claims for the scope for the tenant: " + i, (Throwable) e);
                }
                if (getScopeId(name, i) > 0) {
                    log.warn("Scope " + name + " already exist in tenant " + i + " , hence ignoring");
                }
            }
        }));
    }

    @Override // org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAO
    @Deprecated
    public void addScope(int i, String str, String[] strArr) throws IdentityOAuth2Exception {
        addScope(new ScopeDTO(str, str, null, strArr), i);
    }

    @Override // org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAO
    public void addScope(ScopeDTO scopeDTO, int i) throws IdentityOAuth2Exception {
        if (isScopeExist(scopeDTO.getName(), i, true)) {
            log.warn(String.format("Scope %s already exist in tenant %s.", scopeDTO.getName(), Integer.valueOf(i)));
            throw new IdentityOAuth2ClientException(Oauth2ScopeConstants.ErrorMessages.ERROR_CODE_CONFLICT_REQUEST_EXISTING_SCOPE.getCode(), String.format(Oauth2ScopeConstants.ErrorMessages.ERROR_CODE_CONFLICT_REQUEST_EXISTING_SCOPE.getMessage(), scopeDTO.getName()));
        }
        try {
            int executeInsert = JdbcUtils.getNewTemplate().executeInsert("INSERT INTO IDN_OAUTH2_SCOPE (NAME, DISPLAY_NAME, DESCRIPTION, TENANT_ID, SCOPE_TYPE) VALUES(?,?,?,?,?)", preparedStatement -> {
                preparedStatement.setString(1, scopeDTO.getName());
                preparedStatement.setString(2, scopeDTO.getDisplayName());
                preparedStatement.setString(3, scopeDTO.getDescription());
                preparedStatement.setInt(4, i);
                preparedStatement.setString(5, Oauth2ScopeConstants.SCOPE_TYPE_OIDC);
            }, (Object) null, true, Oauth2ScopeConstants.SCOPE_ID);
            if (executeInsert > 0 && ArrayUtils.isNotEmpty(scopeDTO.getClaim())) {
                insertClaims(i, executeInsert, new HashSet(Arrays.asList(scopeDTO.getClaim())));
            }
            if (log.isDebugEnabled() && ArrayUtils.isNotEmpty(scopeDTO.getClaim())) {
                log.debug(String.format("The scope %s and the claims %s are successfully inserted for the tenant: %s", scopeDTO.getName(), Arrays.asList(scopeDTO.getClaim()), Integer.valueOf(i)));
            }
        } catch (DataAccessException e) {
            throw new IdentityOAuth2Exception("Error while persisting scopes for the tenant: " + i, (Throwable) e);
        }
    }

    @Override // org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAO
    public List<ScopeDTO> getScopes(int i) throws IdentityOAuth2Exception {
        JdbcTemplate newTemplate = JdbcUtils.getNewTemplate();
        try {
            HashMap hashMap = new HashMap();
            newTemplate.executeQuery(SQLQueries.GET_IDN_OIDC_SCOPES_CLAIMS, (resultSet, i2) -> {
                String string = resultSet.getString(1);
                if (!hashMap.containsKey(string)) {
                    ScopeDTO scopeDTO = new ScopeDTO(string, resultSet.getString(2), resultSet.getString(3), new String[0]);
                    if (resultSet.getString(4) != null) {
                        scopeDTO.setClaim(new String[]{resultSet.getString(4)});
                    }
                    hashMap.put(string, scopeDTO);
                    return null;
                }
                if (resultSet.getString(4) == null) {
                    return null;
                }
                ScopeDTO scopeDTO2 = (ScopeDTO) hashMap.get(string);
                scopeDTO2.addNewClaimToExistingClaims(resultSet.getString(4));
                hashMap.replace(string, scopeDTO2);
                return null;
            }, preparedStatement -> {
                preparedStatement.setInt(1, i);
                preparedStatement.setString(2, Oauth2ScopeConstants.SCOPE_TYPE_OIDC);
                preparedStatement.setInt(3, i);
                preparedStatement.setInt(4, i);
                preparedStatement.setString(5, OIDC_DIALECT_URI);
            });
            return new ArrayList(hashMap.values());
        } catch (DataAccessException e) {
            throw new IdentityOAuth2Exception("Error occured while loading scopes claims mapping.", (Throwable) e);
        }
    }

