package org.wso2.carbon.identity.oauth.dao;

import java.sql.Connection;
import java.sql.DatabaseMetaData;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.SQLIntegrityConstraintViolationException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.database.utils.jdbc.exceptions.DataAccessException;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
import org.wso2.carbon.identity.application.common.model.ServiceProvider;
import org.wso2.carbon.identity.application.mgt.ApplicationMgtUtil;
import org.wso2.carbon.identity.core.URLBuilderException;
import org.wso2.carbon.identity.core.util.IdentityDatabaseUtil;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.core.util.JdbcUtils;
import org.wso2.carbon.identity.oauth.Error;
import org.wso2.carbon.identity.oauth.IdentityOAuthAdminException;
import org.wso2.carbon.identity.oauth.IdentityOAuthClientException;
import org.wso2.carbon.identity.oauth.OAuthUtil;
import org.wso2.carbon.identity.oauth.common.exception.InvalidOAuthClientException;
import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration;
import org.wso2.carbon.identity.oauth.dao.SQLQueries;
import org.wso2.carbon.identity.oauth.internal.OAuthComponentServiceHolder;
import org.wso2.carbon.identity.oauth.tokenprocessor.PlainTextPersistenceProcessor;
import org.wso2.carbon.identity.oauth.tokenprocessor.TokenPersistenceProcessor;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2ServerException;
import org.wso2.carbon.identity.oauth2.internal.OAuth2ServiceComponentHolder;
import org.wso2.carbon.identity.oauth2.model.AccessTokenDO;
import org.wso2.carbon.identity.oauth2.util.OAuth2Util;
import org.wso2.carbon.identity.organization.management.service.exception.OrganizationManagementException;
import org.wso2.carbon.identity.organization.management.service.util.OrganizationManagementUtil;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.util.UserCoreUtil;
import org.wso2.carbon.utils.DBUtils;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.class */
public class OAuthAppDAO {
    private static final Log LOG = LogFactory.getLog(OAuthAppDAO.class);
    private static final String APP_STATE = "APP_STATE";
    private static final String USERNAME = "USERNAME";
    private static final String LOWER_USERNAME = "LOWER(USERNAME)";
    private static final String CONSUMER_KEY_CONSTRAINT = "CONSUMER_KEY_CONSTRAINT";
    private static final String OAUTH_VERSION = "OAUTH_VERSION";
    private static final String CONSUMER_KEY = "CONSUMER_KEY";
    private static final String CONSUMER_SECRET = "CONSUMER_SECRET";
    private static final String APP_NAME = "APP_NAME";
    private static final String CALLBACK_URL = "CALLBACK_URL";
    private static final String TENANT_ID = "TENANT_ID";
    private static final String USER_DOMAIN = "USER_DOMAIN";
    private static final String GRANT_TYPES = "GRANT_TYPES";
    private static final String ID = "ID";
    private static final String PKCE_MANDATORY = "PKCE_MANDATORY";
    private static final String PKCE_SUPPORT_PLAIN = "PKCE_SUPPORT_PLAIN";
    private static final String USER_ACCESS_TOKEN_EXPIRE_TIME = "USER_ACCESS_TOKEN_EXPIRE_TIME";
    private static final String APP_ACCESS_TOKEN_EXPIRE_TIME = "APP_ACCESS_TOKEN_EXPIRE_TIME";
    private static final String REFRESH_TOKEN_EXPIRE_TIME = "REFRESH_TOKEN_EXPIRE_TIME";
    private static final String ID_TOKEN_EXPIRE_TIME = "ID_TOKEN_EXPIRE_TIME";
    private static final String CONSUMER_APPS_TABLE_NAME = "IDN_OAUTH_CONSUMER_APPS";
    private TokenPersistenceProcessor persistenceProcessor;
    private boolean isHashDisabled = OAuth2Util.isHashDisabled();

    public OAuthAppDAO() {
        try {
            this.persistenceProcessor = OAuthServerConfiguration.getInstance().getPersistenceProcessor();
        } catch (IdentityOAuth2Exception e) {
            LOG.error("Error retrieving TokenPersistenceProcessor. Defaulting to PlainTextPersistenceProcessor");
            this.persistenceProcessor = new PlainTextPersistenceProcessor();
        }
    }

    public void addOAuthApplication(OAuthAppDO oAuthAppDO) throws IdentityOAuthAdminException {
        AuthenticatedUser appOwner = oAuthAppDO.getAppOwner();
        int tenantId = IdentityTenantUtil.getTenantId(CarbonContext.getThreadLocalCarbonContext().getTenantDomain());
        String userStoreDomain = appOwner.getUserStoreDomain();
        if (isDuplicateApplication(appOwner.getUserName(), tenantId, userStoreDomain, oAuthAppDO)) {
            throw new IdentityOAuthClientException(Error.DUPLICATE_OAUTH_CLIENT.getErrorCode(), "An application with the same name already exists.");
        }
        int i = 0;
        try {
            Connection dBConnection = IdentityDatabaseUtil.getDBConnection();
            try {
                try {
                    String processedClientId = this.persistenceProcessor.getProcessedClientId(oAuthAppDO.getOauthConsumerKey());
                    String processedClientSecret = this.persistenceProcessor.getProcessedClientSecret(oAuthAppDO.getOauthConsumerSecret());
                    String callbackUrl = oAuthAppDO.getCallbackUrl();
                    if (ApplicationMgtUtil.isConsoleOrMyAccount(oAuthAppDO.getApplicationName()) && isRootOrganization(tenantId)) {
                        callbackUrl = ApplicationMgtUtil.replaceUrlOriginWithPlaceholders(callbackUrl);
                    }
                    PreparedStatement prepareStatement = dBConnection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.ADD_OAUTH_APP_WITH_PKCE, new String[]{DBUtils.getConvertedAutoGeneratedColumnName(dBConnection.getMetaData().getDatabaseProductName(), ID)});
                    try {
                        prepareStatement.setString(1, processedClientId);
                        prepareStatement.setString(2, processedClientSecret);
                        prepareStatement.setString(3, appOwner.getUserName());
                        prepareStatement.setInt(4, tenantId);
                        prepareStatement.setString(5, userStoreDomain);
                        prepareStatement.setString(6, oAuthAppDO.getApplicationName());
                        prepareStatement.setString(7, oAuthAppDO.getOauthVersion());
                        prepareStatement.setString(8, callbackUrl);
                        prepareStatement.setString(9, oAuthAppDO.getGrantTypes());
                        prepareStatement.setString(10, oAuthAppDO.isPkceMandatory() ? "1" : "0");
                        prepareStatement.setString(11, oAuthAppDO.isPkceSupportPlain() ? "1" : "0");
                        prepareStatement.setLong(12, oAuthAppDO.getUserAccessTokenExpiryTime());
                        prepareStatement.setLong(13, oAuthAppDO.getApplicationAccessTokenExpiryTime());
                        prepareStatement.setLong(14, oAuthAppDO.getRefreshTokenExpiryTime());
                        prepareStatement.setLong(15, oAuthAppDO.getIdTokenExpiryTime());
                        prepareStatement.execute();
                        ResultSet generatedKeys = prepareStatement.getGeneratedKeys();
                        try {
                            if (generatedKeys.next()) {
                                i = generatedKeys.getInt(1);
                            }
                            if (generatedKeys != null) {
                                generatedKeys.close();
                            }
                            if (prepareStatement != null) {
                                prepareStatement.close();
                            }
                            if (i == 0) {
                                if (LOG.isDebugEnabled()) {
                                    LOG.debug("JDBC Driver did not returning the app id of the newly created app " + oAuthAppDO.getApplicationName() + ". So executing select operation to get the id");
                                }
                                i = getAppIdByClientId(dBConnection, oAuthAppDO.getOauthConsumerKey());
                            }
                            oAuthAppDO.setId(i);
                            addScopeValidators(dBConnection, i, oAuthAppDO.getScopeValidators());
                            addAccessTokenClaims(dBConnection, i, oAuthAppDO.getAccessTokenClaims());
                            addServiceProviderOIDCProperties(dBConnection, oAuthAppDO, processedClientId, tenantId);
                            IdentityDatabaseUtil.commitTransaction(dBConnection);
                            if (dBConnection != null) {
                                dBConnection.close();
                            }
                        } catch (Throwable th) {
                            if (generatedKeys != null) {
                                try {
                                    generatedKeys.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    } catch (Throwable th3) {
                        if (prepareStatement != null) {
                            try {
                                prepareStatement.close();
                            } catch (Throwable th4) {
                                th3.addSuppressed(th4);
                            }
                        }
                        throw th3;
                    }
                } catch (Throwable th5) {
                    if (dBConnection != null) {
                        try {
                            dBConnection.close();
                        } catch (Throwable th6) {
                            th5.addSuppressed(th6);
                        }
                    }
                    throw th5;
                }
            } catch (SQLException e) {
                IdentityDatabaseUtil.rollbackTransaction(dBConnection);
                if (!isDuplicateClient(e)) {
                    throw OAuthUtil.handleError(String.format("Error when executing SQL to create OAuth app %s@%s ", oAuthAppDO.getApplicationName(), appOwner.getTenantDomain()), e);
                }
                throw new IdentityOAuthClientException(Error.DUPLICATE_OAUTH_CLIENT.getErrorCode(), "An application with the same clientId already exists.", e);
            }
        } catch (SQLException e2) {
            throw OAuthUtil.handleError(String.format("Error when executing SQL to create OAuth app %s@%s ", oAuthAppDO.getApplicationName(), appOwner.getTenantDomain()), e2);
        } catch (URLBuilderException e3) {
            throw OAuthUtil.handleError("Error occurred when replacing origin of the access URL with placeholders", e3);
        } catch (IdentityOAuth2Exception e4) {
            throw OAuthUtil.handleError("Error occurred while processing the client id and client secret by TokenPersistenceProcessor", null);
        } catch (InvalidOAuthClientException e5) {
            throw OAuthUtil.handleError("Error occurred while processing client id", e5);
        }
    }

    private boolean isDuplicateClient(SQLException sQLException) {
        return (sQLException instanceof SQLIntegrityConstraintViolationException) || StringUtils.containsIgnoreCase(sQLException.getMessage(), CONSUMER_KEY_CONSTRAINT);
    }

