package org.wso2.carbon.is.migration.util;

import java.sql.Connection;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
import java.util.Properties;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.carbon.identity.core.migrate.MigrationClientException;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.is.migration.internal.ISMigrationServiceDataHolder;
import org.wso2.carbon.is.migration.service.Migrator;
import org.wso2.carbon.user.api.Tenant;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.common.AbstractUserStoreManager;
import org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager;
import org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager;
import org.wso2.carbon.user.core.model.ExpressionAttribute;
import org.wso2.carbon.user.core.model.ExpressionCondition;
import org.wso2.carbon.user.core.model.ExpressionOperation;
import org.wso2.carbon.user.core.service.RealmService;

/* loaded from: input_file:org/wso2/carbon/is/migration/util/TotpSecretUtil.class */
public class TotpSecretUtil {
    private static final String USER_OPERATION_EVENT_LISTENER_TYPE = "org.wso2.carbon.user.core.listener.UserOperationEventListener";
    private static final String USER_OPERATION_EVENT_LISTENER = "org.wso2.carbon.identity.governance.listener.IdentityStoreEventListener";
    private static final String DATA_STORE_PROPERTY_NAME = "Data.Store";
    private static final String USER_STORE_BASED_IDENTITY_STORE = "org.wso2.carbon.identity.governance.store.UserStoreBasedIdentityDataStore";
    private static final String DEFAULT_PROFILE = "default";
    private static final int DEFAULT_CHUNK_SIZE = 10000;
    private static final Logger log = LoggerFactory.getLogger(TotpSecretUtil.class);
    private static RealmService realmService = ISMigrationServiceDataHolder.getRealmService();
    private static int increment = 100;
    private static int offset = 0;

    public static void migrateTotpSecretKeys(int i, Migrator migrator) throws MigrationClientException {
        try {
            if (USER_STORE_BASED_IDENTITY_STORE.equals(getIdentityClaimStoreClassname())) {
                migrateWithUserstoreBasedIdentityStore(i, migrator);
            } else {
                migrateWithJDBCIdentityStore(i, migrator);
            }
        } catch (MigrationClientException e) {
            if (!migrator.isContinueOnError()) {
                throw new MigrationClientException("Error while migrating TOTP secret keys.", e);
            }
            log.error("Error while migrating TOTP secret keys.");
        }
    }

    private static void migrateWithJDBCIdentityStore(int i, Migrator migrator) throws MigrationClientException {
        List<TotpSecretData> totpSecretKeyDataList;
        int i2 = 0;
        do {
            totpSecretKeyDataList = getTotpSecretKeyDataList(i, i2, migrator);
            updateSecretKeyClaimDataSet(migrator, transformPasswordFromOldToNewEncryption(totpSecretKeyDataList));
            i2 += totpSecretKeyDataList.size();
        } while (!totpSecretKeyDataList.isEmpty());
    }