    @Override // org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAO
    public List<String> getScopeNames(int i) throws IdentityOAuth2Exception {
        try {
            List<String> executeQuery = JdbcUtils.getNewTemplate().executeQuery(SQLQueries.GET_IDN_OIDC_SCOPES, (resultSet, i2) -> {
                return resultSet.getString(1);
            }, preparedStatement -> {
                preparedStatement.setInt(1, i);
                preparedStatement.setString(2, Oauth2ScopeConstants.SCOPE_TYPE_OIDC);
            });
            if (log.isDebugEnabled()) {
                log.debug("The scopes: " + String.join(OAuth2Constants.RoleBasedScope.ATTRIBUTE_VALUE_SEPERATER, executeQuery) + " are successfully loaded for the tenant: " + i);
            }
            return executeQuery;
        } catch (DataAccessException e) {
            throw new IdentityOAuth2Exception("Error while loading OIDC scopes.", (Throwable) e);
        }
    }

    @Override // org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAO
    public ScopeDTO getClaims(String str, int i) throws IdentityOAuth2Exception {
        JdbcTemplate newTemplate = JdbcUtils.getNewTemplate();
        ScopeDTO scopeDTO = new ScopeDTO();
        try {
            List executeQuery = newTemplate.executeQuery(SQLQueries.GET_IDN_OIDC_CLAIMS, (resultSet, i2) -> {
                return resultSet.getString(1);
            }, preparedStatement -> {
                preparedStatement.setString(1, str);
                preparedStatement.setInt(2, i);
            });
            scopeDTO.setName(str);
            scopeDTO.setClaim((String[]) executeQuery.toArray(new String[executeQuery.size()]));
            return scopeDTO;
        } catch (DataAccessException e) {
            throw new IdentityOAuth2Exception("Error while loading OIDC claims for the scope: " + str, (Throwable) e);
        }
    }

    @Override // org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAO
    public void deleteScope(String str, int i) throws IdentityOAuth2Exception {
        JdbcTemplate newTemplate = JdbcUtils.getNewTemplate();
        try {
            if (!isScopeExist(str, i)) {
                throw new IdentityOAuth2Exception("The scope: " + str + " does not exist to delete.");
            }
            newTemplate.executeUpdate(SQLQueries.DELETE_SCOPE_AND_CLAIM_MAPPING, preparedStatement -> {
                preparedStatement.setString(1, str);
                preparedStatement.setInt(2, i);
                preparedStatement.setString(3, Oauth2ScopeConstants.SCOPE_TYPE_OIDC);
            });
            if (log.isDebugEnabled()) {
                log.debug(String.format("The scope: %s in the tenant: %s is successfully deleted.", str, Integer.valueOf(i)));
            }
        } catch (DataAccessException e) {
            throw new IdentityOAuth2Exception("Error while deleting the scope: " + str + " and related claims.", (Throwable) e);
        }
    }

    @Override // org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAO
    @Deprecated
    public void updateScope(String str, int i, List<String> list, List<String> list2) throws IdentityOAuth2Exception {
        JdbcTemplate newTemplate = JdbcUtils.getNewTemplate();
        try {
            if (CollectionUtils.isNotEmpty(list)) {
                addClaimsByScope(getScopeId(str, i), i, list, newTemplate, -1);
            }
            if (CollectionUtils.isNotEmpty(list2)) {
                deleteClaimsByScope(str, i, list2, newTemplate, -1);
            }
        } catch (TransactionException e) {
            throw new IdentityOAuth2Exception("Error while inserting new claims for the scope: " + str, (Throwable) e);
        }
    }

    @Override // org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAO
    public void updateScope(ScopeDTO scopeDTO, int i) throws IdentityOAuth2Exception {
        JdbcTemplate newTemplate = JdbcUtils.getNewTemplate();
        try {
            int scopeId = getScopeId(scopeDTO.getName(), i);
            if (scopeId != -1) {
                updateScopeDetails(scopeDTO, newTemplate, scopeId);
                deleteClaimMappings(scopeId, newTemplate);
                insertClaims(i, scopeId, new HashSet(Arrays.asList(scopeDTO.getClaim())));
            }
        } catch (DataAccessException e) {
            throw new IdentityOAuth2Exception("Error while updating the scope: " + scopeDTO.getName() + " and it's related claims.", (Throwable) e);
        }
    }

    private void deleteClaimMappings(int i, JdbcTemplate jdbcTemplate) throws DataAccessException {
        if (log.isDebugEnabled()) {
            log.debug("Deleting existing OIDC claim mapping of scopeID: " + i);
        }
        jdbcTemplate.executeUpdate(SQLQueries.DELETE_CLAIM_MAPPING_OF_SCOPE, preparedStatement -> {
            preparedStatement.setInt(1, i);
        });
    }