    /* JADX WARN: Code restructure failed: missing block: B:34:0x0119, code lost:
    
        r20 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:38:0x0135, code lost:
    
        throw r20;
     */
    /* JADX WARN: Code restructure failed: missing block: B:44:0x0139, code lost:
    
        r19 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:46:0x0158, code lost:
    
        throw org.wso2.carbon.identity.oauth.OAuthUtil.handleError("Error when executing the SQL : " + org.wso2.carbon.identity.oauth.dao.SQLQueries.OAuthAppDAOSQLQueries.ADD_OAUTH_CONSUMER, r19);
     */
    /* JADX WARN: Failed to calculate best type for var: r19v1 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r19v1 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.applyWithWiderIgnSame(TypeUpdate.java:70)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.applyResolvedVars(TypeSearch.java:100)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.run(TypeSearch.java:76)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.runMultiVariableSearch(FixTypesVisitor.java:116)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Not initialized variable reg: 19, insn: 0x011b: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r19 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:35:0x011b */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.lang.String[] addOAuthConsumer(java.lang.String r6, int r7, java.lang.String r8) throws org.wso2.carbon.identity.oauth.IdentityOAuthAdminException {
        /*
            Method dump skipped, instructions count: 360
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.wso2.carbon.identity.oauth.dao.OAuthAppDAO.addOAuthConsumer(java.lang.String, int, java.lang.String):java.lang.String[]");
    }

    public OAuthAppDO[] getOAuthConsumerAppsOfUser(String str, int i) throws IdentityOAuthAdminException {
        try {
            Connection dBConnection = IdentityDatabaseUtil.getDBConnection(false);
            try {
                String domain = OAuthComponentServiceHolder.getInstance().getRealmService().getTenantManager().getDomain(i);
                String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(str);
                boolean isUsernameCaseSensitive = isUsernameCaseSensitive(UserCoreUtil.addTenantDomainToEntry(tenantAwareUsername, domain));
                String str2 = SQLQueries.OAuthAppDAOSQLQueries.GET_CONSUMER_APPS_OF_USER_WITH_PKCE;
                if (!isUsernameCaseSensitive) {
                    str2 = str2.replace(USERNAME, LOWER_USERNAME);
                }
                PreparedStatement prepareStatement = dBConnection.prepareStatement(str2);
                try {
                    if (isUsernameCaseSensitive) {
                        prepareStatement.setString(1, UserCoreUtil.removeDomainFromName(tenantAwareUsername));
                    } else {
                        prepareStatement.setString(1, UserCoreUtil.removeDomainFromName(tenantAwareUsername).toLowerCase());
                    }
                    prepareStatement.setString(2, IdentityUtil.extractDomainFromName(tenantAwareUsername));
                    prepareStatement.setInt(3, i);
                    ResultSet executeQuery = prepareStatement.executeQuery();
                    try {
                        ArrayList arrayList = new ArrayList();
                        while (executeQuery.next()) {
                            if (executeQuery.getString(3) != null && executeQuery.getString(3).length() > 0) {
                                OAuthAppDO oAuthAppDO = new OAuthAppDO();
                                String preprocessedClientId = this.persistenceProcessor.getPreprocessedClientId(executeQuery.getString(1));
                                oAuthAppDO.setOauthConsumerKey(preprocessedClientId);
                                oAuthAppDO.setOauthConsumerKey(this.persistenceProcessor.getPreprocessedClientId(executeQuery.getString(1)));
                                if (this.isHashDisabled) {
                                    oAuthAppDO.setOauthConsumerSecret(this.persistenceProcessor.getPreprocessedClientSecret(executeQuery.getString(2)));
                                }
                                oAuthAppDO.setApplicationName(executeQuery.getString(3));
                                oAuthAppDO.setOauthVersion(executeQuery.getString(4));
                                oAuthAppDO.setCallbackUrl(executeQuery.getString(5));
                                if (ApplicationMgtUtil.isConsoleOrMyAccount(oAuthAppDO.getApplicationName())) {
                                    oAuthAppDO.setCallbackUrl(ApplicationMgtUtil.resolveOriginUrlFromPlaceholders(executeQuery.getString(5), oAuthAppDO.getApplicationName()));
                                    if (isRootOrganization(i)) {
                                        resolveCallbackFromServerConfigForSystemApps(domain, oAuthAppDO);
                                    }
                                }
                                oAuthAppDO.setGrantTypes(executeQuery.getString(6));
                                oAuthAppDO.setId(executeQuery.getInt(7));
                                AuthenticatedUser authenticatedUser = new AuthenticatedUser();
                                authenticatedUser.setUserName(executeQuery.getString(8));
                                authenticatedUser.setTenantDomain(IdentityTenantUtil.getTenantDomain(executeQuery.getInt(9)));
                                authenticatedUser.setUserStoreDomain(executeQuery.getString(10));
                                oAuthAppDO.setPkceMandatory(!"0".equals(executeQuery.getString(11)));
                                oAuthAppDO.setPkceSupportPlain(!"0".equals(executeQuery.getString(12)));
                                oAuthAppDO.setUserAccessTokenExpiryTime(executeQuery.getLong(13));
                                oAuthAppDO.setApplicationAccessTokenExpiryTime(executeQuery.getLong(14));
                                oAuthAppDO.setRefreshTokenExpiryTime(executeQuery.getLong(15));
                                oAuthAppDO.setIdTokenExpiryTime(executeQuery.getLong(16));
                                oAuthAppDO.setUser(authenticatedUser);
                                oAuthAppDO.setState(executeQuery.getString(17));
                                handleSpOIDCProperties(dBConnection, preprocessedClientId, authenticatedUser.getTenantDomain(), oAuthAppDO);
                                oAuthAppDO.setScopeValidators(getScopeValidators(dBConnection, oAuthAppDO.getId()));
                                arrayList.add(oAuthAppDO);
                            }
                        }
                        OAuthAppDO[] oAuthAppDOArr = (OAuthAppDO[]) arrayList.toArray(new OAuthAppDO[arrayList.size()]);
                        if (executeQuery != null) {
                            executeQuery.close();
                        }
                        if (prepareStatement != null) {
                            prepareStatement.close();
                        }
                        if (dBConnection != null) {
                            dBConnection.close();
                        }
                        return oAuthAppDOArr;
                    } catch (Throwable th) {
                        if (executeQuery != null) {
                            try {
                                executeQuery.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                    }
                } catch (Throwable th3) {
                    if (prepareStatement != null) {
                        try {
                            prepareStatement.close();
                        } catch (Throwable th4) {
                            th3.addSuppressed(th4);
                        }
                    }
                    throw th3;
                }
            } catch (Throwable th5) {
                if (dBConnection != null) {
                    try {
                        dBConnection.close();
                    } catch (Throwable th6) {
                        th5.addSuppressed(th6);
                    }
                }
                throw th5;
            }
        } catch (URLBuilderException e) {
            throw OAuthUtil.handleError("Error occurred when replacing origin of the access URL with placeholders", e);
        } catch (SQLException e2) {
            throw OAuthUtil.handleError("Error occurred while retrieving OAuth consumer apps of user", e2);
        } catch (IdentityOAuth2Exception e3) {
            throw OAuthUtil.handleError("Error occurred while processing client id and client secret by TokenPersistenceProcessor", e3);
        } catch (UserStoreException e4) {
            throw OAuthUtil.handleError("Error while retrieving Tenant Domain for tenant ID : " + i, e4);
        }
    }

    @Deprecated
    public OAuthAppDO getAppInformation(String str) throws InvalidOAuthClientException, IdentityOAuth2Exception {
        return getAppInformation(str, IdentityTenantUtil.getLoginTenantId());
    }

    public OAuthAppDO getAppInformation(String str, int i) throws InvalidOAuthClientException, IdentityOAuth2Exception {
        OAuthAppDO oAuthAppDO = null;
        try {
            Connection dBConnection = IdentityDatabaseUtil.getDBConnection();
            try {
                PreparedStatement prepareStatement = dBConnection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.GET_APP_INFO_WITH_PKCE);
                try {
                    String processedClientId = this.persistenceProcessor.getProcessedClientId(str);
                    prepareStatement.setString(1, processedClientId);
                    prepareStatement.setInt(2, i);
                    ResultSet executeQuery = prepareStatement.executeQuery();
                    boolean z = false;
                    while (executeQuery.next()) {
                        try {
                            z = true;
                            if (executeQuery.getString(4) != null && executeQuery.getString(4).length() > 0) {
                                oAuthAppDO = new OAuthAppDO();
                                oAuthAppDO.setOauthConsumerKey(str);
                                if (this.isHashDisabled) {
                                    oAuthAppDO.setOauthConsumerSecret(this.persistenceProcessor.getPreprocessedClientSecret(executeQuery.getString(1)));
                                } else {
                                    oAuthAppDO.setOauthConsumerSecret(executeQuery.getString(1));
                                }
                                AuthenticatedUser authenticatedUser = new AuthenticatedUser();
                                authenticatedUser.setUserName(executeQuery.getString(2));
                                oAuthAppDO.setApplicationName(executeQuery.getString(3));
                                oAuthAppDO.setOauthVersion(executeQuery.getString(4));
                                oAuthAppDO.setCallbackUrl(executeQuery.getString(5));
                                if (ApplicationMgtUtil.isConsoleOrMyAccount(oAuthAppDO.getApplicationName())) {
                                    oAuthAppDO.setCallbackUrl(ApplicationMgtUtil.resolveOriginUrlFromPlaceholders(executeQuery.getString(5), oAuthAppDO.getApplicationName()));
                                    if (isRootOrganization(i)) {
                                        resolveCallbackFromServerConfigForSystemApps(IdentityTenantUtil.getTenantDomain(i), oAuthAppDO);
                                    }
                                }
                                authenticatedUser.setTenantDomain(IdentityTenantUtil.getTenantDomain(executeQuery.getInt(6)));
                                authenticatedUser.setUserStoreDomain(executeQuery.getString(7));
                                oAuthAppDO.setUser(authenticatedUser);
                                oAuthAppDO.setGrantTypes(executeQuery.getString(8));
                                oAuthAppDO.setId(executeQuery.getInt(9));
                                oAuthAppDO.setPkceMandatory(!"0".equals(executeQuery.getString(10)));
                                oAuthAppDO.setPkceSupportPlain(!"0".equals(executeQuery.getString(11)));
                                oAuthAppDO.setUserAccessTokenExpiryTime(executeQuery.getLong(12));
                                oAuthAppDO.setApplicationAccessTokenExpiryTime(executeQuery.getLong(13));
                                oAuthAppDO.setRefreshTokenExpiryTime(executeQuery.getLong(14));
                                oAuthAppDO.setIdTokenExpiryTime(executeQuery.getLong(15));
                                oAuthAppDO.setState(executeQuery.getString(16));
                                handleSpOIDCProperties(dBConnection, processedClientId, authenticatedUser.getTenantDomain(), oAuthAppDO);
                                oAuthAppDO.setScopeValidators(getScopeValidators(dBConnection, oAuthAppDO.getId()));
                                oAuthAppDO.setAccessTokenClaims(getAccessTokenClaims(dBConnection, oAuthAppDO.getId()));
                            }
                        } catch (Throwable th) {
                            if (executeQuery != null) {
                                try {
                                    executeQuery.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    }
                    if (!z) {
                        handleRequestForANonExistingConsumerKey(str);
                    }
                    dBConnection.commit();
                    if (executeQuery != null) {
                        executeQuery.close();
                    }
                    if (prepareStatement != null) {
                        prepareStatement.close();
                    }
                    if (dBConnection != null) {
                        dBConnection.close();
                    }
                    return oAuthAppDO;
                } catch (Throwable th3) {
                    if (prepareStatement != null) {
                        try {
                            prepareStatement.close();
                        } catch (Throwable th4) {
                            th3.addSuppressed(th4);
                        }
                    }
                    throw th3;
                }
            } catch (Throwable th5) {
                if (dBConnection != null) {
                    try {
                        dBConnection.close();
                    } catch (Throwable th6) {
                        th5.addSuppressed(th6);
                    }
                }
                throw th5;
            }
        } catch (URLBuilderException e) {
            throw new IdentityOAuth2Exception("Error occurred when replacing origin of the access URL with placeholders", (Throwable) e);
        } catch (SQLException e2) {
            throw new IdentityOAuth2Exception("Error while retrieving the app information", e2);
        }
    }