    private static void migrateWithUserstoreBasedIdentityStore(int i, Migrator migrator) throws MigrationClientException {
        String[] userList;
        List<TotpSecretData> totpSecretKeyDataListFromJdbcUserstore;
        try {
            Properties parameters = migrator.getMigratorConfig().getParameters();
            if (parameters.containsKey(Constant.MIGRATE_ALL) && ((Boolean) parameters.get(Constant.MIGRATE_ALL)).booleanValue()) {
                for (Tenant tenant : UserStoreOperationsUtil.getAllTenants()) {
                    if (tenant.isActive()) {
                        String domain = tenant.getDomain();
                        log.info("Migration started for tenant domain: {}", domain);
                        int tenantId = realmService.getTenantManager().getTenantId(domain);
                        if (tenantId == -1) {
                            log.error("Invalid tenant domain name '{}' provided.", domain);
                            throw new MigrationClientException("Invalid tenant domain provided.");
                        }
                        Integer num = (Integer) parameters.get(Constant.STARTING_POINT_PARAMETER_NAME);
                        Integer num2 = (Integer) parameters.get(Constant.INCREMENT_PARAMETER_NAME);
                        String str = (String) parameters.get(Constant.MIGRATING_DOMAINS);
                        if (num != null) {
                            offset = num.intValue();
                        }
                        if (num2 != null) {
                            increment = num2.intValue();
                        }
                        log.info("TOTP secret migrator started with offset {} and increment {} .", Integer.valueOf(offset), Integer.valueOf(increment));
                        AbstractUserStoreManager userStoreManager = realmService.getTenantUserRealm(tenantId).getUserStoreManager();
                        String[] split = str != null ? str.split(",") : UserStoreOperationsUtil.getAllDomainNames(userStoreManager);
                        for (String str2 : split) {
                            AbstractUserStoreManager secondaryUserStoreManager = userStoreManager.getSecondaryUserStoreManager(str2);
                            if (secondaryUserStoreManager == null) {
                                log.error("Invalid domain name {} provided. No user store found for the given domain name.", split);
                                throw new MigrationClientException("Invalid domain name provided. No user store found.");
                            }
                            log.info("Migration started for domain: {}", str2);
                            if (secondaryUserStoreManager instanceof JDBCUserStoreManager) {
                                int i2 = 0;
                                log.info("{} Migration starting on UM_USER_ATTRIBUTE table with offset {} and limit {}.", new Object[]{Constant.MIGRATION_LOG, Integer.valueOf(offset), Integer.valueOf(i)});
                                String attributeName = secondaryUserStoreManager.getClaimManager().getAttributeName(str2, Constant.TOTP_SECRET_KEY_CLAIM);
                                String attributeName2 = secondaryUserStoreManager.getClaimManager().getAttributeName(str2, Constant.TOTP_VERIFIED_SECRET_KEY_CLAIM);
                                do {
                                    totpSecretKeyDataListFromJdbcUserstore = getTotpSecretKeyDataListFromJdbcUserstore(i, i2, migrator, attributeName, attributeName2);
                                    updateSecretKeyClaimDataSetJdbcUserStore(migrator, transformPasswordFromOldToNewEncryption(totpSecretKeyDataListFromJdbcUserstore));
                                    i2 += totpSecretKeyDataListFromJdbcUserstore.size();
                                } while (!totpSecretKeyDataListFromJdbcUserstore.isEmpty());
                            }
                            ExpressionCondition expressionCondition = new ExpressionCondition(ExpressionOperation.SW.toString(), ExpressionAttribute.USERNAME.toString(), "");
                            int i3 = offset;
                            do {
                                userList = secondaryUserStoreManager.getUserList(expressionCondition, str2, DEFAULT_PROFILE, increment, i3, "", "");
                                log.info("Migrating users from offset {} to increment of {}.", Integer.valueOf(i3), Integer.valueOf(increment));
                                for (String str3 : userList) {
                                    if (log.isDebugEnabled()) {
                                        log.debug("Migrating user {}, counter index {}", str3, Integer.valueOf(i3));
                                    }
                                    if (secondaryUserStoreManager instanceof ReadWriteLDAPUserStoreManager) {
                                        String secretKeyClaimValue = UserStoreOperationsUtil.getSecretKeyClaimValue(str3, Constant.TOTP_SECRET_KEY_CLAIM, secondaryUserStoreManager);
                                        String secretKeyClaimValue2 = UserStoreOperationsUtil.getSecretKeyClaimValue(str3, Constant.TOTP_VERIFIED_SECRET_KEY_CLAIM, secondaryUserStoreManager);
                                        String transformToSymmetric = EncryptionUtil.transformToSymmetric(secretKeyClaimValue);
                                        String transformToSymmetric2 = EncryptionUtil.transformToSymmetric(secretKeyClaimValue2);
                                        UserStoreOperationsUtil.updateTotpSecretClaim(str3, transformToSymmetric, secondaryUserStoreManager);
                                        UserStoreOperationsUtil.updateTotpSecretClaim(str3, transformToSymmetric2, secondaryUserStoreManager);
                                    }
                                    i3++;
                                }
                            } while (userList.length >= increment);
                        }
                    }
                }
            }
            log.info("TOTP secret key migration for userstore based data store completed.");
        } catch (UserStoreException e) {
            String format = String.format("Error occurred while updating user id for the user. user id updating process stopped at the offset %d in domain %s in tenant %s", 0, null, null);
            log.error(format, e);
            throw new MigrationClientException(format, e);
        }
    }

