package org.wso2.carbon.identity.openidconnect.handlers;

import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.event.IdentityEventException;
import org.wso2.carbon.identity.event.event.Event;
import org.wso2.carbon.identity.event.handler.AbstractEventHandler;
import org.wso2.carbon.identity.oauth.IdentityOAuthAdminException;
import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.dao.OAuthTokenPersistenceFactory;
import org.wso2.carbon.identity.oauth2.device.constants.Constants;
import org.wso2.carbon.identity.oauth2.model.AuthzCodeDO;
import org.wso2.carbon.identity.openidconnect.OIDCConstants;

/* loaded from: input_file:org/wso2/carbon/identity/openidconnect/handlers/RequestObjectHandler.class */
public class RequestObjectHandler extends AbstractEventHandler {
    private static final Log log = LogFactory.getLog(RequestObjectHandler.class);

    public void handleEvent(Event event) throws IdentityEventException {
        Map<String, Object> eventProperties = event.getEventProperties();
        String eventName = event.getEventName();
        if (!OAuthServerConfiguration.getInstance().isRequestObjectEnabled()) {
            log.debug("Request Object Flow is disabled, hence dropping the event");
            return;
        }
        try {
            Object obj = eventProperties.get(OIDCConstants.Event.IS_REQUEST_OBJECT_FLOW);
            if (obj != null && !((Boolean) obj).booleanValue()) {
                if (log.isDebugEnabled()) {
                    log.debug("The request does not contains request object. So skipping RequestObjectHandler");
                    return;
                }
                return;
            }
            String str = (String) eventProperties.get(OIDCConstants.Event.TOKEN_STATE);
            String str2 = (String) eventProperties.get(OIDCConstants.Event.SESSION_DATA_KEY);
            if (OIDCConstants.Event.POST_REVOKE_ACESS_TOKEN.equals(eventName)) {
                handlePostRevokeToken(eventProperties, str);
            } else if (OIDCConstants.Event.POST_REVOKE_CODE.equals(eventName)) {
                handlePostRevokeCode(eventProperties, str);
            } else if (OIDCConstants.Event.POST_REVOKE_CODE_BY_ID.equals(eventName)) {
                revokeCodeById(eventProperties, str);
            } else if (OIDCConstants.Event.POST_REVOKE_ACESS_TOKEN_BY_ID.equals(eventName)) {
                postRevokeTokenById(eventProperties, str);
            } else if (OIDCConstants.Event.POST_REFRESH_TOKEN.equals(eventName)) {
                postRefreshToken(eventProperties);
            } else if (OIDCConstants.Event.POST_ISSUE_CODE.equals(eventName)) {
                postIssueCode(eventProperties, str2);
            } else if (OIDCConstants.Event.POST_ISSUE_ACCESS_TOKEN.equals(eventName)) {
                postIssueTOken(eventProperties, str2);
            }
        } catch (IdentityOAuthAdminException | IdentityOAuth2Exception e) {
            String str3 = "Error while handling event: " + eventName;
            log.info(str3);
            throw new IdentityEventException(str3, e.getMessage());
        }
    }

    private void postIssueTOken(Map<String, Object> map, String str) throws IdentityOAuth2Exception {
        OAuthTokenPersistenceFactory.getInstance().getRequestObjectDAO().updateRequestObjectReferencebyTokenId(str, (String) map.get("TOKEN_ID"));
    }

    private void postIssueCode(Map<String, Object> map, String str) throws IdentityOAuth2Exception {
        OAuthTokenPersistenceFactory.getInstance().getRequestObjectDAO().updateRequestObjectReferencebyCodeId(str, (String) map.get(OIDCConstants.Event.CODE_ID));
    }

    private void postRefreshToken(Map<String, Object> map) throws IdentityOAuth2Exception {
        if (Boolean.TRUE.equals(map.get(OIDCConstants.Event.IS_REQUEST_OBJECT_FLOW))) {
            OAuthTokenPersistenceFactory.getInstance().getRequestObjectDAO().refreshRequestObjectReference((String) map.get(OIDCConstants.Event.OLD_ACCESS_TOKEN), (String) map.get(OIDCConstants.Event.NEW_ACCESS_TOKEN));
        } else if (log.isDebugEnabled()) {
            log.debug("The request does not contains request object. So skipping RequestObjectHandler");
        }
    }

    private void revokeCodeById(Map<String, Object> map, String str) throws IdentityOAuth2Exception, IdentityOAuthAdminException {
        String str2 = (String) map.get("TOKEN_ID");
        String str3 = (String) map.get(OIDCConstants.Event.CODE_ID);
        if (StringUtils.isNotEmpty(str2) && "INACTIVE".equals(str)) {
            OAuthTokenPersistenceFactory.getInstance().getRequestObjectDAO().updateRequestObjectReferenceCodeToToken(str3, str2);
        } else if (isCodeRemoved(str)) {
            OAuthTokenPersistenceFactory.getInstance().getRequestObjectDAO().deleteRequestObjectReferenceByCode(str3);
        }
    }

    private void postRevokeTokenById(Map<String, Object> map, String str) throws IdentityOAuth2Exception, IdentityOAuthAdminException {
        if (isCodeRemoved(str)) {
            if (Boolean.TRUE.equals(map.get(OIDCConstants.Event.IS_REQUEST_OBJECT_FLOW))) {
                OAuthTokenPersistenceFactory.getInstance().getRequestObjectDAO().deleteRequestObjectReferenceByTokenId((String) map.get("TOKEN_ID"));
            } else if (log.isDebugEnabled()) {
                log.debug("The request does not contains request object. So skipping RequestObjectHandler");
            }
        }
    }

    private void handlePostRevokeCode(Map<String, Object> map, String str) throws IdentityOAuth2Exception, IdentityOAuthAdminException {
        boolean isCodeRemoved = isCodeRemoved(str);
        for (AuthzCodeDO authzCodeDO : (List) map.get(OIDCConstants.Event.CODES)) {
            String authzCodeId = authzCodeDO.getAuthzCodeId();
            String oauthTokenId = authzCodeDO.getOauthTokenId();
            if (isCodeRemoved) {
                OAuthTokenPersistenceFactory.getInstance().getRequestObjectDAO().deleteRequestObjectReferenceByCode(authzCodeId);
            } else if (StringUtils.isNotEmpty(oauthTokenId) && "INACTIVE".equals(str)) {
                OAuthTokenPersistenceFactory.getInstance().getRequestObjectDAO().updateRequestObjectReferenceCodeToToken(authzCodeId, oauthTokenId);
            }
        }
    }

    private void handlePostRevokeToken(Map<String, Object> map, String str) throws IdentityOAuth2Exception, IdentityOAuthAdminException {
        if (isTokenRemoved(str)) {
            Iterator it = ((List) map.get(OIDCConstants.Event.ACEESS_TOKENS)).iterator();
            while (it.hasNext()) {
                OAuthTokenPersistenceFactory.getInstance().getRequestObjectDAO().deleteRequestObjectReferenceByTokenId((String) it.next());
            }
        }
    }

    private boolean isTokenRemoved(String str) {
        return Constants.EXPIRED.equals(str) || "REVOKED".equals(str);
    }

    private boolean isCodeRemoved(String str) {
        return Constants.EXPIRED.equals(str) || "REVOKED".equals(str);
    }

    public String getName() {
        return OIDCConstants.Event.HANDLE_REQUEST_OBJECT;
    }
}