    public OAuthAppDO getAppInformation(String str, AccessTokenDO accessTokenDO) throws InvalidOAuthClientException, IdentityOAuth2Exception {
        OAuthAppDO oAuthAppDO = null;
        String tokenId = accessTokenDO.getTokenId();
        if (StringUtils.isBlank(tokenId)) {
            throw new IdentityOAuth2Exception("Error while retrieving the application. Token id is empty.");
        }
        try {
            Connection dBConnection = IdentityDatabaseUtil.getDBConnection(false);
            try {
                PreparedStatement prepareStatement = dBConnection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.GET_APP_INFO_FOR_TOKEN_ID_WITH_PKCE);
                try {
                    prepareStatement.setString(1, tokenId);
                    ResultSet executeQuery = prepareStatement.executeQuery();
                    boolean z = false;
                    while (executeQuery.next()) {
                        try {
                            z = true;
                            if (StringUtils.isNotBlank(executeQuery.getString(OAUTH_VERSION))) {
                                oAuthAppDO = new OAuthAppDO();
                                oAuthAppDO.setOauthConsumerKey(str);
                                if (this.isHashDisabled) {
                                    oAuthAppDO.setOauthConsumerSecret(this.persistenceProcessor.getPreprocessedClientSecret(executeQuery.getString(CONSUMER_SECRET)));
                                } else {
                                    oAuthAppDO.setOauthConsumerSecret(executeQuery.getString(CONSUMER_SECRET));
                                }
                                AuthenticatedUser authenticatedUser = new AuthenticatedUser();
                                authenticatedUser.setUserName(executeQuery.getString(USERNAME));
                                oAuthAppDO.setApplicationName(executeQuery.getString(APP_NAME));
                                oAuthAppDO.setOauthVersion(executeQuery.getString(OAUTH_VERSION));
                                oAuthAppDO.setCallbackUrl(executeQuery.getString(CALLBACK_URL));
                                if (ApplicationMgtUtil.isConsoleOrMyAccount(oAuthAppDO.getApplicationName())) {
                                    oAuthAppDO.setCallbackUrl(ApplicationMgtUtil.resolveOriginUrlFromPlaceholders(executeQuery.getString(CALLBACK_URL), oAuthAppDO.getApplicationName()));
                                    if (isRootOrganization(executeQuery.getInt("TENANT_ID"))) {
                                        resolveCallbackFromServerConfigForSystemApps(IdentityTenantUtil.getTenantDomain(executeQuery.getInt("TENANT_ID")), oAuthAppDO);
                                    }
                                }
                                authenticatedUser.setTenantDomain(IdentityTenantUtil.getTenantDomain(executeQuery.getInt("TENANT_ID")));
                                authenticatedUser.setUserStoreDomain(executeQuery.getString("USER_DOMAIN"));
                                oAuthAppDO.setAppOwner(authenticatedUser);
                                oAuthAppDO.setGrantTypes(executeQuery.getString(GRANT_TYPES));
                                oAuthAppDO.setId(executeQuery.getInt(ID));
                                oAuthAppDO.setPkceMandatory(!"0".equals(executeQuery.getString(PKCE_MANDATORY)));
                                oAuthAppDO.setPkceSupportPlain(!"0".equals(executeQuery.getString(PKCE_SUPPORT_PLAIN)));
                                oAuthAppDO.setUserAccessTokenExpiryTime(executeQuery.getLong(USER_ACCESS_TOKEN_EXPIRE_TIME));
                                oAuthAppDO.setApplicationAccessTokenExpiryTime(executeQuery.getLong(APP_ACCESS_TOKEN_EXPIRE_TIME));
                                oAuthAppDO.setRefreshTokenExpiryTime(executeQuery.getLong(REFRESH_TOKEN_EXPIRE_TIME));
                                oAuthAppDO.setIdTokenExpiryTime(executeQuery.getLong(ID_TOKEN_EXPIRE_TIME));
                                oAuthAppDO.setState(executeQuery.getString(APP_STATE));
                                handleSpOIDCProperties(dBConnection, this.persistenceProcessor.getProcessedClientId(str), authenticatedUser.getTenantDomain(), oAuthAppDO);
                                oAuthAppDO.setScopeValidators(getScopeValidators(dBConnection, oAuthAppDO.getId()));
                            }
                        } catch (Throwable th) {
                            if (executeQuery != null) {
                                try {
                                    executeQuery.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    }
                    if (!z) {
                        handleRequestForANonExistingConsumerKey(str);
                    }
                    if (executeQuery != null) {
                        executeQuery.close();
                    }
                    if (prepareStatement != null) {
                        prepareStatement.close();
                    }
                    if (dBConnection != null) {
                        dBConnection.close();
                    }
                    return oAuthAppDO;
                } catch (Throwable th3) {
                    if (prepareStatement != null) {
                        try {
                            prepareStatement.close();
                        } catch (Throwable th4) {
                            th3.addSuppressed(th4);
                        }
                    }
                    throw th3;
                }
            } finally {
            }
        } catch (SQLException e) {
            throw new IdentityOAuth2Exception("Error while retrieving the app information", e);
        } catch (URLBuilderException e2) {
            throw new IdentityOAuth2Exception("Error occurred when replacing origin of the access URL with placeholders", (Throwable) e2);
        }
    }

    public OAuthAppDO[] getAppsForConsumerKey(String str) throws InvalidOAuthClientException, IdentityOAuth2Exception {
        ArrayList arrayList = new ArrayList();
        try {
            Connection dBConnection = IdentityDatabaseUtil.getDBConnection(false);
            try {
                PreparedStatement prepareStatement = dBConnection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.GET_APP_INFO_FOR_CONSUMER_KEY_WITH_PKCE);
                try {
                    String processedClientId = this.persistenceProcessor.getProcessedClientId(str);
                    prepareStatement.setString(1, processedClientId);
                    ResultSet executeQuery = prepareStatement.executeQuery();
                    while (executeQuery.next()) {
                        try {
                            if (StringUtils.isNotBlank(executeQuery.getString(OAUTH_VERSION))) {
                                OAuthAppDO oAuthAppDO = new OAuthAppDO();
                                oAuthAppDO.setOauthConsumerKey(str);
                                if (this.isHashDisabled) {
                                    oAuthAppDO.setOauthConsumerSecret(this.persistenceProcessor.getPreprocessedClientSecret(executeQuery.getString(CONSUMER_SECRET)));
                                } else {
                                    oAuthAppDO.setOauthConsumerSecret(executeQuery.getString(CONSUMER_SECRET));
                                }
                                AuthenticatedUser authenticatedUser = new AuthenticatedUser();
                                authenticatedUser.setUserName(executeQuery.getString(USERNAME));
                                oAuthAppDO.setApplicationName(executeQuery.getString(APP_NAME));
                                oAuthAppDO.setOauthVersion(executeQuery.getString(OAUTH_VERSION));
                                oAuthAppDO.setCallbackUrl(executeQuery.getString(CALLBACK_URL));
                                if (ApplicationMgtUtil.isConsoleOrMyAccount(oAuthAppDO.getApplicationName())) {
                                    oAuthAppDO.setCallbackUrl(ApplicationMgtUtil.resolveOriginUrlFromPlaceholders(executeQuery.getString(CALLBACK_URL), oAuthAppDO.getApplicationName()));
                                    if (isRootOrganization(executeQuery.getInt("TENANT_ID"))) {
                                        resolveCallbackFromServerConfigForSystemApps(IdentityTenantUtil.getTenantDomain(executeQuery.getInt("TENANT_ID")), oAuthAppDO);
                                    }
                                }
                                authenticatedUser.setTenantDomain(IdentityTenantUtil.getTenantDomain(executeQuery.getInt("TENANT_ID")));
                                authenticatedUser.setUserStoreDomain(executeQuery.getString("USER_DOMAIN"));
                                oAuthAppDO.setAppOwner(authenticatedUser);
                                oAuthAppDO.setGrantTypes(executeQuery.getString(GRANT_TYPES));
                                oAuthAppDO.setId(executeQuery.getInt(ID));
                                oAuthAppDO.setPkceMandatory(!"0".equals(executeQuery.getString(PKCE_MANDATORY)));
                                oAuthAppDO.setPkceSupportPlain(!"0".equals(executeQuery.getString(PKCE_SUPPORT_PLAIN)));
                                oAuthAppDO.setUserAccessTokenExpiryTime(executeQuery.getLong(USER_ACCESS_TOKEN_EXPIRE_TIME));
                                oAuthAppDO.setApplicationAccessTokenExpiryTime(executeQuery.getLong(APP_ACCESS_TOKEN_EXPIRE_TIME));
                                oAuthAppDO.setRefreshTokenExpiryTime(executeQuery.getLong(REFRESH_TOKEN_EXPIRE_TIME));
                                oAuthAppDO.setIdTokenExpiryTime(executeQuery.getLong(ID_TOKEN_EXPIRE_TIME));
                                oAuthAppDO.setState(executeQuery.getString(APP_STATE));
                                handleSpOIDCProperties(dBConnection, processedClientId, authenticatedUser.getTenantDomain(), oAuthAppDO);
                                oAuthAppDO.setScopeValidators(getScopeValidators(dBConnection, oAuthAppDO.getId()));
                                arrayList.add(oAuthAppDO);
                            }
                        } catch (Throwable th) {
                            if (executeQuery != null) {
                                try {
                                    executeQuery.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    }
                    if (arrayList.isEmpty()) {
                        handleRequestForANonExistingConsumerKey(str);
                    }
                    if (executeQuery != null) {
                        executeQuery.close();
                    }
                    if (prepareStatement != null) {
                        prepareStatement.close();
                    }
                    if (dBConnection != null) {
                        dBConnection.close();
                    }
                    return (OAuthAppDO[]) arrayList.toArray(new OAuthAppDO[arrayList.size()]);
                } catch (Throwable th3) {
                    if (prepareStatement != null) {
                        try {
                            prepareStatement.close();
                        } catch (Throwable th4) {
                            th3.addSuppressed(th4);
                        }
                    }
                    throw th3;
                }
            } finally {
            }
        } catch (SQLException e) {
            throw new IdentityOAuth2Exception("Error while retrieving the app information", e);
        } catch (URLBuilderException e2) {
            throw new IdentityOAuth2Exception("Error occurred when replacing origin of the access URL with placeholders", (Throwable) e2);
        }
    }

    public OAuthAppDO getAppInformationByAppName(String str) throws InvalidOAuthClientException, IdentityOAuth2Exception {
        return getAppInformationByAppName(str, CarbonContext.getThreadLocalCarbonContext().getTenantId());
    }

