package org.wso2.carbon.identity.sso.saml.internal;

import java.io.ByteArrayInputStream;
import java.io.StringWriter;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.context.RegistryType;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
import org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig;
import org.wso2.carbon.identity.application.common.model.ServiceProvider;
import org.wso2.carbon.identity.application.mgt.listener.AbstractApplicationMgtListener;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.sso.saml.SAMLSSOConfigService;
import org.wso2.carbon.identity.sso.saml.dto.SAMLSSOServiceProviderDTO;
import org.wso2.carbon.identity.sso.saml.dto.SAMLSSOServiceProviderInfoDTO;
import org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil;
import org.wso2.carbon.registry.core.Registry;

/* loaded from: input_file:org/wso2/carbon/identity/sso/saml/internal/SAMLApplicationMgtListener.class */
public class SAMLApplicationMgtListener extends AbstractApplicationMgtListener {
    private static final Log log = LogFactory.getLog(SAMLApplicationMgtListener.class);
    public static final String SAMLSSO = "samlsso";

    public int getDefaultOrderId() {
        return 900;
    }

    public boolean doPreUpdateApplication(ServiceProvider serviceProvider, String str, String str2) throws IdentityApplicationManagementException {
        handleSAMLInboundAssociationRemoval(serviceProvider);
        return true;
    }

    public boolean doPreDeleteApplication(String str, String str2, String str3) throws IdentityApplicationManagementException {
        ServiceProvider applicationExcludingFileBasedSPs = SAMLSSOUtil.getApplicationMgtService().getApplicationExcludingFileBasedSPs(str, str2);
        if (applicationExcludingFileBasedSPs == null) {
            return true;
        }
        String sAMLIssuer = getSAMLIssuer(applicationExcludingFileBasedSPs);
        if (!StringUtils.isNotBlank(sAMLIssuer)) {
            return true;
        }
        try {
            if (log.isDebugEnabled()) {
                log.debug("Removing SAML inbound data for issuer: " + sAMLIssuer + " associated with service provider: " + str + " of tenantDomain: " + str2);
            }
            SAMLSSOUtil.getSAMLSSOConfigService().removeServiceProvider(sAMLIssuer);
            return true;
        } catch (IdentityException e) {
            throw new IdentityApplicationManagementException(String.format("Error removing SAML inbound data for issuer: %s associated with service provider: %s of tenantDomain: %s during application delete.", sAMLIssuer, str, str2), e);
        }
    }

    private void handleSAMLInboundAssociationRemoval(ServiceProvider serviceProvider) throws IdentityApplicationManagementException {
        int applicationID = serviceProvider.getApplicationID();
        String sAMLIssuer = getSAMLIssuer(SAMLSSOUtil.getApplicationMgtService().getServiceProvider(applicationID));
        if (isSAMLInboundAssociationRemoved(sAMLIssuer, getSAMLIssuer(serviceProvider))) {
            if (log.isDebugEnabled()) {
                log.debug("SAML inbound with issuer: " + sAMLIssuer + " has been removed from service provider with id: " + applicationID + ". Removing the stale SAML inbound data for issuer: " + sAMLIssuer);
            }
            try {
                SAMLSSOUtil.getSAMLSSOConfigService().removeServiceProvider(sAMLIssuer);
            } catch (IdentityException e) {
                throw new IdentityApplicationManagementException(String.format("Error removing SAML inbound data for issuer: %s associated with service provider with id: %s during application update.", sAMLIssuer, Integer.valueOf(applicationID)), e);
            }
        }
    }

    private boolean isSAMLInboundAssociationRemoved(String str, String str2) {
        return str != null && str2 == null;
    }

    private String getSAMLIssuer(ServiceProvider serviceProvider) {
        if (serviceProvider == null || serviceProvider.getInboundAuthenticationConfig() == null || !ArrayUtils.isNotEmpty(serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs())) {
            return null;
        }
        return (String) Arrays.stream(serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs()).filter(inboundAuthenticationRequestConfig -> {
            return "samlsso".equals(inboundAuthenticationRequestConfig.getInboundAuthType());
        }).findAny().map((v0) -> {
            return v0.getInboundAuthKey();
        }).orElse(null);
    }

