package org.wso2.carbon.identity.scim2.common.listener;

import java.time.Instant;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.core.AbstractIdentityUserOperationEventListener;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.scim2.common.exceptions.IdentitySCIMException;
import org.wso2.carbon.identity.scim2.common.group.SCIMGroupHandler;
import org.wso2.carbon.identity.scim2.common.utils.SCIMCommonConstants;
import org.wso2.carbon.identity.scim2.common.utils.SCIMCommonUtils;
import org.wso2.carbon.user.api.Permission;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.carbon.user.core.UserStoreManager;
import org.wso2.carbon.user.core.common.AbstractUserStoreManager;
import org.wso2.carbon.user.core.common.User;
import org.wso2.carbon.user.core.util.UserCoreUtil;
import org.wso2.charon3.core.utils.AttributeUtil;

/* loaded from: input_file:org/wso2/carbon/identity/scim2/common/listener/SCIMUserOperationListener.class */
public class SCIMUserOperationListener extends AbstractIdentityUserOperationEventListener {
    private static final Log log = LogFactory.getLog(SCIMUserOperationListener.class);

    public int getExecutionOrderId() {
        int orderId = getOrderId();
        if (orderId != -1) {
            return orderId;
        }
        return 90;
    }

    public boolean doPreAddUserWithID(String str, Object obj, String[] strArr, Map<String, String> map, String str2, UserStoreManager userStoreManager) throws UserStoreException {
        try {
            if (!isEnable() || userStoreManager == null || !userStoreManager.isSCIMEnabled()) {
                return true;
            }
            populateSCIMAttributes(str, map);
            return true;
        } catch (org.wso2.carbon.user.api.UserStoreException e) {
            throw new UserStoreException("Error while reading isScimEnabled from userstore manager", e);
        }
    }

    public boolean doPostAddUserWithID(User user, Object obj, String[] strArr, Map<String, String> map, String str, UserStoreManager userStoreManager) throws UserStoreException {
        try {
            if (!isEnable() || userStoreManager == null || !userStoreManager.isSCIMEnabled()) {
                return true;
            }
            String str2 = SCIMCommonUtils.getSCIMtoLocalMappings().get("urn:ietf:params:scim:schemas:core:2.0:id");
            if (!StringUtils.isBlank(user.getUserID())) {
                return true;
            }
            String uuid = UUID.randomUUID().toString();
            map.put(str2, uuid);
            userStoreManager.setUserClaimValue(user.getUsername(), str2, uuid, SCIMCommonConstants.DEFAULT);
            return true;
        } catch (org.wso2.carbon.user.api.UserStoreException e) {
            throw new UserStoreException("Error while reading isSCIMEnabled from user store manager", e);
        }
    }

    public boolean doPostUpdateCredentialWithID(String str, Object obj, UserStoreManager userStoreManager) throws UserStoreException {
        return doPostUpdateCredentialByAdminWithID(str, obj, userStoreManager);
    }

    public boolean doPostUpdateCredentialByAdminWithID(String str, Object obj, UserStoreManager userStoreManager) throws UserStoreException {
        try {
            if (!isEnable() || userStoreManager == null || !userStoreManager.isSCIMEnabled()) {
                return true;
            }
            if (!(userStoreManager instanceof AbstractUserStoreManager)) {
                return true;
            }
            try {
                ((AbstractUserStoreManager) userStoreManager).setUserClaimValueWithID(str, "urn:ietf:params:scim:schemas:core:2.0:meta.lastModified", AttributeUtil.formatDateTime(Instant.now()), (String) null);
                return true;
            } catch (org.wso2.carbon.user.api.UserStoreException e) {
                if (!e.getMessage().contains("UserNotFound")) {
                    throw new UserStoreException("Error updating SCIM metadata in doPostUpdateCredentialByAdmin listener", e);
                }
                if (!log.isDebugEnabled()) {
                    return true;
                }
                log.debug("User " + str + " doesn't exist");
                return true;
            }
        } catch (org.wso2.carbon.user.api.UserStoreException e2) {
            throw new UserStoreException("Error while reading isScimEnabled from userstore manager", e2);
        }
    }

    public boolean doPostSetUserClaimValueWithID(String str, UserStoreManager userStoreManager) throws UserStoreException {
        return true;
    }

    public boolean doPreSetUserClaimValuesWithID(String str, Map<String, String> map, String str2, UserStoreManager userStoreManager) throws UserStoreException {
        try {
            if (!isEnable() || userStoreManager == null || !userStoreManager.isSCIMEnabled()) {
                return true;
            }
            if (userStoreManager.isReadOnly()) {
                return true;
            }
            map.put(SCIMCommonUtils.getSCIMtoLocalMappings().get("urn:ietf:params:scim:schemas:core:2.0:meta.lastModified"), AttributeUtil.formatDateTime(Instant.now()));
            return true;
        } catch (org.wso2.carbon.user.api.UserStoreException e) {
            throw new UserStoreException("Error while reading isScimEnabled from userstore manager", e);
        }
    }

    public boolean doPostAddInternalRoleWithID(String str, String[] strArr, Permission[] permissionArr, UserStoreManager userStoreManager) throws UserStoreException {
        return doPostAddRoleWithID(str, strArr, permissionArr, userStoreManager);
    }