    public OAuthAppDO getAppInformationByAppName(String str, int i) throws InvalidOAuthClientException, IdentityOAuth2Exception {
        try {
            Connection dBConnection = IdentityDatabaseUtil.getDBConnection(false);
            try {
                PreparedStatement prepareStatement = dBConnection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.GET_APP_INFO_BY_APP_NAME_WITH_PKCE);
                try {
                    prepareStatement.setString(1, str);
                    prepareStatement.setInt(2, i);
                    ResultSet executeQuery = prepareStatement.executeQuery();
                    try {
                        OAuthAppDO oAuthAppDO = new OAuthAppDO();
                        oAuthAppDO.setApplicationName(str);
                        AuthenticatedUser authenticatedUser = new AuthenticatedUser();
                        authenticatedUser.setTenantDomain(IdentityTenantUtil.getTenantDomain(i));
                        boolean z = false;
                        while (executeQuery.next()) {
                            z = true;
                            if (executeQuery.getString(4) != null && executeQuery.getString(4).length() > 0) {
                                if (this.isHashDisabled) {
                                    oAuthAppDO.setOauthConsumerSecret(this.persistenceProcessor.getPreprocessedClientSecret(executeQuery.getString(1)));
                                } else {
                                    oAuthAppDO.setOauthConsumerSecret(executeQuery.getString(1));
                                }
                                authenticatedUser.setUserName(executeQuery.getString(2));
                                authenticatedUser.setUserStoreDomain(executeQuery.getString(3));
                                oAuthAppDO.setUser(authenticatedUser);
                                String preprocessedClientId = this.persistenceProcessor.getPreprocessedClientId(executeQuery.getString(4));
                                oAuthAppDO.setOauthConsumerKey(preprocessedClientId);
                                oAuthAppDO.setOauthVersion(executeQuery.getString(5));
                                oAuthAppDO.setCallbackUrl(executeQuery.getString(6));
                                if (ApplicationMgtUtil.isConsoleOrMyAccount(oAuthAppDO.getApplicationName())) {
                                    oAuthAppDO.setCallbackUrl(ApplicationMgtUtil.resolveOriginUrlFromPlaceholders(executeQuery.getString(6), oAuthAppDO.getApplicationName()));
                                    if (isRootOrganization(i)) {
                                        resolveCallbackFromServerConfigForSystemApps(IdentityTenantUtil.getTenantDomain(i), oAuthAppDO);
                                    }
                                }
                                oAuthAppDO.setGrantTypes(executeQuery.getString(7));
                                oAuthAppDO.setId(executeQuery.getInt(8));
                                oAuthAppDO.setPkceMandatory(!"0".equals(executeQuery.getString(9)));
                                oAuthAppDO.setPkceSupportPlain(!"0".equals(executeQuery.getString(10)));
                                oAuthAppDO.setUserAccessTokenExpiryTime(executeQuery.getLong(11));
                                oAuthAppDO.setApplicationAccessTokenExpiryTime(executeQuery.getLong(12));
                                oAuthAppDO.setRefreshTokenExpiryTime(executeQuery.getLong(13));
                                oAuthAppDO.setIdTokenExpiryTime(executeQuery.getLong(14));
                                handleSpOIDCProperties(dBConnection, preprocessedClientId, authenticatedUser.getTenantDomain(), oAuthAppDO);
                                oAuthAppDO.setScopeValidators(getScopeValidators(dBConnection, oAuthAppDO.getId()));
                            }
                        }
                        if (!z) {
                            handleRequestForANonExistingApp(str);
                        }
                        if (executeQuery != null) {
                            executeQuery.close();
                        }
                        if (prepareStatement != null) {
                            prepareStatement.close();
                        }
                        if (dBConnection != null) {
                            dBConnection.close();
                        }
                        return oAuthAppDO;
                    } catch (Throwable th) {
                        if (executeQuery != null) {
                            try {
                                executeQuery.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                    }
                } catch (Throwable th3) {
                    if (prepareStatement != null) {
                        try {
                            prepareStatement.close();
                        } catch (Throwable th4) {
                            th3.addSuppressed(th4);
                        }
                    }
                    throw th3;
                }
            } finally {
            }
        } catch (SQLException e) {
            throw new IdentityOAuth2Exception("Error while retrieving the app information", e);
        } catch (URLBuilderException e2) {
            throw new IdentityOAuth2Exception("Error occurred when replacing origin of the access URL with placeholders", (Throwable) e2);
        }
    }

    public void updateConsumerApplication(OAuthAppDO oAuthAppDO) throws IdentityOAuthAdminException {
        boolean validateUserForOwnerUpdate = validateUserForOwnerUpdate(oAuthAppDO);
        try {
            Connection dBConnection = IdentityDatabaseUtil.getDBConnection();
            try {
                String callbackUrl = oAuthAppDO.getCallbackUrl();
                if (ApplicationMgtUtil.isConsoleOrMyAccount(oAuthAppDO.getApplicationName())) {
                    callbackUrl = ApplicationMgtUtil.replaceUrlOriginWithPlaceholders(callbackUrl);
                }
                try {
                    PreparedStatement prepareStatement = dBConnection.prepareStatement(getSqlQuery(validateUserForOwnerUpdate));
                    try {
                        prepareStatement.setString(1, oAuthAppDO.getApplicationName());
                        prepareStatement.setString(2, callbackUrl);
                        prepareStatement.setString(3, oAuthAppDO.getGrantTypes());
                        if (validateUserForOwnerUpdate) {
                            setValuesToStatementWithPKCEAndOwnerUpdate(oAuthAppDO, prepareStatement);
                        } else {
                            setValuesToStatementWithPKCENoOwnerUpdate(oAuthAppDO, prepareStatement);
                        }
                        int executeUpdate = prepareStatement.executeUpdate();
                        updateScopeValidators(dBConnection, oAuthAppDO.getId(), oAuthAppDO.getScopeValidators());
                        updateAccessTokenClaims(dBConnection, oAuthAppDO.getId(), oAuthAppDO.getAccessTokenClaims());
                        if (LOG.isDebugEnabled()) {
                            LOG.debug("No. of records updated for updating consumer application. : " + executeUpdate);
                        }
                        addOrUpdateOIDCSpProperty(oAuthAppDO, dBConnection);
                        IdentityDatabaseUtil.commitTransaction(dBConnection);
                        if (prepareStatement != null) {
                            prepareStatement.close();
                        }
                        if (dBConnection != null) {
                            dBConnection.close();
                        }
                    } catch (Throwable th) {
                        if (prepareStatement != null) {
                            try {
                                prepareStatement.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                    }
                } catch (SQLException e) {
                    IdentityDatabaseUtil.rollbackTransaction(dBConnection);
                    throw OAuthUtil.handleError("Error when updating OAuth application", e);
                }
            } finally {
            }
        } catch (SQLException e2) {
            throw OAuthUtil.handleError("Error when updating OAuth application", e2);
        } catch (IdentityOAuth2Exception e3) {
            throw OAuthUtil.handleError("Error occurred while processing client id and client secret by TokenPersistenceProcessor", e3);
        } catch (URLBuilderException e4) {
            throw OAuthUtil.handleError("Error occurred when replacing origin of the access URL with placeholders", e4);
        }
    }

    private boolean validateUserForOwnerUpdate(OAuthAppDO oAuthAppDO) throws IdentityOAuthAdminException {
        String str = null;
        String str2 = null;
        if (oAuthAppDO.getAppOwner() != null) {
            str = oAuthAppDO.getAppOwner().getUserName();
            if (StringUtils.isEmpty(str) || "wso2.system.user".equals(str)) {
                return false;
            }
            str2 = oAuthAppDO.getAppOwner().getUserStoreDomain();
        }
        return isUserExists(str, str2);
    }

    private boolean isUserExists(String str, String str2) throws IdentityOAuthAdminException {
        String addDomainToName = UserCoreUtil.addDomainToName(str, str2);
        try {
            return OAuthUtil.getUser(PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain(), addDomainToName).isPresent();
        } catch (IdentityApplicationManagementException e) {
            throw OAuthUtil.handleError("Error while checking user existence of user: " + addDomainToName, e);
        }
    }

    private boolean validateUserForOwnerUpdate(ServiceProvider serviceProvider) throws IdentityOAuthAdminException {
        if (serviceProvider.getOwner() == null) {
            return false;
        }
        String userName = serviceProvider.getOwner().getUserName();
        if (StringUtils.isEmpty(userName) || "wso2.system.user".equals(userName)) {
            return false;
        }
        return isUserExists(userName, serviceProvider.getOwner().getUserStoreDomain());
    }

    private String getSqlQuery(boolean z) {
        return z ? SQLQueries.OAuthAppDAOSQLQueries.UPDATE_CONSUMER_APP_WITH_PKCE_AND_OWNER_UPDATE : SQLQueries.OAuthAppDAOSQLQueries.UPDATE_CONSUMER_APP_WITH_PKCE;
    }

    private void setValuesToStatementWithPKCEAndOwnerUpdate(OAuthAppDO oAuthAppDO, PreparedStatement preparedStatement) throws SQLException, IdentityOAuth2Exception {
        preparedStatement.setString(4, oAuthAppDO.isPkceMandatory() ? "1" : "0");
        preparedStatement.setString(5, oAuthAppDO.isPkceSupportPlain() ? "1" : "0");
        preparedStatement.setLong(6, oAuthAppDO.getUserAccessTokenExpiryTime());
        preparedStatement.setLong(7, oAuthAppDO.getApplicationAccessTokenExpiryTime());
        preparedStatement.setLong(8, oAuthAppDO.getRefreshTokenExpiryTime());
        preparedStatement.setLong(9, oAuthAppDO.getIdTokenExpiryTime());
        preparedStatement.setString(10, oAuthAppDO.getAppOwner().getUserName());
        preparedStatement.setString(11, oAuthAppDO.getAppOwner().getUserStoreDomain());
        preparedStatement.setString(12, this.persistenceProcessor.getProcessedClientId(oAuthAppDO.getOauthConsumerKey()));
        preparedStatement.setInt(13, IdentityTenantUtil.getLoginTenantId());
    }

    private void setValuesToStatementWithPKCENoOwnerUpdate(OAuthAppDO oAuthAppDO, PreparedStatement preparedStatement) throws SQLException, IdentityOAuth2Exception {
        preparedStatement.setString(4, oAuthAppDO.isPkceMandatory() ? "1" : "0");
        preparedStatement.setString(5, oAuthAppDO.isPkceSupportPlain() ? "1" : "0");
        preparedStatement.setLong(6, oAuthAppDO.getUserAccessTokenExpiryTime());
        preparedStatement.setLong(7, oAuthAppDO.getApplicationAccessTokenExpiryTime());
        preparedStatement.setLong(8, oAuthAppDO.getRefreshTokenExpiryTime());
        preparedStatement.setLong(9, oAuthAppDO.getIdTokenExpiryTime());
        preparedStatement.setString(10, this.persistenceProcessor.getProcessedClientId(oAuthAppDO.getOauthConsumerKey()));
        preparedStatement.setInt(11, IdentityTenantUtil.getLoginTenantId());
    }