    private void addClaimsByScope(int i, int i2, List<String> list, JdbcTemplate jdbcTemplate, int i3) throws TransactionException {
        jdbcTemplate.withTransaction(template -> {
            template.executeBatchInsert(SQLQueries.INSERT_NEW_CLAIMS_FOR_SCOPE, preparedStatement -> {
                try {
                    Iterator it = list.iterator();
                    while (it.hasNext()) {
                        int loadOIDCClaimId = loadOIDCClaimId((String) it.next(), i2);
                        preparedStatement.setInt(1, i);
                        preparedStatement.setInt(2, loadOIDCClaimId);
                        preparedStatement.addBatch();
                    }
                } catch (IdentityOAuth2Exception e) {
                    log.error("Error while fetching claims id. ", e);
                }
            }, Integer.valueOf(i3));
            return null;
        });
    }

    private void deleteClaimsByScope(String str, int i, List<String> list, JdbcTemplate jdbcTemplate, int i2) throws TransactionException {
        jdbcTemplate.withTransaction(template -> {
            template.executeBatchInsert(SQLQueries.DELETE_CLAIMS_FROM_SCOPE, preparedStatement -> {
                Iterator it = list.iterator();
                while (it.hasNext()) {
                    String str2 = (String) it.next();
                    preparedStatement.setString(1, str);
                    preparedStatement.setString(2, str2);
                    preparedStatement.setInt(3, i);
                    preparedStatement.setString(4, str);
                    preparedStatement.setString(5, Oauth2ScopeConstants.SCOPE_TYPE_OIDC);
                    preparedStatement.addBatch();
                }
            }, Integer.valueOf(i2));
            return null;
        });
    }

    @Override // org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAO
    public boolean hasScopesPopulated(int i) throws IdentityOAuth2Exception {
        try {
            Integer num = (Integer) JdbcUtils.getNewTemplate().withTransaction(template -> {
                return (Integer) template.fetchSingleRecord(SQLQueries.GET_ALL_IDN_OIDC_SCOPES, (resultSet, i2) -> {
                    return Integer.valueOf(resultSet.getInt(1));
                }, preparedStatement -> {
                    preparedStatement.setInt(1, i);
                    preparedStatement.setString(2, Oauth2ScopeConstants.SCOPE_TYPE_OIDC);
                });
            });
            if (num.intValue() == 0) {
                return false;
            }
            if (log.isDebugEnabled()) {
                log.debug("Scope id: " + num + "is returned for the tenant: " + i);
            }
            return true;
        } catch (TransactionException e) {
            throw new IdentityOAuth2Exception("Error while loading the top scope id for the tenant: " + i, (Throwable) e);
        }
    }

    @Override // org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAO
    public boolean isScopeExist(String str, int i) throws IdentityOAuth2Exception {
        return getScopeId(str, i) != -1;
    }

    @Override // org.wso2.carbon.identity.openidconnect.dao.ScopeClaimMappingDAO
    public ScopeDTO getScope(String str, int i) throws IdentityOAuth2Exception {
        JdbcTemplate newTemplate = JdbcUtils.getNewTemplate();
        try {
            HashMap hashMap = new HashMap();
            newTemplate.executeQuery(SQLQueries.GET_IDN_OIDC_SCOPE_DETAILS, (resultSet, i2) -> {
                if (!hashMap.containsKey(resultSet.getString(1))) {
                    ScopeDTO scopeDTO = new ScopeDTO(resultSet.getString(1), resultSet.getString(2), resultSet.getString(3), new String[0]);
                    if (resultSet.getString(4) != null) {
                        scopeDTO.setClaim(new String[]{resultSet.getString(4)});
                    }
                    hashMap.put(resultSet.getString(1), scopeDTO);
                    return null;
                }
                if (resultSet.getString(4) == null) {
                    return null;
                }
                ScopeDTO scopeDTO2 = (ScopeDTO) hashMap.get(resultSet.getString(1));
                scopeDTO2.addNewClaimToExistingClaims(resultSet.getString(4));
                hashMap.replace(resultSet.getString(1), scopeDTO2);
                return null;
            }, preparedStatement -> {
                preparedStatement.setString(1, str);
                preparedStatement.setInt(2, i);
                preparedStatement.setString(3, Oauth2ScopeConstants.SCOPE_TYPE_OIDC);
                preparedStatement.setInt(4, i);
                preparedStatement.setInt(5, i);
                preparedStatement.setString(6, OIDC_DIALECT_URI);
            });
            return (ScopeDTO) hashMap.get(str);
        } catch (DataAccessException e) {
            throw new IdentityOAuth2Exception("Error while fetching scope details for scope: " + str, (Throwable) e);
        }
    }