    public boolean doPostAddRoleWithID(String str, String[] strArr, Permission[] permissionArr, UserStoreManager userStoreManager) throws UserStoreException {
        try {
            if (!isEnable() || userStoreManager == null) {
                return true;
            }
            if (userStoreManager.isSCIMEnabled() || !SCIMCommonUtils.isHybridRole(str)) {
                if (userStoreManager.isSCIMEnabled()) {
                    return postAddRole(str, userStoreManager);
                }
                return true;
            }
            if (log.isDebugEnabled()) {
                log.debug("Persisting SCIM metadata for hybrid role: " + str + ", created while SCIM is disabled in the user store.");
            }
            return postAddRole(str, userStoreManager);
        } catch (org.wso2.carbon.user.api.UserStoreException e) {
            throw new UserStoreException("Error while reading isScimEnabled from userstore manager", e);
        }
    }

    private boolean postAddRole(String str, UserStoreManager userStoreManager) throws UserStoreException {
        try {
            SCIMGroupHandler sCIMGroupHandler = new SCIMGroupHandler(userStoreManager.getTenantId());
            String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration());
            if (domainName == null) {
                domainName = "PRIMARY";
            }
            String groupNameWithDomain = SCIMCommonUtils.getGroupNameWithDomain(UserCoreUtil.addDomainToName(str, domainName));
            try {
                if (!sCIMGroupHandler.isGroupExisting(groupNameWithDomain)) {
                    sCIMGroupHandler.addMandatoryAttributes(groupNameWithDomain);
                }
                return true;
            } catch (IdentitySCIMException e) {
                throw new UserStoreException("Error retrieving group information from SCIM Tables.", e);
            }
        } catch (org.wso2.carbon.user.api.UserStoreException e2) {
            throw new UserStoreException(e2);
        }
    }

    public boolean doPreDeleteInternalRole(String str, UserStoreManager userStoreManager) throws UserStoreException {
        return doPreDeleteRole(str, userStoreManager);
    }

    public boolean doPreDeleteRole(String str, UserStoreManager userStoreManager) throws UserStoreException {
        try {
            if (!isEnable() || userStoreManager == null) {
                return true;
            }
            if (!userStoreManager.isSCIMEnabled()) {
                return true;
            }
            try {
                SCIMGroupHandler sCIMGroupHandler = new SCIMGroupHandler(userStoreManager.getTenantId());
                String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration());
                if (domainName == null) {
                    domainName = "PRIMARY";
                }
                try {
                    sCIMGroupHandler.deleteGroupAttributes(IdentityUtil.addDomainToName(str, domainName));
                    return true;
                } catch (IdentitySCIMException e) {
                    throw new UserStoreException("Error retrieving group information from SCIM Tables.", e);
                }
            } catch (org.wso2.carbon.user.api.UserStoreException e2) {
                throw new UserStoreException(e2);
            }
        } catch (org.wso2.carbon.user.api.UserStoreException e3) {
            throw new UserStoreException("Error while reading isScimEnabled from userstore manager", e3);
        }
    }

    public boolean doPostUpdateInternalRoleName(String str, String str2, UserStoreManager userStoreManager) throws UserStoreException {
        return doPostUpdateRoleName(str, str2, userStoreManager);
    }

    public boolean doPostUpdateRoleName(String str, String str2, UserStoreManager userStoreManager) throws UserStoreException {
        try {
            if (!isEnable() || userStoreManager == null) {
                return true;
            }
            if (!userStoreManager.isSCIMEnabled()) {
                return true;
            }
            try {
                SCIMGroupHandler sCIMGroupHandler = new SCIMGroupHandler(userStoreManager.getTenantId());
                String domainName = UserCoreUtil.getDomainName(userStoreManager.getRealmConfiguration());
                if (domainName == null) {
                    domainName = "PRIMARY";
                }
                try {
                    sCIMGroupHandler.updateRoleName(UserCoreUtil.addDomainToName(str, domainName), UserCoreUtil.addDomainToName(str2, domainName));
                    return true;
                } catch (IdentitySCIMException e) {
                    throw new UserStoreException("Error updating group information in SCIM Tables.", e);
                }
            } catch (org.wso2.carbon.user.api.UserStoreException e2) {
                throw new UserStoreException(e2);
            }
        } catch (org.wso2.carbon.user.api.UserStoreException e3) {
            throw new UserStoreException("Error while reading isScimEnabled from userstore manager", e3);
        }
    }

    @Deprecated
    public Map<String, String> getSCIMAttributes(String str, Map<String, String> map) {
        return populateSCIMAttributes(str, map);
    }

    public Map<String, String> populateSCIMAttributes(String str, Map<String, String> map) {
        Map<String, String> hashMap = map != null ? map : new HashMap();
        try {
            Map<String, String> sCIMtoLocalMappings = SCIMCommonUtils.getSCIMtoLocalMappings();
            String str2 = sCIMtoLocalMappings.get("urn:ietf:params:scim:schemas:core:2.0:meta.created");
            String str3 = sCIMtoLocalMappings.get("urn:ietf:params:scim:schemas:core:2.0:meta.lastModified");
            String str4 = sCIMtoLocalMappings.get("urn:ietf:params:scim:schemas:core:2.0:meta.resourceType");
            String formatDateTime = AttributeUtil.formatDateTime(Instant.now());
            hashMap.put(str2, formatDateTime);
            hashMap.put(str3, formatDateTime);
            hashMap.put(str4, "User");
        } catch (UserStoreException e) {
            log.error("Error occurred while retrieving SCIM-to-Local claims map.", e);
        }
        return hashMap;
    }
}