    private void addOrUpdateOIDCSpProperty(OAuthAppDO oAuthAppDO, Connection connection) throws IdentityOAuth2Exception, SQLException {
        String preprocessedClientId = this.persistenceProcessor.getPreprocessedClientId(oAuthAppDO.getOauthConsumerKey());
        String tenantDomain = oAuthAppDO.getUser().getTenantDomain();
        int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
        Map<String, List<String>> spOIDCProperties = getSpOIDCProperties(connection, preprocessedClientId, tenantDomain);
        PreparedStatement prepareStatement = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.ADD_SP_OIDC_PROPERTY);
        PreparedStatement prepareStatement2 = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.UPDATE_SP_OIDC_PROPERTY);
        PreparedStatement prepareStatement3 = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.REMOVE_SP_OIDC_PROPERTY);
        if (isOIDCAudienceEnabled()) {
            String[] audiences = oAuthAppDO.getAudiences();
            HashSet hashSet = audiences == null ? new HashSet() : new HashSet(Arrays.asList(audiences));
            List<String> oIDCAudiences = getOIDCAudiences(tenantDomain, oAuthAppDO.getOauthConsumerKey());
            HashSet hashSet2 = oIDCAudiences == null ? new HashSet() : new HashSet(oIDCAudiences);
            HashSet hashSet3 = (HashSet) hashSet.clone();
            hashSet.removeAll(hashSet2);
            hashSet2.removeAll(hashSet3);
            Iterator it = hashSet2.iterator();
            while (it.hasNext()) {
                addToBatchForOIDCPropertyDelete(preprocessedClientId, tenantId, prepareStatement3, OAuth2Util.OPENID_CONNECT_AUDIENCE, (String) it.next());
            }
            Iterator it2 = hashSet.iterator();
            while (it2.hasNext()) {
                addToBatchForOIDCPropertyAdd(preprocessedClientId, tenantId, prepareStatement, OAuth2Util.OPENID_CONNECT_AUDIENCE, (String) it2.next());
            }
        }
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "requestObjectSigned", String.valueOf(oAuthAppDO.isRequestObjectSignatureValidationEnabled()), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "idTokenEncrypted", String.valueOf(oAuthAppDO.isIdTokenEncryptionEnabled()), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "idTokenEncryptionAlgorithm", String.valueOf(oAuthAppDO.getIdTokenEncryptionAlgorithm()), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "idTokenEncryptionMethod", String.valueOf(oAuthAppDO.getIdTokenEncryptionMethod()), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "backChannelLogoutURL", oAuthAppDO.getBackChannelLogoutUrl(), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "frontchannelLogoutURL", oAuthAppDO.getFrontchannelLogoutUrl(), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "tokenType", oAuthAppDO.getTokenType(), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "bypassClientCredentials", String.valueOf(oAuthAppDO.isBypassClientCredentials()), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "renewRefreshToken", oAuthAppDO.getRenewRefreshTokenEnabled(), prepareStatement, prepareStatement2);
        if ("None".equalsIgnoreCase(oAuthAppDO.getTokenBindingType())) {
            oAuthAppDO.setTokenBindingType(null);
        }
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "tokenBindingType", oAuthAppDO.getTokenBindingType(), prepareStatement, prepareStatement2);
        if (oAuthAppDO.getTokenBindingType() == null) {
            oAuthAppDO.setTokenRevocationWithIDPSessionTerminationEnabled(false);
            oAuthAppDO.setTokenBindingValidationEnabled(false);
        }
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "tokenRevocationWithIDPSessionTermination", String.valueOf(oAuthAppDO.isTokenRevocationWithIDPSessionTerminationEnabled()), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "tokenBindingValidation", String.valueOf(oAuthAppDO.isTokenBindingValidationEnabled()), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "tokenEndpointAuthMethod", oAuthAppDO.getTokenEndpointAuthMethod(), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "tokenEndpointAllowReusePvtKeyJwt", String.valueOf(oAuthAppDO.isTokenEndpointAllowReusePvtKeyJwt()), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "tokenEndpointAuthSigningAlg", oAuthAppDO.getTokenEndpointAuthSignatureAlgorithm(), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "sectorIdentifierUri", oAuthAppDO.getSectorIdentifierURI(), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "idTokenSignedResponseAlg", oAuthAppDO.getIdTokenSignatureAlgorithm(), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "requestObjectSigningAlg", oAuthAppDO.getRequestObjectSignatureAlgorithm(), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "requestObjectEncryptionAlgorithm", oAuthAppDO.getRequestObjectEncryptionAlgorithm(), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "requestObjectEncryptionMethod", oAuthAppDO.getRequestObjectEncryptionMethod(), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "tlsClientAuthSubjectDn", oAuthAppDO.getTlsClientAuthSubjectDN(), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "requirePushAuthorizationRequest", String.valueOf(oAuthAppDO.isRequirePushedAuthorizationRequests()), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "tlsClientCertificateBoundAccessToken", String.valueOf(oAuthAppDO.isTlsClientCertificateBoundAccessTokens()), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "subjectType", oAuthAppDO.getSubjectType(), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "isSubjectTokenEnabled", String.valueOf(oAuthAppDO.isSubjectTokenEnabled()), prepareStatement, prepareStatement2);
        if (oAuthAppDO.getSubjectTokenExpiryTime() <= 0) {
            oAuthAppDO.setSubjectTokenExpiryTime(180);
        }
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "subjectTokenExpiryTime", String.valueOf(oAuthAppDO.getSubjectTokenExpiryTime()), prepareStatement, prepareStatement2);
        addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "hybridFlowEnabled", String.valueOf(oAuthAppDO.isHybridFlowEnabled()), prepareStatement, prepareStatement2);
        if (oAuthAppDO.isHybridFlowEnabled()) {
            addOrUpdateOIDCSpProperty(preprocessedClientId, tenantId, spOIDCProperties, "hybridFlowResponseType", oAuthAppDO.getHybridFlowResponseType(), prepareStatement, prepareStatement2);
        }
        prepareStatement.executeBatch();
        prepareStatement2.executeBatch();
        prepareStatement3.executeBatch();
    }

    private void addOrUpdateOIDCSpProperty(String str, int i, Map<String, List<String>> map, String str2, String str3, PreparedStatement preparedStatement, PreparedStatement preparedStatement2) throws SQLException {
        if (propertyAlreadyExists(map, str2)) {
            addToBatchForOIDCPropertyUpdate(str, i, preparedStatement2, str2, str3);
        } else {
            addToBatchForOIDCPropertyAdd(str, i, preparedStatement, str2, str3);
        }
    }

    private void addToBatchForOIDCPropertyAdd(String str, int i, PreparedStatement preparedStatement, String str2, String str3) throws SQLException {
        preparedStatement.setInt(1, i);
        preparedStatement.setString(2, str);
        preparedStatement.setString(3, str2);
        preparedStatement.setString(4, str3);
        preparedStatement.addBatch();
    }

    private void addToBatchForOIDCPropertyDelete(String str, int i, PreparedStatement preparedStatement, String str2, String str3) throws SQLException {
        preparedStatement.setString(1, str);
        preparedStatement.setInt(2, i);
        preparedStatement.setString(3, str2);
        preparedStatement.setString(4, str3);
        preparedStatement.addBatch();
    }

    private void addToBatchForOIDCPropertyUpdate(String str, int i, PreparedStatement preparedStatement, String str2, String str3) throws SQLException {
        preparedStatement.setString(1, str3);
        preparedStatement.setString(2, str);
        preparedStatement.setInt(3, i);
        preparedStatement.setString(4, str2);
        preparedStatement.addBatch();
    }

    private boolean propertyAlreadyExists(Map<String, List<String>> map, String str) {
        return map.containsKey(str);
    }

    public void removeConsumerApplication(String str) throws IdentityOAuthAdminException {
        try {
            Connection dBConnection = IdentityDatabaseUtil.getDBConnection();
            try {
                PreparedStatement prepareStatement = dBConnection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.REMOVE_APPLICATION);
                try {
                    prepareStatement.setString(1, str);
                    prepareStatement.setInt(2, PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId());
                    prepareStatement.execute();
                    if (isOIDCAudienceEnabled()) {
                        removeOauthOIDCPropertyTable(dBConnection, CarbonContext.getThreadLocalCarbonContext().getTenantDomain(), str);
                    }
                    IdentityDatabaseUtil.commitTransaction(dBConnection);
                    if (prepareStatement != null) {
                        prepareStatement.close();
                    }
                    if (dBConnection != null) {
                        dBConnection.close();
                    }
                } catch (Throwable th) {
                    if (prepareStatement != null) {
                        try {
                            prepareStatement.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } finally {
            }
        } catch (SQLException e) {
            throw OAuthUtil.handleError("Error when executing the SQL : DELETE FROM IDN_OAUTH_CONSUMER_APPS WHERE CONSUMER_KEY=? AND TENANT_ID=?", e);
        }
    }

    public void removeConsumerApplicationsByTenantId(int i) throws IdentityOAuthAdminException {
        try {
            Connection dBConnection = IdentityDatabaseUtil.getDBConnection(true);
            try {
                removeSPAssociations(i, dBConnection);
                PreparedStatement prepareStatement = dBConnection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.REMOVE_APPLICATIONS_BY_TENANT_ID);
                try {
                    prepareStatement.setInt(1, i);
                    prepareStatement.execute();
                    if (prepareStatement != null) {
                        prepareStatement.close();
                    }
                    if (isOIDCAudienceEnabled()) {
                        removeOAuthOIDCPropertiesByTenantId(dBConnection, i);
                    }
                    IdentityDatabaseUtil.commitTransaction(dBConnection);
                    if (dBConnection != null) {
                        dBConnection.close();
                    }
                } catch (Throwable th) {
                    if (prepareStatement != null) {
                        try {
                            prepareStatement.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } finally {
            }
        } catch (SQLException e) {
            throw OAuthUtil.handleError("Error when deleting consumer apps of the tenant: " + i, e);
        }
    }

    public void updateOAuthConsumerApp(String str, String str2) throws IdentityApplicationManagementException {
        try {
            Connection dBConnection = IdentityDatabaseUtil.getDBConnection();
            try {
                try {
                    PreparedStatement prepareStatement = dBConnection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.UPDATE_OAUTH_INFO);
                    try {
                        prepareStatement.setString(1, str);
                        prepareStatement.setString(2, str2);
                        prepareStatement.setInt(3, IdentityTenantUtil.getLoginTenantId());
                        prepareStatement.execute();
                        IdentityDatabaseUtil.commitTransaction(dBConnection);
                        if (prepareStatement != null) {
                            prepareStatement.close();
                        }
                        if (dBConnection != null) {
                            dBConnection.close();
                        }
                    } catch (Throwable th) {
                        if (prepareStatement != null) {
                            try {
                                prepareStatement.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                    }
                } finally {
                }
            } catch (SQLException e) {
                IdentityDatabaseUtil.rollbackTransaction(dBConnection);
                throw new IdentityApplicationManagementException("Error while executing the SQL statement.", e);
            }
        } catch (SQLException e2) {
            throw new IdentityApplicationManagementException("Error while executing the SQL statement.", e2);
        }
    }

    /* JADX WARN: Failed to calculate best type for var: r9v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r9v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.applyWithWiderIgnSame(TypeUpdate.java:70)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.applyResolvedVars(TypeSearch.java:100)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.run(TypeSearch.java:76)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.runMultiVariableSearch(FixTypesVisitor.java:116)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Not initialized variable reg: 9, insn: 0x00d0: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r9 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:41:0x00d0 */
    public void updateOAuthConsumerApp(ServiceProvider serviceProvider, String str) throws IdentityApplicationManagementException, IdentityOAuthAdminException {
        int tenantId = StringUtils.isNotEmpty(serviceProvider.getTenantDomain()) ? IdentityTenantUtil.getTenantId(serviceProvider.getTenantDomain()) : IdentityTenantUtil.getLoginTenantId();
        if (!validateUserForOwnerUpdate(serviceProvider)) {
            updateOAuthConsumerApp(serviceProvider.getApplicationName(), str);
            return;
        }
        try {
            try {
                Connection dBConnection = IdentityDatabaseUtil.getDBConnection(true);
                try {
                    PreparedStatement prepareStatement = dBConnection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.UPDATE_OAUTH_CLIENT_WITH_OWNER);
                    try {
                        prepareStatement.setString(1, serviceProvider.getApplicationName());
                        prepareStatement.setString(2, serviceProvider.getOwner().getUserName());
                        prepareStatement.setString(3, serviceProvider.getOwner().getUserStoreDomain());
                        prepareStatement.setString(4, str);
                        prepareStatement.setInt(5, tenantId);
                        prepareStatement.execute();
                        IdentityDatabaseUtil.commitTransaction(dBConnection);
                        if (prepareStatement != null) {
                            prepareStatement.close();
                        }
                        if (dBConnection != null) {
                            dBConnection.close();
                        }
                    } catch (Throwable th) {
                        if (prepareStatement != null) {
                            try {
                                prepareStatement.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                    }
                } catch (SQLException e) {
                    IdentityDatabaseUtil.rollbackTransaction(dBConnection);
                    throw new IdentityApplicationManagementException("Error while executing the SQL statement.", e);
                }
            } catch (SQLException e2) {
                throw new IdentityApplicationManagementException("Error while executing the SQL statement.", e2);
            }
        } finally {
        }
    }

