package org.wso2.carbon.identity.oauth.dcr;

import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.wso2.carbon.identity.configuration.mgt.core.ConfigurationManager;
import org.wso2.carbon.identity.configuration.mgt.core.constant.ConfigurationConstants;
import org.wso2.carbon.identity.configuration.mgt.core.exception.ConfigurationManagementException;
import org.wso2.carbon.identity.configuration.mgt.core.model.Attribute;
import org.wso2.carbon.identity.configuration.mgt.core.model.Resource;
import org.wso2.carbon.identity.configuration.mgt.core.model.ResourceAdd;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.oauth.dcr.DCRMConstants;
import org.wso2.carbon.identity.oauth.dcr.exception.DCRMClientException;
import org.wso2.carbon.identity.oauth.dcr.exception.DCRMServerException;
import org.wso2.carbon.identity.oauth.dcr.internal.DCRDataHolder;
import org.wso2.carbon.identity.oauth.dcr.model.DCRConfiguration;
import org.wso2.carbon.identity.oauth.dcr.util.DCRConfigErrorUtils;

/* loaded from: input_file:org/wso2/carbon/identity/oauth/dcr/DCRConfigurationMgtServiceImpl.class */
public class DCRConfigurationMgtServiceImpl implements DCRConfigurationMgtService {
    @Override // org.wso2.carbon.identity.oauth.dcr.DCRConfigurationMgtService
    public DCRConfiguration getDCRConfiguration() throws DCRMServerException {
        try {
            Resource resource = getResource(DCRMConstants.DCR_CONFIG_RESOURCE_TYPE_NAME, DCRMConstants.DCR_CONFIG_RESOURCE_NAME);
            DCRConfiguration dCRServerConfiguration = getDCRServerConfiguration();
            if (resource != null) {
                overrideDCRServerConfigsWithDCRResourceConfig(resource, dCRServerConfiguration);
            }
            return dCRServerConfiguration;
        } catch (ConfigurationManagementException e) {
            throw DCRConfigErrorUtils.handleServerException(DCRMConstants.DCRConfigErrorMessage.ERROR_CODE_DCR_CONFIGURATION_RETRIEVE, e, new String[0]);
        }
    }

    @Override // org.wso2.carbon.identity.oauth.dcr.DCRConfigurationMgtService
    public void setDCRConfiguration(DCRConfiguration dCRConfiguration) throws DCRMServerException, DCRMClientException {
        try {
            validateMandateSSA(dCRConfiguration);
            getConfigurationManager().replaceResource(DCRMConstants.DCR_CONFIG_RESOURCE_TYPE_NAME, parseConfig(dCRConfiguration));
        } catch (ConfigurationManagementException e) {
            throw DCRConfigErrorUtils.handleServerException(DCRMConstants.DCRConfigErrorMessage.ERROR_CODE_DCR_CONFIGURATION_RETRIEVE, e, new String[0]);
        }
    }

    private Resource getResource(String str, String str2) throws ConfigurationManagementException {
        try {
            return getConfigurationManager().getResource(str, str2);
        } catch (ConfigurationManagementException e) {
            if (ConfigurationConstants.ErrorMessages.ERROR_CODE_RESOURCE_DOES_NOT_EXISTS.getCode().equals(e.getErrorCode()) || ConfigurationConstants.ErrorMessages.ERROR_CODE_RESOURCE_TYPE_DOES_NOT_EXISTS.getCode().equals(e.getErrorCode())) {
                return null;
            }
            throw e;
        }
    }

    private ConfigurationManager getConfigurationManager() {
        return DCRDataHolder.getInstance().getConfigurationManager();
    }

    private DCRConfiguration getDCRServerConfiguration() {
        DCRConfiguration dCRConfiguration = new DCRConfiguration();
        Boolean booleanFromString = getBooleanFromString(IdentityUtil.getProperty("OAuth.DCRM.EnableFAPIEnforcement"));
        Boolean booleanFromString2 = getBooleanFromString(IdentityUtil.getProperty("OAuth.DCRM.ClientAuthenticationRequired"));
        Boolean booleanFromString3 = getBooleanFromString(IdentityUtil.getProperty("OAuth.DCRM.MandatorySoftwareStatement"));
        String property = IdentityUtil.getProperty("OAuth.DCRM.SoftwareStatementJWKS");
        dCRConfiguration.setEnableFapiEnforcement(booleanFromString);
        dCRConfiguration.setAuthenticationRequired(booleanFromString2);
        dCRConfiguration.setMandateSSA(booleanFromString3);
        dCRConfiguration.setSsaJwks(property);
        return dCRConfiguration;
    }