    public void onPreCreateInbound(ServiceProvider serviceProvider, boolean z) throws IdentityApplicationManagementException {
        if (serviceProvider.getInboundAuthenticationConfig() == null || serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs() == null) {
            return;
        }
        for (InboundAuthenticationRequestConfig inboundAuthenticationRequestConfig : serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs()) {
            if (StringUtils.equals(inboundAuthenticationRequestConfig.getInboundAuthType(), "samlsso")) {
                if (inboundAuthenticationRequestConfig.getInboundConfiguration() != null) {
                    validateSAMLSP(inboundAuthenticationRequestConfig, serviceProvider.getApplicationName(), serviceProvider.getOwner().getTenantDomain(), z);
                    return;
                }
                return;
            }
        }
    }

    public void doImportServiceProvider(ServiceProvider serviceProvider) throws IdentityApplicationManagementException {
        try {
            if (serviceProvider.getInboundAuthenticationConfig() != null && serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs() != null) {
                for (InboundAuthenticationRequestConfig inboundAuthenticationRequestConfig : serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs()) {
                    if (StringUtils.equals(inboundAuthenticationRequestConfig.getInboundAuthType(), "samlsso")) {
                        String inboundConfiguration = inboundAuthenticationRequestConfig.getInboundConfiguration();
                        if (StringUtils.isEmpty(inboundConfiguration)) {
                            throw new IdentityApplicationManagementException(String.format("No inbound configurations found for oauth in the imported %s", serviceProvider.getApplicationName()));
                        }
                        String inboundAuthKey = inboundAuthenticationRequestConfig.getInboundAuthKey();
                        SAMLSSOServiceProviderDTO unmarshelSAMLSSOServiceProviderDTO = unmarshelSAMLSSOServiceProviderDTO(inboundConfiguration, serviceProvider.getApplicationName(), serviceProvider.getOwner().getTenantDomain());
                        SAMLSSOConfigService sAMLSSOConfigService = new SAMLSSOConfigService();
                        try {
                            SAMLSSOServiceProviderDTO sAMLSSOServiceProviderDTO = null;
                            SAMLSSOServiceProviderInfoDTO serviceProviders = sAMLSSOConfigService.getServiceProviders();
                            if (serviceProviders != null) {
                                SAMLSSOServiceProviderDTO[] serviceProviders2 = serviceProviders.getServiceProviders();
                                int length = serviceProviders2.length;
                                int i = 0;
                                while (true) {
                                    if (i >= length) {
                                        break;
                                    }
                                    SAMLSSOServiceProviderDTO sAMLSSOServiceProviderDTO2 = serviceProviders2[i];
                                    String issuer = sAMLSSOServiceProviderDTO2.getIssuer();
                                    if (sAMLSSOServiceProviderDTO2.getIssuerQualifier() != null) {
                                        issuer = SAMLSSOUtil.getIssuerWithQualifier(issuer, sAMLSSOServiceProviderDTO2.getIssuerQualifier());
                                    }
                                    if (issuer.equals(inboundAuthKey)) {
                                        sAMLSSOServiceProviderDTO = sAMLSSOServiceProviderDTO2;
                                        break;
                                    }
                                    i++;
                                }
                            }
                            if (sAMLSSOServiceProviderDTO != null) {
                                sAMLSSOConfigService.removeServiceProvider(unmarshelSAMLSSOServiceProviderDTO.getIssuer());
                            }
                        } catch (IdentityException e) {
                        }
                        sAMLSSOConfigService.addRPServiceProvider(unmarshelSAMLSSOServiceProviderDTO);
                        return;
                    }
                }
            }
        } catch (IdentityException e2) {
            throw new IdentityApplicationManagementException("Error occurred when importing SAML application ", e2);
        }
    }