    public String getConsumerAppState(String str) throws IdentityOAuthAdminException {
        String str2 = null;
        try {
            Connection dBConnection = IdentityDatabaseUtil.getDBConnection(false);
            try {
                PreparedStatement prepareStatement = dBConnection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.GET_APPLICATION_STATE);
                try {
                    prepareStatement.setString(1, str);
                    prepareStatement.setInt(2, IdentityTenantUtil.getLoginTenantId());
                    ResultSet executeQuery = prepareStatement.executeQuery();
                    try {
                        if (executeQuery.next()) {
                            str2 = executeQuery.getString(APP_STATE);
                        } else if (LOG.isDebugEnabled()) {
                            LOG.debug("No App found for the consumerKey: " + str);
                        }
                        if (executeQuery != null) {
                            executeQuery.close();
                        }
                        if (prepareStatement != null) {
                            prepareStatement.close();
                        }
                        if (dBConnection != null) {
                            dBConnection.close();
                        }
                        return str2;
                    } catch (Throwable th) {
                        if (executeQuery != null) {
                            try {
                                executeQuery.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                    }
                } catch (Throwable th3) {
                    if (prepareStatement != null) {
                        try {
                            prepareStatement.close();
                        } catch (Throwable th4) {
                            th3.addSuppressed(th4);
                        }
                    }
                    throw th3;
                }
            } finally {
            }
        } catch (SQLException e) {
            throw OAuthUtil.handleError("Error while executing the SQL prepStmt.", e);
        }
    }

    public void updateConsumerAppState(String str, String str2) throws IdentityApplicationManagementException {
        try {
            Connection dBConnection = IdentityDatabaseUtil.getDBConnection();
            try {
                try {
                    PreparedStatement prepareStatement = dBConnection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.UPDATE_APPLICATION_STATE);
                    try {
                        prepareStatement.setString(1, str2);
                        prepareStatement.setString(2, str);
                        prepareStatement.setInt(3, IdentityTenantUtil.getLoginTenantId());
                        prepareStatement.execute();
                        IdentityDatabaseUtil.commitTransaction(dBConnection);
                        if (prepareStatement != null) {
                            prepareStatement.close();
                        }
                        if (dBConnection != null) {
                            dBConnection.close();
                        }
                    } catch (Throwable th) {
                        if (prepareStatement != null) {
                            try {
                                prepareStatement.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                    }
                } finally {
                }
            } catch (SQLException e) {
                IdentityDatabaseUtil.rollbackTransaction(dBConnection);
                throw new IdentityApplicationManagementException("Error while executing the SQL statement.", e);
            }
        } catch (SQLException e2) {
            throw new IdentityApplicationManagementException("Error while executing the SQL statement.", e2);
        }
    }

    public boolean isDuplicateApplication(String str, int i, String str2, OAuthAppDO oAuthAppDO) throws IdentityOAuthAdminException {
        boolean z = false;
        boolean isUserStoreInUsernameCaseSensitive = IdentityUtil.isUserStoreInUsernameCaseSensitive(str, i);
        try {
            Connection dBConnection = IdentityDatabaseUtil.getDBConnection(false);
            String str3 = SQLQueries.OAuthAppDAOSQLQueries.CHECK_EXISTING_APPLICATION;
            if (!isUserStoreInUsernameCaseSensitive) {
                try {
                    str3 = str3.replace(USERNAME, LOWER_USERNAME);
                } finally {
                }
            }
            PreparedStatement prepareStatement = dBConnection.prepareStatement(str3);
            try {
                if (isUserStoreInUsernameCaseSensitive) {
                    prepareStatement.setString(1, str);
                } else {
                    prepareStatement.setString(1, str.toLowerCase());
                }
                prepareStatement.setInt(2, i);
                prepareStatement.setString(3, str2);
                prepareStatement.setString(4, oAuthAppDO.getApplicationName());
                ResultSet executeQuery = prepareStatement.executeQuery();
                try {
                    if (executeQuery.next()) {
                        z = true;
                    }
                    if (executeQuery != null) {
                        executeQuery.close();
                    }
                    if (prepareStatement != null) {
                        prepareStatement.close();
                    }
                    if (dBConnection != null) {
                        dBConnection.close();
                    }
                    return z;
                } catch (Throwable th) {
                    if (executeQuery != null) {
                        try {
                            executeQuery.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } catch (Throwable th3) {
                if (prepareStatement != null) {
                    try {
                        prepareStatement.close();
                    } catch (Throwable th4) {
                        th3.addSuppressed(th4);
                    }
                }
                throw th3;
            }
        } catch (SQLException e) {
            throw OAuthUtil.handleError("Error when executing the SQL : SELECT * FROM IDN_OAUTH_CONSUMER_APPS WHERE USERNAME=? AND TENANT_ID=? AND USER_DOMAIN=? AND APP_NAME=?", e);
        }
    }

    public boolean isDuplicateConsumer(String str) throws IdentityOAuthAdminException {
        boolean z = false;
        try {
            Connection dBConnection = IdentityDatabaseUtil.getDBConnection(false);
            try {
                PreparedStatement prepareStatement = dBConnection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.CHECK_EXISTING_CONSUMER);
                try {
                    prepareStatement.setString(1, this.persistenceProcessor.getProcessedClientId(str));
                    prepareStatement.setInt(2, IdentityTenantUtil.getLoginTenantId());
                    ResultSet executeQuery = prepareStatement.executeQuery();
                    try {
                        if (executeQuery.next()) {
                            z = true;
                        }
                        if (executeQuery != null) {
                            executeQuery.close();
                        }
                        if (prepareStatement != null) {
                            prepareStatement.close();
                        }
                        if (dBConnection != null) {
                            dBConnection.close();
                        }
                        return z;
                    } catch (Throwable th) {
                        if (executeQuery != null) {
                            try {
                                executeQuery.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                    }
                } catch (Throwable th3) {
                    if (prepareStatement != null) {
                        try {
                            prepareStatement.close();
                        } catch (Throwable th4) {
                            th3.addSuppressed(th4);
                        }
                    }
                    throw th3;
                }
            } catch (Throwable th5) {
                if (dBConnection != null) {
                    try {
                        dBConnection.close();
                    } catch (Throwable th6) {
                        th5.addSuppressed(th6);
                    }
                }
                throw th5;
            }
        } catch (SQLException e) {
            throw OAuthUtil.handleError("Error when executing the SQL: SELECT * FROM IDN_OAUTH_CONSUMER_APPS WHERE CONSUMER_KEY=? AND TENANT_ID=?", e);
        } catch (IdentityOAuth2Exception e2) {
            throw OAuthUtil.handleError("Error occurred while processing the client id by TokenPersistenceProcessor", null);
        }
    }

    private boolean isUsernameCaseSensitive(String str) {
        return IdentityUtil.isUserStoreInUsernameCaseSensitive(str);
    }

    public List<String> getOIDCAudiences(String str, String str2) throws IdentityOAuth2Exception {
        ArrayList arrayList = new ArrayList();
        Connection dBConnection = IdentityDatabaseUtil.getDBConnection(false);
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = dBConnection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.GET_SP_OIDC_PROPERTY);
                preparedStatement.setString(1, str2);
                preparedStatement.setInt(2, IdentityTenantUtil.getTenantId(str));
                preparedStatement.setString(3, OAuth2Util.OPENID_CONNECT_AUDIENCE);
                resultSet = preparedStatement.executeQuery();
                while (resultSet.next()) {
                    if (resultSet.getString(1) != null) {
                        arrayList.add(resultSet.getString(1));
                    }
                }
                IdentityDatabaseUtil.closeAllConnections(dBConnection, resultSet, preparedStatement);
                return arrayList;
            } catch (SQLException e) {
                String str3 = "Error occurred while retrieving OIDC audiences for client ID: " + str2 + " and tenant domain: " + str;
                IdentityDatabaseUtil.rollbackTransaction(dBConnection);
                throw new IdentityOAuth2Exception(str3, e);
            }
        } catch (Throwable th) {
            IdentityDatabaseUtil.closeAllConnections(dBConnection, resultSet, preparedStatement);
            throw th;
        }
    }

    public void removeOIDCProperties(String str, String str2) throws IdentityOAuthAdminException {
        Connection dBConnection = IdentityDatabaseUtil.getDBConnection();
        try {
            try {
                removeOauthOIDCPropertyTable(dBConnection, str, str2);
                IdentityDatabaseUtil.commitTransaction(dBConnection);
                IdentityDatabaseUtil.closeAllConnections(dBConnection, (ResultSet) null, (PreparedStatement) null);
            } catch (SQLException e) {
                String str3 = "Error removing OIDC properties for client ID: " + str2 + " and tenant domain: " + str;
                IdentityDatabaseUtil.rollbackTransaction(dBConnection);
                throw new IdentityOAuthAdminException(str3, e);
            }
        } catch (Throwable th) {
            IdentityDatabaseUtil.closeAllConnections(dBConnection, (ResultSet) null, (PreparedStatement) null);
            throw th;
        }
    }

    private void removeOauthOIDCPropertyTable(Connection connection, String str, String str2) throws SQLException {
        PreparedStatement prepareStatement = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.REMOVE_ALL_SP_OIDC_PROPERTIES);
        try {
            prepareStatement.setString(1, str2);
            prepareStatement.setInt(2, IdentityTenantUtil.getTenantId(str));
            prepareStatement.execute();
            if (prepareStatement != null) {
                prepareStatement.close();
            }
        } catch (Throwable th) {
            if (prepareStatement != null) {
                try {
                    prepareStatement.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private void removeOAuthOIDCPropertiesByTenantId(Connection connection, int i) throws SQLException {
        PreparedStatement prepareStatement = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.REMOVE_ALL_SP_OIDC_PROPERTIES_BY_TENANT_ID);
        try {
            prepareStatement.setInt(1, i);
            prepareStatement.execute();
            if (prepareStatement != null) {
                prepareStatement.close();
            }
        } catch (Throwable th) {
            if (prepareStatement != null) {
                try {
                    prepareStatement.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private void removeSPAssociations(int i, Connection connection) throws SQLException {
        for (String str : getOAuthConsumerKeysByTenantId(i, connection)) {
            PreparedStatement prepareStatement = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.REMOVE_SP_ASSOCIATIONS_BY_CONSUMER_ID);
            try {
                prepareStatement.setString(1, str);
                prepareStatement.execute();
                if (prepareStatement != null) {
                    prepareStatement.close();
                }
            } catch (Throwable th) {
                if (prepareStatement != null) {
                    try {
                        prepareStatement.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        }
    }