    private int getScopeId(String str, int i) throws IdentityOAuth2Exception {
        try {
            Integer num = (Integer) JdbcUtils.getNewTemplate().withTransaction(template -> {
                return (Integer) template.fetchSingleRecord("SELECT SCOPE_ID FROM IDN_OAUTH2_SCOPE WHERE NAME=? AND TENANT_ID=? AND SCOPE_TYPE=?", (resultSet, i2) -> {
                    return Integer.valueOf(resultSet.getInt(1));
                }, preparedStatement -> {
                    preparedStatement.setString(1, str);
                    preparedStatement.setInt(2, i);
                    preparedStatement.setString(3, Oauth2ScopeConstants.SCOPE_TYPE_OIDC);
                });
            });
            if (num == null) {
                num = -1;
            }
            if (log.isDebugEnabled()) {
                log.debug("Scope id: " + num + "is returned for the tenant: " + i + "and scope: " + str);
            }
            return num.intValue();
        } catch (TransactionException e) {
            throw new IdentityOAuth2Exception("Error fetching data for oidc scope: " + str, (Throwable) e);
        }
    }

    private boolean isScopeExist(String str, int i, boolean z) throws IdentityOAuth2Exception {
        return (z ? getScopeIdWithoutScopeType(str, i) : getScopeId(str, i)) != -1;
    }

    private int getScopeIdWithoutScopeType(String str, int i) throws IdentityOAuth2Exception {
        try {
            Integer num = (Integer) JdbcUtils.getNewTemplate().withTransaction(template -> {
                return (Integer) template.fetchSingleRecord("SELECT SCOPE_ID FROM IDN_OAUTH2_SCOPE WHERE NAME=? AND TENANT_ID=?", (resultSet, i2) -> {
                    return Integer.valueOf(resultSet.getInt(1));
                }, preparedStatement -> {
                    preparedStatement.setString(1, str);
                    preparedStatement.setInt(2, i);
                });
            });
            if (num == null) {
                num = -1;
            }
            if (log.isDebugEnabled()) {
                log.debug("Scope id: " + num + "is returned for the tenant: " + i + "and scope: " + str);
            }
            return num.intValue();
        } catch (TransactionException e) {
            throw new IdentityOAuth2Exception("Error while obtaining ID of scope: " + str, (Throwable) e);
        }
    }

    private int loadOIDCClaimId(String str, int i) throws IdentityOAuth2Exception {
        try {
            Integer num = (Integer) JdbcUtils.getNewTemplate().withTransaction(template -> {
                return (Integer) template.fetchSingleRecord(SQLQueries.GET_OIDC_CLAIM_ID, (resultSet, i2) -> {
                    return Integer.valueOf(resultSet.getInt(1));
                }, preparedStatement -> {
                    preparedStatement.setString(1, str);
                    preparedStatement.setInt(2, i);
                    preparedStatement.setString(3, OIDC_DIALECT_URI);
                    preparedStatement.setInt(4, i);
                });
            });
            if (num == null) {
                num = -1;
            }
            if (log.isDebugEnabled()) {
                log.debug("Claim id: " + num + "is returned.");
            }
            return num.intValue();
        } catch (TransactionException e) {
            throw new IdentityOAuth2Exception("Error fetching data for oidc scope: " + str, (Throwable) e);
        }
    }

    private void insertClaims(int i, int i2, Set<String> set) throws IdentityOAuth2Exception {
        int i3 = -1;
        try {
            JdbcUtils.getNewTemplate().withTransaction(template -> {
                template.executeBatchInsert(SQLQueries.STORE_IDN_OIDC_CLAIMS, preparedStatement -> {
                    if (CollectionUtils.isNotEmpty(set)) {
                        Iterator it = set.iterator();
                        while (it.hasNext()) {
                            String str = (String) it.next();
                            preparedStatement.setInt(1, i2);
                            preparedStatement.setString(2, str);
                            preparedStatement.setInt(3, i);
                            preparedStatement.addBatch();
                            if (log.isDebugEnabled()) {
                                log.debug("Claim value :" + str + " is added to the batch.");
                            }
                        }
                    }
                }, Integer.valueOf(i3));
                return null;
            });
        } catch (TransactionException e) {
            throw new IdentityOAuth2Exception(String.format("Error when storing oidc claims for scope ID: %s for tenant: %s", Integer.valueOf(i2), Integer.valueOf(i)), (Throwable) e);
        }
    }

    private void updateScopeDetails(ScopeDTO scopeDTO, JdbcTemplate jdbcTemplate, int i) throws DataAccessException {
        if (log.isDebugEnabled()) {
            log.debug("Update scope details on IDN_OAUTH2_SCOPE scope table for scope: " + scopeDTO.getName());
        }
        jdbcTemplate.executeUpdate(SQLQueries.UPDATE_IDN_OAUTH2_SCOPE, preparedStatement -> {
            preparedStatement.setString(1, scopeDTO.getDisplayName());
            preparedStatement.setString(2, scopeDTO.getDescription());
            preparedStatement.setInt(3, i);
        });
    }
}