    public void doExportServiceProvider(ServiceProvider serviceProvider, Boolean bool) throws IdentityApplicationManagementException {
        try {
            if (serviceProvider.getInboundAuthenticationConfig() != null && serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs() != null) {
                for (InboundAuthenticationRequestConfig inboundAuthenticationRequestConfig : serviceProvider.getInboundAuthenticationConfig().getInboundAuthenticationRequestConfigs()) {
                    if (StringUtils.equals(inboundAuthenticationRequestConfig.getInboundAuthType(), "samlsso")) {
                        SAMLSSOServiceProviderDTO sAMLSSOServiceProviderDTO = null;
                        SAMLSSOServiceProviderInfoDTO serviceProviders = new SAMLSSOConfigService().getServiceProviders();
                        if (serviceProviders != null) {
                            SAMLSSOServiceProviderDTO[] serviceProviders2 = serviceProviders.getServiceProviders();
                            int length = serviceProviders2.length;
                            int i = 0;
                            while (true) {
                                if (i >= length) {
                                    break;
                                }
                                SAMLSSOServiceProviderDTO sAMLSSOServiceProviderDTO2 = serviceProviders2[i];
                                if (sAMLSSOServiceProviderDTO2.getIssuer().equals(inboundAuthenticationRequestConfig.getInboundAuthKey())) {
                                    if (sAMLSSOServiceProviderDTO2.getIssuerQualifier() != null) {
                                        sAMLSSOServiceProviderDTO2.setIssuer(SAMLSSOUtil.getIssuerWithoutQualifier(sAMLSSOServiceProviderDTO2.getIssuer()));
                                    }
                                    sAMLSSOServiceProviderDTO = sAMLSSOServiceProviderDTO2;
                                } else {
                                    i++;
                                }
                            }
                        }
                        if (sAMLSSOServiceProviderDTO == null) {
                            throw new IdentityApplicationManagementException(String.format("There is no saml configured with %s", inboundAuthenticationRequestConfig.getInboundAuthKey()));
                        }
                        Marshaller createMarshaller = JAXBContext.newInstance(new Class[]{SAMLSSOServiceProviderDTO.class}).createMarshaller();
                        createMarshaller.setProperty("jaxb.formatted.output", true);
                        StringWriter stringWriter = new StringWriter();
                        createMarshaller.marshal(sAMLSSOServiceProviderDTO, stringWriter);
                        inboundAuthenticationRequestConfig.setInboundConfiguration(stringWriter.toString());
                        return;
                    }
                }
            }
        } catch (JAXBException e) {
            throw new IdentityApplicationManagementException(String.format("Error in exporting SAML application %s@%s", serviceProvider.getApplicationName(), serviceProvider.getOwner().getTenantDomain()), e);
        } catch (IdentityException e2) {
            throw new IdentityApplicationManagementException("Error occurred when retrieving SAML application ", e2);
        }
    }

    private Registry getConfigSystemRegistry() {
        return PrivilegedCarbonContext.getThreadLocalCarbonContext().getRegistry(RegistryType.SYSTEM_CONFIGURATION);
    }

    /* JADX WARN: Code restructure failed: missing block: B:28:0x00cd, code lost:
    
        r0.add(java.lang.String.format("Already a SAML configuration available with %s", r8.getInboundAuthKey()));
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void validateSAMLSP(org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig r8, java.lang.String r9, java.lang.String r10, boolean r11) throws org.wso2.carbon.identity.application.common.IdentityApplicationManagementValidationException {
        /*
            Method dump skipped, instructions count: 276
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.wso2.carbon.identity.sso.saml.internal.SAMLApplicationMgtListener.validateSAMLSP(org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig, java.lang.String, java.lang.String, boolean):void");
    }

    private SAMLSSOServiceProviderDTO unmarshelSAMLSSOServiceProviderDTO(String str, String str2, String str3) throws IdentityApplicationManagementException {
        try {
            return (SAMLSSOServiceProviderDTO) JAXBContext.newInstance(new Class[]{SAMLSSOServiceProviderDTO.class}).createUnmarshaller().unmarshal(new ByteArrayInputStream(str.getBytes(StandardCharsets.UTF_8)));
        } catch (JAXBException e) {
            throw new IdentityApplicationManagementException(String.format("Error in unmarshelling SAML application %s@%s", str2, str3), e);
        }
    }
}