    private List<String> getOAuthConsumerKeysByTenantId(int i, Connection connection) throws SQLException {
        ArrayList arrayList = new ArrayList();
        PreparedStatement prepareStatement = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.GET_CONSUMER_KEYS_BY_TENANT_ID);
        try {
            prepareStatement.setInt(1, i);
            ResultSet executeQuery = prepareStatement.executeQuery();
            while (executeQuery.next()) {
                try {
                    arrayList.add(executeQuery.getString(1));
                } finally {
                }
            }
            if (executeQuery != null) {
                executeQuery.close();
            }
            if (prepareStatement != null) {
                prepareStatement.close();
            }
            return arrayList;
        } catch (Throwable th) {
            if (prepareStatement != null) {
                try {
                    prepareStatement.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private void addScopeValidators(Connection connection, int i, String[] strArr) throws SQLException {
        if (strArr == null || strArr.length <= 0) {
            return;
        }
        LOG.debug(String.format("Adding %d Scope validators registered for OAuth appId %d", Integer.valueOf(strArr.length), Integer.valueOf(i)));
        PreparedStatement prepareStatement = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.ADD_APP_SCOPE_VALIDATOR);
        try {
            for (String str : strArr) {
                prepareStatement.setInt(1, i);
                prepareStatement.setString(2, str);
                prepareStatement.addBatch();
            }
            prepareStatement.executeBatch();
            if (prepareStatement != null) {
                prepareStatement.close();
            }
        } catch (Throwable th) {
            if (prepareStatement != null) {
                try {
                    prepareStatement.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private String[] getScopeValidators(Connection connection, int i) throws SQLException {
        ArrayList arrayList = new ArrayList();
        PreparedStatement prepareStatement = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.GET_APP_SCOPE_VALIDATORS);
        try {
            prepareStatement.setInt(1, i);
            ResultSet executeQuery = prepareStatement.executeQuery();
            while (executeQuery.next()) {
                try {
                    arrayList.add(executeQuery.getString(1));
                } finally {
                }
            }
            if (executeQuery != null) {
                executeQuery.close();
            }
            if (prepareStatement != null) {
                prepareStatement.close();
            }
            if (LOG.isDebugEnabled()) {
                LOG.debug(String.format("Retrieving %d Scope validators registered for OAuth appId %d", Integer.valueOf(arrayList.size()), Integer.valueOf(i)));
            }
            return (String[]) arrayList.toArray(new String[0]);
        } catch (Throwable th) {
            if (prepareStatement != null) {
                try {
                    prepareStatement.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private void updateScopeValidators(Connection connection, int i, String[] strArr) throws SQLException {
        if (LOG.isDebugEnabled()) {
            LOG.debug(String.format("Removing  Scope validators registered for OAuth appId %d", Integer.valueOf(i)));
        }
        PreparedStatement prepareStatement = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.REMOVE_APP_SCOPE_VALIDATORS);
        try {
            prepareStatement.setInt(1, i);
            prepareStatement.execute();
            if (prepareStatement != null) {
                prepareStatement.close();
            }
            addScopeValidators(connection, i, strArr);
        } catch (Throwable th) {
            if (prepareStatement != null) {
                try {
                    prepareStatement.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private void updateAccessTokenClaims(Connection connection, int i, String[] strArr) throws SQLException {
        if (LOG.isDebugEnabled()) {
            LOG.debug(String.format("Removing access token claims for OAuth consumer appId %s", Integer.valueOf(i)));
        }
        PreparedStatement prepareStatement = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.REMOVE_ACCESS_TOKEN_CLAIMS);
        try {
            prepareStatement.setInt(1, i);
            prepareStatement.execute();
            if (prepareStatement != null) {
                prepareStatement.close();
            }
            addAccessTokenClaims(connection, i, strArr);
        } catch (Throwable th) {
            if (prepareStatement != null) {
                try {
                    prepareStatement.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private void addAccessTokenClaims(Connection connection, int i, String[] strArr) throws SQLException {
        if (strArr == null || strArr.length <= 0) {
            return;
        }
        LOG.debug(String.format("Adding %s access token claims registered for OAuth appId %s", Integer.valueOf(strArr.length), Integer.valueOf(i)));
        PreparedStatement prepareStatement = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.INSERT_ACCESS_TOKEN_CLAIMS);
        try {
            for (String str : strArr) {
                prepareStatement.setInt(1, i);
                prepareStatement.setString(2, str);
                prepareStatement.addBatch();
            }
            prepareStatement.executeBatch();
            if (prepareStatement != null) {
                prepareStatement.close();
            }
        } catch (Throwable th) {
            if (prepareStatement != null) {
                try {
                    prepareStatement.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private String[] getAccessTokenClaims(Connection connection, int i) throws SQLException {
        ArrayList arrayList = new ArrayList();
        PreparedStatement prepareStatement = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.GET_ACCESS_TOKEN_CLAIMS);
        try {
            prepareStatement.setInt(1, i);
            ResultSet executeQuery = prepareStatement.executeQuery();
            while (executeQuery.next()) {
                try {
                    arrayList.add(executeQuery.getString(1));
                } finally {
                }
            }
            if (executeQuery != null) {
                executeQuery.close();
            }
            if (prepareStatement != null) {
                prepareStatement.close();
            }
            if (LOG.isDebugEnabled()) {
                LOG.debug(String.format("Retrieving %d access token claims registered for OAuth appId %s", Integer.valueOf(arrayList.size()), Integer.valueOf(i)));
            }
            return (String[]) arrayList.toArray(new String[0]);
        } catch (Throwable th) {
            if (prepareStatement != null) {
                try {
                    prepareStatement.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private int getAppIdByClientId(Connection connection, String str) throws SQLException, InvalidOAuthClientException, IdentityOAuth2Exception {
        int i = 0;
        PreparedStatement prepareStatement = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.GET_APP_ID_BY_CONSUMER_KEY);
        try {
            prepareStatement.setString(1, this.persistenceProcessor.getProcessedClientId(str));
            prepareStatement.setInt(2, IdentityTenantUtil.getLoginTenantId());
            ResultSet executeQuery = prepareStatement.executeQuery();
            boolean z = false;
            while (executeQuery.next()) {
                try {
                    z = true;
                    i = executeQuery.getInt(1);
                } finally {
                }
            }
            if (!z) {
                String str2 = "Cannot find an application associated with the given consumer key : " + str;
                if (LOG.isDebugEnabled()) {
                    LOG.debug(str2);
                }
                throw new InvalidOAuthClientException(str2);
            }
            if (executeQuery != null) {
                executeQuery.close();
            }
            if (prepareStatement != null) {
                prepareStatement.close();
            }
            return i;
        } catch (Throwable th) {
            if (prepareStatement != null) {
                try {
                    prepareStatement.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private void addServiceProviderOIDCProperties(Connection connection, OAuthAppDO oAuthAppDO, String str, int i) throws SQLException {
        PreparedStatement prepareStatement = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.ADD_SP_OIDC_PROPERTY);
        try {
            if (isOIDCAudienceEnabled() && oAuthAppDO.getAudiences() != null) {
                for (String str2 : oAuthAppDO.getAudiences()) {
                    addToBatchForOIDCPropertyAdd(str, i, prepareStatement, OAuth2Util.OPENID_CONNECT_AUDIENCE, str2);
                }
            }
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "requestObjectSigned", String.valueOf(oAuthAppDO.isRequestObjectSignatureValidationEnabled()));
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "idTokenEncrypted", String.valueOf(oAuthAppDO.isIdTokenEncryptionEnabled()));
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "idTokenEncryptionAlgorithm", String.valueOf(oAuthAppDO.getIdTokenEncryptionAlgorithm()));
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "idTokenEncryptionMethod", String.valueOf(oAuthAppDO.getIdTokenEncryptionMethod()));
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "backChannelLogoutURL", oAuthAppDO.getBackChannelLogoutUrl());
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "frontchannelLogoutURL", oAuthAppDO.getFrontchannelLogoutUrl());
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "tokenType", oAuthAppDO.getTokenType());
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "bypassClientCredentials", String.valueOf(oAuthAppDO.isBypassClientCredentials()));
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "renewRefreshToken", oAuthAppDO.getRenewRefreshTokenEnabled());
            if ("None".equalsIgnoreCase(oAuthAppDO.getTokenBindingType())) {
                oAuthAppDO.setTokenBindingType(null);
            }
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "tokenBindingType", oAuthAppDO.getTokenBindingType());
            if (oAuthAppDO.getTokenBindingType() == null) {
                oAuthAppDO.setTokenRevocationWithIDPSessionTerminationEnabled(false);
                oAuthAppDO.setTokenBindingValidationEnabled(false);
            }
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "tokenRevocationWithIDPSessionTermination", String.valueOf(oAuthAppDO.isTokenRevocationWithIDPSessionTerminationEnabled()));
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "tokenBindingValidation", String.valueOf(oAuthAppDO.isTokenBindingValidationEnabled()));
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "tokenEndpointAuthMethod", oAuthAppDO.getTokenEndpointAuthMethod());
            if (oAuthAppDO.isTokenEndpointAllowReusePvtKeyJwt() != null) {
                addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "tokenEndpointAllowReusePvtKeyJwt", String.valueOf(oAuthAppDO.isTokenEndpointAllowReusePvtKeyJwt()));
            }
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "tokenEndpointAuthSigningAlg", oAuthAppDO.getTokenEndpointAuthSignatureAlgorithm());
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "sectorIdentifierUri", oAuthAppDO.getSectorIdentifierURI());
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "idTokenSignedResponseAlg", oAuthAppDO.getIdTokenSignatureAlgorithm());
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "requestObjectSigningAlg", oAuthAppDO.getRequestObjectSignatureAlgorithm());
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "requestObjectEncryptionAlgorithm", oAuthAppDO.getRequestObjectEncryptionAlgorithm());
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "requestObjectEncryptionMethod", oAuthAppDO.getRequestObjectEncryptionMethod());
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "tlsClientAuthSubjectDn", oAuthAppDO.getTlsClientAuthSubjectDN());
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "requirePushAuthorizationRequest", String.valueOf(oAuthAppDO.isRequirePushedAuthorizationRequests()));
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "tlsClientCertificateBoundAccessToken", String.valueOf(oAuthAppDO.isTlsClientCertificateBoundAccessTokens()));
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "subjectType", oAuthAppDO.getSubjectType());
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "isFAPIConformant", String.valueOf(oAuthAppDO.isFapiConformanceEnabled()));
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "isSubjectTokenEnabled", String.valueOf(oAuthAppDO.isSubjectTokenEnabled()));
            if (oAuthAppDO.getSubjectTokenExpiryTime() <= 0) {
                oAuthAppDO.setSubjectTokenExpiryTime(180);
            }
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "subjectTokenExpiryTime", String.valueOf(oAuthAppDO.getSubjectTokenExpiryTime()));
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "hybridFlowEnabled", String.valueOf(oAuthAppDO.isHybridFlowEnabled()));
            addToBatchForOIDCPropertyAdd(str, i, prepareStatement, "hybridFlowResponseType", String.valueOf(oAuthAppDO.getHybridFlowResponseType()));
            prepareStatement.executeBatch();
            if (prepareStatement != null) {
                prepareStatement.close();
            }
        } catch (Throwable th) {
            if (prepareStatement != null) {
                try {
                    prepareStatement.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private void handleSpOIDCProperties(Connection connection, String str, String str2, OAuthAppDO oAuthAppDO) throws IdentityOAuth2Exception {
        setSpOIDCProperties(getSpOIDCProperties(connection, str, str2), oAuthAppDO);
    }

    /* JADX WARN: Finally extract failed */
    private Map<String, List<String>> getSpOIDCProperties(Connection connection, String str, String str2) throws IdentityOAuth2Exception {
        HashMap hashMap = new HashMap();
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = connection.prepareStatement(SQLQueries.OAuthAppDAOSQLQueries.GET_ALL_SP_OIDC_PROPERTIES);
                preparedStatement.setString(1, str);
                preparedStatement.setInt(2, IdentityTenantUtil.getTenantId(str2));
                resultSet = preparedStatement.executeQuery();
                while (resultSet.next()) {
                    ((List) hashMap.computeIfAbsent(resultSet.getString(1), str3 -> {
                        return new ArrayList();
                    })).add(resultSet.getString(2));
                }
                IdentityDatabaseUtil.closeAllConnections((Connection) null, resultSet, preparedStatement);
                return hashMap;
            } catch (SQLException e) {
                throw new IdentityOAuth2Exception("Error occurred while retrieving OIDC properties for client ID: " + str + " and tenant domain: " + str2, e);
            }
        } catch (Throwable th) {
            IdentityDatabaseUtil.closeAllConnections((Connection) null, resultSet, preparedStatement);
            throw th;
        }
    }