    private static List<TotpSecretData> getTotpSecretKeyDataList(int i, int i2, Migrator migrator) throws MigrationClientException {
        try {
            Connection connection = migrator.getDataSource().getConnection();
            Throwable th = null;
            try {
                try {
                    connection.setAutoCommit(false);
                    List<TotpSecretData> allTotpSecretData = IdentityClaimDAO.getInstance().getAllTotpSecretData(i, i2, connection);
                    if (connection != null) {
                        if (0 != 0) {
                            try {
                                connection.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            connection.close();
                        }
                    }
                    return allTotpSecretData;
                } finally {
                }
            } finally {
            }
        } catch (SQLException e) {
            throw new MigrationClientException("Error while retrieving database connection for identity claims database. ", e);
        }
    }

    private static List<TotpSecretData> getTotpSecretKeyDataListFromJdbcUserstore(int i, int i2, Migrator migrator, String str, String str2) throws MigrationClientException {
        try {
            Connection connection = migrator.getDataSource(Schema.UM.getName()).getConnection();
            Throwable th = null;
            try {
                try {
                    connection.setAutoCommit(false);
                    List<TotpSecretData> allTotpSecretDataFromDb = UserStoreOperationsUtil.getAllTotpSecretDataFromDb(i, i2, connection, str, str2);
                    if (connection != null) {
                        if (0 != 0) {
                            try {
                                connection.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            connection.close();
                        }
                    }
                    return allTotpSecretDataFromDb;
                } finally {
                }
            } finally {
            }
        } catch (SQLException e) {
            throw new MigrationClientException("Error while retrieving database connection for identity claims from user management database. ", e);
        }
    }

    private static List<TotpSecretData> transformPasswordFromOldToNewEncryption(List<TotpSecretData> list) throws MigrationClientException {
        ArrayList arrayList = new ArrayList();
        for (TotpSecretData totpSecretData : list) {
            arrayList.add(new TotpSecretData(totpSecretData.getTenantId(), totpSecretData.getUserName(), EncryptionUtil.transformToSymmetric(totpSecretData.getEncryptedSeceretkeyValue()), totpSecretData.getDataKey()));
        }
        return arrayList;
    }

    public static void updateSecretKeyClaimDataSet(Migrator migrator, List<TotpSecretData> list) throws MigrationClientException {
        try {
            Connection connection = migrator.getDataSource().getConnection();
            Throwable th = null;
            try {
                try {
                    connection.setAutoCommit(false);
                    IdentityClaimDAO.getInstance().updateNewTotpSecrets(list, connection);
                    if (connection != null) {
                        if (0 != 0) {
                            try {
                                connection.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            connection.close();
                        }
                    }
                } finally {
                }
            } finally {
            }
        } catch (SQLException e) {
            throw new MigrationClientException("", e);
        }
    }

    public static void updateSecretKeyClaimDataSetJdbcUserStore(Migrator migrator, List<TotpSecretData> list) throws MigrationClientException {
        try {
            Connection connection = migrator.getDataSource(Schema.UM.getName()).getConnection();
            Throwable th = null;
            try {
                try {
                    connection.setAutoCommit(false);
                    UserStoreOperationsUtil.updateNewTotpSecretsToDb(list, connection);
                    if (connection != null) {
                        if (0 != 0) {
                            try {
                                connection.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            connection.close();
                        }
                    }
                } finally {
                }
            } finally {
            }
        } catch (SQLException e) {
            throw new MigrationClientException("", e);
        }
    }

    private static String getIdentityClaimStoreClassname() {
        return IdentityUtil.readEventListenerProperty(USER_OPERATION_EVENT_LISTENER_TYPE, USER_OPERATION_EVENT_LISTENER).getProperties().get(DATA_STORE_PROPERTY_NAME).toString();
    }
}