    private Boolean getBooleanFromString(String str) {
        if (str != null) {
            return Boolean.valueOf(Boolean.parseBoolean(str));
        }
        return null;
    }

    private void overrideDCRServerConfigsWithDCRResourceConfig(Resource resource, DCRConfiguration dCRConfiguration) {
        if (resource.isHasAttribute()) {
            Map<String, String> attributeMap = getAttributeMap(resource.getAttributes());
            Boolean booleanFromString = getBooleanFromString(attributeMap.get(DCRMConstants.ENABLE_FAPI_ENFORCEMENT));
            Boolean booleanFromString2 = getBooleanFromString(attributeMap.get(DCRMConstants.CLIENT_AUTHENTICATION_REQUIRED));
            Boolean booleanFromString3 = getBooleanFromString(attributeMap.get(DCRMConstants.MANDATE_SSA));
            String str = attributeMap.get(DCRMConstants.SSA_JWKS);
            if (booleanFromString != null) {
                dCRConfiguration.setEnableFapiEnforcement(booleanFromString);
            }
            if (booleanFromString2 != null) {
                dCRConfiguration.setAuthenticationRequired(booleanFromString2);
            }
            if (str != null) {
                dCRConfiguration.setSsaJwks(str);
            }
            if (booleanFromString3 != null) {
                dCRConfiguration.setMandateSSA(booleanFromString3);
            }
        }
    }

    private Map<String, String> getAttributeMap(List<Attribute> list) {
        return CollectionUtils.isNotEmpty(list) ? (Map) list.stream().collect(Collectors.toMap((v0) -> {
            return v0.getKey();
        }, (v0) -> {
            return v0.getValue();
        })) : Collections.emptyMap();
    }

    private void validateMandateSSA(DCRConfiguration dCRConfiguration) throws DCRMClientException {
        if (Boolean.FALSE.equals(dCRConfiguration.getAuthenticationRequired()) && !Boolean.TRUE.equals(dCRConfiguration.getMandateSSA())) {
            throw DCRConfigErrorUtils.handleClientException(DCRMConstants.DCRConfigErrorMessage.ERROR_CODE_SSA_NOT_MANDATED, new String[0]);
        }
        if (Boolean.TRUE.equals(dCRConfiguration.getMandateSSA()) && StringUtils.isBlank(dCRConfiguration.getSsaJwks())) {
            throw DCRConfigErrorUtils.handleClientException(DCRMConstants.DCRConfigErrorMessage.ERROR_CODE_SSA_JWKS_REQUIRED, new String[0]);
        }
    }

    private ResourceAdd parseConfig(DCRConfiguration dCRConfiguration) {
        ResourceAdd resourceAdd = new ResourceAdd();
        resourceAdd.setName(DCRMConstants.DCR_CONFIG_RESOURCE_NAME);
        ArrayList arrayList = new ArrayList();
        String valueOf = dCRConfiguration.getEnableFapiEnforcement() != null ? String.valueOf(dCRConfiguration.getEnableFapiEnforcement()) : null;
        String valueOf2 = dCRConfiguration.getAuthenticationRequired() != null ? String.valueOf(dCRConfiguration.getAuthenticationRequired()) : null;
        String valueOf3 = dCRConfiguration.getMandateSSA() != null ? String.valueOf(dCRConfiguration.getMandateSSA()) : null;
        String ssaJwks = dCRConfiguration.getSsaJwks();
        addAttribute(arrayList, DCRMConstants.ENABLE_FAPI_ENFORCEMENT, valueOf);
        addAttribute(arrayList, DCRMConstants.CLIENT_AUTHENTICATION_REQUIRED, valueOf2);
        addAttribute(arrayList, DCRMConstants.SSA_JWKS, ssaJwks);
        addAttribute(arrayList, DCRMConstants.MANDATE_SSA, valueOf3);
        resourceAdd.setAttributes(arrayList);
        return resourceAdd;
    }

    private void addAttribute(List<Attribute> list, String str, String str2) {
        if (StringUtils.isNotBlank(str2)) {
            Attribute attribute = new Attribute();
            attribute.setKey(str);
            attribute.setValue(str2);
            list.add(attribute);
        }
    }
}