    private void setSpOIDCProperties(Map<String, List<String>> map, OAuthAppDO oAuthAppDO) throws IdentityOAuth2ServerException {
        if (isOIDCAudienceEnabled() && CollectionUtils.isNotEmpty(map.get(OAuth2Util.OPENID_CONNECT_AUDIENCE))) {
            ArrayList arrayList = new ArrayList(map.get(OAuth2Util.OPENID_CONNECT_AUDIENCE));
            oAuthAppDO.setAudiences((String[]) arrayList.toArray(new String[arrayList.size()]));
        }
        oAuthAppDO.setRequestObjectSignatureValidationEnabled(Boolean.parseBoolean(getFirstPropertyValue(map, "requestObjectSigned")));
        oAuthAppDO.setIdTokenEncryptionEnabled(Boolean.parseBoolean(getFirstPropertyValue(map, "idTokenEncrypted")));
        oAuthAppDO.setIdTokenEncryptionAlgorithm(getFirstPropertyValue(map, "idTokenEncryptionAlgorithm"));
        oAuthAppDO.setIdTokenEncryptionMethod(getFirstPropertyValue(map, "idTokenEncryptionMethod"));
        oAuthAppDO.setBackChannelLogoutUrl(getFirstPropertyValue(map, "backChannelLogoutURL"));
        oAuthAppDO.setFrontchannelLogoutUrl(getFirstPropertyValue(map, "frontchannelLogoutURL"));
        oAuthAppDO.setTokenType(getFirstPropertyValue(map, "tokenType"));
        oAuthAppDO.setBypassClientCredentials(Boolean.parseBoolean(getFirstPropertyValue(map, "bypassClientCredentials")));
        String firstPropertyValue = getFirstPropertyValue(map, "tokenBindingType");
        if ("None".equalsIgnoreCase(firstPropertyValue)) {
            firstPropertyValue = null;
        }
        oAuthAppDO.setTokenBindingType(firstPropertyValue);
        if (firstPropertyValue == null) {
            oAuthAppDO.setTokenRevocationWithIDPSessionTerminationEnabled(false);
            oAuthAppDO.setTokenBindingValidationEnabled(false);
        } else {
            oAuthAppDO.setTokenRevocationWithIDPSessionTerminationEnabled(Boolean.parseBoolean(getFirstPropertyValue(map, "tokenRevocationWithIDPSessionTermination")));
            oAuthAppDO.setTokenBindingValidationEnabled(Boolean.parseBoolean(getFirstPropertyValue(map, "tokenBindingValidation")));
        }
        oAuthAppDO.setRenewRefreshTokenEnabled(getFirstPropertyValue(map, "renewRefreshToken"));
        String firstPropertyValue2 = getFirstPropertyValue(map, "tokenEndpointAuthMethod");
        if (firstPropertyValue2 != null) {
            oAuthAppDO.setTokenEndpointAuthMethod(firstPropertyValue2);
        }
        String valueOfTokenEPAllowReusePvtKeyJwt = OAuthUtil.getValueOfTokenEPAllowReusePvtKeyJwt(getFirstPropertyValue(map, "tokenEndpointAllowReusePvtKeyJwt"), firstPropertyValue2);
        if (valueOfTokenEPAllowReusePvtKeyJwt != null && !valueOfTokenEPAllowReusePvtKeyJwt.equals("null")) {
            oAuthAppDO.setTokenEndpointAllowReusePvtKeyJwt(Boolean.valueOf(Boolean.parseBoolean(valueOfTokenEPAllowReusePvtKeyJwt)));
        }
        String firstPropertyValue3 = getFirstPropertyValue(map, "tokenEndpointAuthSigningAlg");
        if (firstPropertyValue3 != null) {
            oAuthAppDO.setTokenEndpointAuthSignatureAlgorithm(firstPropertyValue3);
        }
        String firstPropertyValue4 = getFirstPropertyValue(map, "sectorIdentifierUri");
        if (firstPropertyValue4 != null) {
            oAuthAppDO.setSectorIdentifierURI(firstPropertyValue4);
        }
        String firstPropertyValue5 = getFirstPropertyValue(map, "idTokenSignedResponseAlg");
        if (firstPropertyValue5 != null) {
            oAuthAppDO.setIdTokenSignatureAlgorithm(firstPropertyValue5);
        }
        String firstPropertyValue6 = getFirstPropertyValue(map, "requestObjectSigningAlg");
        if (firstPropertyValue6 != null) {
            oAuthAppDO.setRequestObjectSignatureAlgorithm(firstPropertyValue6);
        }
        String firstPropertyValue7 = getFirstPropertyValue(map, "tlsClientAuthSubjectDn");
        if (firstPropertyValue7 != null) {
            oAuthAppDO.setTlsClientAuthSubjectDN(firstPropertyValue7);
        }
        String firstPropertyValue8 = getFirstPropertyValue(map, "subjectType");
        if (firstPropertyValue8 != null) {
            oAuthAppDO.setSubjectType(firstPropertyValue8);
        }
        String firstPropertyValue9 = getFirstPropertyValue(map, "requestObjectEncryptionAlgorithm");
        if (firstPropertyValue9 != null) {
            oAuthAppDO.setRequestObjectEncryptionAlgorithm(firstPropertyValue9);
        }
        String firstPropertyValue10 = getFirstPropertyValue(map, "requestObjectEncryptionMethod");
        if (firstPropertyValue10 != null) {
            oAuthAppDO.setRequestObjectEncryptionMethod(firstPropertyValue10);
        }
        String firstPropertyValue11 = getFirstPropertyValue(map, "requirePushAuthorizationRequest");
        if (firstPropertyValue11 != null) {
            oAuthAppDO.setRequirePushedAuthorizationRequests(Boolean.parseBoolean(firstPropertyValue11));
        }
        String firstPropertyValue12 = getFirstPropertyValue(map, "tlsClientCertificateBoundAccessToken");
        if (firstPropertyValue12 != null) {
            oAuthAppDO.setTlsClientCertificateBoundAccessTokens(Boolean.parseBoolean(firstPropertyValue12));
        }
        String firstPropertyValue13 = getFirstPropertyValue(map, "isFAPIConformant");
        if (firstPropertyValue13 != null) {
            oAuthAppDO.setFapiConformanceEnabled(Boolean.parseBoolean(firstPropertyValue13));
        }
        String firstPropertyValue14 = getFirstPropertyValue(map, "isSubjectTokenEnabled");
        if (firstPropertyValue14 != null) {
            oAuthAppDO.setSubjectTokenEnabled(Boolean.parseBoolean(firstPropertyValue14));
        }
        String firstPropertyValue15 = getFirstPropertyValue(map, "subjectTokenExpiryTime");
        if (firstPropertyValue15 != null) {
            oAuthAppDO.setSubjectTokenExpiryTime(Integer.parseInt(firstPropertyValue15));
        }
        oAuthAppDO.setHybridFlowEnabled(Boolean.parseBoolean(getFirstPropertyValue(map, "hybridFlowEnabled")));
        oAuthAppDO.setHybridFlowResponseType(getFirstPropertyValue(map, "hybridFlowResponseType"));
    }

    private String getFirstPropertyValue(Map<String, List<String>> map, String str) {
        if (CollectionUtils.isNotEmpty(map.get(str))) {
            return map.get(str).get(0);
        }
        return null;
    }

    private boolean isOIDCAudienceEnabled() {
        return OAuth2ServiceComponentHolder.isAudienceEnabled();
    }

    private void handleRequestForANonExistingConsumerKey(String str) throws InvalidOAuthClientException {
        if (LOG.isDebugEnabled()) {
            LOG.debug("Cannot find an application associated with the given consumer key: " + str);
        }
        throw new InvalidOAuthClientException("application.not.found");
    }

    private void handleRequestForANonExistingApp(String str) throws InvalidOAuthClientException {
        String str2 = "Cannot find an application associated with the given appName : " + str;
        if (LOG.isDebugEnabled()) {
            LOG.debug(str2);
        }
        throw new InvalidOAuthClientException(str2);
    }

    public boolean isClientIDUniqueConstraintExistsInConsumerAppsTable() throws IdentityOAuth2Exception {
        String str = SQLQueries.OAuthAppDAOSQLQueries.CHECK_CONSUMER_KEY_CONSTRAINT_ON_CONSUMER_APPS_TABLE;
        String str2 = CONSUMER_APPS_TABLE_NAME;
        String str3 = CONSUMER_KEY;
        try {
            Connection dBConnection = IdentityDatabaseUtil.getDBConnection(false);
            try {
                DatabaseMetaData metaData = dBConnection.getMetaData();
                if (JdbcUtils.isDB2DB()) {
                    str = SQLQueries.OAuthAppDAOSQLQueries.CHECK_CONSUMER_KEY_CONSTRAINT_ON_CONSUMER_APPS_TABLE_DB2;
                } else if (JdbcUtils.isOracleDB()) {
                    str = SQLQueries.OAuthAppDAOSQLQueries.CHECK_CONSUMER_KEY_CONSTRAINT_ON_CONSUMER_APPS_TABLE_ORACLE;
                }
                if (metaData.storesLowerCaseIdentifiers()) {
                    str2 = str2.toLowerCase();
                    str3 = str3.toLowerCase();
                }
                PreparedStatement prepareStatement = dBConnection.prepareStatement(str);
                try {
                    prepareStatement.setString(1, str2);
                    prepareStatement.setString(2, str3);
                    ResultSet executeQuery = prepareStatement.executeQuery();
                    try {
                        boolean next = executeQuery.next();
                        if (executeQuery != null) {
                            executeQuery.close();
                        }
                        if (prepareStatement != null) {
                            prepareStatement.close();
                        }
                        if (dBConnection != null) {
                            dBConnection.close();
                        }
                        return next;
                    } catch (Throwable th) {
                        if (executeQuery != null) {
                            try {
                                executeQuery.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                    }
                } catch (Throwable th3) {
                    if (prepareStatement != null) {
                        try {
                            prepareStatement.close();
                        } catch (Throwable th4) {
                            th3.addSuppressed(th4);
                        }
                    }
                    throw th3;
                }
            } catch (Throwable th5) {
                if (dBConnection != null) {
                    try {
                        dBConnection.close();
                    } catch (Throwable th6) {
                        th5.addSuppressed(th6);
                    }
                }
                throw th5;
            }
        } catch (DataAccessException e) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Error while checking for the database type.", e);
            }
            throw new IdentityOAuth2Exception("Error while checking for the database type.", e);
        } catch (SQLException e2) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Error while checking client ID unique constraint in the IDN_OAUTH_CONSUMER_APPS table.", e2);
            }
            throw new IdentityOAuth2Exception("Error while checking client ID unique constraint in the IDN_OAUTH_CONSUMER_APPS table.", e2);
        }
    }

    private void resolveCallbackFromServerConfigForSystemApps(String str, OAuthAppDO oAuthAppDO) {
        if (ApplicationMgtUtil.isConsole(oAuthAppDO.getApplicationName())) {
            String consoleCallbackFromServerConfig = OAuth2Util.getConsoleCallbackFromServerConfig(str);
            if (StringUtils.isNotBlank(consoleCallbackFromServerConfig)) {
                oAuthAppDO.setCallbackUrl(consoleCallbackFromServerConfig);
            }
        }
        if (ApplicationMgtUtil.isMyAccount(oAuthAppDO.getApplicationName())) {
            String myAccountCallbackFromServerConfig = OAuth2Util.getMyAccountCallbackFromServerConfig(str);
            if (StringUtils.isNotBlank(myAccountCallbackFromServerConfig)) {
                oAuthAppDO.setCallbackUrl(myAccountCallbackFromServerConfig);
            }
        }
    }

    private boolean isRootOrganization(int i) throws IdentityOAuth2Exception {
        try {
            return !OrganizationManagementUtil.isOrganization(i);
        } catch (OrganizationManagementException e) {
            throw new IdentityOAuth2Exception("Error occurred while checking if given tenant with id: " + i + " is a root organization.", (Throwable) e);
        }
    }

    private boolean isAccessTokenClaimsSeparationFeatureEnabled() {
        return Boolean.parseBoolean(IdentityUtil.getProperty("OAuth.OpenIDConnect.EnableClaimsSeparationForAccessToken"));
    }
}
